Scan saved at 1:51:02 PM, on 5/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
HjT logfile Removed Ad-aware log Requested…
numbnuts…
Edited by numbnuts, 08 May 2005 - 12:44 PM.
[Referred]My Log File
Started by
AustinN
, May 08 2005 11:52 AM
#1
Posted 08 May 2005 - 11:52 AM
AustinN
-
- Member
-
- 7 posts
New Member
Scan saved at 1:51:02 PM, on 5/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
HjT logfile Removed Ad-aware log Requested…
numbnuts…
#2
Guest_numbnuts_*
Posted 08 May 2005 - 12:42 PM
Guest_numbnuts_*
Guest_numbnuts_*
-
- Guest
Hello, AustinN Please can you post a logfile
We need to see an Ad-aware log
Can you please follow the instructions in this link and post back in this thread…..
Posting Instructions
http://www.geekstogo...indpost&p=78035
We need to see a complete logfile to be of assistance to you …..
As it will give us an idea what you have on you computer…
Please make sure your using Ad-aware SE 1.05
And have the latest Definition file …
To get the update, please launch Ad-Aware SE and click on the globe icon to access the Web Update feature,
If your need to download SE 1.05 you can get it……..
Here
http://www.download.com
Or
http://www.majorgeek...ownloads31.html
Regards..
numbnuts ……
We need to see an Ad-aware log
Can you please follow the instructions in this link and post back in this thread…..
Posting Instructions
http://www.geekstogo...indpost&p=78035
We need to see a complete logfile to be of assistance to you …..
As it will give us an idea what you have on you computer…
Please make sure your using Ad-aware SE 1.05
And have the latest Definition file …
To get the update, please launch Ad-Aware SE and click on the globe icon to access the Web Update feature,
If your need to download SE 1.05 you can get it……..
Here
http://www.download.com
Or
http://www.majorgeek...ownloads31.html
Regards..
numbnuts ……
#3
Posted 08 May 2005 - 12:53 PM
AustinN
- Topic Starter
-
- Member
-
- 7 posts
New Member
sorry...
Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 08, 2005 2:44:47 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-8-2005 2:44:47 PM - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 664
ThreadCreationTime : 5-8-2005 2:39:16 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 5-8-2005 2:39:18 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 5-8-2005 2:39:20 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 960
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1036
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1076
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1160
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1260
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1516
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1620
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [filedeleter.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 1648
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : FBM Software FileDeleter
CompanyName : FBM Software
FileDescription : FileDeleter
InternalName : FileDeleter
LegalCopyright : Copyright © 2004
OriginalFilename : FileDeleter.exe
#:14 [hpconfig.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1668
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 3, 0, 1, 8
ProductVersion : 3, 0, 1, 8
ProductName : HPConfig Module
CompanyName : Hewlett-Packard
FileDescription : HPConfig Module
InternalName : HPConfig
LegalCopyright : Hewlett-Packard Copyright © 1999-2002
OriginalFilename : HPConfig.EXE
Comments : HP Configuration Interface Service
#:15 [hpwirelessmgr.exe]
FilePath : C:\Program Files\HPQ\Notebook Utilities\
ProcessID : 1680
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 7
ProductVersion : 1, 0, 0, 7
ProductName : HPWirelessMgr Module
CompanyName : Hewlett-Packard Co.
FileDescription : HPWirelessMgr Module
InternalName : HPWirelessMgr
LegalCopyright : Hewlett-Packard Copyright 2002
OriginalFilename : HPWirelessMgr.EXE
Comments : HP Wireless On/Off Button Service
#:16 [kodakccs.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1704
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1.1.5100.4
ProductVersion : 4.4.0.0
ProductName : Kodak DC File System Driver (Win32)
CompanyName : Eastman Kodak Company
FileDescription : Kodak DC Ring 3 Conduit (Win32)
InternalName : KodakCCS.exe
LegalCopyright : Copyright © Eastman Kodak Co. 2000-2004
OriginalFilename : DcFsSvc.exe
#:17 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1800
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1852
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:19 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1940
ThreadCreationTime : 5-8-2005 2:39:29 PM
BasePriority : Normal
FileVersion : 5.4.3.11
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 424
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:21 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 456
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:22 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 496
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:23 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 520
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 478
ProductVersion : 1, 8, 54, 478
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:24 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1968
ThreadCreationTime : 5-8-2005 2:39:35 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:25 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 244
ThreadCreationTime : 5-8-2005 2:39:36 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:26 [zerospyware le.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 628
ThreadCreationTime : 5-8-2005 2:39:42 PM
BasePriority : Normal
FileVersion : 2, 1, 29, 4
ProductVersion : 2, 1, 29, 4
ProductName : FBM Software ZeroSpyware Limited Edition
CompanyName : FBM Software
FileDescription : ZeroSpyware LE
InternalName : ZeroSpyware Lite
LegalCopyright : Copyright © 2004
OriginalFilename : ZeroSpywareLite.exe
#:27 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1748
ThreadCreationTime : 5-8-2005 2:40:04 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:28 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 5-8-2005 2:40:25 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:29 [carpserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2136
ThreadCreationTime : 5-8-2005 2:40:39 PM
BasePriority : Normal
FileVersion : 6.02.05
ProductVersion : 6.02.05
ProductName : SoftK56 Modem Driver
CompanyName : Conexant Systems, Inc.
FileDescription : carpserv
InternalName : carpserv
LegalCopyright : Copyright© Conexant Systems, Inc. 2003
OriginalFilename : carpserv.exe
#:30 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2224
ThreadCreationTime : 5-8-2005 2:40:42 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPLpr.exe
#:31 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2420
ThreadCreationTime : 5-8-2005 2:40:45 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPEnh.exe
#:32 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 2480
ThreadCreationTime : 5-8-2005 2:40:47 PM
BasePriority : Normal
FileVersion : 6.13.10.3022
ProductVersion : 6.13.10.3022
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2001 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:33 [onetouch.exe]
FilePath : C:\Program Files\HPQ\One-Touch\
ProcessID : 2696
ThreadCreationTime : 5-8-2005 2:40:52 PM
BasePriority : Normal
FileVersion : 1.7.1.0
ProductVersion : 1.7.1.0
ProductName : Dritek System Inc. OneTouch 10.03.2003 ( VC60 )
CompanyName : Dritek System Inc.
FileDescription : One-Touch
InternalName : OneTouch
LegalCopyright : Copyright © 2003 Dritek System Inc.
OriginalFilename : OneTouch.exe
#:34 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2720
ThreadCreationTime : 5-8-2005 2:40:53 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:35 [msnappau.exe]
FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\
ProcessID : 2760
ThreadCreationTime : 5-8-2005 2:40:55 PM
BasePriority : Normal
#:36 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 2840
ThreadCreationTime : 5-8-2005 2:40:59 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:37 [hpztsb06.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 2956
ThreadCreationTime : 5-8-2005 2:41:02 PM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002
#:38 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 3012
ThreadCreationTime : 5-8-2005 2:41:06 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:39 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3068
ThreadCreationTime : 5-8-2005 2:41:09 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
#:41 [?srss.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3192
ThreadCreationTime : 5-8-2005 2:41:18 PM
BasePriority : Normal
#:42 [easyshare.exe]
FilePath : C:\Program Files\Kodak\Kodak EasyShare software\bin\
ProcessID : 3560
ThreadCreationTime : 5-8-2005 2:41:37 PM
BasePriority : Normal
FileVersion : 5, 0, 4, 128
ProductVersion : 4, 0, 2, 134
ProductName : Kodak EasyShare software
CompanyName : Eastman Kodak Company
FileDescription : Kodak EasyShare software
InternalName : EasyShare
LegalCopyright : Copyright © Eastman Kodak Company 2002
LegalTrademarks : EasyShare
OriginalFilename : EasyShare.exe
#:43 [kodak software updater.exe]
FilePath : C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\
ProcessID : 3616
ThreadCreationTime : 5-8-2005 2:41:39 PM
BasePriority : Normal
#:44 [mim.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3632
ThreadCreationTime : 5-8-2005 2:41:40 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe
#:45 [mmdiag.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3768
ThreadCreationTime : 5-8-2005 2:41:46 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE
#:46 [webshots.scr]
FilePath : C:\Program Files\Webshots\
ProcessID : 3988
ThreadCreationTime : 5-8-2005 2:41:53 PM
BasePriority : Normal
FileVersion : 2.2.0.4644
ProductVersion : 2.2.0.4644
ProductName : The Webshots Desktop
CompanyName : Webshots.com
FileDescription : Webshots Photo Manager
InternalName : Webshots2
LegalCopyright : Copyright © 2004
OriginalFilename : Webshots2.SCR
#:47 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3004
ThreadCreationTime : 5-8-2005 5:32:31 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:48 [hijackthis[1].exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Local Settings\Temporary Internet Files\Content.IE5\KXUNKX6B\
ProcessID : 400
ThreadCreationTime : 5-8-2005 5:50:15 PM
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:49 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3996
ThreadCreationTime : 5-8-2005 5:51:03 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE
#:50 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 196
ThreadCreationTime : 5-8-2005 6:12:24 PM
BasePriority : Normal
FileVersion : 5.5.3595
ProductVersion : 5.5.3595
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:51 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3876
ThreadCreationTime : 5-8-2005 6:44:17 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis family@oinadserve[1].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:nijhuis [email protected]/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:11
UseCount : 0
Hits : 11
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:nijhuis [email protected]/
Expires : 5-9-2005 2:11:18 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2
Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2
Disk Scan Result for C:\DOCUME~1\NIJHUI~1\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
2:50:06 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:19.169
Objects scanned:64927
Objects identified:2
Objects ignored:0
New critical objects:2
Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 08, 2005 2:44:47 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-8-2005 2:44:47 PM - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 664
ThreadCreationTime : 5-8-2005 2:39:16 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 5-8-2005 2:39:18 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 5-8-2005 2:39:20 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 960
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1036
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1076
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1160
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1260
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1516
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1620
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [filedeleter.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 1648
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : FBM Software FileDeleter
CompanyName : FBM Software
FileDescription : FileDeleter
InternalName : FileDeleter
LegalCopyright : Copyright © 2004
OriginalFilename : FileDeleter.exe
#:14 [hpconfig.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1668
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 3, 0, 1, 8
ProductVersion : 3, 0, 1, 8
ProductName : HPConfig Module
CompanyName : Hewlett-Packard
FileDescription : HPConfig Module
InternalName : HPConfig
LegalCopyright : Hewlett-Packard Copyright © 1999-2002
OriginalFilename : HPConfig.EXE
Comments : HP Configuration Interface Service
#:15 [hpwirelessmgr.exe]
FilePath : C:\Program Files\HPQ\Notebook Utilities\
ProcessID : 1680
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 7
ProductVersion : 1, 0, 0, 7
ProductName : HPWirelessMgr Module
CompanyName : Hewlett-Packard Co.
FileDescription : HPWirelessMgr Module
InternalName : HPWirelessMgr
LegalCopyright : Hewlett-Packard Copyright 2002
OriginalFilename : HPWirelessMgr.EXE
Comments : HP Wireless On/Off Button Service
#:16 [kodakccs.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1704
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1.1.5100.4
ProductVersion : 4.4.0.0
ProductName : Kodak DC File System Driver (Win32)
CompanyName : Eastman Kodak Company
FileDescription : Kodak DC Ring 3 Conduit (Win32)
InternalName : KodakCCS.exe
LegalCopyright : Copyright © Eastman Kodak Co. 2000-2004
OriginalFilename : DcFsSvc.exe
#:17 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1800
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1852
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:19 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1940
ThreadCreationTime : 5-8-2005 2:39:29 PM
BasePriority : Normal
FileVersion : 5.4.3.11
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 424
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:21 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 456
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:22 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 496
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:23 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 520
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 478
ProductVersion : 1, 8, 54, 478
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:24 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1968
ThreadCreationTime : 5-8-2005 2:39:35 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:25 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 244
ThreadCreationTime : 5-8-2005 2:39:36 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:26 [zerospyware le.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 628
ThreadCreationTime : 5-8-2005 2:39:42 PM
BasePriority : Normal
FileVersion : 2, 1, 29, 4
ProductVersion : 2, 1, 29, 4
ProductName : FBM Software ZeroSpyware Limited Edition
CompanyName : FBM Software
FileDescription : ZeroSpyware LE
InternalName : ZeroSpyware Lite
LegalCopyright : Copyright © 2004
OriginalFilename : ZeroSpywareLite.exe
#:27 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1748
ThreadCreationTime : 5-8-2005 2:40:04 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:28 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 5-8-2005 2:40:25 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:29 [carpserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2136
ThreadCreationTime : 5-8-2005 2:40:39 PM
BasePriority : Normal
FileVersion : 6.02.05
ProductVersion : 6.02.05
ProductName : SoftK56 Modem Driver
CompanyName : Conexant Systems, Inc.
FileDescription : carpserv
InternalName : carpserv
LegalCopyright : Copyright© Conexant Systems, Inc. 2003
OriginalFilename : carpserv.exe
#:30 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2224
ThreadCreationTime : 5-8-2005 2:40:42 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPLpr.exe
#:31 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2420
ThreadCreationTime : 5-8-2005 2:40:45 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPEnh.exe
#:32 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 2480
ThreadCreationTime : 5-8-2005 2:40:47 PM
BasePriority : Normal
FileVersion : 6.13.10.3022
ProductVersion : 6.13.10.3022
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2001 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:33 [onetouch.exe]
FilePath : C:\Program Files\HPQ\One-Touch\
ProcessID : 2696
ThreadCreationTime : 5-8-2005 2:40:52 PM
BasePriority : Normal
FileVersion : 1.7.1.0
ProductVersion : 1.7.1.0
ProductName : Dritek System Inc. OneTouch 10.03.2003 ( VC60 )
CompanyName : Dritek System Inc.
FileDescription : One-Touch
InternalName : OneTouch
LegalCopyright : Copyright © 2003 Dritek System Inc.
OriginalFilename : OneTouch.exe
#:34 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2720
ThreadCreationTime : 5-8-2005 2:40:53 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:35 [msnappau.exe]
FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\
ProcessID : 2760
ThreadCreationTime : 5-8-2005 2:40:55 PM
BasePriority : Normal
#:36 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 2840
ThreadCreationTime : 5-8-2005 2:40:59 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:37 [hpztsb06.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 2956
ThreadCreationTime : 5-8-2005 2:41:02 PM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002
#:38 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 3012
ThreadCreationTime : 5-8-2005 2:41:06 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:39 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3068
ThreadCreationTime : 5-8-2005 2:41:09 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
#:41 [?srss.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3192
ThreadCreationTime : 5-8-2005 2:41:18 PM
BasePriority : Normal
#:42 [easyshare.exe]
FilePath : C:\Program Files\Kodak\Kodak EasyShare software\bin\
ProcessID : 3560
ThreadCreationTime : 5-8-2005 2:41:37 PM
BasePriority : Normal
FileVersion : 5, 0, 4, 128
ProductVersion : 4, 0, 2, 134
ProductName : Kodak EasyShare software
CompanyName : Eastman Kodak Company
FileDescription : Kodak EasyShare software
InternalName : EasyShare
LegalCopyright : Copyright © Eastman Kodak Company 2002
LegalTrademarks : EasyShare
OriginalFilename : EasyShare.exe
#:43 [kodak software updater.exe]
FilePath : C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\
ProcessID : 3616
ThreadCreationTime : 5-8-2005 2:41:39 PM
BasePriority : Normal
#:44 [mim.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3632
ThreadCreationTime : 5-8-2005 2:41:40 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe
#:45 [mmdiag.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3768
ThreadCreationTime : 5-8-2005 2:41:46 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE
#:46 [webshots.scr]
FilePath : C:\Program Files\Webshots\
ProcessID : 3988
ThreadCreationTime : 5-8-2005 2:41:53 PM
BasePriority : Normal
FileVersion : 2.2.0.4644
ProductVersion : 2.2.0.4644
ProductName : The Webshots Desktop
CompanyName : Webshots.com
FileDescription : Webshots Photo Manager
InternalName : Webshots2
LegalCopyright : Copyright © 2004
OriginalFilename : Webshots2.SCR
#:47 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3004
ThreadCreationTime : 5-8-2005 5:32:31 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:48 [hijackthis[1].exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Local Settings\Temporary Internet Files\Content.IE5\KXUNKX6B\
ProcessID : 400
ThreadCreationTime : 5-8-2005 5:50:15 PM
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:49 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3996
ThreadCreationTime : 5-8-2005 5:51:03 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE
#:50 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 196
ThreadCreationTime : 5-8-2005 6:12:24 PM
BasePriority : Normal
FileVersion : 5.5.3595
ProductVersion : 5.5.3595
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:51 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3876
ThreadCreationTime : 5-8-2005 6:44:17 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis family@oinadserve[1].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:nijhuis [email protected]/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:11
UseCount : 0
Hits : 11
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:nijhuis [email protected]/
Expires : 5-9-2005 2:11:18 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2
Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2
Disk Scan Result for C:\DOCUME~1\NIJHUI~1\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
2:50:06 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:19.169
Objects scanned:64927
Objects identified:2
Objects ignored:0
New critical objects:2
#4
Guest_numbnuts_*
Posted 08 May 2005 - 01:11 PM
Guest_numbnuts_*
Guest_numbnuts_*
-
- Guest
Hello, AustinN welcome to the forum..
I do need to see A Full System Scan…
You have posted a (Smart mode scan)…
A Full System Scan is a deeper scan in to your computer
And might show some more …!!!
Can you please follow the instructions in this link and post back in this thread…..
http://www.geekstogo...indpost&p=78035
We need to see a complete logfile to be of assistance to you …..
It will sometimes take 2 or more posts to get the log in just keep posting till the post is complete…
Remember post back in this thread …making
Sure you have the latest definition File …….
Regards…
numbnuts …..
I do need to see A Full System Scan…
You have posted a (Smart mode scan)…
A Full System Scan is a deeper scan in to your computer
And might show some more …!!!
Can you please follow the instructions in this link and post back in this thread…..
http://www.geekstogo...indpost&p=78035
We need to see a complete logfile to be of assistance to you …..
It will sometimes take 2 or more posts to get the log in just keep posting till the post is complete…
Remember post back in this thread …making
Sure you have the latest definition File …….
Regards…
numbnuts …..
#5
Posted 08 May 2005 - 01:35 PM
AustinN
- Topic Starter
-
- Member
-
- 7 posts
New Member
sorry again...I'm not very smart lol
Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 08, 2005 3:12:32 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-8-2005 3:12:32 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 664
ThreadCreationTime : 5-8-2005 2:39:16 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 5-8-2005 2:39:18 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 5-8-2005 2:39:20 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 960
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1036
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1076
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1160
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1260
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1516
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1620
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [filedeleter.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 1648
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : FBM Software FileDeleter
CompanyName : FBM Software
FileDescription : FileDeleter
InternalName : FileDeleter
LegalCopyright : Copyright © 2004
OriginalFilename : FileDeleter.exe
#:14 [hpconfig.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1668
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 3, 0, 1, 8
ProductVersion : 3, 0, 1, 8
ProductName : HPConfig Module
CompanyName : Hewlett-Packard
FileDescription : HPConfig Module
InternalName : HPConfig
LegalCopyright : Hewlett-Packard Copyright © 1999-2002
OriginalFilename : HPConfig.EXE
Comments : HP Configuration Interface Service
#:15 [hpwirelessmgr.exe]
FilePath : C:\Program Files\HPQ\Notebook Utilities\
ProcessID : 1680
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 7
ProductVersion : 1, 0, 0, 7
ProductName : HPWirelessMgr Module
CompanyName : Hewlett-Packard Co.
FileDescription : HPWirelessMgr Module
InternalName : HPWirelessMgr
LegalCopyright : Hewlett-Packard Copyright 2002
OriginalFilename : HPWirelessMgr.EXE
Comments : HP Wireless On/Off Button Service
#:16 [kodakccs.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1704
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1.1.5100.4
ProductVersion : 4.4.0.0
ProductName : Kodak DC File System Driver (Win32)
CompanyName : Eastman Kodak Company
FileDescription : Kodak DC Ring 3 Conduit (Win32)
InternalName : KodakCCS.exe
LegalCopyright : Copyright © Eastman Kodak Co. 2000-2004
OriginalFilename : DcFsSvc.exe
#:17 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1800
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1852
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:19 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1940
ThreadCreationTime : 5-8-2005 2:39:29 PM
BasePriority : Normal
FileVersion : 5.4.3.11
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 424
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:21 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 456
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:22 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 496
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:23 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 520
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 478
ProductVersion : 1, 8, 54, 478
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:24 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1968
ThreadCreationTime : 5-8-2005 2:39:35 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:25 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 244
ThreadCreationTime : 5-8-2005 2:39:36 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:26 [zerospyware le.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 628
ThreadCreationTime : 5-8-2005 2:39:42 PM
BasePriority : Normal
FileVersion : 2, 1, 29, 4
ProductVersion : 2, 1, 29, 4
ProductName : FBM Software ZeroSpyware Limited Edition
CompanyName : FBM Software
FileDescription : ZeroSpyware LE
InternalName : ZeroSpyware Lite
LegalCopyright : Copyright © 2004
OriginalFilename : ZeroSpywareLite.exe
#:27 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1748
ThreadCreationTime : 5-8-2005 2:40:04 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:28 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 5-8-2005 2:40:25 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:29 [carpserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2136
ThreadCreationTime : 5-8-2005 2:40:39 PM
BasePriority : Normal
FileVersion : 6.02.05
ProductVersion : 6.02.05
ProductName : SoftK56 Modem Driver
CompanyName : Conexant Systems, Inc.
FileDescription : carpserv
InternalName : carpserv
LegalCopyright : Copyright© Conexant Systems, Inc. 2003
OriginalFilename : carpserv.exe
#:30 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2224
ThreadCreationTime : 5-8-2005 2:40:42 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPLpr.exe
#:31 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2420
ThreadCreationTime : 5-8-2005 2:40:45 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPEnh.exe
#:32 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 2480
ThreadCreationTime : 5-8-2005 2:40:47 PM
BasePriority : Normal
FileVersion : 6.13.10.3022
ProductVersion : 6.13.10.3022
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2001 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:33 [onetouch.exe]
FilePath : C:\Program Files\HPQ\One-Touch\
ProcessID : 2696
ThreadCreationTime : 5-8-2005 2:40:52 PM
BasePriority : Normal
FileVersion : 1.7.1.0
ProductVersion : 1.7.1.0
ProductName : Dritek System Inc. OneTouch 10.03.2003 ( VC60 )
CompanyName : Dritek System Inc.
FileDescription : One-Touch
InternalName : OneTouch
LegalCopyright : Copyright © 2003 Dritek System Inc.
OriginalFilename : OneTouch.exe
#:34 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2720
ThreadCreationTime : 5-8-2005 2:40:53 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:35 [msnappau.exe]
FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\
ProcessID : 2760
ThreadCreationTime : 5-8-2005 2:40:55 PM
BasePriority : Normal
#:36 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 2840
ThreadCreationTime : 5-8-2005 2:40:59 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:37 [hpztsb06.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 2956
ThreadCreationTime : 5-8-2005 2:41:02 PM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002
#:38 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 3012
ThreadCreationTime : 5-8-2005 2:41:06 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:39 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3068
ThreadCreationTime : 5-8-2005 2:41:09 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
#:41 [?srss.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3192
ThreadCreationTime : 5-8-2005 2:41:18 PM
BasePriority : Normal
#:42 [easyshare.exe]
FilePath : C:\Program Files\Kodak\Kodak EasyShare software\bin\
ProcessID : 3560
ThreadCreationTime : 5-8-2005 2:41:37 PM
BasePriority : Normal
FileVersion : 5, 0, 4, 128
ProductVersion : 4, 0, 2, 134
ProductName : Kodak EasyShare software
CompanyName : Eastman Kodak Company
FileDescription : Kodak EasyShare software
InternalName : EasyShare
LegalCopyright : Copyright © Eastman Kodak Company 2002
LegalTrademarks : EasyShare
OriginalFilename : EasyShare.exe
#:43 [kodak software updater.exe]
FilePath : C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\
ProcessID : 3616
ThreadCreationTime : 5-8-2005 2:41:39 PM
BasePriority : Normal
#:44 [mim.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3632
ThreadCreationTime : 5-8-2005 2:41:40 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe
#:45 [mmdiag.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3768
ThreadCreationTime : 5-8-2005 2:41:46 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE
#:46 [webshots.scr]
FilePath : C:\Program Files\Webshots\
ProcessID : 3988
ThreadCreationTime : 5-8-2005 2:41:53 PM
BasePriority : Normal
FileVersion : 2.2.0.4644
ProductVersion : 2.2.0.4644
ProductName : The Webshots Desktop
CompanyName : Webshots.com
FileDescription : Webshots Photo Manager
InternalName : Webshots2
LegalCopyright : Copyright © 2004
OriginalFilename : Webshots2.SCR
#:47 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3004
ThreadCreationTime : 5-8-2005 5:32:31 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:48 [hijackthis[1].exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Local Settings\Temporary Internet Files\Content.IE5\KXUNKX6B\
ProcessID : 400
ThreadCreationTime : 5-8-2005 5:50:15 PM
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:49 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3996
ThreadCreationTime : 5-8-2005 5:51:03 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE
#:50 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 196
ThreadCreationTime : 5-8-2005 6:12:24 PM
BasePriority : Normal
FileVersion : 5.5.3595
ProductVersion : 5.5.3595
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:51 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3876
ThreadCreationTime : 5-8-2005 6:44:17 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis family@oinadserve[1].txt
Category : Data Miner
Comment : Hits:19
Value : Cookie:nijhuis [email protected]/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:19
UseCount : 0
Hits : 19
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:nijhuis [email protected]/
Expires : 5-9-2005 3:00:16 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 23
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
3:32:35 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:20:02.409
Objects scanned:102897
Objects identified:2
Objects ignored:0
New critical objects:2
Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 08, 2005 3:12:32 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-8-2005 3:12:32 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 664
ThreadCreationTime : 5-8-2005 2:39:16 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 5-8-2005 2:39:18 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 5-8-2005 2:39:20 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 960
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1036
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1076
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1160
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1260
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1516
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1620
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [filedeleter.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 1648
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : FBM Software FileDeleter
CompanyName : FBM Software
FileDescription : FileDeleter
InternalName : FileDeleter
LegalCopyright : Copyright © 2004
OriginalFilename : FileDeleter.exe
#:14 [hpconfig.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1668
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 3, 0, 1, 8
ProductVersion : 3, 0, 1, 8
ProductName : HPConfig Module
CompanyName : Hewlett-Packard
FileDescription : HPConfig Module
InternalName : HPConfig
LegalCopyright : Hewlett-Packard Copyright © 1999-2002
OriginalFilename : HPConfig.EXE
Comments : HP Configuration Interface Service
#:15 [hpwirelessmgr.exe]
FilePath : C:\Program Files\HPQ\Notebook Utilities\
ProcessID : 1680
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 7
ProductVersion : 1, 0, 0, 7
ProductName : HPWirelessMgr Module
CompanyName : Hewlett-Packard Co.
FileDescription : HPWirelessMgr Module
InternalName : HPWirelessMgr
LegalCopyright : Hewlett-Packard Copyright 2002
OriginalFilename : HPWirelessMgr.EXE
Comments : HP Wireless On/Off Button Service
#:16 [kodakccs.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1704
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1.1.5100.4
ProductVersion : 4.4.0.0
ProductName : Kodak DC File System Driver (Win32)
CompanyName : Eastman Kodak Company
FileDescription : Kodak DC Ring 3 Conduit (Win32)
InternalName : KodakCCS.exe
LegalCopyright : Copyright © Eastman Kodak Co. 2000-2004
OriginalFilename : DcFsSvc.exe
#:17 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1800
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1852
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:19 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1940
ThreadCreationTime : 5-8-2005 2:39:29 PM
BasePriority : Normal
FileVersion : 5.4.3.11
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 424
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:21 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 456
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:22 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 496
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:23 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 520
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 478
ProductVersion : 1, 8, 54, 478
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:24 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1968
ThreadCreationTime : 5-8-2005 2:39:35 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:25 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 244
ThreadCreationTime : 5-8-2005 2:39:36 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:26 [zerospyware le.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 628
ThreadCreationTime : 5-8-2005 2:39:42 PM
BasePriority : Normal
FileVersion : 2, 1, 29, 4
ProductVersion : 2, 1, 29, 4
ProductName : FBM Software ZeroSpyware Limited Edition
CompanyName : FBM Software
FileDescription : ZeroSpyware LE
InternalName : ZeroSpyware Lite
LegalCopyright : Copyright © 2004
OriginalFilename : ZeroSpywareLite.exe
#:27 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1748
ThreadCreationTime : 5-8-2005 2:40:04 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:28 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 5-8-2005 2:40:25 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:29 [carpserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2136
ThreadCreationTime : 5-8-2005 2:40:39 PM
BasePriority : Normal
FileVersion : 6.02.05
ProductVersion : 6.02.05
ProductName : SoftK56 Modem Driver
CompanyName : Conexant Systems, Inc.
FileDescription : carpserv
InternalName : carpserv
LegalCopyright : Copyright© Conexant Systems, Inc. 2003
OriginalFilename : carpserv.exe
#:30 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2224
ThreadCreationTime : 5-8-2005 2:40:42 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPLpr.exe
#:31 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2420
ThreadCreationTime : 5-8-2005 2:40:45 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPEnh.exe
#:32 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 2480
ThreadCreationTime : 5-8-2005 2:40:47 PM
BasePriority : Normal
FileVersion : 6.13.10.3022
ProductVersion : 6.13.10.3022
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2001 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:33 [onetouch.exe]
FilePath : C:\Program Files\HPQ\One-Touch\
ProcessID : 2696
ThreadCreationTime : 5-8-2005 2:40:52 PM
BasePriority : Normal
FileVersion : 1.7.1.0
ProductVersion : 1.7.1.0
ProductName : Dritek System Inc. OneTouch 10.03.2003 ( VC60 )
CompanyName : Dritek System Inc.
FileDescription : One-Touch
InternalName : OneTouch
LegalCopyright : Copyright © 2003 Dritek System Inc.
OriginalFilename : OneTouch.exe
#:34 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2720
ThreadCreationTime : 5-8-2005 2:40:53 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:35 [msnappau.exe]
FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\
ProcessID : 2760
ThreadCreationTime : 5-8-2005 2:40:55 PM
BasePriority : Normal
#:36 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 2840
ThreadCreationTime : 5-8-2005 2:40:59 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:37 [hpztsb06.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 2956
ThreadCreationTime : 5-8-2005 2:41:02 PM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002
#:38 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 3012
ThreadCreationTime : 5-8-2005 2:41:06 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:39 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3068
ThreadCreationTime : 5-8-2005 2:41:09 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
#:41 [?srss.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3192
ThreadCreationTime : 5-8-2005 2:41:18 PM
BasePriority : Normal
#:42 [easyshare.exe]
FilePath : C:\Program Files\Kodak\Kodak EasyShare software\bin\
ProcessID : 3560
ThreadCreationTime : 5-8-2005 2:41:37 PM
BasePriority : Normal
FileVersion : 5, 0, 4, 128
ProductVersion : 4, 0, 2, 134
ProductName : Kodak EasyShare software
CompanyName : Eastman Kodak Company
FileDescription : Kodak EasyShare software
InternalName : EasyShare
LegalCopyright : Copyright © Eastman Kodak Company 2002
LegalTrademarks : EasyShare
OriginalFilename : EasyShare.exe
#:43 [kodak software updater.exe]
FilePath : C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\
ProcessID : 3616
ThreadCreationTime : 5-8-2005 2:41:39 PM
BasePriority : Normal
#:44 [mim.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3632
ThreadCreationTime : 5-8-2005 2:41:40 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe
#:45 [mmdiag.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3768
ThreadCreationTime : 5-8-2005 2:41:46 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE
#:46 [webshots.scr]
FilePath : C:\Program Files\Webshots\
ProcessID : 3988
ThreadCreationTime : 5-8-2005 2:41:53 PM
BasePriority : Normal
FileVersion : 2.2.0.4644
ProductVersion : 2.2.0.4644
ProductName : The Webshots Desktop
CompanyName : Webshots.com
FileDescription : Webshots Photo Manager
InternalName : Webshots2
LegalCopyright : Copyright © 2004
OriginalFilename : Webshots2.SCR
#:47 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3004
ThreadCreationTime : 5-8-2005 5:32:31 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:48 [hijackthis[1].exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Local Settings\Temporary Internet Files\Content.IE5\KXUNKX6B\
ProcessID : 400
ThreadCreationTime : 5-8-2005 5:50:15 PM
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:49 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3996
ThreadCreationTime : 5-8-2005 5:51:03 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE
#:50 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 196
ThreadCreationTime : 5-8-2005 6:12:24 PM
BasePriority : Normal
FileVersion : 5.5.3595
ProductVersion : 5.5.3595
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:51 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3876
ThreadCreationTime : 5-8-2005 6:44:17 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis family@oinadserve[1].txt
Category : Data Miner
Comment : Hits:19
Value : Cookie:nijhuis [email protected]/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:19
UseCount : 0
Hits : 19
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:nijhuis [email protected]/
Expires : 5-9-2005 3:00:16 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 23
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
3:32:35 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:20:02.409
Objects scanned:102897
Objects identified:2
Objects ignored:0
New critical objects:2
#6
Guest_numbnuts_*
Posted 08 May 2005 - 02:10 PM
Guest_numbnuts_*
Guest_numbnuts_*
-
- Guest
Hello,AustinN
Have you run an online virus/trojan scan yet? That may be helpful.
I think you have a virus/worm please run at least 3 of these Online Scans..
I dont like the look of this file here!!!
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
Online Scan Sites:
bitdefender
http://www.bitdefend...can/licence.php
Panda
Symantec
TrendMicro
A2 Trojan Scan
Can you then post the results of the virus scans?
Then can you please post a full Ad-aware logfile for us to see?
Regards..
numbnuts...
Have you run an online virus/trojan scan yet? That may be helpful.
I think you have a virus/worm please run at least 3 of these Online Scans..
I dont like the look of this file here!!!
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
Online Scan Sites:
bitdefender
http://www.bitdefend...can/licence.php
Panda
Symantec
TrendMicro
A2 Trojan Scan
Can you then post the results of the virus scans?
Then can you please post a full Ad-aware logfile for us to see?
Regards..
numbnuts...
#7
Posted 08 May 2005 - 03:01 PM
AustinN
- Topic Starter
-
- Member
-
- 7 posts
New Member
No infected objects accoriding to bitdefender, and so far three on panda and none on symantec
#8
Posted 08 May 2005 - 03:25 PM
AustinN
- Topic Starter
-
- Member
-
- 7 posts
New Member
from panda:
Incident Status Location
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
Adware:Adware/PurityScan No disinfected C:\DOCUME~1\NIJHUI~1\APPLIC~1\othb.exe
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
Incident Status Location
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
Adware:Adware/PurityScan No disinfected C:\DOCUME~1\NIJHUI~1\APPLIC~1\othb.exe
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
#9
Posted 08 May 2005 - 04:34 PM
AustinN
- Topic Starter
-
- Member
-
- 7 posts
New Member
Nothing showed up on symantic, and this is the ad-aware log:
Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 08, 2005 5:27:15 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-8-2005 5:27:15 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 664
ThreadCreationTime : 5-8-2005 2:39:16 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 5-8-2005 2:39:18 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 5-8-2005 2:39:20 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 960
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1036
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1076
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1160
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1260
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1516
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1620
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [filedeleter.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 1648
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : FBM Software FileDeleter
CompanyName : FBM Software
FileDescription : FileDeleter
InternalName : FileDeleter
LegalCopyright : Copyright © 2004
OriginalFilename : FileDeleter.exe
#:14 [hpconfig.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1668
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 3, 0, 1, 8
ProductVersion : 3, 0, 1, 8
ProductName : HPConfig Module
CompanyName : Hewlett-Packard
FileDescription : HPConfig Module
InternalName : HPConfig
LegalCopyright : Hewlett-Packard Copyright © 1999-2002
OriginalFilename : HPConfig.EXE
Comments : HP Configuration Interface Service
#:15 [hpwirelessmgr.exe]
FilePath : C:\Program Files\HPQ\Notebook Utilities\
ProcessID : 1680
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 7
ProductVersion : 1, 0, 0, 7
ProductName : HPWirelessMgr Module
CompanyName : Hewlett-Packard Co.
FileDescription : HPWirelessMgr Module
InternalName : HPWirelessMgr
LegalCopyright : Hewlett-Packard Copyright 2002
OriginalFilename : HPWirelessMgr.EXE
Comments : HP Wireless On/Off Button Service
#:16 [kodakccs.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1704
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1.1.5100.4
ProductVersion : 4.4.0.0
ProductName : Kodak DC File System Driver (Win32)
CompanyName : Eastman Kodak Company
FileDescription : Kodak DC Ring 3 Conduit (Win32)
InternalName : KodakCCS.exe
LegalCopyright : Copyright © Eastman Kodak Co. 2000-2004
OriginalFilename : DcFsSvc.exe
#:17 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1800
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1852
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:19 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1940
ThreadCreationTime : 5-8-2005 2:39:29 PM
BasePriority : Normal
FileVersion : 5.4.3.11
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 424
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:21 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 456
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:22 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 496
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:23 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 520
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 478
ProductVersion : 1, 8, 54, 478
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:24 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1968
ThreadCreationTime : 5-8-2005 2:39:35 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:25 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 244
ThreadCreationTime : 5-8-2005 2:39:36 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:26 [zerospyware le.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 628
ThreadCreationTime : 5-8-2005 2:39:42 PM
BasePriority : Normal
FileVersion : 2, 1, 29, 4
ProductVersion : 2, 1, 29, 4
ProductName : FBM Software ZeroSpyware Limited Edition
CompanyName : FBM Software
FileDescription : ZeroSpyware LE
InternalName : ZeroSpyware Lite
LegalCopyright : Copyright © 2004
OriginalFilename : ZeroSpywareLite.exe
#:27 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1748
ThreadCreationTime : 5-8-2005 2:40:04 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:28 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 5-8-2005 2:40:25 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:29 [carpserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2136
ThreadCreationTime : 5-8-2005 2:40:39 PM
BasePriority : Normal
FileVersion : 6.02.05
ProductVersion : 6.02.05
ProductName : SoftK56 Modem Driver
CompanyName : Conexant Systems, Inc.
FileDescription : carpserv
InternalName : carpserv
LegalCopyright : Copyright© Conexant Systems, Inc. 2003
OriginalFilename : carpserv.exe
#:30 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2224
ThreadCreationTime : 5-8-2005 2:40:42 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPLpr.exe
#:31 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2420
ThreadCreationTime : 5-8-2005 2:40:45 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPEnh.exe
#:32 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 2480
ThreadCreationTime : 5-8-2005 2:40:47 PM
BasePriority : Normal
FileVersion : 6.13.10.3022
ProductVersion : 6.13.10.3022
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2001 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:33 [onetouch.exe]
FilePath : C:\Program Files\HPQ\One-Touch\
ProcessID : 2696
ThreadCreationTime : 5-8-2005 2:40:52 PM
BasePriority : Normal
FileVersion : 1.7.1.0
ProductVersion : 1.7.1.0
ProductName : Dritek System Inc. OneTouch 10.03.2003 ( VC60 )
CompanyName : Dritek System Inc.
FileDescription : One-Touch
InternalName : OneTouch
LegalCopyright : Copyright © 2003 Dritek System Inc.
OriginalFilename : OneTouch.exe
#:34 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2720
ThreadCreationTime : 5-8-2005 2:40:53 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:35 [msnappau.exe]
FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\
ProcessID : 2760
ThreadCreationTime : 5-8-2005 2:40:55 PM
BasePriority : Normal
#:36 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 2840
ThreadCreationTime : 5-8-2005 2:40:59 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:37 [hpztsb06.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 2956
ThreadCreationTime : 5-8-2005 2:41:02 PM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002
#:38 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 3012
ThreadCreationTime : 5-8-2005 2:41:06 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:39 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3068
ThreadCreationTime : 5-8-2005 2:41:09 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
#:41 [?srss.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3192
ThreadCreationTime : 5-8-2005 2:41:18 PM
BasePriority : Normal
#:42 [easyshare.exe]
FilePath : C:\Program Files\Kodak\Kodak EasyShare software\bin\
ProcessID : 3560
ThreadCreationTime : 5-8-2005 2:41:37 PM
BasePriority : Normal
FileVersion : 5, 0, 4, 128
ProductVersion : 4, 0, 2, 134
ProductName : Kodak EasyShare software
CompanyName : Eastman Kodak Company
FileDescription : Kodak EasyShare software
InternalName : EasyShare
LegalCopyright : Copyright © Eastman Kodak Company 2002
LegalTrademarks : EasyShare
OriginalFilename : EasyShare.exe
#:43 [kodak software updater.exe]
FilePath : C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\
ProcessID : 3616
ThreadCreationTime : 5-8-2005 2:41:39 PM
BasePriority : Normal
#:44 [mim.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3632
ThreadCreationTime : 5-8-2005 2:41:40 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe
#:45 [mmdiag.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3768
ThreadCreationTime : 5-8-2005 2:41:46 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE
#:46 [webshots.scr]
FilePath : C:\Program Files\Webshots\
ProcessID : 3988
ThreadCreationTime : 5-8-2005 2:41:53 PM
BasePriority : Normal
FileVersion : 2.2.0.4644
ProductVersion : 2.2.0.4644
ProductName : The Webshots Desktop
CompanyName : Webshots.com
FileDescription : Webshots Photo Manager
InternalName : Webshots2
LegalCopyright : Copyright © 2004
OriginalFilename : Webshots2.SCR
#:47 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3004
ThreadCreationTime : 5-8-2005 5:32:31 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:48 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 196
ThreadCreationTime : 5-8-2005 6:12:24 PM
BasePriority : Normal
FileVersion : 5.5.3595
ProductVersion : 5.5.3595
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:49 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3104
ThreadCreationTime : 5-8-2005 9:26:58 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis family@oinadserve[1].txt
Category : Data Miner
Comment : Hits:21
Value : Cookie:nijhuis [email protected]/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:21
UseCount : 0
Hits : 21
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:nijhuis [email protected]/
Expires : 5-9-2005 5:32:52 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 23
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
5:47:17 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:20:01.878
Objects scanned:103934
Objects identified:2
Objects ignored:0
New critical objects:2
Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 08, 2005 5:27:15 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-8-2005 5:27:15 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Nijhuis Family\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1085031214-1606980848-854245398-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 664
ThreadCreationTime : 5-8-2005 2:39:16 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 5-8-2005 2:39:18 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 5-8-2005 2:39:20 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 960
ThreadCreationTime : 5-8-2005 2:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1036
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1076
ThreadCreationTime : 5-8-2005 2:39:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1160
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1260
ThreadCreationTime : 5-8-2005 2:39:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1516
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1620
ThreadCreationTime : 5-8-2005 2:39:26 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [filedeleter.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 1648
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : FBM Software FileDeleter
CompanyName : FBM Software
FileDescription : FileDeleter
InternalName : FileDeleter
LegalCopyright : Copyright © 2004
OriginalFilename : FileDeleter.exe
#:14 [hpconfig.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1668
ThreadCreationTime : 5-8-2005 2:39:27 PM
BasePriority : Normal
FileVersion : 3, 0, 1, 8
ProductVersion : 3, 0, 1, 8
ProductName : HPConfig Module
CompanyName : Hewlett-Packard
FileDescription : HPConfig Module
InternalName : HPConfig
LegalCopyright : Hewlett-Packard Copyright © 1999-2002
OriginalFilename : HPConfig.EXE
Comments : HP Configuration Interface Service
#:15 [hpwirelessmgr.exe]
FilePath : C:\Program Files\HPQ\Notebook Utilities\
ProcessID : 1680
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 7
ProductVersion : 1, 0, 0, 7
ProductName : HPWirelessMgr Module
CompanyName : Hewlett-Packard Co.
FileDescription : HPWirelessMgr Module
InternalName : HPWirelessMgr
LegalCopyright : Hewlett-Packard Copyright 2002
OriginalFilename : HPWirelessMgr.EXE
Comments : HP Wireless On/Off Button Service
#:16 [kodakccs.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1704
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 1.1.5100.4
ProductVersion : 4.4.0.0
ProductName : Kodak DC File System Driver (Win32)
CompanyName : Eastman Kodak Company
FileDescription : Kodak DC Ring 3 Conduit (Win32)
InternalName : KodakCCS.exe
LegalCopyright : Copyright © Eastman Kodak Co. 2000-2004
OriginalFilename : DcFsSvc.exe
#:17 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1800
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1852
ThreadCreationTime : 5-8-2005 2:39:28 PM
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:19 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1940
ThreadCreationTime : 5-8-2005 2:39:29 PM
BasePriority : Normal
FileVersion : 5.4.3.11
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 424
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:21 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 456
ThreadCreationTime : 5-8-2005 2:39:32 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:22 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 496
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:23 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 520
ThreadCreationTime : 5-8-2005 2:39:33 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 478
ProductVersion : 1, 8, 54, 478
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:24 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1968
ThreadCreationTime : 5-8-2005 2:39:35 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:25 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 244
ThreadCreationTime : 5-8-2005 2:39:36 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:26 [zerospyware le.exe]
FilePath : C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
ProcessID : 628
ThreadCreationTime : 5-8-2005 2:39:42 PM
BasePriority : Normal
FileVersion : 2, 1, 29, 4
ProductVersion : 2, 1, 29, 4
ProductName : FBM Software ZeroSpyware Limited Edition
CompanyName : FBM Software
FileDescription : ZeroSpyware LE
InternalName : ZeroSpyware Lite
LegalCopyright : Copyright © 2004
OriginalFilename : ZeroSpywareLite.exe
#:27 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1748
ThreadCreationTime : 5-8-2005 2:40:04 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:28 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 5-8-2005 2:40:25 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:29 [carpserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2136
ThreadCreationTime : 5-8-2005 2:40:39 PM
BasePriority : Normal
FileVersion : 6.02.05
ProductVersion : 6.02.05
ProductName : SoftK56 Modem Driver
CompanyName : Conexant Systems, Inc.
FileDescription : carpserv
InternalName : carpserv
LegalCopyright : Copyright© Conexant Systems, Inc. 2003
OriginalFilename : carpserv.exe
#:30 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2224
ThreadCreationTime : 5-8-2005 2:40:42 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPLpr.exe
#:31 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2420
ThreadCreationTime : 5-8-2005 2:40:45 PM
BasePriority : Normal
FileVersion : 7.5.3 22May03
ProductVersion : 7.5.3 22May03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2002
OriginalFilename : SynTPEnh.exe
#:32 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 2480
ThreadCreationTime : 5-8-2005 2:40:47 PM
BasePriority : Normal
FileVersion : 6.13.10.3022
ProductVersion : 6.13.10.3022
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2001 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:33 [onetouch.exe]
FilePath : C:\Program Files\HPQ\One-Touch\
ProcessID : 2696
ThreadCreationTime : 5-8-2005 2:40:52 PM
BasePriority : Normal
FileVersion : 1.7.1.0
ProductVersion : 1.7.1.0
ProductName : Dritek System Inc. OneTouch 10.03.2003 ( VC60 )
CompanyName : Dritek System Inc.
FileDescription : One-Touch
InternalName : OneTouch
LegalCopyright : Copyright © 2003 Dritek System Inc.
OriginalFilename : OneTouch.exe
#:34 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2720
ThreadCreationTime : 5-8-2005 2:40:53 PM
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:35 [msnappau.exe]
FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\
ProcessID : 2760
ThreadCreationTime : 5-8-2005 2:40:55 PM
BasePriority : Normal
#:36 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 2840
ThreadCreationTime : 5-8-2005 2:40:59 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:37 [hpztsb06.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 2956
ThreadCreationTime : 5-8-2005 2:41:02 PM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002
#:38 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 3012
ThreadCreationTime : 5-8-2005 2:41:06 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:39 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3068
ThreadCreationTime : 5-8-2005 2:41:09 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
#:41 [?srss.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3192
ThreadCreationTime : 5-8-2005 2:41:18 PM
BasePriority : Normal
#:42 [easyshare.exe]
FilePath : C:\Program Files\Kodak\Kodak EasyShare software\bin\
ProcessID : 3560
ThreadCreationTime : 5-8-2005 2:41:37 PM
BasePriority : Normal
FileVersion : 5, 0, 4, 128
ProductVersion : 4, 0, 2, 134
ProductName : Kodak EasyShare software
CompanyName : Eastman Kodak Company
FileDescription : Kodak EasyShare software
InternalName : EasyShare
LegalCopyright : Copyright © Eastman Kodak Company 2002
LegalTrademarks : EasyShare
OriginalFilename : EasyShare.exe
#:43 [kodak software updater.exe]
FilePath : C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\
ProcessID : 3616
ThreadCreationTime : 5-8-2005 2:41:39 PM
BasePriority : Normal
#:44 [mim.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3632
ThreadCreationTime : 5-8-2005 2:41:40 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe
#:45 [mmdiag.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3768
ThreadCreationTime : 5-8-2005 2:41:46 PM
BasePriority : Normal
FileVersion : 10.00.2058
ProductVersion : 10.00.2058
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE
#:46 [webshots.scr]
FilePath : C:\Program Files\Webshots\
ProcessID : 3988
ThreadCreationTime : 5-8-2005 2:41:53 PM
BasePriority : Normal
FileVersion : 2.2.0.4644
ProductVersion : 2.2.0.4644
ProductName : The Webshots Desktop
CompanyName : Webshots.com
FileDescription : Webshots Photo Manager
InternalName : Webshots2
LegalCopyright : Copyright © 2004
OriginalFilename : Webshots2.SCR
#:47 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3004
ThreadCreationTime : 5-8-2005 5:32:31 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:48 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 196
ThreadCreationTime : 5-8-2005 6:12:24 PM
BasePriority : Normal
FileVersion : 5.5.3595
ProductVersion : 5.5.3595
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:49 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3104
ThreadCreationTime : 5-8-2005 9:26:58 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis family@oinadserve[1].txt
Category : Data Miner
Comment : Hits:21
Value : Cookie:nijhuis [email protected]/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:21
UseCount : 0
Hits : 21
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nijhuis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:nijhuis [email protected]/
Expires : 5-9-2005 5:32:52 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 23
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
5:47:17 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:20:01.878
Objects scanned:103934
Objects identified:2
Objects ignored:0
New critical objects:2
#10
Guest_numbnuts_*
Posted 09 May 2005 - 03:30 PM
Guest_numbnuts_*
Guest_numbnuts_*
-
- Guest
Hello, again AustinN as I said in post 6# this does seem to be you problem ..
Here...
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
From panda:
Incident Status Location
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
Adware:Adware/PurityScan No disinfected C:\DOCUME~1\NIJHUI~1\APPLIC~1\othb.exe
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
So I’m going to refer you over to HjT so they can nail it for you …
Regards…
numbnuts...
Here...
#:40 [othb.exe]
FilePath : C:\Documents and Settings\Nijhuis Family\Application Data\
ProcessID : 3136
ThreadCreationTime : 5-8-2005 2:41:16 PM
BasePriority : Normal
From panda:
Incident Status Location
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
Adware:Adware/PurityScan No disinfected C:\DOCUME~1\NIJHUI~1\APPLIC~1\othb.exe
Adware:Adware/PurityScan No disinfected C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
So I’m going to refer you over to HjT so they can nail it for you …
Regards…
numbnuts...
#11
Guest_numbnuts_*
Posted 09 May 2005 - 03:33 PM
Guest_numbnuts_*
Guest_numbnuts_*
-
- Guest
Please follow the instructions located in Step Five: Posting a Hijack This Log. Post your HJT log as a reply to this thread, which has been relocated to the Malware Removal Forum for providing you with further assistance.
Kindly note that it is very busy in the Malware Removal Forum, so there may be a delay in receiving a reply. Please also note that HJT logfiles are reviewed on a first come/first served basis.
Kindly note that it is very busy in the Malware Removal Forum, so there may be a delay in receiving a reply. Please also note that HJT logfiles are reviewed on a first come/first served basis.
#12
Posted 09 May 2005 - 07:15 PM
AustinN
- Topic Starter
-
- Member
-
- 7 posts
New Member
Logfile of HijackThis v1.99.1
Scan saved at 9:14:14 PM, on 5/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\FBM Software\ZeroSpyware Limited Edition\FileDeleter.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
C:\WINDOWS\system32\?srss.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Nijhuis Family\Local Settings\Temporary Internet Files\Content.IE5\FGHI1K34\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Nijhuis Family\Application Data\Mozilla\Profiles\default\3g2b6bw7.slt\prefs.js)
O1 - Hosts: Usage Information:
O1 - Hosts: Save Changes - Save any changes you make to hosts file
O1 - Hosts: Reset Default - Will Replace any existing Hosts with a Windows Default one, original file doesn't have to exist
O1 - Hosts: Save Log - Will Save the Hosts as a Text file, Good for Posting
O1 - Hosts: _________________________________________________________________
O1 - Hosts: Enable and Disable - Will Swap Hosts Files On the Fly for those that want to use Hosts, and Temporarily Disable it.
O1 - Hosts: _________________________________________________________________
O1 - Hosts: Scan for Hosts - Will Search your Windows Drive for Hosts Files, useful if Hosts is in wrong location or installed to Alternate location by Trojan.
O1 - Hosts: Delete - Does exactly that, Delete and Hosts File Selected in the Listbox.
O1 - Hosts: _________________________________________________________________
O1 - Hosts: By Option^Explicit, [email protected]
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8149F022-6ACC-4942-B87F-1DF3982746E2} - C:\WINDOWS\system32\lwlp.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [ZeroSpyware Limited Edition] "C:\Program Files\FBM Software\ZeroSpyware Limited Edition\ZSLoader.exe" -STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Aaou] C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
O4 - HKCU\..\Run: [Iou] C:\WINDOWS\system32\?srss.exe
O4 - HKCU\..\Run: [ZSLEScheduler] RunDll32.exe "C:\Program Files\FBM Software\ZeroSpyware Limited Edition\ZSScheduler.dll", runScheduler C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13....es/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...aploader_v6.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalci...illama/ampx.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ZeroSpyware FileDeleter (FileDeleter) - FBM Software - C:\Program Files\FBM Software\ZeroSpyware Limited Edition\FileDeleter.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Scan saved at 9:14:14 PM, on 5/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\FBM Software\ZeroSpyware Limited Edition\FileDeleter.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
C:\WINDOWS\system32\?srss.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Nijhuis Family\Local Settings\Temporary Internet Files\Content.IE5\FGHI1K34\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Nijhuis Family\Application Data\Mozilla\Profiles\default\3g2b6bw7.slt\prefs.js)
O1 - Hosts: Usage Information:
O1 - Hosts: Save Changes - Save any changes you make to hosts file
O1 - Hosts: Reset Default - Will Replace any existing Hosts with a Windows Default one, original file doesn't have to exist
O1 - Hosts: Save Log - Will Save the Hosts as a Text file, Good for Posting
O1 - Hosts: _________________________________________________________________
O1 - Hosts: Enable and Disable - Will Swap Hosts Files On the Fly for those that want to use Hosts, and Temporarily Disable it.
O1 - Hosts: _________________________________________________________________
O1 - Hosts: Scan for Hosts - Will Search your Windows Drive for Hosts Files, useful if Hosts is in wrong location or installed to Alternate location by Trojan.
O1 - Hosts: Delete - Does exactly that, Delete and Hosts File Selected in the Listbox.
O1 - Hosts: _________________________________________________________________
O1 - Hosts: By Option^Explicit, [email protected]
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8149F022-6ACC-4942-B87F-1DF3982746E2} - C:\WINDOWS\system32\lwlp.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [ZeroSpyware Limited Edition] "C:\Program Files\FBM Software\ZeroSpyware Limited Edition\ZSLoader.exe" -STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Aaou] C:\Documents and Settings\Nijhuis Family\Application Data\othb.exe
O4 - HKCU\..\Run: [Iou] C:\WINDOWS\system32\?srss.exe
O4 - HKCU\..\Run: [ZSLEScheduler] RunDll32.exe "C:\Program Files\FBM Software\ZeroSpyware Limited Edition\ZSScheduler.dll", runScheduler C:\Program Files\FBM Software\ZeroSpyware Limited Edition\
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13....es/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...aploader_v6.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalci...illama/ampx.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ZeroSpyware FileDeleter (FileDeleter) - FBM Software - C:\Program Files\FBM Software\ZeroSpyware Limited Edition\FileDeleter.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
