Alberto Maria

Members
  • Content Count

    23
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Alberto Maria

  • Rank
    Member
  1. looks a similar flavour http://www.lavasoftsupport.com/index.php?showtopic=21807
  2. Hi Charles The doubt is stronger now: I have double checked. on another clean machine: same result with 18.11.2008 definitions: nothing was detected on both machines with 13.11.2008 definitions: nothing was detected on both machines The threat detected is quite dangerous (dialer+key recorder), so it's very important to know what to do. Thank you everyone
  3. My only doubt about a FP is this: http://forums.spybot.info/showthread.php?p=122506
  4. Here it is: Ad-Aware SE Build 1.06r1 Logfile Created on:mercoledì 19 novembre 2008 21:52:28 Using definitions file:SE1R308 19.11.2008 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Dialer(TAC index:5):2 total references MRU List(TAC index:0):12 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Search for low-risk threats Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Ignore spanned files when scanning cab archives Set : Scan registry for all users instead of current user only Set : Automatically check all objects in results lists Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Block pop-ups aggressively Set : Automatically select problematic objects in results lists Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Show splash screen Set : Backup current definitions file before updating Set : Play sound at scan completion if scan locates critical objects 19.11.2008 21:52:28 - Scan started. (Smart mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 440 ThreadCreationTime : 19.11.2008 10:14:19 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 496 ThreadCreationTime : 19.11.2008 10:14:22 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 520 ThreadCreationTime : 19.11.2008 10:14:27 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 564 ThreadCreationTime : 19.11.2008 10:14:28 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 576 ThreadCreationTime : 19.11.2008 10:14:28 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2113) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ibmpmsvc.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 772 ThreadCreationTime : 19.11.2008 10:14:31 BasePriority : Normal FileVersion : 1.43 ProductVersion : 1.43 ProductName : ThinkPad Power Management Service CompanyName : Lenovo FileDescription : ThinkPad Power Management Service InternalName : IBMPMSVC LegalCopyright : Copyright (C) Lenovo and IBM Corp. 2000, 2007 OriginalFilename : IBMPMSVC.EXE #:7 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 800 ThreadCreationTime : 19.11.2008 10:14:31 BasePriority : Normal FileVersion : 6.14.10.4115 ProductVersion : 6.14.10.4115.01 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:8 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 832 ThreadCreationTime : 19.11.2008 10:14:31 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 912 ThreadCreationTime : 19.11.2008 10:14:31 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 952 ThreadCreationTime : 19.11.2008 10:14:31 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [s24evmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1072 ThreadCreationTime : 19.11.2008 10:14:32 BasePriority : Normal FileVersion : 8, 1, 0, 49a ProductVersion : 8, 1, 0, 49a ProductName : Mobile Unit Support Service CompanyName : Intel Corporation FileDescription : Event Monitor - Supports driver extensions to NIC Driver for wireless adapters. InternalName : S24EvMon LegalCopyright : Copyright © 2001 - 2003 Intel Corporation, 1997 - 2001 Symbol Technologies, Inc. Portions Copyright © MIT OriginalFilename : S24EvMon.exe #:12 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1124 ThreadCreationTime : 19.11.2008 10:14:32 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:13 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1156 ThreadCreationTime : 19.11.2008 10:14:32 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:14 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1184 ThreadCreationTime : 19.11.2008 10:14:33 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:15 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1216 ThreadCreationTime : 19.11.2008 10:14:33 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:16 [ccsetmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1344 ThreadCreationTime : 19.11.2008 10:14:33 BasePriority : Normal FileVersion : 2.2.2.008 ProductVersion : 2.2.2.008 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client Settings Manager Service InternalName : ccSetMgr LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccSetMgr.exe #:17 [ccevtmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1376 ThreadCreationTime : 19.11.2008 10:14:33 BasePriority : Normal FileVersion : 2.2.2.008 ProductVersion : 2.2.2.008 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:18 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1500 ThreadCreationTime : 19.11.2008 10:14:34 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-0852) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:19 [trcboot.exe] FilePath : C:\WINDOWS\system32\Drivers\ ProcessID : 1596 ThreadCreationTime : 19.11.2008 10:14:34 BasePriority : Normal #:20 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1628 ThreadCreationTime : 19.11.2008 10:14:34 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:21 [pcs_agnt.exe] FilePath : C:\Program Files\IBM\Personal Communications\ ProcessID : 1636 ThreadCreationTime : 19.11.2008 10:14:34 BasePriority : Normal FileVersion : 5070.10.4118.928 ProductVersion : 5.7.1 ProductName : Personal Communications CompanyName : IBM Corporation FileDescription : Always Resident PComm Process InternalName : PCS_AGNT.EXE LegalCopyright : Copyright (C) IBM Corp. 1989, 2003 LegalTrademarks : (R) IBM is a registered trademark of International Business Machines Corporation. Windows(TM) is a trademark of Microsoft Corporation #:22 [defwatch.exe] FilePath : C:\Program Files\Symantec AntiVirus\ ProcessID : 1648 ThreadCreationTime : 19.11.2008 10:14:34 BasePriority : Normal FileVersion : 9.0.3.1000 ProductVersion : 9.0.3.1000 ProductName : Symantec AntiVirus CompanyName : Symantec Corporation FileDescription : Virus Definition Daemon InternalName : DefWatch LegalCopyright : Copyright 1998 - 2004 Symantec Corporation. All rights reserved. OriginalFilename : DefWatch.exe #:23 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1684 ThreadCreationTime : 19.11.2008 10:14:35 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:24 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1732 ThreadCreationTime : 19.11.2008 10:14:35 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:25 [rrpcsb.exe] FilePath : C:\Program Files\IBM\IBM Rapid Restore Ultra\ ProcessID : 1792 ThreadCreationTime : 19.11.2008 10:14:35 BasePriority : Normal FileVersion : 4,1,0,4076 ProductVersion : 4,1,0,4076 ProductName : rrpcsb Module FileDescription : rrpcsb Module InternalName : rrpcsb LegalCopyright : Copyright 2002 OriginalFilename : rrpcsb.EXE #:26 [netcfgsv.exe] FilePath : C:\PROGRA~1\AT&TNE~1\ ProcessID : 1932 ThreadCreationTime : 19.11.2008 10:14:35 BasePriority : Normal FileVersion : 5.09.2 ProductVersion : 5.09.2 ProductName : NetCfgSvr Module CompanyName : AT&T FileDescription : Network configuration service InternalName : NetCfgSvr LegalCopyright : Copyright © 2003 AT&T. All Rights Reserved. OriginalFilename : NetCfgSvr.EXE #:27 [qconsvc.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1992 ThreadCreationTime : 19.11.2008 10:14:36 BasePriority : Normal FileVersion : 3, 5, 3, 0 ProductVersion : 3, 5, 3, 0 ProductName : IBM ThinkPad Utility CompanyName : IBM Corp. FileDescription : IBM Access Connections - Service Component. InternalName : QConSvc LegalCopyright : Copyright (C) IBM Corp. 2001, 2004 OriginalFilename : QConSvc.Exe Comments : IBM Access Connections Component. #:28 [regsrvc.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2020 ThreadCreationTime : 19.11.2008 10:14:36 BasePriority : Normal FileVersion : 8, 1, 0, 49a ProductVersion : 8, 1, 0, 49a ProductName : RegSrvc Module CompanyName : Intel Corporation FileDescription : RegSrvc Module InternalName : RegSrvc LegalCopyright : Copyright © 2002 - 2003 Intel Corporation OriginalFilename : RegSrvc.EXE #:29 [savroam.exe] FilePath : C:\Program Files\Symantec AntiVirus\ ProcessID : 180 ThreadCreationTime : 19.11.2008 10:14:36 BasePriority : Normal FileVersion : 9.0.3.1000 ProductVersion : 9.0.3.1000 ProductName : Symantec SAVRoam CompanyName : symantec FileDescription : SAVRoam InternalName : SAVRoam LegalCopyright : Copyright 2002 - 2004 Symantec Corporation. All rights reserved. OriginalFilename : SAVRoam.exe #:30 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 220 ThreadCreationTime : 19.11.2008 10:14:36 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2111) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:31 [rtvscan.exe] FilePath : C:\Program Files\Symantec AntiVirus\ ProcessID : 280 ThreadCreationTime : 19.11.2008 10:14:36 BasePriority : Normal FileVersion : 9.0.3.1000 ProductVersion : 9.0.3.1000 ProductName : Symantec AntiVirus CompanyName : Symantec Corporation FileDescription : Symantec AntiVirus LegalCopyright : Copyright 1991 - 2004 Symantec Corporation. All rights reserved. #:32 [tphdexlg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 412 ThreadCreationTime : 19.11.2008 10:14:37 BasePriority : Normal FileVersion : 1.0.0.1 ProductVersion : 1.30.0.0 ProductName : IBM Active Protection System CompanyName : IBM Corporation FileDescription : IBM Active Protection System - HDD Logger Module InternalName : TPHDEXLG LegalCopyright : (C) Copyright IBM Corp. 2004. All rights reserved. LegalTrademarks : IBM Corporation OriginalFilename : TPHDEXLG.exe Comments : IBM Active Protection System - HDD Logger Module #:33 [tpkmpsvc.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 432 ThreadCreationTime : 19.11.2008 10:14:37 BasePriority : Normal #:34 [vsmon.exe] FilePath : C:\WINDOWS\system32\ZoneLabs\ ProcessID : 464 ThreadCreationTime : 19.11.2008 10:14:37 BasePriority : Normal FileVersion : 6.0.202.000 ProductVersion : 6.0.202.000 ProductName : TrueVector Service CompanyName : Check Point Inc. FileDescription : TrueVector Service InternalName : vsmon LegalCopyright : Copyright © 1998-2005, Check Point Inc. OriginalFilename : vsmon.exe #:35 [ldlcserv.exe] FilePath : C:\WINDOWS\system32\Drivers\ ProcessID : 996 ThreadCreationTime : 19.11.2008 10:14:38 BasePriority : Normal #:36 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 2364 ThreadCreationTime : 19.11.2008 10:14:39 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-0852) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:37 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3532 ThreadCreationTime : 19.11.2008 10:15:14 BasePriority : Normal FileVersion : 6.14.10.4115 ProductVersion : 6.14.10.4115.01 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:38 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 3956 ThreadCreationTime : 19.11.2008 10:15:17 BasePriority : Normal FileVersion : 6.00.2900.5512 (xpsp.080413-2105) ProductVersion : 6.00.2900.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:39 [ccapp.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 2708 ThreadCreationTime : 19.11.2008 10:15:31 BasePriority : Normal FileVersion : 2.2.2.008 ProductVersion : 2.2.2.008 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client User Session InternalName : ccApp LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccApp.exe #:40 [vptray.exe] FilePath : C:\PROGRA~1\SYMANT~1\ ProcessID : 2864 ThreadCreationTime : 19.11.2008 10:15:32 BasePriority : Normal FileVersion : 9.0.3.1000 ProductVersion : 9.0.3.1000 ProductName : Symantec AntiVirus CompanyName : Symantec Corporation FileDescription : Symantec AntiVirus LegalCopyright : Copyright 1991 - 2004 Symantec Corporation. All rights reserved. #:41 [tpam.exe] FilePath : C:\Program Files\IBM\Personal Communications\ ProcessID : 2872 ThreadCreationTime : 19.11.2008 10:15:32 BasePriority : Normal #:42 [tphkmgr.exe] FilePath : C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\ ProcessID : 2900 ThreadCreationTime : 19.11.2008 10:15:33 BasePriority : Above Normal #:43 [rundll32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2936 ThreadCreationTime : 19.11.2008 10:15:33 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2105) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Run a DLL as an App InternalName : rundll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : RUNDLL.EXE #:44 [syntplpr.exe] FilePath : C:\Program Files\Synaptics\SynTP\ ProcessID : 2060 ThreadCreationTime : 19.11.2008 10:15:34 BasePriority : Normal FileVersion : 7.5.17.25 10Aug07 ProductVersion : 7.5.17.25 10Aug07 ProductName : Progressive Touch CompanyName : Synaptics, Inc. FileDescription : TouchPad Driver Helper Application InternalName : SynTPLpr LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2007 OriginalFilename : SynTPLpr.exe #:45 [tponscr.exe] FilePath : C:\Program Files\ThinkPad\PkgMgr\HOTKEY\ ProcessID : 2980 ThreadCreationTime : 19.11.2008 10:15:36 BasePriority : Normal #:46 [tpscrex.exe] FilePath : C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\ ProcessID : 2992 ThreadCreationTime : 19.11.2008 10:15:36 BasePriority : Normal FileVersion : 1.06 ProductVersion : 1.06 ProductName : ThinkPad UltraZoom CompanyName : IBM Corporation FileDescription : ThinkPad UltraZoom InternalName : TPSCREX LegalCopyright : Copyright (c) 2000, IBM Corporation OriginalFilename : TpScrEx.exe #:47 [syntpenh.exe] FilePath : C:\Program Files\Synaptics\SynTP\ ProcessID : 3032 ThreadCreationTime : 19.11.2008 10:15:38 BasePriority : Normal FileVersion : 7.5.17.25 10Aug07 ProductVersion : 7.5.17.25 10Aug07 ProductName : Progressive Touch CompanyName : Synaptics, Inc. FileDescription : Synaptics TouchPad Enhancements InternalName : Scrolleroo LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2007 OriginalFilename : SynTPEnh.exe #:48 [tpshocks.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3264 ThreadCreationTime : 19.11.2008 10:15:43 BasePriority : Normal FileVersion : 1, 3, 1, 0 ProductVersion : 1, 3, 1, 0 ProductName : n/a TpShocks CompanyName : IBM Corp. FileDescription : IBM Active Protection System InternalName : TpShocks LegalCopyright : Copyright (C) IBM Corp. 2003-2005 OriginalFilename : TpShocks.exe #:49 [qcwlicon.exe] FilePath : C:\Program Files\ThinkPad\ConnectUtilities\ ProcessID : 3312 ThreadCreationTime : 19.11.2008 10:15:43 BasePriority : Normal FileVersion : 3, 5, 3, 0 ProductVersion : 3, 5, 3, 0 ProductName : IBM ThinkPad Utility CompanyName : IBM Corp. FileDescription : IBM Access Connections - Wireless Status Icon. InternalName : QCWLIcon LegalCopyright : Copyright (C) IBM Corp. 2001, 2004 OriginalFilename : QCWLIcon.exe Comments : IBM Access Connections Component. #:50 [jusched.exe] FilePath : C:\Program Files\Java\j2re1.4.2_01\bin\ ProcessID : 3384 ThreadCreationTime : 19.11.2008 10:15:45 BasePriority : Normal #:51 [tfswctrl.exe] FilePath : C:\WINDOWS\system32\dla\ ProcessID : 3360 ThreadCreationTime : 19.11.2008 10:15:45 BasePriority : Normal FileVersion : 1.04.08a CompanyName : Sonic Solutions FileDescription : Drive Letter Access Component LegalCopyright : Copyright © 2004 Sonic Solutions #:52 [ibmprc.exe] FilePath : C:\IBMTOOLS\UTILS\ ProcessID : 3468 ThreadCreationTime : 19.11.2008 10:15:46 BasePriority : Normal FileVersion : 1, 0, 0, 3 ProductVersion : 1, 0, 0, 1 ProductName : ibmprc Application CompanyName : IBM Corp. FileDescription : ibmprc Application InternalName : ibmprc LegalCopyright : Copyright (C) 2004 IBM OriginalFilename : ibmprc.exe #:53 [rundll32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3828 ThreadCreationTime : 19.11.2008 10:15:49 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2105) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Run a DLL as an App InternalName : rundll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : RUNDLL.EXE #:54 [iclient.exe] FilePath : C:\Program Files\CheckPoint\Integrity Client\ ProcessID : 3728 ThreadCreationTime : 19.11.2008 10:15:50 BasePriority : Normal FileVersion : 6.0.202.000 ProductVersion : 6.0.202.000 ProductName : Integrity Client CompanyName : Check Point Inc. FileDescription : Integrity Client InternalName : iclient LegalCopyright : Copyright © 1998-2005, Check Point Inc. OriginalFilename : iclient.exe #:55 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3644 ThreadCreationTime : 19.11.2008 10:15:51 BasePriority : Normal FileVersion : 5.1.2600.5512 (xpsp.080413-2105) ProductVersion : 5.1.2600.5512 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:56 [hotsync.exe] FilePath : C:\Program Files\Palm\ ProcessID : 2532 ThreadCreationTime : 19.11.2008 10:15:55 BasePriority : Normal FileVersion : 4.0.4 ProductVersion : 4.1.0 ProductName : HotSync® Manager, Palm Desktop CompanyName : Palm, Inc. FileDescription : HotSync® Manager Application InternalName : HotSync® LegalCopyright : Copyright © 1995-2001 Palm, Inc. LegalTrademarks : HotSync® is a registered trademark of Palm, Inc. OriginalFilename : Hotsync.exe #:57 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 2168 ThreadCreationTime : 19.11.2008 10:16:51 BasePriority : Normal FileVersion : 7.00.6000.16735 (vista_gdr.080820-1506) ProductVersion : 7.00.6000.16735 ProductName : Windows® Internet Explorer CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : IEXPLORE.EXE #:58 [palm.exe] FilePath : C:\Program Files\Palm\ ProcessID : 2376 ThreadCreationTime : 19.11.2008 10:17:35 BasePriority : Normal FileVersion : 4.1.0 ProductVersion : 4.1.0 ProductName : Palm Desktop CompanyName : Palm, Inc. FileDescription : Palm Desktop Application LegalCopyright : (C) 1995-2002 Palm, Inc. #:59 [alarmapp.exe] FilePath : C:\Program Files\Palm\ ProcessID : 3444 ThreadCreationTime : 19.11.2008 10:17:36 BasePriority : Normal FileVersion : 4.1.0 ProductVersion : 4.1.0 ProductName : Palm Desktop CompanyName : Palm, Inc. FileDescription : Alarm Application LegalCopyright : (C) 2000-2002 Palm, Inc. #:60 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Plus\ ProcessID : 34200 ThreadCreationTime : 19.11.2008 20:46:57 BasePriority : Normal FileVersion : 6.2.0.237 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved #:61 [ad-watch.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Plus\ ProcessID : 36396 ThreadCreationTime : 19.11.2008 20:51:07 BasePriority : High FileVersion : 3.1.2.17 ProductVersion : 3.2 ProductName : Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Watch System Protector InternalName : Ad-Watch.exe LegalCopyright : 1999-2004 Team Lavasoft OriginalFilename : Ad-Watch.exe Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Dialer Object Recognized! Type : RegValue Data : C:\Windows\unvise32.exe TAC Rating : 5 Category : Dialer Comment : Rootkey : HKEY_LOCAL_MACHINE Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs Value : C:\Windows\unvise32.exe Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 1 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 1 Deep scanning and examining files... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Dialer Object Recognized! Type : File Data : unvise32.exe TAC Rating : 5 Category : Dialer Comment : Object : C:\WINDOWS\ FileVersion : 3.6.1 ProductVersion : 3.6.1 ProductName : Installer VISE CompanyName : MindVision Software FileDescription : Uninstall application file InternalName : Installer VISE LegalCopyright : Copyright © MindVision Software 1995-2004 OriginalFilename : UNINSTAL.EXE Disk Scan Result for C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Disk Scan Result for C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Disk Scan Result for C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 2 MRU List Object Recognized! Location: : C:\Documents and Settings\Administrator\Application Data\microsoft\office\recent Description : list of recently opened documents using microsoft office MRU List Object Recognized! Location: : C:\Documents and Settings\Administrator\recent Description : list of recently opened documents MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-2300800323-675774470-1162033255-500\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2300800323-675774470-1162033255-500\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2300800323-675774470-1162033255-500\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-2300800323-675774470-1162033255-500\software\microsoft\office\10.0\excel\recent files Description : list of recent files used by microsoft excel MRU List Object Recognized! Location: : S-1-5-21-2300800323-675774470-1162033255-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2300800323-675774470-1162033255-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2300800323-675774470-1162033255-500\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 14 22:01:12 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:08:44.584 Objects scanned:133323 Objects identified:2 Objects ignored:0 New critical objects:2
  5. A scan with today's defs detects that file in Windows folder: 90'112 bytes date 29.03.2004 15:23 Is it a false positive?
  6. What I find is slightly different: the update works (I mean: apparently), but it doesn't track tracking cookies and it doesn't neither block nor delete them. Backed up to previous update which works ok. Btw: AD Aware SE Plus is way better than 2007 IMHO
  7. This is my version: AD-AWARE SE plus 1.06r1 This is a corporate version for IBM. Presently IBM policy is to use Symantec Client security only, with AD-Aware optional, but I've found SE Plus quite more responsive so I would like to use both. Manual update still works. Gr
  8. Exactly the same than this http://www.lavasoftsupport.com/index.php?s...7&hl=update Works manual update
  9. Having enabled the search of negligible objects, I see that "Recent Files Shorcuts" are usually deleted by AD. I don't know if this is due to the last Windows XP security update, or to a new AD policy, but this doesn't happen any more. The program states that it will delete those files, but they are not deleted. Thank you
  10. Well I was just looking for an upgrade program...
  11. Thank you Peter, I understand you ! Perhaps you can suggest to become a betatester I'll wirte to LS anyway. Btw it's nice that a betatester isn't under NDA and he may reveal its state. This is s not allowed in other beta programs, as I know very well...
  12. Thank you Peter for your reply! I certainly have a copy of my SE, but, being a corporate license I don't have a login... I hoped there was an upgrade program anyway...