Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

AdAware FOUND something...

Started by TonyTTurner , Apr 30 2005 03:07 AM

  • This topic is locked This topic is locked

#16
TonyTTurner
Posted 04 May 2005 - 12:28 AM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
;)
Hello, Again, Rawe,
Sorry it took me a while to get back here...
Before I list my latest Log, shoot... I think I may have deleted something from my PC that I shouldn't have.
I can't get my Gmail to open Normally (with Active X enabled). I have to use it's HTML version. Plus, my "Search" function isn't working either. :tazz: . I'm currently trying to get my Sound Output to work too. (Yikes!)
Anyway,
Here it is:

Ad-Aware SE Build 1.05
Logfile Created on:Tuesday, May 03, 2005 9:12:02 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
begin2search(TAC index:3):3 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:45 %
Total physical memory:490988 kb
Available physical memory:216960 kb
Total page file size:1149160 kb
Available on page file:1060516 kb
Total virtual memory:2097024 kb
Available virtual memory:2030752 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


5-3-2005 9:12:02 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 136
ThreadCreationTime : 5-4-2005 3:54:50 AM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 184
ThreadCreationTime : 5-4-2005 3:55:00 AM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 208
ThreadCreationTime : 5-4-2005 3:55:01 AM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 252
ThreadCreationTime : 5-4-2005 3:55:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 264
ThreadCreationTime : 5-4-2005 3:55:05 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 416
ThreadCreationTime : 5-4-2005 3:55:07 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 460
ThreadCreationTime : 5-4-2005 3:55:08 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k netsvcs
ProcessID : 532
ThreadCreationTime : 5-4-2005 3:55:09 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 752
ThreadCreationTime : 5-4-2005 3:56:14 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:10 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : ctfmon.exe
ProcessID : 768
ThreadCreationTime : 5-4-2005 3:56:15 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:11 [ggviewer.exe]
ModuleName : C:\Program Files\Google\deskbar-0.5.95.0\ggviewer.exe
Command Line : "C:\Program Files\Google\deskbar-0.5.95.0\ggviewer.exe"
ProcessID : 940
ThreadCreationTime : 5-4-2005 3:56:43 AM
BasePriority : Normal
FileVersion : 0, 5, 95, 0
ProductVersion : 0, 5, 95, 0
ProductName : Google Deskbar
CompanyName : Google
FileDescription : Google Deskbar
LegalCopyright : Copyright 2004 Google

#:12 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 956
ThreadCreationTime : 5-4-2005 3:56:44 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


begin2search Object Recognized!
Type : File
Data : A0026292.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{8C9B2068-F1AB-4DDE-93CC-69145A769CE1}\RP109\



begin2search Object Recognized!
Type : File
Data : A0026293.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{8C9B2068-F1AB-4DDE-93CC-69145A769CE1}\RP109\
FileVersion : 2, 10, 0, 0
ProductVersion : 2, 10, 0, 0
ProductName : RsyncMon Module
FileDescription : RsyncMon Module
InternalName : RsyncMon
LegalCopyright : Copyright 2005
OriginalFilename : RSYNCMON.DLL


begin2search Object Recognized!
Type : File
Data : A0026294.DLL
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{8C9B2068-F1AB-4DDE-93CC-69145A769CE1}\RP109\
FileVersion : 1, 5, 0, 0
ProductVersion : 1, 5, 0, 0
ProductName : commcoss
FileDescription : commcoss
InternalName : commcoss
LegalCopyright : Copyright © 2004
OriginalFilename : commcoss.dll


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 3


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 3




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 3

9:24:14 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:12:11.860
Objects scanned:183461
Objects identified:3
Objects ignored:0
New critical objects:3
  • 0

Advertisements

#17
Rawe
Posted 04 May 2005 - 06:18 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Ok..
Hello..
Let's continue with some general virus scanning.
Try these scans here;
- Trend Micro
- Panda Activescan

Post the results here.

- Rawe :tazz:
  • 0

#18
TonyTTurner
Posted 05 May 2005 - 01:20 AM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Ok, Thanx, Rawe...Btw, my Sound was simply a matter of a loose output cable :tazz: ...so that's ok.

Let me try the Trend and Panda scans...
I will post them.
;)
  • 0

#19
Rawe
Posted 05 May 2005 - 03:39 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hi again.
Yes, post the logs whenever you have time for it..
I'll be here ;)
Btw, did you check your Pm?

- Rawe :tazz:
  • 0

#20
TonyTTurner
Posted 05 May 2005 - 04:38 AM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
:)
Ok, Rawe, Cool!...I'll update my SpyBot to the newest version. (I've got 1.3 currently.) Thanks for the PM on it! ;) You Rock!
-
Oh, and check This out!
I ran Trend's HouseCall (It detected 5 sigs), but I forgot to Save it. :)
But there's more... Microsoft's new AntiSpyware Beta began running (Auto setting) at the Same time. The funny thing is, combined, it looks like they got Rid of the Popups!
When I Rebooted my pc, it came up FASTER, and running so much Quicker! ;)
-
Next question, should I still Re-Run Housecall, (this time Post it HERE), and run Panda's too?
-
Btw, I have MicroSoft's Anti-Beta scan Log Copied, would you like to see it?

Tony :tazz:
  • 0

#21
Rawe
Posted 05 May 2005 - 04:44 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hello again.
Re-run Trend Micro, yes, and scan with Panda too, then rescan with Ad-aware, and post the all logs here.

- Rawe :tazz:

I'll take a look.
  • 0

#22
TonyTTurner
Posted 05 May 2005 - 04:53 AM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Ok... I'll RUN everything in the order you listed (Followed by a Post)
Thanks again!
:tazz:
  • 0

#23
TonyTTurner
Posted 06 May 2005 - 03:43 AM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Mornin' Rawe,
This is my Microsoft AntiSpyware Log...
I'll still send you the TrendMicro AND Panda logs too, ok?
:tazz:
----------
Spyware Scan Details
Start Date: 5/6/2005 2:00:05 AM
End Date: 5/6/2005 2:16:32 AM
Total Time: 16 mins 27 secs

Detected Threats

Morpheus Software Bundler more information...
Details: Morpheus is a peer-to-peer file sharing program that may be bundled with adware.
Status: Ignored
Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review.

Infected files detected
c:\program files\streamcast\morpheus\chatservers.ini
c:\program files\streamcast\morpheus\deskbandsearch.dll
c:\program files\streamcast\morpheus\downloads\.meta\dru hill - april showers.mp3.xml
c:\program files\streamcast\morpheus\downloads\.meta\dru hill - how deep is your love.mp3.xml
c:\program files\streamcast\morpheus\downloads\.meta\dru hill - somebody's sleeping in my bed(1).mp3.xml
c:\program files\streamcast\morpheus\downloads\albumartsmall.jpg
c:\program files\streamcast\morpheus\downloads\albumart_{1eaa8c2e-bdba-4234-8ae9-c3131b037d9f}_large.jpg
c:\program files\streamcast\morpheus\downloads\albumart_{1eaa8c2e-bdba-4234-8ae9-c3131b037d9f}_small.jpg
c:\program files\streamcast\morpheus\downloads\albumart_{fa2463ea-7368-4b74-9ccb-40cd181ea41e}_large.jpg
c:\program files\streamcast\morpheus\downloads\albumart_{fa2463ea-7368-4b74-9ccb-40cd181ea41e}_small.jpg
c:\program files\streamcast\morpheus\downloads\desktop.ini
c:\program files\streamcast\morpheus\gnuhashes.ini
c:\program files\streamcast\morpheus\downloads\dru hill - april showers.mp3
c:\program files\streamcast\morpheus\downloads\dru hill - how deep is your love.mp3
c:\program files\streamcast\morpheus\downloads\dru hill - somebody's sleeping in my bed(1).mp3
c:\program files\streamcast\morpheus\downloads\folder.jpg
c:\program files\streamcast\morpheus\downloads\thumbs.db
c:\program files\streamcast\morpheus\folder_morpheus.ico
c:\program files\streamcast\morpheus\geoctl.dll
c:\program files\streamcast\morpheus\howtoenabledeskbar.txt
c:\program files\streamcast\morpheus\mldonkey\donkey.ini
c:\program files\streamcast\morpheus\mldonkey\donkey_expert.ini
c:\program files\streamcast\morpheus\morphconfig.ini
c:\program files\streamcast\morpheus\mldonkey\downloads.ini
c:\program files\streamcast\morpheus\mldonkey\downloads_expert.ini
c:\program files\streamcast\morpheus\mldonkey\fasttrack.ini
c:\program files\streamcast\morpheus\mldonkey\license.txt
c:\program files\streamcast\morpheus\mldonkey\mgwz.dll
c:\program files\streamcast\morpheus\mldonkey\mlnet.exe
c:\program files\streamcast\morpheus\mldonkey\searches.ini
c:\program files\streamcast\morpheus\mldonkey\servers.ini
c:\program files\streamcast\morpheus\mldonkey\zlib.dll
c:\program files\streamcast\morpheus\morphblocked.net
c:\program files\streamcast\morpheus\morphconfigex.ini
c:\program files\streamcast\morpheus\morphcache.net
c:\program files\streamcast\morpheus\morpheus.exe
c:\program files\streamcast\morpheus\morpheus2_new.mp3
c:\program files\streamcast\morpheus\morphexe.exe
c:\program files\streamcast\morpheus\morphproxy.net
c:\program files\streamcast\morpheus\morphultracache.net
c:\program files\streamcast\morpheus\neowebcache.net
c:\program files\streamcast\morpheus\partials\2_dru hill - tell me what you want.mp3.info
c:\program files\streamcast\morpheus\partials\2_dru hill - tell me what you want.mp3.part
c:\program files\streamcast\morpheus\partials\2_dru hill - tell me what you want.partial.mp3
c:\program files\streamcast\morpheus\uninstmorph.exe
c:\program files\streamcast\morpheus\partials\dru hill - angel.mp3.info
c:\program files\streamcast\morpheus\partials\dru hill - angel.mp3.part
c:\program files\streamcast\morpheus\partials\dru hill - angel.partial.mp3
c:\program files\streamcast\morpheus\partials\dru hill - april showers.mp3.info
c:\program files\streamcast\morpheus\partials\dru hill - april showers.mp3.part
c:\program files\streamcast\morpheus\partials\dru hill - give me one good reason 1.mp3.info
c:\program files\streamcast\morpheus\partials\dru hill - give me one good reason 1.mp3.part
c:\program files\streamcast\morpheus\partials\dru hill - give me one good reason 1.partial.mp3
c:\program files\streamcast\morpheus\partials\dru hill - how deep is your love.mp3.info
c:\program files\streamcast\morpheus\partials\dru hill - how deep is your love.mp3.part
c:\documents and settings\tony\start menu\programs\morpheus\downloads.lnk
c:\program files\streamcast\morpheus\partials\dru hill - never make a promise.mp3.info
c:\program files\streamcast\morpheus\partials\dru hill - never make a promise.mp3.part
c:\program files\streamcast\morpheus\partials\dru hill - never make a promise.partial.mp3
c:\program files\streamcast\morpheus\partials\dru hill - real freak.mp3.info
c:\program files\streamcast\morpheus\partials\dru hill - real freak.mp3.part
c:\program files\streamcast\morpheus\partials\dru hill - somebody's sleeping in my bed(1).mp3.info
c:\program files\streamcast\morpheus\partials\dru hill - somebody's sleeping in my bed(1).mp3.part
c:\program files\streamcast\morpheus\partials\dru hill_all alone.mp3.info
c:\program files\streamcast\morpheus\partials\dru hill_all alone.mp3.part
c:\program files\streamcast\morpheus\partials\dru hill_all alone.partial.mp3
c:\documents and settings\tony\start menu\programs\morpheus\morpheus.lnk
c:\program files\streamcast\morpheus\partials\without you - dru hill.mp3.info
c:\program files\streamcast\morpheus\partials\without you - dru hill.mp3.part
c:\program files\streamcast\morpheus\partials\without you - dru hill.partial.mp3
c:\program files\streamcast\morpheus\proto.dll
c:\program files\streamcast\morpheus\schemas\application.xml
c:\program files\streamcast\morpheus\schemas\application.xsd
c:\program files\streamcast\morpheus\schemas\audio.xml
c:\program files\streamcast\morpheus\schemas\audio.xsd
c:\program files\streamcast\morpheus\schemas\document.xml
c:\program files\streamcast\morpheus\schemas\document.xsd
c:\program files\streamcast\morpheus\chc0.cfg
c:\program files\streamcast\morpheus\schemas\image.xml
c:\program files\streamcast\morpheus\schemas\image.xsd
c:\program files\streamcast\morpheus\schemas\morph.xml
c:\program files\streamcast\morpheus\schemas\morph.xsd
c:\program files\streamcast\morpheus\schemas\rom.xml
c:\program files\streamcast\morpheus\schemas\rom.xsd
c:\program files\streamcast\morpheus\schemas\video.xml
c:\program files\streamcast\morpheus\schemas\video.xsd
c:\program files\streamcast\morpheus\settings0.cfg
c:\program files\streamcast\morpheus\unzip.exe
c:\program files\streamcast\morpheus\crashsaver.exe
c:\program files\streamcast\morpheus\webcache.net

Infected folders detected
c:\documents and settings\tony\start menu\programs\morpheus
c:\program files\streamcast\morpheus\partials
c:\program files\streamcast\morpheus\schemas
c:\program files\streamcast\morpheus\temp
c:\program files\streamcast
c:\program files\streamcast\morpheus
c:\program files\streamcast\morpheus\downloads
c:\program files\streamcast\morpheus\downloads\.meta
c:\program files\streamcast\morpheus\mldonkey
c:\program files\streamcast\morpheus\mldonkey\temp
c:\program files\streamcast\morpheus\my shared folder
c:\program files\streamcast\morpheus\offers

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2AE38A2D-371B-42F3-B803-9F6D669A411B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\DeskBandSearch.DLL AppID {C630FBBF-E340-49DF-B4CB-06FB9EE34BB6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand.1\CLSID {2AE38A2D-371B-42F3-B803-9F6D669A411B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand.1 SearchBand Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand\CLSID {2AE38A2D-371B-42F3-B803-9F6D669A411B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand\CurVer DeskBandSearch.SearchBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand SearchBand Class
HKEY_LOCAL_MACHINE\software\classes\morpheus
HKEY_LOCAL_MACHINE\software\classes\morpheus\DefaultIcon C:\Program Files\StreamCast\Morpheus\Morpheus.exe
HKEY_CLASSES_ROOT\DeskBandSearch.SearchBand.1
HKEY_LOCAL_MACHINE\software\classes\morpheus\shell\open\command "C:\Program Files\StreamCast\Morpheus\Morpheus.exe" "%1"
HKEY_LOCAL_MACHINE\software\classes\morpheus URL: Morpheus Protocol
HKEY_LOCAL_MACHINE\software\classes\morpheus URL Protocol
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Morpheus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Morpheus DisplayName Morpheus 4.6 (remove only)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Morpheus UninstallString "C:\Program Files\StreamCast\Morpheus\UninstMorph.exe"
HKEY_LOCAL_MACHINE\software\morpheus
HKEY_LOCAL_MACHINE\software\morpheus\Location Country United States
HKEY_LOCAL_MACHINE\software\morpheus\Location City Pasadena, California
HKEY_LOCAL_MACHINE\software\morpheus\Location Longitude -115.05
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand.1
HKEY_LOCAL_MACHINE\software\morpheus\Location Latitude 35.45
HKEY_LOCAL_MACHINE\software\morpheus\Net G2 0
HKEY_LOCAL_MACHINE\software\morpheus\Net Neo 1
HKEY_LOCAL_MACHINE\software\morpheus\Net Gnu 1
HKEY_LOCAL_MACHINE\software\morpheus\Net Fas 0
HKEY_LOCAL_MACHINE\software\morpheus\Net EDo 0
HKEY_LOCAL_MACHINE\software\morpheus\SearchRecent usher usher
HKEY_LOCAL_MACHINE\software\morpheus\SearchRecent dru hill dru hill
HKEY_LOCAL_MACHINE\software\morpheus Install_Dir C:\Program Files\StreamCast\Morpheus
HKEY_LOCAL_MACHINE\software\morpheus First_Run 99
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5382384-CC9B-432C-B5DA-6666D477D21E}
HKEY_LOCAL_MACHINE\software\morpheus NotWarnMagnetOnInstall 0
HKEY_LOCAL_MACHINE\software\morpheus SearchIconSpinTimeout 120000
HKEY_LOCAL_MACHINE\software\morpheus MQ_G2Net 5
HKEY_LOCAL_MACHINE\software\morpheus MQ_GnutellaNet 5
HKEY_LOCAL_MACHINE\software\morpheus MQ_NeoNet 3
HKEY_LOCAL_MACHINE\software\morpheus MQ_EDonkeyNet 50
HKEY_LOCAL_MACHINE\software\morpheus MQ_FasttrackNet 1
HKEY_LOCAL_MACHINE\software\morpheus MQ_UnknownNet 10
HKEY_LOCAL_MACHINE\software\morpheus IconCacheLocation IconCache\
HKEY_LOCAL_MACHINE\software\morpheus AvgInKbps 2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2AE38A2D-371B-42F3-B803-9F6D669A411B}
HKEY_LOCAL_MACHINE\software\morpheus SearchToolTip 1
HKEY_LOCAL_MACHINE\software\morpheus PlayStartupSound 1
HKEY_LOCAL_MACHINE\software\morpheus ClearSearchHistoryOnExit 0
HKEY_LOCAL_MACHINE\software\morpheus NotSaveSearchHistory 0
HKEY_LOCAL_MACHINE\software\morpheus NoBannerVerionDownloadStarted 0
HKEY_LOCAL_MACHINE\software\morpheus ShowSearchesInHome 0
HKEY_LOCAL_MACHINE\software\morpheus SetExtAssociation 0
HKEY_LOCAL_MACHINE\software\morpheus DoNotShowFirewallWarning 0
HKEY_LOCAL_MACHINE\software\morpheus DoNotShowMagnetWarning 0
HKEY_LOCAL_MACHINE\software\morpheus UseProxyForDownload 0
HKEY_CLASSES_ROOT\DeskBandSearch.SearchBand.1
HKEY_LOCAL_MACHINE\software\morpheus DefaultProxy
HKEY_LOCAL_MACHINE\software\morpheus ChatColorScheme 2
HKEY_LOCAL_MACHINE\software\morpheus PaidVerExeName
HKEY_LOCAL_MACHINE\software\morpheus IsWipeUsed 0
HKEY_LOCAL_MACHINE\software\morpheus TryToUseUPNP 1
HKEY_LOCAL_MACHINE\software\morpheus AutoupdateWebCache 0
HKEY_LOCAL_MACHINE\software\morpheus WebCacheURL
HKEY_LOCAL_MACHINE\software\morpheus NodeCapability 1
HKEY_LOCAL_MACHINE\software\morpheus NodeCapabilityG2 6
HKEY_LOCAL_MACHINE\software\morpheus MLBDownload 0.000000
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DeskBandSearch.SearchBand.1
HKEY_LOCAL_MACHINE\software\morpheus MLBUpload 0.000000
HKEY_LOCAL_MACHINE\software\morpheus PRCode 0
HKEY_LOCAL_MACHINE\software\morpheus CurName 0
HKEY_LOCAL_MACHINE\software\morpheus WarnResource 1
HKEY_LOCAL_MACHINE\software\morpheus WarnWordCount 1
HKEY_LOCAL_MACHINE\software\morpheus WarnExitDialog 1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5382384-CC9B-432C-B5DA-6666D477D21E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\DeskBandSearch.DLL


Detected Spyware Cookies
No spyware cookies were found during this scan.
  • 0

#24
Rawe
Posted 06 May 2005 - 03:48 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hi again.
Could you possibly just post your fresh Ad-aware scanlog, Trend Micro and Panda logs.
I didn't ask for your MS antispyware scanlog..
After you have done that, follow the instructions by my PM I posted earlier.
Thanks,

- Rawe :tazz:
  • 0

#25
TonyTTurner
Posted 06 May 2005 - 03:55 AM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
:tazz:
Sorry 'bout that,
I'm scanning w/ Trend now...
I'll get it to you asap, then, I'll do the others...
Tony
  • 0

Advertisements

#26
TonyTTurner
Posted 06 May 2005 - 04:50 AM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hey Rawe...
I can't seem to C&P the Trend scanlog :tazz:
It gives the Result of the scan: JAVA_BYTVER.A (1), in the C:\"Docum.andSetti"\Tony....jpi_cache\file....)
Scanned: 96677 Infect: 1 (so on and so forth) with options to A: Clean & Rescan or B: Clean infec Only.
-
But I can't Right-click to C&P
-
Any info on this?
-
I'll scan later w/ Panda, then, Adaware, and upgrade my Spybot also
-
Later ;)
  • 0

#27
GR@PH;<'S
Posted 06 May 2005 - 06:27 AM

GR@PH;<'S

    Member

  • Member
  • PipPipPip
  • 135 posts
TonyTTurner,
Although I do not recommend that you use any P2P I do recommend that if you do use one then these are some "clean " alternatives to your P2P ("peer-to-peer" file sharing program)
that you are using at the moment you may wish to have a look at.

WinMX
Shareaza
Gnucleus


If you want to keep your P2P, and do not wish to use an alternate, then please do the following:
Uninstall it, go to the Add/Remove Programs & remove it
scan with Ad-aware to make sure your system is clean then reinstall re-install it
run another scan with Ad-aware and then place all the found components in your ignore list.
This will ensure your P2P will function without problems.
but note the Elements will still be there just ignored

GR@PH;<'S :tazz:

Edited by GR@PH;<'S, 06 May 2005 - 06:29 AM.

  • 0

#28
TonyTTurner
Posted 06 May 2005 - 07:43 AM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Alrighty, Rawe,
Here's my Panda Log
I turned off the auto disinfect, (temporarily), but wow, looks like I should've left it ON, huh? ;)
I haven't deleted anything yet, just wanted you to see it first. Let me know what you think.
Thanks
:tazz:


----------------------------------------------------------
Incident Status Location

Adware:Adware/SaveNow No disinfected Windows Registry
Spyware:Spyware/ISTbar No disinfected C:\Program Files\Common Files\Totem Shared


Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Betting.lnk

Adware:Adware/BookedSpace No disinfected Windows Registry

Adware:Adware/Otx No disinfected C:\WINDOWS\Downloaded Program Files\Preloader.dll
Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\Skymatt\Local Settings\Temp\ADMCache\adm3A.tmp
Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\Skymatt\Local Settings\Temp\ADMCache\adm3A.tmp[asm.exe]
Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\Skymatt\Local Settings\Temp\ADMCache\adm3A.tmp[asmps.dll]
Virus:Exploit/ByteVerify No disinfected C:\Documents and Settings\Tony\.jpi_cache\file\1.0\Dummy.class-5db50b5e-5b1f0100.class
Adware:Adware/Trymedia No disinfected C:\Documents and Settings\Tony\Desktop\Unused Desktop\ChickenInvaders2Setup-dm.exe
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Betting.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Casino Palace.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Casino.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Games.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Horoscope.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Air Tickets.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Car Rentals.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Hotel Deals.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Luggage.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Travel.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Dating.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Find a Degree.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Find a job.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Home.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Insurance.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Auctions.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Books.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Computers.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Discount.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Flowers.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Golf.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Jewelry.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Movies.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Music.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Online Store.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Perfume.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Sleepwear.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Technology\Adware Remover.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Technology\Anti-Virus.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Technology\PC Cleaner.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Technology\Tech & gadgets.lnk
Adware:Adware/FunWeb No disinfected C:\Program Files\Excite\Installr\1.bin\X8EZSETP.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\Excite\Installr\x8Setup1.exe
Virus:Trj/Updagent.A No disinfected C:\Program Files\Internet Explorer\svchost.exe
Adware:Adware/P2PNetworking No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\B110760E-A4EF-4F3E-A59B-A2746A\01D60321-1CF1-40BE-884F-237F16
Adware:Adware/P2PNetworking No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\B110760E-A4EF-4F3E-A59B-A2746A\82DDE8E0-47A1-4AD3-94F4-2D19CD
Adware:Adware/P2PNetworking No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\B110760E-A4EF-4F3E-A59B-A2746A\E615F452-15D5-4D0F-95B6-C1E83C
Spyware:Spyware/Iehelp No disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipreg32.inf
Spyware:Spyware/Iehelp No disinfected C:\WINDOWS\Downloaded Program Files\ipreg32.inf
Adware:Adware/Findspy No disinfected C:\WINDOWS\system32\openconf.exe
Adware:Adware/SBSoft No disinfected C:\WINDOWS\system32\webdlg32.inf
  • 0

#29
TonyTTurner
Posted 06 May 2005 - 04:04 PM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi, Rawe.
I Re-scanned w/ Panda, but this time, I activated Auto Disinfect, here are the results Below:
-
By the way, I'm Re-scanning Now with Ad-Aware and will give you a New posting after this one.
-
Following That, I'll go to my PM and follow your instructions.
TTUL,
Tony
(This scan was done around 2:30pm Pacific Time, its now about 3:pm.)
---------------------------------
Incident Status Location

Adware:Adware/SaveNow No disinfected Windows Registry
Spyware:Spyware/ISTbar No disinfected C:\Program Files\Common Files\Totem Shared
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Betting.lnk
Adware:Adware/BookedSpace No disinfected Windows Registry
Adware:Adware/Otx No disinfected C:\WINDOWS\Downloaded Program Files\Preloader.dll
Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\Skymatt\Local Settings\Temp\ADMCache\adm3A.tmp
Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\Skymatt\Local Settings\Temp\ADMCache\adm3A.tmp[asm.exe]
Spyware:Spyware/Altnet No disinfected C:\Documents and Settings\Skymatt\Local Settings\Temp\ADMCache\adm3A.tmp[asmps.dll]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Tony\.jpi_cache\file\1.0\Dummy.class-5db50b5e-5b1f0100.class
Adware:Adware/Trymedia No disinfected C:\Documents and Settings\Tony\Desktop\Unused Desktop\ChickenInvaders2Setup-dm.exe
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Betting.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Casino Palace.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Casino.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Games.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Fun & Games\Horoscope.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Air Tickets.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Car Rentals.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Hotel Deals.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Luggage.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Going Places\Travel.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Dating.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Find a Degree.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Find a job.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Home.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Living\Insurance.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Auctions.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Books.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Computers.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Discount.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Flowers.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Golf.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Jewelry.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Movies.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Music.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Online Store.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Perfume.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Shop\Sleepwear.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Technology\Adware Remover.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Technology\Anti-Virus.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Technology\PC Cleaner.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Tony\Favorites\Technology\Tech & gadgets.lnk
Adware:Adware/FunWeb No disinfected C:\Program Files\Excite\Installr\1.bin\X8EZSETP.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\Excite\Installr\x8Setup1.exe
Virus:Trj/Updagent.A Disinfected C:\Program Files\Internet Explorer\svchost.exe
Adware:Adware/P2PNetworking No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\B110760E-A4EF-4F3E-A59B-A2746A\01D60321-1CF1-40BE-884F-237F16
Adware:Adware/P2PNetworking No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\B110760E-A4EF-4F3E-A59B-A2746A\82DDE8E0-47A1-4AD3-94F4-2D19CD
Adware:Adware/P2PNetworking No disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\B110760E-A4EF-4F3E-A59B-A2746A\E615F452-15D5-4D0F-95B6-C1E83C
Spyware:Spyware/Iehelp No disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipreg32.inf
Spyware:Spyware/Iehelp No disinfected C:\WINDOWS\Downloaded Program Files\ipreg32.inf
Adware:Adware/Findspy No disinfected C:\WINDOWS\system32\openconf.exe
Adware:Adware/SBSoft No disinfected C:\WINDOWS\system32\webdlg32.inf
  • 0

#30
TonyTTurner
Posted 06 May 2005 - 04:08 PM

TonyTTurner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Cool Deal, Rawe...
Here's my Latest Ad-Aware scan:
---------------------------

Ad-Aware SE Build 1.05
Logfile Created on:Friday, May 06, 2005 2:42:56 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

5-6-2005 2:25:29 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


5-6-2005 2:25:39 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:22 %
Total physical memory:490988 kb
Available physical memory:103280 kb
Total page file size:1149160 kb
Available on page file:838480 kb
Total virtual memory:2097024 kb
Available virtual memory:2012524 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


5-6-2005 2:42:56 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 500
ThreadCreationTime : 5-6-2005 7:49:39 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 548
ThreadCreationTime : 5-6-2005 7:49:40 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 572
ThreadCreationTime : 5-6-2005 7:49:41 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 616
ThreadCreationTime : 5-6-2005 7:49:41 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 628
ThreadCreationTime : 5-6-2005 7:49:41 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 788
ThreadCreationTime : 5-6-2005 7:49:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 836
ThreadCreationTime : 5-6-2005 7:49:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 928
ThreadCreationTime : 5-6-2005 7:49:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [incdsrv.exe]
ModuleName : C:\Program Files\Ahead\InCD\InCDsrv.exe
Command Line : "C:\Program Files\Ahead\InCD\InCDsrv.exe"
ProcessID : 948
ThreadCreationTime : 5-6-2005 7:49:42 PM
BasePriority : Normal
FileVersion : 4, 3, 11, 1
ProductVersion : 4, 3, 11, 1
ProductName : Nero AG incdsrv
CompanyName : Nero AG
FileDescription : incdsrv
InternalName : incdsrv
LegalCopyright : Copyright 1995-2005 Nero AG and its licensors. All Rights Reserved.
LegalTrademarks : InCD is a trademark of Nero AG
OriginalFilename : incdsrv.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k LocalService
ProcessID : 1100
ThreadCreationTime : 5-6-2005 7:49:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [lexbces.exe]
ModuleName : C:\WINDOWS\system32\LEXBCES.EXE
Command Line : C:\WINDOWS\system32\LEXBCES.EXE
ProcessID : 1196
ThreadCreationTime : 5-6-2005 7:49:44 PM
BasePriority : Normal
FileVersion : 8.16
ProductVersion : 8.16
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : © 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LexBceS.exe

#:12 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1236
ThreadCreationTime : 5-6-2005 7:49:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:13 [lexpps.exe]
ModuleName : C:\WINDOWS\system32\LEXPPS.EXE
Command Line : LEXPPS.EXE
ProcessID : 1244
ThreadCreationTime : 5-6-2005 7:49:44 PM
BasePriority : Normal
FileVersion : 8.16
ProductVersion : 8.16
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
LegalCopyright : © 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LEXPPS.EXE
Comments : MarkVision for Windows '95 New P2P Server (32-bit)

#:14 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
ProcessID : 1396
ThreadCreationTime : 5-6-2005 7:49:52 PM
BasePriority : Normal


#:15 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1408
ThreadCreationTime : 5-6-2005 7:49:52 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:16 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1472
ThreadCreationTime : 5-6-2005 7:49:52 PM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:17 [cisvc.exe]
ModuleName : C:\WINDOWS\system32\cisvc.exe
Command Line : C:\WINDOWS\system32\cisvc.exe
ProcessID : 1504
ThreadCreationTime : 5-6-2005 7:49:52 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Content Index service
InternalName : cisvc.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cisvc.exe

#:18 [lxrjd31s.exe]
ModuleName : C:\WINDOWS\system32\LxrJD31s.exe
Command Line : LxrJD31s.exe
ProcessID : 1540
ThreadCreationTime : 5-6-2005 7:49:52 PM
BasePriority : Normal


#:19 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Command Line : "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
ProcessID : 1552
ThreadCreationTime : 5-6-2005 7:49:52 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:20 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1604
ThreadCreationTime : 5-6-2005 7:49:52 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:21 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 352
ThreadCreationTime : 5-6-2005 7:49:57 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:22 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 368
ThreadCreationTime : 5-6-2005 7:49:57 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:23 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : ctfmon.exe
ProcessID : 412
ThreadCreationTime : 5-6-2005 7:49:57 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:24 [itouch.exe]
ModuleName : C:\Program Files\Logitech\iTouch\iTouch.exe
Command Line : "C:\Program Files\Logitech\iTouch\iTouch.exe"
ProcessID : 224
ThreadCreationTime : 5-6-2005 7:49:59 PM
BasePriority : Normal
FileVersion : 2.22.289
ProductVersion : 2.22.289
ProductName : iTouch
CompanyName : Logitech Inc.
FileDescription : iTouch Application
InternalName : iTouch
LegalCopyright : © 1998-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and iTouch® are registered trademarks of Logitech Inc.
OriginalFilename : iTouch.exe
Comments : Created by the iTouch team

#:25 [ybrwicon.exe]
ModuleName : C:\Program Files\Yahoo!\browser\ybrwicon.exe
Command Line : "C:\Program Files\Yahoo!\browser\ybrwicon.exe"
ProcessID : 236
ThreadCreationTime : 5-6-2005 7:49:59 PM
BasePriority : Normal
FileVersion : 2003, 7, 11, 1
ProductVersion : 1, 0, 0, 1
ProductName : Yahoo!, Inc. YBrwIcon
CompanyName : Yahoo!, Inc.
FileDescription : YBrwIcon
InternalName : YBrwIcon
LegalCopyright : Copyright © 2003
OriginalFilename : YBrwIcon.exe

#:26 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 248
ThreadCreationTime : 5-6-2005 7:49:59 PM
BasePriority : Normal
FileVersion : 5.1.0.24
ProductVersion : 5.1.0.24
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:27 [keyhook.exe]
ModuleName : C:\WINDOWS\system32\keyhook.exe
Command Line : "C:\WINDOWS\system32\keyhook.exe"
ProcessID : 416
ThreadCreationTime : 5-6-2005 7:50:00 PM
BasePriority : Normal
FileVersion : 0.0.0.3570
ProductVersion : 0.0.0.3570
ProductName : SIS ® Compatible Super VGA keyboard daemon
CompanyName : Silicon Integrated Systems Corporation
FileDescription : SiS Compatible Super VGA Keyboard Daemon
InternalName : KEYHOOK 3.57.51
LegalCopyright : Copyright © Silicon Integrated Systems Corp. 1998-2004
OriginalFilename : KEYHOOK.EXE
Comments : SiS Compatible Super VGA Keyboard Daemon

#:28 [pdvdserv.exe]
ModuleName : C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
Command Line : "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
ProcessID : 296
ThreadCreationTime : 5-6-2005 7:50:00 PM
BasePriority : Normal
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright © CyberLink Corp. 1997-2002
OriginalFilename : PDVDSERV.EXE

#:29 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 552
ThreadCreationTime : 5-6-2005 7:50:01 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:30 [ycommon.exe]
ModuleName : C:\PROGRA~1\Yahoo!\browser\ycommon.exe
Command Line : C:\PROGRA~1\Yahoo!\browser\ycommon.exe -Embedding
ProcessID : 544
ThreadCreationTime : 5-6-2005 7:50:03 PM
BasePriority : Normal
FileVersion : 2003, 9, 3, 1
ProductVersion : 1, 0, 0, 1
ProductName : YCommon Exe Module
CompanyName : Yahoo!, Inc.
FileDescription : YCommon Exe Module
InternalName : YCommonExe
LegalCopyright : Copyright 2003 Yahoo! Inc.
OriginalFilename : YCommon.EXE

#:31 [msnappau.exe]
ModuleName : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
Command Line : "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
ProcessID : 900
ThreadCreationTime : 5-6-2005 7:50:04 PM
BasePriority : Normal


#:32 [mm_tray.exe]
ModuleName : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
Command Line : "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
ProcessID : 1012
ThreadCreationTime : 5-6-2005 7:50:04 PM
BasePriority : Normal
FileVersion : 9.00.0172
ProductVersion : 9.00.0172
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mm_tray.exe

#:33 [mmtask.exe]
ModuleName : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
Command Line : "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
ProcessID : 1068
ThreadCreationTime : 5-6-2005 7:50:04 PM
BasePriority : Normal
FileVersion : 9.0.0.1
ProductVersion : 9.0.0.1
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch Inc.
FileDescription : <Musicmatch System Tray Application>
InternalName : mmtask.exe
LegalCopyright : © Musicmatch Inc.. All rights reserved.
OriginalFilename : mmtask.exe

#:34 [x8impipe.exe]
ModuleName : C:\Program Files\Excite\PrvtMsgr\bin\x8IMPipe.exe
Command Line : "C:\Program Files\Excite\PrvtMsgr\bin\x8IMPipe.exe"
ProcessID : 1088
ThreadCreationTime : 5-6-2005 7:50:04 PM
BasePriority : Normal
FileVersion : 1, 0, 3, 2
ProductVersion : 1, 0, 3, 2
ProductName : Excite Community Tools
CompanyName : The Excite Network, Inc.
FileDescription : Excite Community Tools
InternalName : x8IMPipe
LegalCopyright : Copyright © 2001, 2002, 2003
OriginalFilename : x8IMPipe.exe

#:35 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 1056
ThreadCreationTime : 5-6-2005 7:50:04 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:36 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 1656
ThreadCreationTime : 5-6-2005 7:50:04 PM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:37 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 1528
ThreadCreationTime : 5-6-2005 7:50:04 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 69
ProductVersion : 1, 0, 0, 69
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:38 [ituneshelper.exe]
ModuleName : C:\Program Files\iTunes\iTunesHelper.exe
Command Line : "C:\Program Files\iTunes\iTunesHelper.exe"
ProcessID : 1584
ThreadCreationTime : 5-6-2005 7:50:04 PM
BasePriority : Normal
FileVersion : 4.7.1.30
ProductVersion : 4.7.1.30
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:39 [gnotify.exe]
ModuleName : C:\Program Files\Google\Gmail Notifier\gnotify.exe
Command Line : "C:\Program Files\Google\Gmail Notifier\gnotify.exe"
ProcessID : 2008
ThreadCreationTime : 5-6-2005 7:50:05 PM
BasePriority : Normal
FileVersion : 1.0.24.0
ProductVersion : 1.0.24.0
ProductName : Gmail
CompanyName : Google Inc.
FileDescription : Gmail Notifier
LegalCopyright : Copyright © Google Inc. 2004
OriginalFilename : gnotify.exe

#:40 [picasamediadetector.exe]
ModuleName : C:\Program Files\Picasa2\PicasaMediaDetector.exe
Command Line : "C:\Program Files\Picasa2\PicasaMediaDetector.exe"
ProcessID : 2016
ThreadCreationTime : 5-6-2005 7:50:05 PM
BasePriority : Normal


#:41 [incd.exe]
ModuleName : C:\Program Files\Ahead\InCD\InCD.exe
Command Line : "C:\Program Files\Ahead\InCD\InCD.exe"
ProcessID : 2096
ThreadCreationTime : 5-6-2005 7:50:05 PM
BasePriority : Normal
FileVersion : 4, 3, 11, 1
ProductVersion : 4, 3, 11, 1
ProductName : Nero AG InCD
CompanyName : Nero AG
FileDescription : InCD
InternalName : InCD
LegalCopyright : Copyright 1995-2005 Nero AG and its licensors. All Rights Reserved.
LegalTrademarks : InCD is a trademark of Nero AG
OriginalFilename : InCD.exe

#:42 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 2124
ThreadCreationTime : 5-6-2005 7:50:05 PM
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:43 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 2160
ThreadCreationTime : 5-6-2005 7:50:05 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:44 [2portalmon.exe]
ModuleName : C:\Program Files\2Wire\2PortalMon.exe
Command Line : "C:\Program Files\2Wire\2PortalMon.exe"
ProcessID : 2188
ThreadCreationTime : 5-6-2005 7:50:05 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : HomePortal Monitor Application
CompanyName : 2Wire, Inc.
FileDescription : HomePortal Monitor Application by 2Wire Engineering
InternalName : HomePortal Monitor
LegalCopyright : Copyright © 1999, 2000, 2001, 2wire, Inc. All Rights Reserved
LegalTrademarks : Copyright © 1999, 2000, 2001, 2wire, Inc. All Rights Reserved
OriginalFilename : HomePortal Monitor.EXE
Comments : HomePortal Monitor Application by 2Wire Engineering

#:45 [gcasserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
ProcessID : 2224
ThreadCreationTime : 5-6-2005 7:50:05 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:46 [jusched.exe]
ModuleName : C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
Command Line : "C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe"
ProcessID : 2236
ThreadCreationTime : 5-6-2005 7:50:05 PM
BasePriority : Normal


#:47 [ipodservice.exe]
ModuleName : C:\Program Files\iPod\bin\iPodService.exe
Command Line : "C:\Program Files\iPod\bin\iPodService.exe"
ProcessID : 2276
ThreadCreationTime : 5-6-2005 7:50:06 PM
BasePriority : Normal
FileVersion : 4.7.1.30
ProductVersion : 4.7.1.30
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:48 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 2288
ThreadCreationTime : 5-6-2005 7:50:06 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:49 [x8skplay.exe]
ModuleName : C:\Program Files\Excite\PrvtMsgr\bin\x8SkPlay.exe
Command Line : "C:\Program Files\Excite\PrvtMsgr\bin\x8SkPlay.exe" Notifier
ProcessID : 2304
ThreadCreationTime : 5-6-2005 7:50:06 PM
BasePriority : Normal
FileVersion : 1, 0, 3, 2
ProductVersion : 1, 0, 3, 2
ProductName : Excite Community Tools
CompanyName : The Excite Network, Inc.
FileDescription : Excite Skin Player
InternalName : x8SkPlay
LegalCopyright : Copyright © 2001, 2002, 2003
OriginalFilename : x8SkPlay.exe

#:50 [mssysmgr.exe]
ModuleName : C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
Command Line : "C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe"
ProcessID : 2332
ThreadCreationTime : 5-6-2005 7:50:07 PM
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.1.0
ProductName : Nero PhotoShow Media Manager
CompanyName : Ahead Software
FileDescription : Nero PhotoShow Media Manager
LegalCopyright : Copyright © 2004 Ahead Software AG
OriginalFilename : mssysmgr.exe

#:51 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k imgsvc
ProcessID : 2352
ThreadCreationTime : 5-6-2005 7:50:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:52 [nclaunch.exe]
ModuleName : C:\WINDOWS\NCLAUNCH.EXe
Command Line : "C:\WINDOWS\NCLAUNCH.EXe"
ProcessID : 2364
ThreadCreationTime : 5-6-2005 7:50:07 PM
BasePriority : Normal
FileVersion : 2, 2, 0, 150
ProductVersion : 2, 2, 0, 150
ProductName : Northcode NCLaunch
CompanyName : Northcode Inc.
FileDescription : NCLaunch
InternalName : NCLaunch
LegalCopyright : Copyright © 2000-2004
LegalTrademarks : All Rights Reserved
OriginalFilename : NCLaunch.exe
Comments : File launcher used by SWF Studio screensavers on Windows NT, 2000 and XP

#:53 [em_exec.exe]
ModuleName : C:\Program Files\Logitech\MouseWare\system\em_exec.exe
Command Line : "C:\Program Files\Logitech\MouseWare\system\em_exec.exe"
ProcessID : 2368
ThreadCreationTime : 5-6-2005 7:50:07 PM
BasePriority : Normal
FileVersion : 9.79.019
ProductVersion : 9.79.019
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Logitech Events Handler Application
InternalName : Em_Exec
LegalCopyright : © 1987-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : Em_Exec.exe
Comments : Created by the MouseWare team

#:54 [answers.exe]
ModuleName : C:\Program Files\1-Click Answers\answers.exe
Command Line : "C:\Program Files\1-Click Answers\answers.exe"
ProcessID : 2448
ThreadCreationTime : 5-6-2005 7:50:07 PM
BasePriority : Normal
FileVersion : 1.0 (build 128)
ProductVersion : 1.0 (build 128)
ProductName : Answers
CompanyName : GuruNet Corporation
FileDescription : 1-Click Answers Client
InternalName : 1-Click Answers Client
LegalCopyright : Copyright © GuruNet Corporation 1999-2005
OriginalFilename : Answers.exe

#:55 [gcasdtserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe"
ProcessID : 2580
ThreadCreationTime : 5-6-2005 7:50:09 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:56 [agtserv.exe]
ModuleName : C:\PROGRA~1\COMMON~1\GURUNE~1\agtserv.exe
Command Line : C:\PROGRA~1\COMMON~1\GURUNE~1\agtserv.exe 132144
ProcessID : 3164
ThreadCreationTime : 5-6-2005 7:50:12 PM
BasePriority : Normal
FileVersion : 7.0 (build 128)
ProductVersion : 7.0 (build 128)
ProductName : ScreenScraper SDK
CompanyName : GuruNet Corporation
FileDescription : AgtServ main executable
InternalName : AgtServ
LegalCopyright : Copyright © GuruNet Corporation 1999-2005
OriginalFilename : AgtServ.exe

#:57 [ggviewer.exe]
ModuleName : C:\Program Files\Google\deskbar-0.5.95.0\ggviewer.exe
Command Line : "C:\Program Files\Google\deskbar-0.5.95.0\ggviewer.exe"
ProcessID : 2176
ThreadCreationTime : 5-6-2005 7:50:18 PM
BasePriority : Normal
FileVersion : 0, 5, 95, 0
ProductVersion : 0, 5, 95, 0
ProductName : Google Deskbar
CompanyName : Google
FileDescription : Google Deskbar
LegalCopyright : Copyright 2004 Google

#:58 [wmiprvse.exe]
ModuleName : C:\WINDOWS\system32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
ProcessID : 2220
ThreadCreationTime : 5-6-2005 7:50:18 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:59 [virtuagirl2.exe]
ModuleName : C:\Program Files\Vg\VirtuaGirl2.exe
Command Line : "C:\Program Files\Vg\VirtuaGirl2.exe"
ProcessID : 2944
ThreadCreationTime : 5-6-2005 7:50:22 PM
BasePriority : Normal


#:60 [cidaemon.exe]
ModuleName : C:\WINDOWS\system32\cidaemon.exe
Command Line : "cidaemon.exe" DownLevelDaemon "c:\system volume information\catalog.wci" 196672l 1504l
ProcessID : 3424
ThreadCreationTime : 5-6-2005 7:57:25 PM
BasePriority : Idle
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Indexing Service filter daemon
InternalName : cidaemon.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cidaemon.exe

#:61 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3840
ThreadCreationTime : 5-6-2005 9:25:11 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 0


2:51:34 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:37.531
Objects scanned:180285
Objects identified:0
Objects ignored:0
New critical objects:0


:tazz:
  • 0
Back to Lavasoft Support (Ad-aware) · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Lavasoft Support (Ad-aware)

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP