Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Current Logfile[RESOLVED]


  • This topic is locked This topic is locked

#1
ShoalBear

ShoalBear

    Member

  • Member
  • PipPipPip
  • 212 posts
Hello again. Did a full scan and it said I had some issues. Since this log is like Greek to me, I post it here for your expertise interpretation. :tazz:


Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 08, 2005 11:32:59 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BargainBuddy(TAC index:8):2 total references
BlazeFind(TAC index:5):1 total references
BonziBuddy(TAC index:7):3 total references
Elitum.ElitebarBHO(TAC index:5):1 total references
IGetNet(TAC index:8):1 total references
Search Relevancy(TAC index:5):1 total references
WindUpdates(TAC index:8):3 total references
VX2(TAC index:10):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:48 %
Total physical memory:1047272 kb
Available physical memory:502544 kb
Total page file size:2499240 kb
Available on page file:2104320 kb
Total virtual memory:2097024 kb
Available virtual memory:2028640 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-8-2005 11:32:59 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 472
ThreadCreationTime : 5-6-2005 1:18:30 AM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 520
ThreadCreationTime : 5-6-2005 1:18:32 AM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 544
ThreadCreationTime : 5-6-2005 1:18:33 AM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 588
ThreadCreationTime : 5-6-2005 1:18:34 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 608
ThreadCreationTime : 5-6-2005 1:18:34 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 780
ThreadCreationTime : 5-6-2005 1:18:35 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 828
ThreadCreationTime : 5-6-2005 1:18:35 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 896
ThreadCreationTime : 5-6-2005 1:18:35 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 960
ThreadCreationTime : 5-6-2005 1:18:35 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1040
ThreadCreationTime : 5-6-2005 1:18:36 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1208
ThreadCreationTime : 5-6-2005 1:18:36 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [agentsrv.exe]
ModuleName : C:\Program Files\Connected\AgentSrv.EXE
Command Line : "C:\Program Files\Connected\AgentSrv.EXE" -asv
ProcessID : 1336
ThreadCreationTime : 5-6-2005 1:18:44 AM
BasePriority : Idle
FileVersion : 7.1.5.1086
ProductVersion : 7.1.5
ProductName : Connected DataProtector
CompanyName : Connected Corporation
FileDescription : Agent Service Module
InternalName : AgentSrv
LegalCopyright : © 1996-2004 by Connected Corporation
OriginalFilename : AgentSrv.exe

#:13 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
ProcessID : 1360
ThreadCreationTime : 5-6-2005 1:18:44 AM
BasePriority : Normal


#:14 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1380
ThreadCreationTime : 5-6-2005 1:18:44 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:15 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1448
ThreadCreationTime : 5-6-2005 1:18:44 AM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:16 [upssrv.exe]
ModuleName : C:\PowerPanel\upssrv.exe
Command Line : C:\PowerPanel\upssrv.exe
ProcessID : 1480
ThreadCreationTime : 5-6-2005 1:18:45 AM
BasePriority : Normal
FileVersion : 2, 1, 4, 0
ProductVersion : 2, 1, 4, 0
ProductName : Power Panel ( Plus )
CompanyName : Cyber Power System Inc.
FileDescription : UPS Service
InternalName : upssrv.exe
LegalCopyright : Copyright © 2002 Cyber Power System Inc.
LegalTrademarks : CyberPower
OriginalFilename : upssrv.exe

#:17 [upsio.exe]
ModuleName : C:\PowerPanel\upsio.exe
Command Line : 1 0
ProcessID : 1504
ThreadCreationTime : 5-6-2005 1:18:45 AM
BasePriority : Realtime
FileVersion : 2, 1, 4, 0
ProductVersion : 2, 1, 4, 0
ProductName : PowerPanel (Plus)
CompanyName : Cyber Power System Inc.
FileDescription : upsio
InternalName : upsio.exe
LegalCopyright : Copyright © 2002 Cyber Power System Inc.
LegalTrademarks : CyberPower
OriginalFilename : upsio.exe

#:18 [inetinfo.exe]
ModuleName : C:\WINDOWS\system32\inetsrv\inetinfo.exe
Command Line : C:\WINDOWS\system32\inetsrv\inetinfo.exe
ProcessID : 1528
ThreadCreationTime : 5-6-2005 1:18:45 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Internet Information Services
CompanyName : Microsoft Corporation
FileDescription : Internet Information Services
InternalName : INETINFO.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : INETINFO.EXE

#:19 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Command Line : "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
ProcessID : 1584
ThreadCreationTime : 5-6-2005 1:18:45 AM
BasePriority : Normal
FileVersion : 7.10.3077
ProductVersion : 7.10.3077
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright© Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:20 [smagent.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe"
ProcessID : 1648
ThreadCreationTime : 5-6-2005 1:18:45 AM
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe

#:21 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1672
ThreadCreationTime : 5-6-2005 1:18:45 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:22 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1820
ThreadCreationTime : 5-6-2005 1:18:48 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:23 [vsmon.exe]
ModuleName : C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Command Line : n/a
ProcessID : 1880
ThreadCreationTime : 5-6-2005 1:18:48 AM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:24 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 2056
ThreadCreationTime : 5-6-2005 1:18:54 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:25 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 2328
ThreadCreationTime : 5-6-2005 1:18:57 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:26 [smax4pnp.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"
ProcessID : 2556
ThreadCreationTime : 5-6-2005 1:18:59 AM
BasePriority : Normal
FileVersion : 4, 0, 4, 11
ProductVersion : 4, 0, 4, 11
ProductName : SMax4PNP Application
CompanyName : Analog Devices, Inc.
FileDescription : SMax4PNP MFC Application
InternalName : SMax4PNP
LegalCopyright : Copyright © 2002-2003 Analog Devices
OriginalFilename : SMax4PNP.EXE

#:27 [smax4.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\smax4.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
ProcessID : 2564
ThreadCreationTime : 5-6-2005 1:18:59 AM
BasePriority : Normal
FileVersion : 4, 0, 4, 25
ProductVersion : 4, 0, 4, 25
ProductName : SoundMAX Control Panel
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX Control Center
InternalName : SMax4
LegalCopyright : Copyright © 2002-2003, Analog Devices
OriginalFilename : SMax4.EXE

#:28 [gwhotkey.exe]
ModuleName : C:\WINDOWS\GWHotKey.exe
Command Line : "C:\WINDOWS\GWHotKey.exe"
ProcessID : 2612
ThreadCreationTime : 5-6-2005 1:18:59 AM
BasePriority : Normal
FileVersion : 4.4.1
ProductVersion : 4.4.1
ProductName : Gateway Multi-function Keyboard Utility
CompanyName : Tartan Software www.BillP.com
FileDescription : Multi-function Keyboard Utility By Bill Pytlovany
LegalCopyright : Copyright © 1997-1998 Gateway 2000 Inc.
Comments : "You've got a friend in the business"

#:29 [hpztsb06.exe]
ModuleName : C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
Command Line : "C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe"
ProcessID : 2800
ThreadCreationTime : 5-6-2005 1:19:00 AM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002

#:30 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 2880
ThreadCreationTime : 5-6-2005 1:19:00 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:31 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 2892
ThreadCreationTime : 5-6-2005 1:19:00 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:32 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 2924
ThreadCreationTime : 5-6-2005 1:19:01 AM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:33 [em_exec.exe]
ModuleName : C:\Program Files\Logitech\MouseWare\system\em_exec.exe
Command Line : "C:\Program Files\Logitech\MouseWare\system\em_exec.exe"
ProcessID : 2956
ThreadCreationTime : 5-6-2005 1:19:02 AM
BasePriority : Normal
FileVersion : 9.76.046
ProductVersion : 9.76.046
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Logitech Events Handler Application
InternalName : Em_Exec
LegalCopyright : © 1987-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : Em_Exec.exe
Comments : Created by the MouseWare team

#:34 [directcd.exe]
ModuleName : C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
Command Line : "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
ProcessID : 2968
ThreadCreationTime : 5-6-2005 1:19:02 AM
BasePriority : Normal
FileVersion : 5.3.2.34
ProductVersion : 5.3.2.34
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001,2002, Roxio, Inc.
OriginalFilename : Directcd.exe

#:35 [p2p networking.exe]
ModuleName : C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
Command Line : "C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" /AUTOSTART
ProcessID : 2980
ThreadCreationTime : 5-6-2005 1:19:03 AM
BasePriority : Normal
FileVersion : 1, 26, 0, 10
ProductVersion : 1, 26, 0, 10
ProductName : P2P Networking
CompanyName : Joltid Ltd.
FileDescription : P2P Networking
InternalName : P2P Networking
LegalCopyright : Copyright © 2001 - 2004 Joltid Ltd. All Rights Reserved.
LegalTrademarks : Joltid is a registered trademark of Joltid Ltd.
OriginalFilename : P2P Networking.exe

#:36 [zlclient.exe]
ModuleName : C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Command Line : n/a
ProcessID : 3020
ThreadCreationTime : 5-6-2005 1:19:04 AM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:37 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 3044
ThreadCreationTime : 5-6-2005 1:19:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:38 [msnmsgr.exe]
ModuleName : C:\Program Files\MSN Messenger\msnmsgr.exe
Command Line : "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
ProcessID : 3148
ThreadCreationTime : 5-6-2005 1:19:05 AM
BasePriority : Normal
FileVersion : 7.0.0777
ProductVersion : 7.0.0777
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:39 [cbsystray.exe]
ModuleName : C:\Program Files\Connected\CBSysTray.exe
Command Line : "C:\Program Files\Connected\CBSysTray.exe"
ProcessID : 3256
ThreadCreationTime : 5-6-2005 1:19:06 AM
BasePriority : Normal
FileVersion : 7.1.5.1086
ProductVersion : 7.1.5
ProductName : Connected DataProtector
CompanyName : Connected Corporation
FileDescription : Connected DataProtector System Tray
InternalName : CBSysTray
LegalCopyright : © 1996-2004 by Connected Corporation
OriginalFilename : CBSysTray.exe

#:40 [dvzincmsgr.exe]
ModuleName : C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
Command Line : "C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe"
ProcessID : 3264
ThreadCreationTime : 5-6-2005 1:19:06 AM
BasePriority : Normal
FileVersion : 6,0,1,723
ProductVersion : 6,0,1,723
ProductName : Documents To Go
CompanyName : DataViz, Inc.
FileDescription : DataViz Update Checker
InternalName : Web Savvy Agent
LegalCopyright : Copyright © 1998-2004 by DataViz, Inc.
OriginalFilename : WebSavvyAgent.exe
Comments : This component checks for updates of DataViz products.

#:41 [hotsync.exe]
ModuleName : C:\Program Files\Palm\HOTSYNC.EXE
Command Line : "C:\Program Files\Palm\HOTSYNC.EXE"
ProcessID : 3344
ThreadCreationTime : 5-6-2005 1:19:07 AM
BasePriority : Normal
FileVersion : 4.0.4
ProductVersion : 4.1.0
ProductName : HotSync® Manager, Palm Desktop
CompanyName : Palm, Inc.
FileDescription : HotSync® Manager Application
InternalName : HotSync®
LegalCopyright : Copyright © 1995-2001 Palm, Inc.
LegalTrademarks : HotSync® is a registered trademark of Palm, Inc.
OriginalFilename : Hotsync.exe

#:42 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 3736
ThreadCreationTime : 5-6-2005 1:19:27 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:43 [mnybbsvc.exe]
ModuleName : C:\Program Files\Microsoft Money 2005\MNYCoreFiles\mnybbsvc.exe
Command Line : "C:\Program Files\Microsoft Money 2005\MNYCoreFiles\mnybbsvc.exe"
ProcessID : 1276
ThreadCreationTime : 5-6-2005 2:48:22 PM
BasePriority : Normal
FileVersion : 14.00.1105 built by: mnybuild
ProductVersion : 14.00.1105
ProductName : Microsoft® Money
CompanyName : Microsoft® Corporation
FileDescription : Microsoft Money Background Banking Service
InternalName : mnybbsvc
LegalCopyright : Copyright © Microsoft Corp. All rights reserved.
OriginalFilename : mnybbsvc.exe

#:44 [aim.exe]
ModuleName : C:\Program Files\AIM95\aim.exe
Command Line : "C:\Program Files\AIM95\aim.exe"
ProcessID : 1160
ThreadCreationTime : 5-6-2005 9:16:20 PM
BasePriority : Normal
FileVersion : 5.9.3690
ProductVersion : 5.9.3690
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE

#:45 [cinetray.exe]
ModuleName : C:\Program Files\Common Files\Sonic Shared\CineTray.exe
Command Line : "C:\Program Files\Common Files\Sonic Shared\CineTray.exe"
ProcessID : 2024
ThreadCreationTime : 5-6-2005 11:37:25 PM
BasePriority : ?
FileVersion : 2.0.00.0040
ProductVersion : 2.0.00.0000
ProductName : CineTray 2.0
CompanyName : Sonic Solutions
InternalName : CineTray
LegalCopyright : Copyright © 2002 Sonic Solutions
OriginalFilename : CineTray.exe
Comments : Developed by Sonic Solutions Engineering

#:46 [aolsps~1.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSPS~1.EXE
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSPS~1.EXE"
ProcessID : 3504
ThreadCreationTime : 5-7-2005 1:30:22 AM
BasePriority : Normal
FileVersion : 1, 5, 0, 0
ProductVersion : 1, 5, 0, 0
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:47 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -restart
ProcessID : 2644
ThreadCreationTime : 5-8-2005 1:18:44 AM
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:48 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe"
ProcessID : 3792
ThreadCreationTime : 5-8-2005 3:56:57 PM
BasePriority : Normal
FileVersion : 6,0,0,1750
ProductVersion : 6,0,0,1750
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2004
OriginalFilename : YPager.exe

#:49 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3868
ThreadCreationTime : 5-8-2005 4:30:12 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

WindUpdates Object Recognized!
Type : File
Data : A0000478.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\



WindUpdates Object Recognized!
Type : File
Data : A0000479.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\



BonziBuddy Object Recognized!
Type : File
Data : A0000480.EXE
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\



BonziBuddy Object Recognized!
Type : File
Data : A0000481.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\



Search Relevancy Object Recognized!
Type : File
Data : A0000482.EXE
Category : Misc
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\



BlazeFind Object Recognized!
Type : File
Data : A0000483.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\



VX2 Object Recognized!
Type : File
Data : A0000484.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\
FileVersion : 0, 4, 4, 30
ProductVersion : 0, 4, 4, 30
ProductName : localnrd
CompanyName : LocalNRD
FileDescription : www.localnrd.com
InternalName : localnrd
LegalCopyright : Copyright © 2004
OriginalFilename : localnrd.dll
Comments : www.localnrd.com


Elitum.ElitebarBHO Object Recognized!
Type : File
Data : A0000485.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\



IGetNet Object Recognized!
Type : File
Data : A0000486.DLL
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\
FileVersion : 5, 0, 1, 0
ProductVersion : 5, 0, 1, 0
ProductName : iGetNet, LLC - Update_RemoveOld
CompanyName : iGetNet, LLC
FileDescription : Update_RemoveOld
InternalName : Update_RemoveOld
LegalCopyright : Copyright © 2002, 2003
OriginalFilename : Update_RemoveOld.dll


BargainBuddy Object Recognized!
Type : File
Data : A0000487.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Upload Module
CompanyName : eXact Advertising
FileDescription : Upload Module
InternalName : Upload Utility
LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.
OriginalFilename : exul.exe


WindUpdates Object Recognized!
Type : File
Data : A0000488.vxd
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\



BonziBuddy Object Recognized!
Type : File
Data : A0000489.DLL
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : IEHelperMiddleMan Dynamic Link Library
FileDescription : IEHelperMiddleMan DLL
InternalName : IEHelperMiddleMan
LegalCopyright : Copyright © 2000
OriginalFilename : IEHelperMiddleMan.DLL


BargainBuddy Object Recognized!
Type : File
Data : A0000490.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP2\
FileVersion : 2, 0, 0, 16
ProductVersion : 2, 0, 0, 16
ProductName : apuc Module
CompanyName : eXact Advertising
FileDescription : apuc Module
InternalName : apuc
LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.
OriginalFilename : apuc.DLL


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 13




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13

11:46:43 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:13:44.172
Objects scanned:219223
Objects identified:13
Objects ignored:0
New critical objects:13
  • 0

Advertisements


#2
[email protected];<'S

[email protected];<'S

    Member

  • Member
  • PipPipPip
  • 135 posts
ShoalBear,
The items displayed in your log are all in the restore folder.
XP has the capability called System Restore. My advice is to empty the system restore folder and the create a new restore point. To do this
Click Start, and then right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Restart the computer.
All data, including the items and registry entries will be removed from the restore folder.
After restarting the computer, "Re-enable System Restore"
before going any further you need now to create a fresh restore point

Once you have created a new restore point please rescan doing a "Full Scan" and then if need be post your logfile here by using the Add-Reply Feature .

[email protected];<'S :tazz:
  • 0

#3
ShoalBear

ShoalBear

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts
Thanks [email protected];<'s that cleared it all up! You all are Great!!
  • 0

#4
[email protected];<'S

[email protected];<'S

    Member

  • Member
  • PipPipPip
  • 135 posts
ShoalBear,
Your welcome ;)
I Recommend the you do a smartscan Daily and a Full Scan Weekly unless your Smart Scan finds items then I recommend you do a full Scan.
then if need be post a full logfile.
and remember to use the WebUpdate just before you scan.
(there is not always one to download but at least you will always be up to date )

[email protected];<'S :tazz:
  • 0

#5
[email protected];<'S

[email protected];<'S

    Member

  • Member
  • PipPipPip
  • 135 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If your the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP