Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Danger: spyware problem


  • Please log in to reply

#1
chosenKarina

chosenKarina

    New Member

  • Member
  • Pip
  • 9 posts
I have runned Norton with the latest definitions, CWShredder, spybot S&D with the DSO exploit fix. I have also runned the Microsoft Antispyware (beta). I have windows XP SP1, which has all the windows udpates for that SP. Most things are gone, but I still have the danger:spyware. I deleted their desktop.html page, but the display properties on the desktop are not back to normal. I do get the triangle with the exclamation sign, wich I don't trust.
Ad-Aware SE Build 1.05
Logfile Created on:Wednesday, May 04, 2005 9:11:05 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:8 %
Total physical memory:458220 kb
Available physical memory:34336 kb
Total page file size:1084292 kb
Available on page file:739664 kb
Total virtual memory:2097024 kb
Available virtual memory:2024224 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-4-2005 9:11:05 PM - Scan started. (Custom mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 580
ThreadCreationTime : 5-4-2005 6:09:51 AM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 644
ThreadCreationTime : 5-4-2005 6:09:53 AM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 668
ThreadCreationTime : 5-4-2005 6:09:54 AM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 712
ThreadCreationTime : 5-4-2005 6:09:56 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 724
ThreadCreationTime : 5-4-2005 6:09:56 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 908
ThreadCreationTime : 5-4-2005 6:09:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 944
ThreadCreationTime : 5-4-2005 6:09:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1044
ThreadCreationTime : 5-4-2005 6:09:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1068
ThreadCreationTime : 5-4-2005 6:09:59 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : n/a
ProcessID : 1120
ThreadCreationTime : 5-4-2005 6:09:59 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : n/a
ProcessID : 1200
ThreadCreationTime : 5-4-2005 6:10:00 AM
BasePriority : Normal
FileVersion : 5.4.0.110
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:12 [spbbcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Command Line : n/a
ProcessID : 1228
ThreadCreationTime : 5-4-2005 6:10:01 AM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:13 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : n/a
ProcessID : 1300
ThreadCreationTime : 5-4-2005 6:10:03 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:14 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1460
ThreadCreationTime : 5-4-2005 6:10:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
ProcessID : 1560
ThreadCreationTime : 5-4-2005 6:10:04 AM
BasePriority : Normal


#:16 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : n/a
ProcessID : 1636
ThreadCreationTime : 5-4-2005 6:10:05 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:17 [ncupdatesvc.exe]
ModuleName : C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
Command Line : "C:\Program Files\Netscape Internet Service\ncupdatesvc.exe"
ProcessID : 1676
ThreadCreationTime : 5-4-2005 6:10:05 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Netscape Update Service
CompanyName : Netscape Communications Corporation
FileDescription : Netscape Update Service
InternalName : Netscape NT Service
LegalCopyright : Copyright © 2003, 2004 Netscape Communications Corporation. All rights reserved.
LegalTrademarks : Netscape Communications Corporation
OriginalFilename : Netscape Update Service

#:18 [npfmntor.exe]
ModuleName : C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
Command Line : n/a
ProcessID : 1744
ThreadCreationTime : 5-4-2005 6:10:05 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:19 [nprotect.exe]
ModuleName : C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
Command Line : "C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE"
ProcessID : 1760
ThreadCreationTime : 5-4-2005 6:10:06 AM
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright © 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE

#:20 [nsengine.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe"
ProcessID : 1820
ThreadCreationTime : 5-4-2005 6:10:06 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NsEngine Module
FileDescription : NsEngine Module
InternalName : NsEngine
LegalCopyright : Copyright 2002
OriginalFilename : NsEngine.EXE

#:21 [tsircusr.exe]
ModuleName : C:\WINDOWS\TSI32\tsircusr.exe
Command Line : C:\WINDOWS\TSI32\tsircusr.exe
ProcessID : 2000
ThreadCreationTime : 5-4-2005 6:10:08 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCUSR
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCUSR.EXE

#:22 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 2008
ThreadCreationTime : 5-4-2005 6:10:08 AM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:23 [slserv.exe]
ModuleName : C:\WINDOWS\system32\slserv.exe
Command Line : slserv.exe
ProcessID : 2036
ThreadCreationTime : 5-4-2005 6:10:09 AM
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:24 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 128
ThreadCreationTime : 5-4-2005 6:10:09 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:25 [symlcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Command Line : n/a
ProcessID : 148
ThreadCreationTime : 5-4-2005 6:10:09 AM
BasePriority : Normal
FileVersion : 1, 8, 54, 419
ProductVersion : 1, 8, 54, 419
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:26 [tsircsrv.exe]
ModuleName : C:\WINDOWS\System32\TSIRCSRV.EXE
Command Line : C:\WINDOWS\System32\TSIRCSRV.EXE
ProcessID : 268
ThreadCreationTime : 5-4-2005 6:10:11 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCSRV
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCSRV.EXE

#:27 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 328
ThreadCreationTime : 5-4-2005 6:10:11 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:28 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe"
ProcessID : 636
ThreadCreationTime : 5-4-2005 6:10:16 AM
BasePriority : Normal
FileVersion : 4.7.2010
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:29 [msole32.exe]
ModuleName : C:\WINDOWS\System32\msole32.exe
Command Line : "C:\WINDOWS\System32\msole32.exe"
ProcessID : 968
ThreadCreationTime : 5-4-2005 6:10:19 AM
BasePriority : Normal


#:30 [popuper.exe]
ModuleName : C:\WINDOWS\popuper.exe
Command Line : "C:\WINDOWS\popuper.exe"
ProcessID : 988
ThreadCreationTime : 5-4-2005 6:10:20 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 217
ProductVersion : 1, 0, 0, 217
ProductName : Popuper Application
FileDescription : Popuper Application
InternalName : Popuper
LegalCopyright : Copyright © 2005
OriginalFilename : Popuper.exe

#:31 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 1128
ThreadCreationTime : 5-4-2005 6:10:21 AM
BasePriority : Normal
FileVersion : 5.1.0.24
ProductVersion : 5.1.0.24
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:32 [intmonp.exe]
ModuleName : C:\WINDOWS\System32\intmonp.exe
Command Line : intmonp.exe
ProcessID : 1144
ThreadCreationTime : 5-4-2005 6:10:21 AM
BasePriority : Normal


#:33 [vttimer.exe]
ModuleName : C:\WINDOWS\System32\VTTimer.exe
Command Line : "C:\WINDOWS\System32\VTTimer.exe"
ProcessID : 1188
ThreadCreationTime : 5-4-2005 6:10:21 AM
BasePriority : Normal
FileVersion : 1.04.01-0526
ProductVersion : 1.04.01-0526
ProductName : S3 Graphics, Inc. Utilities
CompanyName : S3 Graphics, Inc.
InternalName : S3Timer
LegalCopyright : Copyright © 2001-2004 S3 Graphics, Inc.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated

#:34 [vttrayp.exe]
ModuleName : C:\WINDOWS\System32\VTtrayp.exe
Command Line : "C:\WINDOWS\System32\VTtrayp.exe"
ProcessID : 864
ThreadCreationTime : 5-4-2005 6:10:22 AM
BasePriority : Normal
FileVersion : 2.00.22-0607
ProductVersion : 2.00.22-0607
ProductName : Part of S3 Screen Toys
CompanyName : S3 Graphics Co., Ltd.
FileDescription : s3contrl
InternalName : s3contrl
LegalCopyright : Copyright © 2004 S3 Graphics Co., Ltd.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated
Comments : S3TrayPlus tray icon utility

#:35 [winampa.exe]
ModuleName : C:\Program Files\Winamp3\winampa.exe
Command Line : "C:\Program Files\Winamp3\winampa.exe"
ProcessID : 1508
ThreadCreationTime : 5-4-2005 6:10:22 AM
BasePriority : Normal


#:36 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 1628
ThreadCreationTime : 5-4-2005 6:10:22 AM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:37 [realplay.exe]
ModuleName : C:\Program Files\Real\RealPlayer\RealPlay.exe
Command Line : "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
ProcessID : 1688
ThreadCreationTime : 5-4-2005 6:10:23 AM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:38 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1740
ThreadCreationTime : 5-4-2005 6:10:23 AM
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:39 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 1876
ThreadCreationTime : 5-4-2005 6:10:24 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 78
ProductVersion : 1, 0, 0, 78
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:40 [shicoxp.exe]
ModuleName : C:\WINDOWS\shicoxp.exe
Command Line : "C:\WINDOWS\shicoxp.exe"
ProcessID : 1888
ThreadCreationTime : 5-4-2005 6:10:25 AM
BasePriority : Normal


#:41 [calcheck.exe]
ModuleName : C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe
Command Line : "C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe"
ProcessID : 1868
ThreadCreationTime : 5-4-2005 6:10:27 AM
BasePriority : Normal
FileVersion : 2,0,0,0
ProductVersion : 2, 0, 0, 0
ProductName : Ulead Photo Express My Scrapbook Edition
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright © 1992-2003. Ulead Systems, Inc. All rights reserved.
LegalTrademarks : Ulead Systems and Photo Express My Scrapbook Edition are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:42 [llsched.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE"
ProcessID : 1832
ThreadCreationTime : 5-4-2005 6:10:28 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSched
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSched.EXE

#:43 [nbkctrl.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe"
ProcessID : 2096
ThreadCreationTime : 5-4-2005 6:10:31 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 1
ProductName : NovaStor Backup Service
FileDescription : NovaStor Backup Service User Interface
InternalName : NbkCtrl
LegalCopyright : Copyright © 2003 NovaStor Corp.
OriginalFilename : NbkCtrl.EXE

#:44 [llscheng.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE" -Embedding
ProcessID : 2100
ThreadCreationTime : 5-4-2005 6:10:31 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSchEng
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSchEng.exe

#:45 [lxbxmon.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\lxbxmon.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
ProcessID : 2340
ThreadCreationTime : 5-4-2005 6:10:37 AM
BasePriority : Normal
FileVersion : 1.194.0.0
ProductVersion : 1.194.0.0
ProductName : Lexmark 7100 Series Device Monitor
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 7100 Series Device Monitor
InternalName : lxbxmon.exe
LegalCopyright : © 2002 Lexmark International, Inc.
OriginalFilename : lxbxmon.exe

#:46 [ezprint.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\ezprint.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\ezprint.exe"
ProcessID : 2368
ThreadCreationTime : 5-4-2005 6:10:40 AM
BasePriority : Normal


#:47 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : ctfmon.exe
ProcessID : 2412
ThreadCreationTime : 5-4-2005 6:10:42 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:48 [schsvr.exe]
ModuleName : C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
Command Line : "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
ProcessID : 2504
ThreadCreationTime : 5-4-2005 6:10:50 AM
BasePriority : Normal
FileVersion : 3.0.79.246
ProductVersion : 3.0.79.246
ProductName : InterVideo® WinDVR
CompanyName : InterVideo Inc.
FileDescription : InterVideo Schedule Server
InternalName : SchSvr
LegalCopyright : Copyright © 2000-2002 InterVideo Inc.
OriginalFilename : SchSvr.EXE

#:49 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : n/a
ProcessID : 2648
ThreadCreationTime : 5-4-2005 6:10:52 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:50 [gcasserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
ProcessID : 2984
ThreadCreationTime : 5-4-2005 6:11:00 AM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:51 [gcasdtserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe"
ProcessID : 3140
ThreadCreationTime : 5-4-2005 6:11:07 AM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:52 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
ProcessID : 3164
ThreadCreationTime : 5-4-2005 6:11:07 AM
BasePriority : Normal
FileVersion : 6,0,0,1922
ProductVersion : 6,0,0,1922
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2005
OriginalFilename : YPager.exe

#:53 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 3448
ThreadCreationTime : 5-4-2005 6:11:19 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:54 [lxbxcoms.exe]
ModuleName : C:\WINDOWS\System32\lxbxcoms.exe
Command Line : C:\WINDOWS\System32\lxbxcoms.exe -service
ProcessID : 3484
ThreadCreationTime : 5-4-2005 6:11:21 AM
BasePriority : High
FileVersion : 1.101.36.0
ProductVersion : 1.101.36.0
ProductName : Lexmark Communication System
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark Communication System
InternalName : LXBXcoms.exe
LegalCopyright : © Lexmark International, Inc. 2001-2004
OriginalFilename : LXBXcoms.exe

#:55 [wincinemamgr.exe]
ModuleName : C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Command Line : "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
ProcessID : 3716
ThreadCreationTime : 5-4-2005 6:11:27 AM
BasePriority : Normal
FileVersion : 1.7.1
ProductVersion : 1, 7, 1, 0
ProductName : WinCinema Manager for InterVideo WinCinema products
CompanyName : InterVideo Inc.
FileDescription : WinCinema Manager
InternalName : WinCinema Manager
LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved.
OriginalFilename : WinCinemaMgr.EXE

#:56 [aoltray.exe]
ModuleName : C:\Program Files\America Online 9.0\aoltray.exe
Command Line : "C:\Program Files\America Online 9.0\aoltray.exe" -check
ProcessID : 3736
ThreadCreationTime : 5-4-2005 6:11:28 AM
BasePriority : Normal
FileVersion : 9.00.001
ProductVersion : 9.00.001
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright © America Online, Inc. 1999 - 2004

#:57 [minimavis.exe]
ModuleName : C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe
Command Line : "C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe" main
ProcessID : 3972
ThreadCreationTime : 5-4-2005 6:11:38 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : Mavis Beacon Personal Coach v 2.0
CompanyName : TLC Education Properties LLC
FileDescription : Mavis Beacon Personal Coach v 2.0
InternalName : MINIMAVIS
LegalCopyright : Copyright © 2001 TLC Education Properties LLC
OriginalFilename : MiniMavis.exe

#:58 [dad11.exe]
ModuleName : C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe
Command Line : "C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe"
ProcessID : 4040
ThreadCreationTime : 5-4-2005 6:11:41 AM
BasePriority : Normal
FileVersion : 11.0.0.321
ProductVersion : 11.0.0.321
ProductName : Desktop Application Director 11
CompanyName : Corel Corporation Limited
FileDescription : Desktop Application Director 11
InternalName : Dad11
LegalCopyright : Copyright 2001 - 2003. Corel Corporation. All rights reserved.
LegalTrademarks : WordPerfect ® Office 2002
OriginalFilename : Dad11.exe

#:59 [pvremote.exe]
ModuleName : C:\Program Files\M4800\PVRemote.exe
Command Line : "C:\Program Files\M4800\PVRemote.exe"
ProcessID : 4056
ThreadCreationTime : 5-4-2005 6:11:42 AM
BasePriority : Normal


#:60 [mpbtn.exe]
ModuleName : C:\Program Files\Digital Lifeline\bin\mpbtn.exe
Command Line : "C:\Program Files\Digital Lifeline\bin\mpbtn.exe" -boot
ProcessID : 272
ThreadCreationTime : 5-4-2005 6:11:45 AM
BasePriority : Normal
FileVersion : 4.03.01.1.20010830_170344
ProductVersion : 4.03.01.1
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : Motive Support Client
LegalCopyright : Copyright © Motive Communications, Inc. 1998-2001
OriginalFilename : mpbtn

#:61 [osa.exe]
ModuleName : C:\Program Files\Microsoft Office\Office\OSA.EXE
Command Line : "C:\Program Files\Microsoft Office\Office\OSA.EXE" -b
ProcessID : 208
ThreadCreationTime : 5-4-2005 6:11:47 AM
BasePriority : Normal


#:62 [web_accel.exe]
ModuleName : C:\Program Files\ISP.COM High Speed\web_accel.exe
Command Line : "C:\Program Files\ISP.COM High Speed\web_accel.exe"
ProcessID : 476
ThreadCreationTime : 5-4-2005 6:11:49 AM
BasePriority : Normal
FileVersion : 3.2.12
ProductVersion : 3.2.12

#:63 [soffice.exe]
ModuleName : C:\Program Files\OpenOffice.org1.0\program\soffice.exe
Command Line : "C:\Program Files\OpenOffice.org1.0\program\soffice.exe" -quickstart
ProcessID : 1004
ThreadCreationTime : 5-4-2005 6:11:50 AM
BasePriority : Normal
FileVersion : 6.00.7663
ProductVersion : 6.00.7663
CompanyName : Sun Microsystems, Inc.
FileDescription : OpenOffice.org 1.0
InternalName : SOFFICE
LegalCopyright : Copyright © 2000 by Sun Microsystems, Inc.
OriginalFilename : SOFFICE.EXE

#:64 [ad-aware.exe]
ModuleName : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3056
ThreadCreationTime : 5-5-2005 1:45:52 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:65 [dialer.exe]
ModuleName : C:\Program Files\ISP.COM Internet Services\dialer.exe
Command Line : "C:\Program Files\ISP.COM Internet Services\dialer.exe" dial
ProcessID : 3680
ThreadCreationTime : 5-5-2005 2:02:48 AM
BasePriority : Normal
FileVersion : 3.0.3.1
ProductVersion : 3.03
ProductName : ISPWizard Dialer - Internet Setup Program Wizard Dialer
CompanyName : ISPWizard
FileDescription : ISPWizard Dialer
LegalCopyright : Copyright 2000-2004 Mark Griffiths
Comments : http://www.ispwizard.com

#:66 [slrundll.exe]
ModuleName : C:\WINDOWS\slrundll.exe
Command Line : slrundll.exe SLGen.dll,SLRunServ SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000
ProcessID : 2440
ThreadCreationTime : 5-5-2005 2:03:17 AM
BasePriority : Normal


#:67 [netscp.exe]
ModuleName : C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
Command Line : C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
ProcessID : 3112
ThreadCreationTime : 5-5-2005 2:03:52 AM
BasePriority : Normal


Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
42 entries scanned.
New critical objects:0
Objects found so far: 0


9:21:59 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:10:53.922
Objects scanned:257522
Objects identified:0
Objects ignored:0
New critical objects:0
  • 0

Advertisements


#2
Rawe

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Welcome!

If you need help, post Ad-aware SE scanlog from "Full system scan".

Note; perform Webupdate- feature always before scanning your system, that way you are always up-to-date. At the moment SE1R42 28.04.2005 - definition file is the latest one.

Ad-Aware comes preconfigured with default options, so we need you to make one change. Deselect "Search for negligible risk entries"- setting, because mru-list's aren't considered as a threat. You can change this setting when selecting your scan type. Also, delete all tracking cookies just before scanning, they aren't a threat and just take space in your posts.

Select "Perform full system scan" and click next. When the scan has finished, click "Show logfile".

Then, copy & paste the complete scanlog here using Add Reply- feature. Don't quarantine or remove anything at this time, just post a complete logfile. This may take 2-3 posts to get it all here. You'll know when you are at the end when you see "Summary of this scan" information has posted.

When you have posted complete logfile from "Full system scan", we will tell you what to do.

Good day!

- Rawe :tazz:
  • 0

#3
chosenKarina

chosenKarina

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Thaks for the reply...
I got the latest definitions and I deleted my cookies from IE. Here is my new log. Thanks...

Ad-Aware SE Build 1.05
Logfile Created on:Friday, May 06, 2005 5:15:01 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

5-6-2005 4:53:18 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


5-6-2005 4:55:47 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:18 %
Total physical memory:458220 kb
Available physical memory:80588 kb
Total page file size:1084292 kb
Available on page file:712100 kb
Total virtual memory:2097024 kb
Available virtual memory:2027128 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-6-2005 5:15:01 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 580
ThreadCreationTime : 5-6-2005 12:43:26 AM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 644
ThreadCreationTime : 5-6-2005 12:43:28 AM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 668
ThreadCreationTime : 5-6-2005 12:43:29 AM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 712
ThreadCreationTime : 5-6-2005 12:43:30 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 724
ThreadCreationTime : 5-6-2005 12:43:30 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 912
ThreadCreationTime : 5-6-2005 12:43:32 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 948
ThreadCreationTime : 5-6-2005 12:43:33 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1044
ThreadCreationTime : 5-6-2005 12:43:33 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1068
ThreadCreationTime : 5-6-2005 12:43:34 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : n/a
ProcessID : 1120
ThreadCreationTime : 5-6-2005 12:43:35 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : n/a
ProcessID : 1200
ThreadCreationTime : 5-6-2005 12:43:35 AM
BasePriority : Normal
FileVersion : 5.4.0.110
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:12 [spbbcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Command Line : n/a
ProcessID : 1228
ThreadCreationTime : 5-6-2005 12:43:36 AM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:13 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : n/a
ProcessID : 1300
ThreadCreationTime : 5-6-2005 12:43:39 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:14 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1468
ThreadCreationTime : 5-6-2005 12:43:39 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
ProcessID : 1568
ThreadCreationTime : 5-6-2005 12:43:40 AM
BasePriority : Normal


#:16 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : n/a
ProcessID : 1644
ThreadCreationTime : 5-6-2005 12:43:40 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:17 [ncupdatesvc.exe]
ModuleName : C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
Command Line : "C:\Program Files\Netscape Internet Service\ncupdatesvc.exe"
ProcessID : 1680
ThreadCreationTime : 5-6-2005 12:43:40 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Netscape Update Service
CompanyName : Netscape Communications Corporation
FileDescription : Netscape Update Service
InternalName : Netscape NT Service
LegalCopyright : Copyright © 2003, 2004 Netscape Communications Corporation. All rights reserved.
LegalTrademarks : Netscape Communications Corporation
OriginalFilename : Netscape Update Service

#:18 [npfmntor.exe]
ModuleName : C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
Command Line : n/a
ProcessID : 1732
ThreadCreationTime : 5-6-2005 12:43:40 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:19 [nprotect.exe]
ModuleName : C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
Command Line : "C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE"
ProcessID : 1748
ThreadCreationTime : 5-6-2005 12:43:41 AM
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright © 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE

#:20 [nsengine.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe"
ProcessID : 1816
ThreadCreationTime : 5-6-2005 12:43:41 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NsEngine Module
FileDescription : NsEngine Module
InternalName : NsEngine
LegalCopyright : Copyright 2002
OriginalFilename : NsEngine.EXE

#:21 [slserv.exe]
ModuleName : C:\WINDOWS\system32\slserv.exe
Command Line : slserv.exe
ProcessID : 1856
ThreadCreationTime : 5-6-2005 12:43:43 AM
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:22 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1876
ThreadCreationTime : 5-6-2005 12:43:43 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:23 [symlcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Command Line : n/a
ProcessID : 1888
ThreadCreationTime : 5-6-2005 12:43:43 AM
BasePriority : Normal
FileVersion : 1, 8, 54, 419
ProductVersion : 1, 8, 54, 419
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:24 [tsircsrv.exe]
ModuleName : C:\WINDOWS\System32\TSIRCSRV.EXE
Command Line : C:\WINDOWS\System32\TSIRCSRV.EXE
ProcessID : 1964
ThreadCreationTime : 5-6-2005 12:43:44 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCSRV
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCSRV.EXE

#:25 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 2004
ThreadCreationTime : 5-6-2005 12:43:44 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:26 [lxbxcoms.exe]
ModuleName : C:\WINDOWS\System32\lxbxcoms.exe
Command Line : C:\WINDOWS\System32\lxbxcoms.exe -service
ProcessID : 2568
ThreadCreationTime : 5-6-2005 12:46:14 AM
BasePriority : High
FileVersion : 1.101.36.0
ProductVersion : 1.101.36.0
ProductName : Lexmark Communication System
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark Communication System
InternalName : LXBXcoms.exe
LegalCopyright : © Lexmark International, Inc. 2001-2004
OriginalFilename : LXBXcoms.exe

#:27 [tsircusr.exe]
ModuleName : C:\WINDOWS\TSI32\tsircusr.exe
Command Line : C:\WINDOWS\TSI32\tsircusr.exe
ProcessID : 5768
ThreadCreationTime : 5-6-2005 7:50:50 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCUSR
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCUSR.EXE

#:28 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 6120
ThreadCreationTime : 5-6-2005 7:50:50 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:29 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe"
ProcessID : 2596
ThreadCreationTime : 5-6-2005 7:50:53 PM
BasePriority : Normal
FileVersion : 4.7.2010
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:30 [msole32.exe]
ModuleName : C:\WINDOWS\System32\msole32.exe
Command Line : "C:\WINDOWS\System32\msole32.exe"
ProcessID : 2588
ThreadCreationTime : 5-6-2005 7:50:54 PM
BasePriority : Normal


#:31 [popuper.exe]
ModuleName : C:\WINDOWS\popuper.exe
Command Line : "C:\WINDOWS\popuper.exe"
ProcessID : 3680
ThreadCreationTime : 5-6-2005 7:50:54 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 217
ProductVersion : 1, 0, 0, 217
ProductName : Popuper Application
FileDescription : Popuper Application
InternalName : Popuper
LegalCopyright : Copyright © 2005
OriginalFilename : Popuper.exe

#:32 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 6132
ThreadCreationTime : 5-6-2005 7:50:55 PM
BasePriority : Normal
FileVersion : 5.1.0.24
ProductVersion : 5.1.0.24
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:33 [intmonp.exe]
ModuleName : C:\WINDOWS\System32\intmonp.exe
Command Line : intmonp.exe
ProcessID : 2436
ThreadCreationTime : 5-6-2005 7:50:55 PM
BasePriority : Normal


#:34 [vttimer.exe]
ModuleName : C:\WINDOWS\System32\VTTimer.exe
Command Line : "C:\WINDOWS\System32\VTTimer.exe"
ProcessID : 1504
ThreadCreationTime : 5-6-2005 7:50:56 PM
BasePriority : Normal
FileVersion : 1.04.01-0526
ProductVersion : 1.04.01-0526
ProductName : S3 Graphics, Inc. Utilities
CompanyName : S3 Graphics, Inc.
InternalName : S3Timer
LegalCopyright : Copyright © 2001-2004 S3 Graphics, Inc.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated

#:35 [vttrayp.exe]
ModuleName : C:\WINDOWS\System32\VTtrayp.exe
Command Line : "C:\WINDOWS\System32\VTtrayp.exe"
ProcessID : 3796
ThreadCreationTime : 5-6-2005 7:50:56 PM
BasePriority : Normal
FileVersion : 2.00.22-0607
ProductVersion : 2.00.22-0607
ProductName : Part of S3 Screen Toys
CompanyName : S3 Graphics Co., Ltd.
FileDescription : s3contrl
InternalName : s3contrl
LegalCopyright : Copyright © 2004 S3 Graphics Co., Ltd.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated
Comments : S3TrayPlus tray icon utility

#:36 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : ctfmon.exe
ProcessID : 3460
ThreadCreationTime : 5-6-2005 7:50:56 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:37 [winampa.exe]
ModuleName : C:\Program Files\Winamp3\winampa.exe
Command Line : "C:\Program Files\Winamp3\winampa.exe"
ProcessID : 3732
ThreadCreationTime : 5-6-2005 7:50:56 PM
BasePriority : Normal


#:38 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 3040
ThreadCreationTime : 5-6-2005 7:50:56 PM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:39 [realplay.exe]
ModuleName : C:\Program Files\Real\RealPlayer\RealPlay.exe
Command Line : "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
ProcessID : 3672
ThreadCreationTime : 5-6-2005 7:50:58 PM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:40 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1772
ThreadCreationTime : 5-6-2005 7:51:00 PM
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:41 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 4252
ThreadCreationTime : 5-6-2005 7:51:02 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 78
ProductVersion : 1, 0, 0, 78
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:42 [shicoxp.exe]
ModuleName : C:\WINDOWS\shicoxp.exe
Command Line : "C:\WINDOWS\shicoxp.exe"
ProcessID : 4268
ThreadCreationTime : 5-6-2005 7:51:03 PM
BasePriority : Normal


#:43 [calcheck.exe]
ModuleName : C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe
Command Line : "C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe"
ProcessID : 1548
ThreadCreationTime : 5-6-2005 7:51:03 PM
BasePriority : Normal
FileVersion : 2,0,0,0
ProductVersion : 2, 0, 0, 0
ProductName : Ulead Photo Express My Scrapbook Edition
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright © 1992-2003. Ulead Systems, Inc. All rights reserved.
LegalTrademarks : Ulead Systems and Photo Express My Scrapbook Edition are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:44 [llsched.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE"
ProcessID : 4368
ThreadCreationTime : 5-6-2005 7:51:04 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSched
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSched.EXE

#:45 [llscheng.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE" -Embedding
ProcessID : 4452
ThreadCreationTime : 5-6-2005 7:51:05 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSchEng
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSchEng.exe

#:46 [nbkctrl.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe"
ProcessID : 3832
ThreadCreationTime : 5-6-2005 7:51:06 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 1
ProductName : NovaStor Backup Service
FileDescription : NovaStor Backup Service User Interface
InternalName : NbkCtrl
LegalCopyright : Copyright © 2003 NovaStor Corp.
OriginalFilename : NbkCtrl.EXE

#:47 [lxbxmon.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\lxbxmon.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
ProcessID : 2876
ThreadCreationTime : 5-6-2005 7:51:09 PM
BasePriority : Normal
FileVersion : 1.194.0.0
ProductVersion : 1.194.0.0
ProductName : Lexmark 7100 Series Device Monitor
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 7100 Series Device Monitor
InternalName : lxbxmon.exe
LegalCopyright : © 2002 Lexmark International, Inc.
OriginalFilename : lxbxmon.exe

#:48 [ezprint.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\ezprint.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\ezprint.exe"
ProcessID : 3696
ThreadCreationTime : 5-6-2005 7:51:10 PM
BasePriority : Normal


#:49 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : n/a
ProcessID : 4492
ThreadCreationTime : 5-6-2005 7:51:14 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:50 [gcasserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
ProcessID : 3188
ThreadCreationTime : 5-6-2005 7:51:16 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:51 [gcasdtserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe"
ProcessID : 4544
ThreadCreationTime : 5-6-2005 7:51:18 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:52 [wincinemamgr.exe]
ModuleName : C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Command Line : "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
ProcessID : 4280
ThreadCreationTime : 5-6-2005 7:51:30 PM
BasePriority : Normal
FileVersion : 1.7.1
ProductVersion : 1, 7, 1, 0
ProductName : WinCinema Manager for InterVideo WinCinema products
CompanyName : InterVideo Inc.
FileDescription : WinCinema Manager
InternalName : WinCinema Manager
LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved.
OriginalFilename : WinCinemaMgr.EXE

#:53 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 2420
ThreadCreationTime : 5-6-2005 7:51:31 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:54 [aoltray.exe]
ModuleName : C:\Program Files\America Online 9.0\aoltray.exe
Command Line : "C:\Program Files\America Online 9.0\aoltray.exe" -check
ProcessID : 3536
ThreadCreationTime : 5-6-2005 7:51:32 PM
BasePriority : Normal
FileVersion : 9.00.001
ProductVersion : 9.00.001
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright © America Online, Inc. 1999 - 2004

#:55 [minimavis.exe]
ModuleName : C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe
Command Line : "C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe" main
ProcessID : 4100
ThreadCreationTime : 5-6-2005 7:51:45 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : Mavis Beacon Personal Coach v 2.0
CompanyName : TLC Education Properties LLC
FileDescription : Mavis Beacon Personal Coach v 2.0
InternalName : MINIMAVIS
LegalCopyright : Copyright © 2001 TLC Education Properties LLC
OriginalFilename : MiniMavis.exe

#:56 [dad11.exe]
ModuleName : C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe
Command Line : "C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe"
ProcessID : 3816
ThreadCreationTime : 5-6-2005 7:51:49 PM
BasePriority : Normal
FileVersion : 11.0.0.321
ProductVersion : 11.0.0.321
ProductName : Desktop Application Director 11
CompanyName : Corel Corporation Limited
FileDescription : Desktop Application Director 11
InternalName : Dad11
LegalCopyright : Copyright 2001 - 2003. Corel Corporation. All rights reserved.
LegalTrademarks : WordPerfect ® Office 2002
OriginalFilename : Dad11.exe

#:57 [pvremote.exe]
ModuleName : C:\Program Files\M4800\PVRemote.exe
Command Line : "C:\Program Files\M4800\PVRemote.exe"
ProcessID : 3448
ThreadCreationTime : 5-6-2005 7:51:50 PM
BasePriority : Normal


#:58 [mpbtn.exe]
ModuleName : C:\Program Files\Digital Lifeline\bin\mpbtn.exe
Command Line : "C:\Program Files\Digital Lifeline\bin\mpbtn.exe" -boot
ProcessID : 2188
ThreadCreationTime : 5-6-2005 7:51:51 PM
BasePriority : Normal
FileVersion : 4.03.01.1.20010830_170344
ProductVersion : 4.03.01.1
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : Motive Support Client
LegalCopyright : Copyright © Motive Communications, Inc. 1998-2001
OriginalFilename : mpbtn

#:59 [osa.exe]
ModuleName : C:\Program Files\Microsoft Office\Office\OSA.EXE
Command Line : "C:\Program Files\Microsoft Office\Office\OSA.EXE" -b
ProcessID : 3260
ThreadCreationTime : 5-6-2005 7:51:54 PM
BasePriority : Normal


#:60 [web_accel.exe]
ModuleName : C:\Program Files\ISP.COM High Speed\web_accel.exe
Command Line : "C:\Program Files\ISP.COM High Speed\web_accel.exe"
ProcessID : 2308
ThreadCreationTime : 5-6-2005 7:51:58 PM
BasePriority : Normal
FileVersion : 3.2.12
ProductVersion : 3.2.12

#:61 [soffice.exe]
ModuleName : C:\Program Files\OpenOffice.org1.0\program\soffice.exe
Command Line : "C:\Program Files\OpenOffice.org1.0\program\soffice.exe" -quickstart
ProcessID : 4136
ThreadCreationTime : 5-6-2005 7:52:00 PM
BasePriority : Normal
FileVersion : 6.00.7663
ProductVersion : 6.00.7663
CompanyName : Sun Microsystems, Inc.
FileDescription : OpenOffice.org 1.0
InternalName : SOFFICE
LegalCopyright : Copyright © 2000 by Sun Microsystems, Inc.
OriginalFilename : SOFFICE.EXE

#:62 [dialer.exe]
ModuleName : C:\Program Files\ISP.COM Internet Services\dialer.exe
Command Line : "C:\Program Files\ISP.COM Internet Services\dialer.exe" dial
ProcessID : 1284
ThreadCreationTime : 5-6-2005 9:42:29 PM
BasePriority : Normal
FileVersion : 3.0.3.1
ProductVersion : 3.03
ProductName : ISPWizard Dialer - Internet Setup Program Wizard Dialer
CompanyName : ISPWizard
FileDescription : ISPWizard Dialer
LegalCopyright : Copyright 2000-2004 Mark Griffiths
Comments : http://www.ispwizard.com

#:63 [slrundll.exe]
ModuleName : C:\WINDOWS\slrundll.exe
Command Line : slrundll.exe SLGen.dll,SLRunServ SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000
ProcessID : 3792
ThreadCreationTime : 5-6-2005 9:42:35 PM
BasePriority : Normal


#:64 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe"
ProcessID : 5072
ThreadCreationTime : 5-6-2005 9:44:10 PM
BasePriority : Normal
FileVersion : 6,0,0,1922
ProductVersion : 6,0,0,1922
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2005
OriginalFilename : YPager.exe

#:65 [ad-aware.exe]
ModuleName : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 5092
ThreadCreationTime : 5-6-2005 9:53:07 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:66 [cmd.exe]
ModuleName : C:\WINDOWS\system32\cmd.exe
Command Line : "C:\WINDOWS\system32\cmd.exe"
ProcessID : 1160
ThreadCreationTime : 5-6-2005 9:54:11 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Command Processor
InternalName : cmd
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Cmd.Exe

#:67 [msimn.exe]
ModuleName : C:\Program Files\Outlook Express\MSIMN.EXE
Command Line : "C:\Program Files\Outlook Express\MSIMN.EXE"
ProcessID : 4244
ThreadCreationTime : 5-6-2005 10:03:11 PM
BasePriority : Normal
FileVersion : 6.00.2800.1123
ProductVersion : 6.00.2800.1123
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Outlook Express
InternalName : MSIMN
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSIMN.EXE

#:68 [netscp.exe]
ModuleName : C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
Command Line : C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE -url "http://www.mercola.c...ar_dangers.htm"
ProcessID : 572
ThreadCreationTime : 5-6-2005 10:04:32 PM
BasePriority : Normal


Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
42 entries scanned.
New critical objects:0
Objects found so far: 0


5:23:51 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:49.297
Objects scanned:189959
Objects identified:0
Objects ignored:0
New critical objects:0

Edited by chosenKarina, 06 May 2005 - 04:38 PM.

  • 0

#4
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Are you still having problems?
  • 0

#5
Rawe

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
42 entries scanned.


If your system is running a program which changes the hosts file or you have added listings to the hosts file, then there is no need to check further. Otherwise, download the "Host file viewer" by Option^Explicit. It is a 65K program which will allow you to find/view/open/read/edit/restore to default settings your hosts file. Instructions are on the display screen of the program. Select the option to restore to default settings.
http://members.acces...sFileReader.zip

- Rawe :tazz:

(When restored, reboot, rescan with "Full system scan", and post a fresh log..)
  • 0

#6
chosenKarina

chosenKarina

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I cleaned my hosts file with the HostsFileReader.zip file. I reset the hosts file and run the ad-aware software again. The hosts file was full of website names using 127.0.0.1. I still have problems with display properties, I can't bring up the display properties of two users in my computer. The other 2 users are fine. When I switch from one user to another I see an error flash about Trojan.spy.html Smith? It is very hard to read, because it goes away really fast. When I run MS Antispyware it catches some trojan virus which it gets deleted, but somehow it keeps coming back. Any help will be appreciated it.

Ad-Aware SE Build 1.05
Logfile Created on:Monday, May 09, 2005 9:32:45 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663

5-9-2005 9:31:09 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 51
File location : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


5-9-2005 9:32:40 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:23 %
Total physical memory:458220 kb
Available physical memory:105044 kb
Total page file size:1084292 kb
Available on page file:754364 kb
Total virtual memory:2097024 kb
Available virtual memory:2046420 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-9-2005 9:32:45 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 580
ThreadCreationTime : 5-10-2005 2:16:01 AM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 644
ThreadCreationTime : 5-10-2005 2:16:03 AM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 668
ThreadCreationTime : 5-10-2005 2:16:04 AM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 712
ThreadCreationTime : 5-10-2005 2:16:06 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 724
ThreadCreationTime : 5-10-2005 2:16:06 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 904
ThreadCreationTime : 5-10-2005 2:16:07 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 940
ThreadCreationTime : 5-10-2005 2:16:08 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1040
ThreadCreationTime : 5-10-2005 2:16:08 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1064
ThreadCreationTime : 5-10-2005 2:16:09 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : n/a
ProcessID : 1116
ThreadCreationTime : 5-10-2005 2:16:09 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : n/a
ProcessID : 1196
ThreadCreationTime : 5-10-2005 2:16:10 AM
BasePriority : Normal
FileVersion : 5.4.0.110
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:12 [spbbcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Command Line : n/a
ProcessID : 1228
ThreadCreationTime : 5-10-2005 2:16:11 AM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:13 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : n/a
ProcessID : 1280
ThreadCreationTime : 5-10-2005 2:16:14 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:14 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1472
ThreadCreationTime : 5-10-2005 2:16:15 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
ProcessID : 1568
ThreadCreationTime : 5-10-2005 2:16:15 AM
BasePriority : Normal


#:16 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : n/a
ProcessID : 1644
ThreadCreationTime : 5-10-2005 2:16:15 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:17 [ncupdatesvc.exe]
ModuleName : C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
Command Line : "C:\Program Files\Netscape Internet Service\ncupdatesvc.exe"
ProcessID : 1680
ThreadCreationTime : 5-10-2005 2:16:15 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Netscape Update Service
CompanyName : Netscape Communications Corporation
FileDescription : Netscape Update Service
InternalName : Netscape NT Service
LegalCopyright : Copyright © 2003, 2004 Netscape Communications Corporation. All rights reserved.
LegalTrademarks : Netscape Communications Corporation
OriginalFilename : Netscape Update Service

#:18 [npfmntor.exe]
ModuleName : C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
Command Line : n/a
ProcessID : 1732
ThreadCreationTime : 5-10-2005 2:16:16 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:19 [nprotect.exe]
ModuleName : C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
Command Line : "C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE"
ProcessID : 1756
ThreadCreationTime : 5-10-2005 2:16:16 AM
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright © 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE

#:20 [nsengine.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe"
ProcessID : 1792
ThreadCreationTime : 5-10-2005 2:16:17 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NsEngine Module
FileDescription : NsEngine Module
InternalName : NsEngine
LegalCopyright : Copyright 2002
OriginalFilename : NsEngine.EXE

#:21 [slserv.exe]
ModuleName : C:\WINDOWS\system32\slserv.exe
Command Line : slserv.exe
ProcessID : 1852
ThreadCreationTime : 5-10-2005 2:16:18 AM
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:22 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1872
ThreadCreationTime : 5-10-2005 2:16:18 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:23 [symlcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Command Line : n/a
ProcessID : 1884
ThreadCreationTime : 5-10-2005 2:16:18 AM
BasePriority : Normal
FileVersion : 1, 8, 54, 419
ProductVersion : 1, 8, 54, 419
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:24 [tsircsrv.exe]
ModuleName : C:\WINDOWS\System32\TSIRCSRV.EXE
Command Line : C:\WINDOWS\System32\TSIRCSRV.EXE
ProcessID : 1980
ThreadCreationTime : 5-10-2005 2:16:19 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCSRV
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCSRV.EXE

#:25 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 2020
ThreadCreationTime : 5-10-2005 2:16:20 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:26 [tsircusr.exe]
ModuleName : C:\WINDOWS\TSI32\tsircusr.exe
Command Line : C:\WINDOWS\TSI32\tsircusr.exe
ProcessID : 440
ThreadCreationTime : 5-10-2005 2:16:22 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCUSR
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCUSR.EXE

#:27 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 480
ThreadCreationTime : 5-10-2005 2:16:22 AM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:28 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe"
ProcessID : 1000
ThreadCreationTime : 5-10-2005 2:16:29 AM
BasePriority : Normal
FileVersion : 4.7.2010
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:29 [msole32.exe]
ModuleName : C:\WINDOWS\System32\msole32.exe
Command Line : "C:\WINDOWS\System32\msole32.exe"
ProcessID : 984
ThreadCreationTime : 5-10-2005 2:16:31 AM
BasePriority : Normal


#:30 [popuper.exe]
ModuleName : C:\WINDOWS\popuper.exe
Command Line : "C:\WINDOWS\popuper.exe"
ProcessID : 1100
ThreadCreationTime : 5-10-2005 2:16:31 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 217
ProductVersion : 1, 0, 0, 217
ProductName : Popuper Application
FileDescription : Popuper Application
InternalName : Popuper
LegalCopyright : Copyright © 2005
OriginalFilename : Popuper.exe

#:31 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 1076
ThreadCreationTime : 5-10-2005 2:16:31 AM
BasePriority : Normal
FileVersion : 5.1.0.24
ProductVersion : 5.1.0.24
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:32 [vttimer.exe]
ModuleName : C:\WINDOWS\System32\VTTimer.exe
Command Line : "C:\WINDOWS\System32\VTTimer.exe"
ProcessID : 860
ThreadCreationTime : 5-10-2005 2:16:31 AM
BasePriority : Normal
FileVersion : 1.04.01-0526
ProductVersion : 1.04.01-0526
ProductName : S3 Graphics, Inc. Utilities
CompanyName : S3 Graphics, Inc.
InternalName : S3Timer
LegalCopyright : Copyright © 2001-2004 S3 Graphics, Inc.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated

#:33 [intmonp.exe]
ModuleName : C:\WINDOWS\System32\intmonp.exe
Command Line : intmonp.exe
ProcessID : 1548
ThreadCreationTime : 5-10-2005 2:16:31 AM
BasePriority : Normal


#:34 [vttrayp.exe]
ModuleName : C:\WINDOWS\System32\VTtrayp.exe
Command Line : "C:\WINDOWS\System32\VTtrayp.exe"
ProcessID : 1628
ThreadCreationTime : 5-10-2005 2:16:31 AM
BasePriority : Normal
FileVersion : 2.00.22-0607
ProductVersion : 2.00.22-0607
ProductName : Part of S3 Screen Toys
CompanyName : S3 Graphics Co., Ltd.
FileDescription : s3contrl
InternalName : s3contrl
LegalCopyright : Copyright © 2004 S3 Graphics Co., Ltd.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated
Comments : S3TrayPlus tray icon utility

#:35 [winampa.exe]
ModuleName : C:\Program Files\Winamp3\winampa.exe
Command Line : "C:\Program Files\Winamp3\winampa.exe"
ProcessID : 1672
ThreadCreationTime : 5-10-2005 2:16:31 AM
BasePriority : Normal


#:36 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 1844
ThreadCreationTime : 5-10-2005 2:16:32 AM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:37 [realplay.exe]
ModuleName : C:\Program Files\Real\RealPlayer\RealPlay.exe
Command Line : "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
ProcessID : 1848
ThreadCreationTime : 5-10-2005 2:16:33 AM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:38 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1944
ThreadCreationTime : 5-10-2005 2:16:33 AM
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:39 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 2060
ThreadCreationTime : 5-10-2005 2:16:34 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 78
ProductVersion : 1, 0, 0, 78
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:40 [shicoxp.exe]
ModuleName : C:\WINDOWS\shicoxp.exe
Command Line : "C:\WINDOWS\shicoxp.exe"
ProcessID : 2068
ThreadCreationTime : 5-10-2005 2:16:35 AM
BasePriority : Normal


#:41 [calcheck.exe]
ModuleName : C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe
Command Line : "C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe"
ProcessID : 2088
ThreadCreationTime : 5-10-2005 2:16:36 AM
BasePriority : Normal
FileVersion : 2,0,0,0
ProductVersion : 2, 0, 0, 0
ProductName : Ulead Photo Express My Scrapbook Edition
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright © 1992-2003. Ulead Systems, Inc. All rights reserved.
LegalTrademarks : Ulead Systems and Photo Express My Scrapbook Edition are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:42 [llsched.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE"
ProcessID : 2100
ThreadCreationTime : 5-10-2005 2:16:38 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSched
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSched.EXE

#:43 [llscheng.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE" -Embedding
ProcessID : 2124
ThreadCreationTime : 5-10-2005 2:16:40 AM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSchEng
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSchEng.exe

#:44 [nbkctrl.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe"
ProcessID : 2156
ThreadCreationTime : 5-10-2005 2:16:40 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 1
ProductName : NovaStor Backup Service
FileDescription : NovaStor Backup Service User Interface
InternalName : NbkCtrl
LegalCopyright : Copyright © 2003 NovaStor Corp.
OriginalFilename : NbkCtrl.EXE

#:45 [atari icon.exe]
ModuleName : C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Atari icon.exe
Command Line : "C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Atari icon.exe"
ProcessID : 2220
ThreadCreationTime : 5-10-2005 2:16:41 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Atari Arcade Hits 2
CompanyName : Infogrames
FileDescription : Atari Arcade Icon
InternalName : Arcade
LegalCopyright : Copyright © 2001 Infogrames
OriginalFilename : Atari icon.exe
Comments : Developed by Digital Eclipse Software, Inc.

#:46 [lxbxmon.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\lxbxmon.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
ProcessID : 2392
ThreadCreationTime : 5-10-2005 2:16:47 AM
BasePriority : Normal
FileVersion : 1.194.0.0
ProductVersion : 1.194.0.0
ProductName : Lexmark 7100 Series Device Monitor
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 7100 Series Device Monitor
InternalName : lxbxmon.exe
LegalCopyright : © 2002 Lexmark International, Inc.
OriginalFilename : lxbxmon.exe

#:47 [ezprint.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\ezprint.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\ezprint.exe"
ProcessID : 2444
ThreadCreationTime : 5-10-2005 2:16:50 AM
BasePriority : Normal


#:48 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : ctfmon.exe
ProcessID : 2548
ThreadCreationTime : 5-10-2005 2:16:54 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:49 [schsvr.exe]
ModuleName : C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
Command Line : "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
ProcessID : 2600
ThreadCreationTime : 5-10-2005 2:16:58 AM
BasePriority : Normal
FileVersion : 3.0.79.246
ProductVersion : 3.0.79.246
ProductName : InterVideo® WinDVR
CompanyName : InterVideo Inc.
FileDescription : InterVideo Schedule Server
InternalName : SchSvr
LegalCopyright : Copyright © 2000-2002 InterVideo Inc.
OriginalFilename : SchSvr.EXE

#:50 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : n/a
ProcessID : 2756
ThreadCreationTime : 5-10-2005 2:17:02 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:51 [gcasserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
ProcessID : 2916
ThreadCreationTime : 5-10-2005 2:17:09 AM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:52 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
ProcessID : 3076
ThreadCreationTime : 5-10-2005 2:17:14 AM
BasePriority : Normal
FileVersion : 6,0,0,1922
ProductVersion : 6,0,0,1922
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2005
OriginalFilename : YPager.exe

#:53 [gcasdtserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe"
ProcessID : 3240
ThreadCreationTime : 5-10-2005 2:17:24 AM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:54 [wincinemamgr.exe]
ModuleName : C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Command Line : "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
ProcessID : 3424
ThreadCreationTime : 5-10-2005 2:17:29 AM
BasePriority : Normal
FileVersion : 1.7.1
ProductVersion : 1, 7, 1, 0
ProductName : WinCinema Manager for InterVideo WinCinema products
CompanyName : InterVideo Inc.
FileDescription : WinCinema Manager
InternalName : WinCinema Manager
LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved.
OriginalFilename : WinCinemaMgr.EXE

#:55 [lxbxcoms.exe]
ModuleName : C:\WINDOWS\System32\lxbxcoms.exe
Command Line : C:\WINDOWS\System32\lxbxcoms.exe -service
ProcessID : 3568
ThreadCreationTime : 5-10-2005 2:17:32 AM
BasePriority : High
FileVersion : 1.101.36.0
ProductVersion : 1.101.36.0
ProductName : Lexmark Communication System
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark Communication System
InternalName : LXBXcoms.exe
LegalCopyright : © Lexmark International, Inc. 2001-2004
OriginalFilename : LXBXcoms.exe

#:56 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 3736
ThreadCreationTime : 5-10-2005 2:17:34 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:57 [aoltray.exe]
ModuleName : C:\Program Files\America Online 9.0\aoltray.exe
Command Line : "C:\Program Files\America Online 9.0\aoltray.exe" -check
ProcessID : 3748
ThreadCreationTime : 5-10-2005 2:17:36 AM
BasePriority : Normal
FileVersion : 9.00.001
ProductVersion : 9.00.001
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright © America Online, Inc. 1999 - 2004

#:58 [minimavis.exe]
ModuleName : C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe
Command Line : "C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe" main
ProcessID : 3968
ThreadCreationTime : 5-10-2005 2:17:49 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : Mavis Beacon Personal Coach v 2.0
CompanyName : TLC Education Properties LLC
FileDescription : Mavis Beacon Personal Coach v 2.0
InternalName : MINIMAVIS
LegalCopyright : Copyright © 2001 TLC Education Properties LLC
OriginalFilename : MiniMavis.exe

#:59 [dad11.exe]
ModuleName : C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe
Command Line : "C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe"
ProcessID : 176
ThreadCreationTime : 5-10-2005 2:17:56 AM
BasePriority : Normal
FileVersion : 11.0.0.321
ProductVersion : 11.0.0.321
ProductName : Desktop Application Director 11
CompanyName : Corel Corporation Limited
FileDescription : Desktop Application Director 11
InternalName : Dad11
LegalCopyright : Copyright 2001 - 2003. Corel Corporation. All rights reserved.
LegalTrademarks : WordPerfect ® Office 2002
OriginalFilename : Dad11.exe

#:60 [pvremote.exe]
ModuleName : C:\Program Files\M4800\PVRemote.exe
Command Line : "C:\Program Files\M4800\PVRemote.exe"
ProcessID : 1832
ThreadCreationTime : 5-10-2005 2:17:57 AM
BasePriority : Normal


#:61 [mpbtn.exe]
ModuleName : C:\Program Files\Digital Lifeline\bin\mpbtn.exe
Command Line : "C:\Program Files\Digital Lifeline\bin\mpbtn.exe" -boot
ProcessID : 728
ThreadCreationTime : 5-10-2005 2:18:00 AM
BasePriority : Normal
FileVersion : 4.03.01.1.20010830_170344
ProductVersion : 4.03.01.1
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : Motive Support Client
LegalCopyright : Copyright © Motive Communications, Inc. 1998-2001
OriginalFilename : mpbtn

#:62 [osa.exe]
ModuleName : C:\Program Files\Microsoft Office\Office\OSA.EXE
Command Line : "C:\Program Files\Microsoft Office\Office\OSA.EXE" -b
ProcessID : 2084
ThreadCreationTime : 5-10-2005 2:18:05 AM
BasePriority : Normal


#:63 [web_accel.exe]
ModuleName : C:\Program Files\ISP.COM High Speed\web_accel.exe
Command Line : "C:\Program Files\ISP.COM High Speed\web_accel.exe"
ProcessID : 1340
ThreadCreationTime : 5-10-2005 2:18:08 AM
BasePriority : Normal
FileVersion : 3.2.12
ProductVersion : 3.2.12

#:64 [soffice.exe]
ModuleName : C:\Program Files\OpenOffice.org1.0\program\soffice.exe
Command Line : "C:\Program Files\OpenOffice.org1.0\program\soffice.exe" -quickstart
ProcessID : 2288
ThreadCreationTime : 5-10-2005 2:18:10 AM
BasePriority : Normal
FileVersion : 6.00.7663
ProductVersion : 6.00.7663
CompanyName : Sun Microsystems, Inc.
FileDescription : OpenOffice.org 1.0
InternalName : SOFFICE
LegalCopyright : Copyright © 2000 by Sun Microsystems, Inc.
OriginalFilename : SOFFICE.EXE

#:65 [dialer.exe]
ModuleName : C:\Program Files\ISP.COM Internet Services\dialer.exe
Command Line : "C:\Program Files\ISP.COM Internet Services\dialer.exe" dial
ProcessID : 2428
ThreadCreationTime : 5-10-2005 2:23:38 AM
BasePriority : Normal
FileVersion : 3.0.3.1
ProductVersion : 3.03
ProductName : ISPWizard Dialer - Internet Setup Program Wizard Dialer
CompanyName : ISPWizard
FileDescription : ISPWizard Dialer
LegalCopyright : Copyright 2000-2004 Mark Griffiths
Comments : http://www.ispwizard.com

#:66 [slrundll.exe]
ModuleName : C:\WINDOWS\slrundll.exe
Command Line : slrundll.exe SLGen.dll,SLRunServ SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000
ProcessID : 2508
ThreadCreationTime : 5-10-2005 2:23:42 AM
BasePriority : Normal


#:67 [netscp.exe]
ModuleName : C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
Command Line : C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
ProcessID : 1272
ThreadCreationTime : 5-10-2005 2:24:17 AM
BasePriority : Normal


#:68 [ad-aware.exe]
ModuleName : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3200
ThreadCreationTime : 5-10-2005 2:30:55 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : karina@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:karina@tribalfusion.com/
Expires : 12-31-2037 7:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 1




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1

9:43:51 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:11:05.157
Objects scanned:193601
Objects identified:1
Objects ignored:0
New critical objects:1
  • 0

#7
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Are you still having problems?
  • 0

#8
chosenKarina

chosenKarina

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Andy, I still have problems! Here is a list of them:
1. The display properties has only one tab, then the desktop stays gray and can't be changed, because it doesn't show the other tabs when you right click on the screen.
2. There is pop-ops adds that show up every so often
3. The yellow triangle with the exclamation on the tray keeps telling bogus messages to make me click on it, when I do adverstisement about virus removal software and others come up.
4. When I switch between users I get a blue screen that tells me I have a Trojan.spy.htm.smit.c virus. I have run norton antivirus and Microsoft spyware beta version and aol antivirus software. Microsofts spyware has removed this virus, but it keeps coming back. I don't how it gets back in.

The only reason I keep posting the ad-aware log is because I am tryintg to follow your rules .... Can you please tell me if you see anything abnormal in my ad-aware log, if not I would like to post my highjackthis log and have it analyzed. It has been a week since I started trying to get this log analyzed.

thanks,

Karina
  • 0

#9
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Please read these instructions carefully and print them out! Be sure to follow ALL instructions!

Go to Start > Control Panel > Add or Remove Programs and remove the following programs, if found:

Security IGuard
Virtual Maid
Search Maid


Exit Add/Remove Programs.

*IMPORTANT*CLICK THIS LINK TO LEARN HOW TO VIEW HIDDEN FILES

Press CTRL ALT DELETE to open Windows Task Manger. Click on the Processes tab and end the following processes:

List any files going to be deleted that are running

Exit Task Manager.

I need you to copy all of the Killbox instructions below and paste them into Notepad and save it for use while in Safe Mode.

* Please download the Killbox by Option^Explicit. *In the event you already have Killbox, this is a new version that I need you to download.
Unzip it to the desktop but do NOT run it yet.

* Please reboot into Safe Mode by restarting your computer and tapping F8 continuously as your computer is booting up until a menu appears. use your up arrow key to highlight "Safe Mode", then hit enter

* Once in Safe Mode, please run Killbox.

* Select "Delete on Reboot".

* Open the Notepad file where you saved these instructions earlier, and copy the file names below to the clipboard by highlighting them and pressing CTRL + C:

C:\wp.exe
C:\wp.bmp
C:\Windows\sites.ini
C:\Windows\popuper.exe
C:\WINDOWS\System32\wldr.dll
C:\Windows\System32\helper.exe
C:\Windows\System32\intmonp.exe
C:\Windows\System32\msmsgs.exe
C:\Windows\System32\ole32vbs.exe
C:\Windows\system32\msole32.exe


* Return to Killbox, go to the File menu, and choose "Paste from Clipboard".

* Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

If your computer does not restart automatically, please restart it manually. While your computer is restarting, tap the F8 key continually until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter. Yes, we need you to go back into Safe Mode!

Make sure you can view hidden files.

Using Windows Explorer, delete the following (please do NOT try to find them by "search" because they will not show up that way)

FOLDERS to delete (in bold) if found:

C:\Program Files\Search Maid
C:\Program Files\Virtual Maid
C:\Windows\System32\Log Files
C:\Program Files\Security IGuard

Reboot into normal mode.

*Download and install Registrar Lite version 2.00
*Double click the purple Registrar Lite icon on your desktop.
*Copy the line below and paste it into the "Address" field (located at the top) of the program:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

*Click the "Go" button.
*It will take you into the "Policies" folder.
*Locate the "System" folder (in the right panel)
*If found, right-click on the System folder and go to Delete
*Be very careful that you only delete the System folder that is inside the Policies folder.

Reboot your computer again.

1.) Download the Hoster from HERE Press "Restore Original Hosts" and press "OK". Exit Program.

2.) Download: http://www.mvps.org/winhelp2002/DelDomains.inf
To use: right-click and select: Install (no need to restart)
Note: This will remove all entries in the "Trusted Zone" and "Ranges" also.

3.) Download, install, and run CleanUp!

4.) Run this online virus scan: ActiveScan - Save the results from the scan!

Post a new Ad-aware SE Logfile.
  • 0

#10
chosenKarina

chosenKarina

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
thanks for the reply. I will try it tonight. Unfortunately since my last post I have lost my ability to access the internet. I am not certain what happened the only thing I can think of is that the virus scan that comes with AOL 9, runned and found 4 things., to wich I replied to quarentine. When the computer booted last I got winsock initiialization failed and all programs that were trying to use it failed. So, I unquaretined 800dialer or something like that that aol had quarentined and rebooted. The computer reboted fine, no winsock failures, but the modems makes the connection to my isp and I get "it can not find the provider". IE just displays the normal not found page. I tried my aol provider as well and it also tells me that it couldn't finish making the connection. It suggested to make sure the firewall was not blocking their executables. I looked all over for a firewall iin control panel and help and I had no luck. I disabled norton antivirus and microsoft spyware, just to make sure they weren't blocking me from accessing the internet. No change. Can a spyware like 800dialer mess up my connection that badly? Any suggestions I can try? I will follow your instructions but I won't be able to do the following to access the DelDomains.inf and the online virus scan. The other things I was able to download at work and can do at home.

thanks for your help...
  • 0

Advertisements


#11
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Please try WinsockFix to fix your internet connection.

http://www.downloads.../WinsockFix.zip

Keep us updated
  • 0

#12
chosenKarina

chosenKarina

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Thank you so much the WinsockFix worked like a charm. I followed your instructions and everything worked well, except the activescan. It took a long time and it seemed to hang. I tried it again the next day and the site had problems, so here is my newest ad-aware log.
I still have the following problems:
The desktop page says Danger: spyware in a red background with a black middle square. The display properties for the desktop are gone. They don't come up when I right click on it.
Otherwise the yellow triangle is gone.... Is there a way to fix my desktop display properties?

thanks for your help.



Ad-Aware SE Build 1.05
Logfile Created on:Friday, May 13, 2005 1:25:20 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 51
File location : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:25 %
Total physical memory:458220 kb
Available physical memory:112652 kb
Total page file size:1084292 kb
Available on page file:749644 kb
Total virtual memory:2097024 kb
Available virtual memory:2047084 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-13-2005 1:25:20 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 392
ThreadCreationTime : 5-13-2005 5:47:22 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 452
ThreadCreationTime : 5-13-2005 5:47:25 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 476
ThreadCreationTime : 5-13-2005 5:47:26 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 524
ThreadCreationTime : 5-13-2005 5:47:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 536
ThreadCreationTime : 5-13-2005 5:47:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 712
ThreadCreationTime : 5-13-2005 5:47:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 736
ThreadCreationTime : 5-13-2005 5:47:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 820
ThreadCreationTime : 5-13-2005 5:47:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 844
ThreadCreationTime : 5-13-2005 5:47:31 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : n/a
ProcessID : 888
ThreadCreationTime : 5-13-2005 5:47:31 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : n/a
ProcessID : 916
ThreadCreationTime : 5-13-2005 5:47:31 PM
BasePriority : Normal
FileVersion : 5.4.0.110
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:12 [spbbcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Command Line : n/a
ProcessID : 968
ThreadCreationTime : 5-13-2005 5:47:33 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:13 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : n/a
ProcessID : 1068
ThreadCreationTime : 5-13-2005 5:47:35 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:14 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1216
ThreadCreationTime : 5-13-2005 5:47:37 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
ProcessID : 1320
ThreadCreationTime : 5-13-2005 5:47:37 PM
BasePriority : Normal


#:16 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : n/a
ProcessID : 1396
ThreadCreationTime : 5-13-2005 5:47:37 PM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:17 [ncupdatesvc.exe]
ModuleName : C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
Command Line : "C:\Program Files\Netscape Internet Service\ncupdatesvc.exe"
ProcessID : 1448
ThreadCreationTime : 5-13-2005 5:47:38 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Netscape Update Service
CompanyName : Netscape Communications Corporation
FileDescription : Netscape Update Service
InternalName : Netscape NT Service
LegalCopyright : Copyright © 2003, 2004 Netscape Communications Corporation. All rights reserved.
LegalTrademarks : Netscape Communications Corporation
OriginalFilename : Netscape Update Service

#:18 [npfmntor.exe]
ModuleName : C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
Command Line : n/a
ProcessID : 1488
ThreadCreationTime : 5-13-2005 5:47:38 PM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:19 [nprotect.exe]
ModuleName : C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
Command Line : "C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE"
ProcessID : 1504
ThreadCreationTime : 5-13-2005 5:47:38 PM
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright © 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE

#:20 [nsengine.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe"
ProcessID : 1560
ThreadCreationTime : 5-13-2005 5:47:39 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NsEngine Module
FileDescription : NsEngine Module
InternalName : NsEngine
LegalCopyright : Copyright 2002
OriginalFilename : NsEngine.EXE

#:21 [slserv.exe]
ModuleName : C:\WINDOWS\system32\slserv.exe
Command Line : slserv.exe
ProcessID : 1600
ThreadCreationTime : 5-13-2005 5:47:41 PM
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:22 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1628
ThreadCreationTime : 5-13-2005 5:47:41 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:23 [symlcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Command Line : n/a
ProcessID : 1640
ThreadCreationTime : 5-13-2005 5:47:41 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 419
ProductVersion : 1, 8, 54, 419
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:24 [tsircsrv.exe]
ModuleName : C:\WINDOWS\System32\TSIRCSRV.EXE
Command Line : C:\WINDOWS\System32\TSIRCSRV.EXE
ProcessID : 1736
ThreadCreationTime : 5-13-2005 5:47:42 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCSRV
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCSRV.EXE

#:25 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1756
ThreadCreationTime : 5-13-2005 5:47:43 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:26 [tsircusr.exe]
ModuleName : C:\WINDOWS\TSI32\tsircusr.exe
Command Line : C:\WINDOWS\TSI32\tsircusr.exe
ProcessID : 364
ThreadCreationTime : 5-13-2005 5:47:46 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCUSR
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCUSR.EXE

#:27 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 204
ThreadCreationTime : 5-13-2005 5:47:46 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:28 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 1796
ThreadCreationTime : 5-13-2005 5:47:54 PM
BasePriority : Normal
FileVersion : 5.1.0.24
ProductVersion : 5.1.0.24
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:29 [vttimer.exe]
ModuleName : C:\WINDOWS\System32\VTTimer.exe
Command Line : "C:\WINDOWS\System32\VTTimer.exe"
ProcessID : 1876
ThreadCreationTime : 5-13-2005 5:47:55 PM
BasePriority : Normal
FileVersion : 1.04.01-0526
ProductVersion : 1.04.01-0526
ProductName : S3 Graphics, Inc. Utilities
CompanyName : S3 Graphics, Inc.
InternalName : S3Timer
LegalCopyright : Copyright © 2001-2004 S3 Graphics, Inc.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated

#:30 [vttrayp.exe]
ModuleName : C:\WINDOWS\System32\VTtrayp.exe
Command Line : "C:\WINDOWS\System32\VTtrayp.exe"
ProcessID : 1964
ThreadCreationTime : 5-13-2005 5:47:55 PM
BasePriority : Normal
FileVersion : 2.00.22-0607
ProductVersion : 2.00.22-0607
ProductName : Part of S3 Screen Toys
CompanyName : S3 Graphics Co., Ltd.
FileDescription : s3contrl
InternalName : s3contrl
LegalCopyright : Copyright © 2004 S3 Graphics Co., Ltd.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated
Comments : S3TrayPlus tray icon utility

#:31 [winampa.exe]
ModuleName : C:\Program Files\Winamp3\winampa.exe
Command Line : "C:\Program Files\Winamp3\winampa.exe"
ProcessID : 1980
ThreadCreationTime : 5-13-2005 5:47:55 PM
BasePriority : Normal


#:32 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 2000
ThreadCreationTime : 5-13-2005 5:47:57 PM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:33 [realplay.exe]
ModuleName : C:\Program Files\Real\RealPlayer\RealPlay.exe
Command Line : "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
ProcessID : 2072
ThreadCreationTime : 5-13-2005 5:48:00 PM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:34 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : ctfmon.exe
ProcessID : 2096
ThreadCreationTime : 5-13-2005 5:48:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:35 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 2140
ThreadCreationTime : 5-13-2005 5:48:03 PM
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:36 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 2152
ThreadCreationTime : 5-13-2005 5:48:07 PM
BasePriority : Normal
FileVersion : 1, 5, 0, 0
ProductVersion : 1, 5, 0, 0
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:37 [shicoxp.exe]
ModuleName : C:\WINDOWS\shicoxp.exe
Command Line : "C:\WINDOWS\shicoxp.exe"
ProcessID : 2172
ThreadCreationTime : 5-13-2005 5:48:08 PM
BasePriority : Normal


#:38 [calcheck.exe]
ModuleName : C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe
Command Line : "C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe"
ProcessID : 2212
ThreadCreationTime : 5-13-2005 5:48:10 PM
BasePriority : Normal
FileVersion : 2,0,0,0
ProductVersion : 2, 0, 0, 0
ProductName : Ulead Photo Express My Scrapbook Edition
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright © 1992-2003. Ulead Systems, Inc. All rights reserved.
LegalTrademarks : Ulead Systems and Photo Express My Scrapbook Edition are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:39 [llsched.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE"
ProcessID : 2232
ThreadCreationTime : 5-13-2005 5:48:12 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSched
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSched.EXE

#:40 [llscheng.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE" -Embedding
ProcessID : 2264
ThreadCreationTime : 5-13-2005 5:48:13 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSchEng
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSchEng.exe

#:41 [nbkctrl.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe"
ProcessID : 2292
ThreadCreationTime : 5-13-2005 5:48:14 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 1
ProductName : NovaStor Backup Service
FileDescription : NovaStor Backup Service User Interface
InternalName : NbkCtrl
LegalCopyright : Copyright © 2003 NovaStor Corp.
OriginalFilename : NbkCtrl.EXE

#:42 [lxbxmon.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\lxbxmon.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
ProcessID : 2408
ThreadCreationTime : 5-13-2005 5:48:20 PM
BasePriority : Normal
FileVersion : 1.194.0.0
ProductVersion : 1.194.0.0
ProductName : Lexmark 7100 Series Device Monitor
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 7100 Series Device Monitor
InternalName : lxbxmon.exe
LegalCopyright : © 2002 Lexmark International, Inc.
OriginalFilename : lxbxmon.exe

#:43 [ezprint.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\ezprint.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\ezprint.exe"
ProcessID : 2500
ThreadCreationTime : 5-13-2005 5:48:22 PM
BasePriority : Normal


#:44 [schsvr.exe]
ModuleName : C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
Command Line : "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
ProcessID : 2704
ThreadCreationTime : 5-13-2005 5:48:31 PM
BasePriority : Normal
FileVersion : 3.0.79.246
ProductVersion : 3.0.79.246
ProductName : InterVideo® WinDVR
CompanyName : InterVideo Inc.
FileDescription : InterVideo Schedule Server
InternalName : SchSvr
LegalCopyright : Copyright © 2000-2002 InterVideo Inc.
OriginalFilename : SchSvr.EXE

#:45 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : n/a
ProcessID : 2820
ThreadCreationTime : 5-13-2005 5:48:37 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:46 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
ProcessID : 3156
ThreadCreationTime : 5-13-2005 5:48:47 PM
BasePriority : Normal
FileVersion : 6,0,0,1922
ProductVersion : 6,0,0,1922
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2005
OriginalFilename : YPager.exe

#:47 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 3188
ThreadCreationTime : 5-13-2005 5:48:52 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:48 [gcasdtserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe"
ProcessID : 3200
ThreadCreationTime : 5-13-2005 5:48:52 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:49 [wincinemamgr.exe]
ModuleName : C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Command Line : "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
ProcessID : 3340
ThreadCreationTime : 5-13-2005 5:48:59 PM
BasePriority : Normal
FileVersion : 1.7.1
ProductVersion : 1, 7, 1, 0
ProductName : WinCinema Manager for InterVideo WinCinema products
CompanyName : InterVideo Inc.
FileDescription : WinCinema Manager
InternalName : WinCinema Manager
LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved.
OriginalFilename : WinCinemaMgr.EXE

#:50 [lxbxcoms.exe]
ModuleName : C:\WINDOWS\System32\lxbxcoms.exe
Command Line : C:\WINDOWS\System32\lxbxcoms.exe -service
ProcessID : 3524
ThreadCreationTime : 5-13-2005 5:49:10 PM
BasePriority : High
FileVersion : 1.101.36.0
ProductVersion : 1.101.36.0
ProductName : Lexmark Communication System
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark Communication System
InternalName : LXBXcoms.exe
LegalCopyright : © Lexmark International, Inc. 2001-2004
OriginalFilename : LXBXcoms.exe

#:51 [aoltray.exe]
ModuleName : C:\Program Files\America Online 9.0\aoltray.exe
Command Line : "C:\Program Files\America Online 9.0\aoltray.exe" -check
ProcessID : 3620
ThreadCreationTime : 5-13-2005 5:49:10 PM
BasePriority : Normal
FileVersion : 9.00.001
ProductVersion : 9.00.001
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright © America Online, Inc. 1999 - 2004

#:52 [minimavis.exe]
ModuleName : C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe
Command Line : "C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe" main
ProcessID : 3764
ThreadCreationTime : 5-13-2005 5:49:22 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : Mavis Beacon Personal Coach v 2.0
CompanyName : TLC Education Properties LLC
FileDescription : Mavis Beacon Personal Coach v 2.0
InternalName : MINIMAVIS
LegalCopyright : Copyright © 2001 TLC Education Properties LLC
OriginalFilename : MiniMavis.exe

#:53 [dad11.exe]
ModuleName : C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe
Command Line : "C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe"
ProcessID : 3860
ThreadCreationTime : 5-13-2005 5:49:28 PM
BasePriority : Normal
FileVersion : 11.0.0.321
ProductVersion : 11.0.0.321
ProductName : Desktop Application Director 11
CompanyName : Corel Corporation Limited
FileDescription : Desktop Application Director 11
InternalName : Dad11
LegalCopyright : Copyright 2001 - 2003. Corel Corporation. All rights reserved.
LegalTrademarks : WordPerfect ® Office 2002
OriginalFilename : Dad11.exe

#:54 [pvremote.exe]
ModuleName : C:\Program Files\M4800\PVRemote.exe
Command Line : "C:\Program Files\M4800\PVRemote.exe"
ProcessID : 3888
ThreadCreationTime : 5-13-2005 5:49:29 PM
BasePriority : Normal


#:55 [mpbtn.exe]
ModuleName : C:\Program Files\Digital Lifeline\bin\mpbtn.exe
Command Line : "C:\Program Files\Digital Lifeline\bin\mpbtn.exe" -boot
ProcessID : 3916
ThreadCreationTime : 5-13-2005 5:49:30 PM
BasePriority : Normal
FileVersion : 4.03.01.1.20010830_170344
ProductVersion : 4.03.01.1
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : Motive Support Client
LegalCopyright : Copyright © Motive Communications, Inc. 1998-2001
OriginalFilename : mpbtn

#:56 [osa.exe]
ModuleName : C:\Program Files\Microsoft Office\Office\OSA.EXE
Command Line : "C:\Program Files\Microsoft Office\Office\OSA.EXE" -b
ProcessID : 3952
ThreadCreationTime : 5-13-2005 5:49:34 PM
BasePriority : Normal


#:57 [web_accel.exe]
ModuleName : C:\Program Files\ISP.COM High Speed\web_accel.exe
Command Line : "C:\Program Files\ISP.COM High Speed\web_accel.exe"
ProcessID : 300
ThreadCreationTime : 5-13-2005 5:49:37 PM
BasePriority : Normal
FileVersion : 3.2.12
ProductVersion : 3.2.12

#:58 [soffice.exe]
ModuleName : C:\Program Files\OpenOffice.org1.0\program\soffice.exe
Command Line : "C:\Program Files\OpenOffice.org1.0\program\soffice.exe" -quickstart
ProcessID : 264
ThreadCreationTime : 5-13-2005 5:49:40 PM
BasePriority : Normal
FileVersion : 6.00.7663
ProductVersion : 6.00.7663
CompanyName : Sun Microsystems, Inc.
FileDescription : OpenOffice.org 1.0
InternalName : SOFFICE
LegalCopyright : Copyright © 2000 by Sun Microsystems, Inc.
OriginalFilename : SOFFICE.EXE

#:59 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" -Embedding
ProcessID : 3896
ThreadCreationTime : 5-13-2005 5:58:57 PM
BasePriority : Normal
FileVersion : 4.7.2010
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:60 [msimn.exe]
ModuleName : C:\Program Files\Outlook Express\MSIMN.EXE
Command Line : "C:\Program Files\Outlook Express\MSIMN.EXE"
ProcessID : 156
ThreadCreationTime : 5-13-2005 6:00:07 PM
BasePriority : Normal
FileVersion : 6.00.2800.1123
ProductVersion : 6.00.2800.1123
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Outlook Express
InternalName : MSIMN
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSIMN.EXE

#:61 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\iexplore.exe
Command Line : "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
ProcessID : 3724
ThreadCreationTime : 5-13-2005 6:01:16 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:62 [ad-aware.exe]
ModuleName : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3440
ThreadCreationTime : 5-13-2005 6:25:03 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : karina@centrport[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:karina@centrport.net/
Expires : 12-31-2029 7:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : karina@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:karina@tribalfusion.com/
Expires : 12-31-2037 7:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 2




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

1:34:36 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:09:15.672
Objects scanned:172218
Objects identified:2
Objects ignored:0
New critical objects:2
  • 0

#13
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Please could you update your definition file :tazz: A new one released today!
  • 0

#14
chosenKarina

chosenKarina

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Here is the latest scan with the latest definition :tazz: . Thaks for your help.


Ad-Aware SE Build 1.05
Logfile Created on:Saturday, May 14, 2005 4:20:52 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R45 13.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):1 total references
CoolWebSearch(TAC index:10):6 total references
SearchMaid(TAC index:7):2 total references
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 51
File location : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663

5-14-2005 4:16:41 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R45 13.05.2005
Internal build : 53
File location : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\defs.ref
File size : 473168 Bytes
Total size : 1430575 Bytes
Signature data size : 1399518 Bytes
Reference data size : 30545 Bytes
Signatures total : 39932
Fingerprints total : 881
Fingerprints size : 30173 Bytes
Target categories : 15
Target families : 672


5-14-2005 4:18:21 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:12 %
Total physical memory:458220 kb
Available physical memory:51536 kb
Total page file size:1084292 kb
Available on page file:727236 kb
Total virtual memory:2097024 kb
Available virtual memory:2046420 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-14-2005 4:20:52 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 392
ThreadCreationTime : 5-13-2005 5:47:22 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 452
ThreadCreationTime : 5-13-2005 5:47:25 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 476
ThreadCreationTime : 5-13-2005 5:47:26 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 524
ThreadCreationTime : 5-13-2005 5:47:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 536
ThreadCreationTime : 5-13-2005 5:47:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 712
ThreadCreationTime : 5-13-2005 5:47:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 736
ThreadCreationTime : 5-13-2005 5:47:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 820
ThreadCreationTime : 5-13-2005 5:47:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 844
ThreadCreationTime : 5-13-2005 5:47:31 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : n/a
ProcessID : 888
ThreadCreationTime : 5-13-2005 5:47:31 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : n/a
ProcessID : 916
ThreadCreationTime : 5-13-2005 5:47:31 PM
BasePriority : Normal
FileVersion : 5.4.0.110
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:12 [spbbcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Command Line : n/a
ProcessID : 968
ThreadCreationTime : 5-13-2005 5:47:33 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:13 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : n/a
ProcessID : 1068
ThreadCreationTime : 5-13-2005 5:47:35 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:14 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1216
ThreadCreationTime : 5-13-2005 5:47:37 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
ProcessID : 1320
ThreadCreationTime : 5-13-2005 5:47:37 PM
BasePriority : Normal


#:16 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : n/a
ProcessID : 1396
ThreadCreationTime : 5-13-2005 5:47:37 PM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:17 [ncupdatesvc.exe]
ModuleName : C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
Command Line : "C:\Program Files\Netscape Internet Service\ncupdatesvc.exe"
ProcessID : 1448
ThreadCreationTime : 5-13-2005 5:47:38 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Netscape Update Service
CompanyName : Netscape Communications Corporation
FileDescription : Netscape Update Service
InternalName : Netscape NT Service
LegalCopyright : Copyright © 2003, 2004 Netscape Communications Corporation. All rights reserved.
LegalTrademarks : Netscape Communications Corporation
OriginalFilename : Netscape Update Service

#:18 [npfmntor.exe]
ModuleName : C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
Command Line : n/a
ProcessID : 1488
ThreadCreationTime : 5-13-2005 5:47:38 PM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:19 [nprotect.exe]
ModuleName : C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
Command Line : "C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE"
ProcessID : 1504
ThreadCreationTime : 5-13-2005 5:47:38 PM
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright © 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE

#:20 [nsengine.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NSENGINE.exe"
ProcessID : 1560
ThreadCreationTime : 5-13-2005 5:47:39 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NsEngine Module
FileDescription : NsEngine Module
InternalName : NsEngine
LegalCopyright : Copyright 2002
OriginalFilename : NsEngine.EXE

#:21 [slserv.exe]
ModuleName : C:\WINDOWS\system32\slserv.exe
Command Line : slserv.exe
ProcessID : 1600
ThreadCreationTime : 5-13-2005 5:47:41 PM
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:22 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1628
ThreadCreationTime : 5-13-2005 5:47:41 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:23 [symlcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Command Line : n/a
ProcessID : 1640
ThreadCreationTime : 5-13-2005 5:47:41 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 419
ProductVersion : 1, 8, 54, 419
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:24 [tsircsrv.exe]
ModuleName : C:\WINDOWS\System32\TSIRCSRV.EXE
Command Line : C:\WINDOWS\System32\TSIRCSRV.EXE
ProcessID : 1736
ThreadCreationTime : 5-13-2005 5:47:42 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCSRV
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCSRV.EXE

#:25 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1756
ThreadCreationTime : 5-13-2005 5:47:43 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:26 [lxbxcoms.exe]
ModuleName : C:\WINDOWS\System32\lxbxcoms.exe
Command Line : C:\WINDOWS\System32\lxbxcoms.exe -service
ProcessID : 3524
ThreadCreationTime : 5-13-2005 5:49:10 PM
BasePriority : High
FileVersion : 1.101.36.0
ProductVersion : 1.101.36.0
ProductName : Lexmark Communication System
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark Communication System
InternalName : LXBXcoms.exe
LegalCopyright : © Lexmark International, Inc. 2001-2004
OriginalFilename : LXBXcoms.exe

#:27 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 200
ThreadCreationTime : 5-14-2005 7:26:50 PM
BasePriority : Normal


#:28 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 2380
ThreadCreationTime : 5-14-2005 7:26:50 PM
BasePriority : High


#:29 [tsircusr.exe]
ModuleName : C:\WINDOWS\TSI32\tsircusr.exe
Command Line : C:\WINDOWS\TSI32\tsircusr.exe
ProcessID : 3660
ThreadCreationTime : 5-14-2005 7:26:59 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Remote Control Component
InternalName : TSIRCUSR
LegalCopyright : Copyright © 1991-2003, LapLink Inc. All rights reserved.
OriginalFilename : TSIRCUSR.EXE

#:30 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe"
ProcessID : 5848
ThreadCreationTime : 5-14-2005 7:27:00 PM
BasePriority : Normal
FileVersion : 4.7.2010
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:31 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 976
ThreadCreationTime : 5-14-2005 7:27:01 PM
BasePriority : Normal
FileVersion : 5.1.0.24
ProductVersion : 5.1.0.24
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:32 [vttimer.exe]
ModuleName : C:\WINDOWS\System32\VTTimer.exe
Command Line : "C:\WINDOWS\System32\VTTimer.exe"
ProcessID : 4500
ThreadCreationTime : 5-14-2005 7:27:02 PM
BasePriority : Normal
FileVersion : 1.04.01-0526
ProductVersion : 1.04.01-0526
ProductName : S3 Graphics, Inc. Utilities
CompanyName : S3 Graphics, Inc.
InternalName : S3Timer
LegalCopyright : Copyright © 2001-2004 S3 Graphics, Inc.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated

#:33 [vttrayp.exe]
ModuleName : C:\WINDOWS\System32\VTtrayp.exe
Command Line : "C:\WINDOWS\System32\VTtrayp.exe"
ProcessID : 2776
ThreadCreationTime : 5-14-2005 7:27:02 PM
BasePriority : Normal
FileVersion : 2.00.22-0607
ProductVersion : 2.00.22-0607
ProductName : Part of S3 Screen Toys
CompanyName : S3 Graphics Co., Ltd.
FileDescription : s3contrl
InternalName : s3contrl
LegalCopyright : Copyright © 2004 S3 Graphics Co., Ltd.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated
Comments : S3TrayPlus tray icon utility

#:34 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : ctfmon.exe
ProcessID : 4904
ThreadCreationTime : 5-14-2005 7:27:02 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:35 [winampa.exe]
ModuleName : C:\Program Files\Winamp3\winampa.exe
Command Line : "C:\Program Files\Winamp3\winampa.exe"
ProcessID : 3948
ThreadCreationTime : 5-14-2005 7:27:02 PM
BasePriority : Normal


#:36 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 3044
ThreadCreationTime : 5-14-2005 7:27:02 PM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:37 [realplay.exe]
ModuleName : C:\Program Files\Real\RealPlayer\RealPlay.exe
Command Line : "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
ProcessID : 616
ThreadCreationTime : 5-14-2005 7:27:03 PM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:38 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 5208
ThreadCreationTime : 5-14-2005 7:27:03 PM
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:39 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 6108
ThreadCreationTime : 5-14-2005 7:27:04 PM
BasePriority : Normal
FileVersion : 1, 5, 0, 0
ProductVersion : 1, 5, 0, 0
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:40 [shicoxp.exe]
ModuleName : C:\WINDOWS\shicoxp.exe
Command Line : "C:\WINDOWS\shicoxp.exe"
ProcessID : 4864
ThreadCreationTime : 5-14-2005 7:27:05 PM
BasePriority : Normal


#:41 [calcheck.exe]
ModuleName : C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe
Command Line : "C:\Program Files\Ulead Systems\Ulead Photo Express My Scrapbook 2.0\calcheck.exe"
ProcessID : 4528
ThreadCreationTime : 5-14-2005 7:27:06 PM
BasePriority : Normal
FileVersion : 2,0,0,0
ProductVersion : 2, 0, 0, 0
ProductName : Ulead Photo Express My Scrapbook Edition
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright © 1992-2003. Ulead Systems, Inc. All rights reserved.
LegalTrademarks : Ulead Systems and Photo Express My Scrapbook Edition are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:42 [llsched.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHED.EXE"
ProcessID : 4256
ThreadCreationTime : 5-14-2005 7:27:08 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSched
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSched.EXE

#:43 [llscheng.exe]
ModuleName : C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE
Command Line : "C:\Program Files\Common Files\LapLink\Scheduler\LLSCHENG.EXE" -Embedding
ProcessID : 6132
ThreadCreationTime : 5-14-2005 7:27:09 PM
BasePriority : Normal
FileVersion : 14,500,3200,0
ProductVersion : 11,05,32,00
ProductName : LAPLINK GOLD
CompanyName : LapLink, Inc.
FileDescription : Quick Scheduler Component
InternalName : LLSchEng
LegalCopyright : Copyright © 1999-2003, LapLink Inc. All rights reserved.
OriginalFilename : LLSchEng.exe

#:44 [nbkctrl.exe]
ModuleName : C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe
Command Line : "C:\Program Files\NovaStor\NovaBackup\7\NbkCtrl.exe"
ProcessID : 5768
ThreadCreationTime : 5-14-2005 7:27:09 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 1
ProductName : NovaStor Backup Service
FileDescription : NovaStor Backup Service User Interface
InternalName : NbkCtrl
LegalCopyright : Copyright © 2003 NovaStor Corp.
OriginalFilename : NbkCtrl.EXE

#:45 [atari icon.exe]
ModuleName : C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Atari icon.exe
Command Line : "C:\Program Files\Infogrames\Atari Anniversary Edition\Volume 2\Atari icon.exe"
ProcessID : 4536
ThreadCreationTime : 5-14-2005 7:27:10 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Atari Arcade Hits 2
CompanyName : Infogrames
FileDescription : Atari Arcade Icon
InternalName : Arcade
LegalCopyright : Copyright © 2001 Infogrames
OriginalFilename : Atari icon.exe
Comments : Developed by Digital Eclipse Software, Inc.

#:46 [lxbxmon.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\lxbxmon.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
ProcessID : 2428
ThreadCreationTime : 5-14-2005 7:27:11 PM
BasePriority : Normal
FileVersion : 1.194.0.0
ProductVersion : 1.194.0.0
ProductName : Lexmark 7100 Series Device Monitor
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 7100 Series Device Monitor
InternalName : lxbxmon.exe
LegalCopyright : © 2002 Lexmark International, Inc.
OriginalFilename : lxbxmon.exe

#:47 [ezprint.exe]
ModuleName : C:\Program Files\Lexmark 7100 Series\ezprint.exe
Command Line : "C:\Program Files\Lexmark 7100 Series\ezprint.exe"
ProcessID : 5052
ThreadCreationTime : 5-14-2005 7:27:12 PM
BasePriority : Normal


#:48 [schsvr.exe]
ModuleName : C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
Command Line : "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
ProcessID : 336
ThreadCreationTime : 5-14-2005 7:27:14 PM
BasePriority : Normal
FileVersion : 3.0.79.246
ProductVersion : 3.0.79.246
ProductName : InterVideo® WinDVR
CompanyName : InterVideo Inc.
FileDescription : InterVideo Schedule Server
InternalName : SchSvr
LegalCopyright : Copyright © 2000-2002 InterVideo Inc.
OriginalFilename : SchSvr.EXE

#:49 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : n/a
ProcessID : 5028
ThreadCreationTime : 5-14-2005 7:27:16 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:50 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 5876
ThreadCreationTime : 5-14-2005 7:27:20 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:51 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
ProcessID : 3876
ThreadCreationTime : 5-14-2005 7:27:23 PM
BasePriority : Normal
FileVersion : 6,0,0,1922
ProductVersion : 6,0,0,1922
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2005
OriginalFilename : YPager.exe

#:52 [wincinemamgr.exe]
ModuleName : C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Command Line : "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
ProcessID : 6112
ThreadCreationTime : 5-14-2005 7:27:26 PM
BasePriority : Normal
FileVersion : 1.7.1
ProductVersion : 1, 7, 1, 0
ProductName : WinCinema Manager for InterVideo WinCinema products
CompanyName : InterVideo Inc.
FileDescription : WinCinema Manager
InternalName : WinCinema Manager
LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved.
OriginalFilename : WinCinemaMgr.EXE

#:53 [gcasdtserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe"
ProcessID : 1796
ThreadCreationTime : 5-14-2005 7:27:26 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:54 [aoltray.exe]
ModuleName : C:\Program Files\America Online 9.0\aoltray.exe
Command Line : "C:\Program Files\America Online 9.0\aoltray.exe" -check
ProcessID : 220
ThreadCreationTime : 5-14-2005 7:27:28 PM
BasePriority : Normal
FileVersion : 9.00.001
ProductVersion : 9.00.001
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright © America Online, Inc. 1999 - 2004

#:55 [minimavis.exe]
ModuleName : C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe
Command Line : "C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe" main
ProcessID : 3220
ThreadCreationTime : 5-14-2005 7:27:41 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 2, 0, 0, 1
ProductName : Mavis Beacon Personal Coach v 2.0
CompanyName : TLC Education Properties LLC
FileDescription : Mavis Beacon Personal Coach v 2.0
InternalName : MINIMAVIS
LegalCopyright : Copyright © 2001 TLC Education Properties LLC
OriginalFilename : MiniMavis.exe

#:56 [dad11.exe]
ModuleName : C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe
Command Line : "C:\Program Files\WordPerfect Office 11\Programs\DAD11.exe"
ProcessID : 2984
ThreadCreationTime : 5-14-2005 7:27:45 PM
BasePriority : Normal
FileVersion : 11.0.0.321
ProductVersion : 11.0.0.321
ProductName : Desktop Application Director 11
CompanyName : Corel Corporation Limited
FileDescription : Desktop Application Director 11
InternalName : Dad11
LegalCopyright : Copyright 2001 - 2003. Corel Corporation. All rights reserved.
LegalTrademarks : WordPerfect ® Office 2002
OriginalFilename : Dad11.exe

#:57 [pvremote.exe]
ModuleName : C:\Program Files\M4800\PVRemote.exe
Command Line : "C:\Program Files\M4800\PVRemote.exe"
ProcessID : 5704
ThreadCreationTime : 5-14-2005 7:27:46 PM
BasePriority : Normal


#:58 [mpbtn.exe]
ModuleName : C:\Program Files\Digital Lifeline\bin\mpbtn.exe
Command Line : "C:\Program Files\Digital Lifeline\bin\mpbtn.exe" -boot
ProcessID : 3472
ThreadCreationTime : 5-14-2005 7:27:48 PM
BasePriority : Normal
FileVersion : 4.03.01.1.20010830_170344
ProductVersion : 4.03.01.1
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : Motive Support Client
LegalCopyright : Copyright © Motive Communications, Inc. 1998-2001
OriginalFilename : mpbtn

#:59 [osa.exe]
ModuleName : C:\Program Files\Microsoft Office\Office\OSA.EXE
Command Line : "C:\Program Files\Microsoft Office\Office\OSA.EXE" -b
ProcessID : 1244
ThreadCreationTime : 5-14-2005 7:27:51 PM
BasePriority : Normal


#:60 [web_accel.exe]
ModuleName : C:\Program Files\ISP.COM High Speed\web_accel.exe
Command Line : "C:\Program Files\ISP.COM High Speed\web_accel.exe"
ProcessID : 5412
ThreadCreationTime : 5-14-2005 7:27:55 PM
BasePriority : Normal
FileVersion : 3.2.12
ProductVersion : 3.2.12

#:61 [soffice.exe]
ModuleName : C:\Program Files\OpenOffice.org1.0\program\soffice.exe
Command Line : "C:\Program Files\OpenOffice.org1.0\program\soffice.exe" -quickstart
ProcessID : 3624
ThreadCreationTime : 5-14-2005 7:27:57 PM
BasePriority : Normal
FileVersion : 6.00.7663
ProductVersion : 6.00.7663
CompanyName : Sun Microsystems, Inc.
FileDescription : OpenOffice.org 1.0
InternalName : SOFFICE
LegalCopyright : Copyright © 2000 by Sun Microsystems, Inc.
OriginalFilename : SOFFICE.EXE

#:62 [msimn.exe]
ModuleName : C:\Program Files\Outlook Express\MSIMN.EXE
Command Line : "C:\Program Files\Outlook Express\MSIMN.EXE"
ProcessID : 2200
ThreadCreationTime : 5-14-2005 7:28:21 PM
BasePriority : Normal
FileVersion : 6.00.2800.1123
ProductVersion : 6.00.2800.1123
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Outlook Express
InternalName : MSIMN
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSIMN.EXE

#:63 [explorer.exe]
ModuleName : C:\WINDOWS\explorer.exe
Command Line : C:\WINDOWS\explorer.exe
ProcessID : 3780
ThreadCreationTime : 5-14-2005 8:19:15 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:64 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\iexplore.exe
Command Line : "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
ProcessID : 2472
ThreadCreationTime : 5-14-2005 9:13:47 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:65 [dialer.exe]
ModuleName : C:\Program Files\ISP.COM Internet Services\dialer.exe
Command Line : "C:\Program Files\ISP.COM Internet Services\dialer.exe" autodial
ProcessID : 3332
ThreadCreationTime : 5-14-2005 9:13:48 PM
BasePriority : Normal
FileVersion : 3.0.3.1
ProductVersion : 3.03
ProductName : ISPWizard Dialer - Internet Setup Program Wizard Dialer
CompanyName : ISPWizard
FileDescription : ISPWizard Dialer
LegalCopyright : Copyright 2000-2004 Mark Griffiths
Comments : http://www.ispwizard.com

#:66 [slrundll.exe]
ModuleName : C:\WINDOWS\slrundll.exe
Command Line : slrundll.exe SLGen.dll,SLRunServ SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000
ProcessID : 4024
ThreadCreationTime : 5-14-2005 9:13:52 PM
BasePriority : Normal


#:67 [ad-aware.exe]
ModuleName : C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\LAVASOFT\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 5392
ThreadCreationTime : 5-14-2005 9:16:20 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b599c57e-113a-4488-a5e9-bc552c4f1152}

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1d27210e-2da2-41e2-a103-b5fd9d6a798b}

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{145e6fb1-1256-44ed-a336-8bba43373be6}

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{145e6fb1-1256-44ed-a336-8bba43373be6}
Value : InprocServer32

SearchMaid Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1085806099-1110412475-1538417202-1007\software\virtual maid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1085806099-1110412475-1538417202-1007\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 6


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : karina@centrport[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:karina@centrport.net/
Expires : 12-31-2029 7:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : karina@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:karina@tribalfusion.com/
Expires : 12-31-2037 7:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 8



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 8


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 8




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CoolWebSearch Object Recognized!
Type : RegData
Data :
Category : Malware
Comment : PROXY ENABLED - CHECK PROXY SETTINGS - Check this item if you do not use a proxy server - If a proxy server is in use, its settings in your Internet Options need to be verified.
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\internet settings
Value : ProxyEnable
Data :

CoolWebSearch Object Recognized!
Type : File
Data : desktop.html
Category : Malware
Comment :
Object : C:\WINDOWS\



SearchMaid Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\policies\explorer\run
Value : notepad2.exe

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 11

4:30:23 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:09:30.984
Objects scanned:179804
Objects identified:11
Objects ignored:0
New critical objects:11
  • 0

#15
chosenKarina

chosenKarina

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Is there anyone looking at my problem? I would like to get my windows XP operating system back to normal and then put SP2, but until I get the Display properties restored, I don't think is safe for me to put SP2. Can some please help me?

thanks a million
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP