Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojan meanie[CLOSED]


  • This topic is locked This topic is locked

#1
DIDOMAN

DIDOMAN

    New Member

  • Member
  • Pip
  • 1 posts
i need help removing trojan-spy.html.smitfraud.c this is what adaware found








Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 51
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:46 %
Total physical memory:515568 kb
Available physical memory:232972 kb
Total page file size:1258884 kb
Available on page file:989892 kb
Total virtual memory:2097024 kb
Available virtual memory:2047360 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Move deleted files to Recycle Bin
Set : Safe mode (always request confirmation)
Set : Don't log streams smaller than 0 Bytes
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-9-2005 8:35:59 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 420
ThreadCreationTime : 5-10-2005 3:16:12 AM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 476
ThreadCreationTime : 5-10-2005 3:16:15 AM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 500
ThreadCreationTime : 5-10-2005 3:16:15 AM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 544
ThreadCreationTime : 5-10-2005 3:16:16 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 556
ThreadCreationTime : 5-10-2005 3:16:16 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 704
ThreadCreationTime : 5-10-2005 3:16:17 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 764
ThreadCreationTime : 5-10-2005 3:16:17 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 836
ThreadCreationTime : 5-10-2005 3:16:17 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 908
ThreadCreationTime : 5-10-2005 3:16:17 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 992
ThreadCreationTime : 5-10-2005 3:16:18 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1148
ThreadCreationTime : 5-10-2005 3:16:19 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [aolacsd.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"
ProcessID : 1464
ThreadCreationTime : 5-10-2005 3:16:27 AM
BasePriority : Normal
FileVersion : 3.0.0.1
ProductVersion : 3.0.0.1
ProductName : AOL Connectivity Service
CompanyName : America Online
FileDescription : AOL Connectivity Service
InternalName : AOLacsd
LegalCopyright : Copyright © 2004 America Online
OriginalFilename : AOLacsd.exe

#:13 [aoltsmon.exe]
ModuleName : C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
Command Line : "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"
ProcessID : 1476
ThreadCreationTime : 5-10-2005 3:16:27 AM
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
ProductName : AOL TopSpeed™ Monitor
CompanyName : America Online, Inc
FileDescription : AOL TopSpeed™ Monitor
InternalName : AOL TopSpeed™ Monitor
LegalCopyright : Copyright © 2004 America Online, Inc.
OriginalFilename : aoltsmon.exe

#:14 [ccsetmgr.exe]
ModuleName : c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
ProcessID : 1516
ThreadCreationTime : 5-10-2005 3:16:27 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:15 [aoltpspd.exe]
ModuleName : C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
Command Line : -p11526 -q"11527,11528,11529,11530,11531,11532,11533" -S256 -G"C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\vph.ph" -H1476
ProcessID : 1536
ThreadCreationTime : 5-10-2005 3:16:27 AM
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
ProductName : AOL TopSpeed™
CompanyName : America Online Inc
FileDescription : AOL TopSpeed™
InternalName : AOL TopSpeed™ Loader
LegalCopyright : Copyright © 2003-2004
LegalTrademarks : AOL TopSpeed™
OriginalFilename : aoltpspd.exe

#:16 [navapsvc.exe]
ModuleName : c:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : "c:\Program Files\Norton AntiVirus\navapsvc.exe"
ProcessID : 1560
ThreadCreationTime : 5-10-2005 3:16:27 AM
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:17 [wanmpsvc.exe]
ModuleName : C:\WINDOWS\wanmpsvc.exe
Command Line : "C:\WINDOWS\wanmpsvc.exe"
ProcessID : 1752
ThreadCreationTime : 5-10-2005 3:16:31 AM
BasePriority : Normal
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe

#:18 [ccevtmgr.exe]
ModuleName : c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1836
ThreadCreationTime : 5-10-2005 3:16:31 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:19 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 612
ThreadCreationTime : 5-10-2005 3:16:33 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:20 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 480
ThreadCreationTime : 5-10-2005 3:25:17 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:21 [wscntfy.exe]
ModuleName : C:\WINDOWS\system32\wscntfy.exe
Command Line : C:\WINDOWS\system32\wscntfy.exe
ProcessID : 812
ThreadCreationTime : 5-10-2005 3:25:17 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wscntfy.exe

#:22 [jusched.exe]
ModuleName : C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
Command Line : "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
ProcessID : 120
ThreadCreationTime : 5-10-2005 3:25:21 AM
BasePriority : Normal


#:23 [hpsysdrv.exe]
ModuleName : C:\windows\system\hpsysdrv.exe
Command Line : "c:\windows\system\hpsysdrv.exe"
ProcessID : 2044
ThreadCreationTime : 5-10-2005 3:25:22 AM
BasePriority : Normal
FileVersion : 1, 7, 0, 0
ProductVersion : 1, 7, 0, 0
ProductName : hpsysdrv
CompanyName : Hewlett-Packard Company
FileDescription : hpsysdrv
InternalName : hpsysdrv
LegalCopyright : Copyright © 1998
OriginalFilename : hpsysdrv.exe

#:24 [hkcmd.exe]
ModuleName : C:\WINDOWS\System32\hkcmd.exe
Command Line : "C:\WINDOWS\System32\hkcmd.exe"
ProcessID : 116
ThreadCreationTime : 5-10-2005 3:25:23 AM
BasePriority : Normal
FileVersion : 3.0.0.3889
ProductVersion : 7.0.0.3889
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2002, Intel Corporation
OriginalFilename : HKCMD.EXE

#:25 [hphmon05.exe]
ModuleName : C:\WINDOWS\System32\hphmon05.exe
Command Line : "C:\WINDOWS\System32\hphmon05.exe"
ProcessID : 724
ThreadCreationTime : 5-10-2005 3:25:26 AM
BasePriority : Normal
FileVersion : 5,1,7
ProductVersion : 5,1,7
ProductName : HP Photosmart
CompanyName : Hewlett-Packard
FileDescription : HPHmon05
InternalName : HPHmon05
LegalCopyright : Copyright © 2003
OriginalFilename : HPHmon05.exe

#:26 [kbd.exe]
ModuleName : C:\HP\KBD\KBD.EXE
Command Line : "C:\HP\KBD\KBD.EXE"
ProcessID : 640
ThreadCreationTime : 5-10-2005 3:25:26 AM
BasePriority : High


#:27 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 1372
ThreadCreationTime : 5-10-2005 3:25:29 AM
BasePriority : Normal
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
ProductName : RealOne Player (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:28 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ProcessID : 1636
ThreadCreationTime : 5-10-2005 3:25:32 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:29 [mmtask.exe]
ModuleName : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
Command Line : "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
ProcessID : 1232
ThreadCreationTime : 5-10-2005 3:25:36 AM
BasePriority : Normal
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : mmtask.exe
LegalCopyright : TODO: © <Company name>. All rights reserved.
OriginalFilename : mmtask.exe

#:30 [motivesb.exe]
ModuleName : C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
Command Line : "C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe"
ProcessID : 660
ThreadCreationTime : 5-10-2005 3:25:39 AM
BasePriority : Normal
FileVersion : 05.00.00.asst_classic.smartbridge.20020518_104000
ProductVersion : 05.00.00.asst_classic.smartbridge
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : Motive SmartBridge
InternalName : version
LegalCopyright : Copyright 1998, 1999, 2000
OriginalFilename : version

#:31 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 1736
ThreadCreationTime : 5-10-2005 3:25:42 AM
BasePriority : Normal
FileVersion : 3.0.0.1
ProductVersion : 3.0.0.1
ProductName : AOL Connectivity Service
CompanyName : America Online
FileDescription : AOL Connectivity Service Dialer
InternalName : AOLdial
LegalCopyright : Copyright © 2004 America Online
OriginalFilename : AOLdial.exe

#:32 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 1056
ThreadCreationTime : 5-10-2005 3:25:43 AM
BasePriority : Normal
FileVersion : 1, 5, 0, 0
ProductVersion : 1, 5, 0, 0
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:33 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 2072
ThreadCreationTime : 5-10-2005 3:25:44 AM
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:34 [aolhos~1.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\111411~1\EE\AOLHOS~1.EXE
Command Line : C:\PROGRA~1\COMMON~1\AOL\111411~1\EE\AOLHOS~1.EXE -Embedding
ProcessID : 2140
ThreadCreationTime : 5-10-2005 3:25:47 AM
BasePriority : Normal
FileVersion : 1.0.0.6
ProductVersion : 1.0.0.6
ProductName : AOL Service Libraries
CompanyName : America Online, Inc.
FileDescription : AOLHostManager Service
InternalName : AOLHostManager
LegalCopyright : © 2004 America Online, Inc.
OriginalFilename : AOLHostManager.exe

#:35 [aolservicehost.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\111411~1\EE\AOLServiceHost.exe
Command Line : C:\PROGRA~1\COMMON~1\AOL\111411~1\EE\AOLServiceHost.exe -h defaultGrp
ProcessID : 2216
ThreadCreationTime : 5-10-2005 3:25:49 AM
BasePriority : Normal
FileVersion : 1.0.0.6
ProductVersion : 1.0.0.6
ProductName : AOL Service Libraries
CompanyName : America Online, Inc.
FileDescription : AOLServiceHost Service
InternalName : AOLServiceHost
LegalCopyright : © 2004 America Online, Inc.
OriginalFilename : AOLServiceHost.exe

#:36 [mwsoemon.exe]
ModuleName : C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
Command Line : "C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe"
ProcessID : 2224
ThreadCreationTime : 5-10-2005 3:25:49 AM
BasePriority : Normal
FileVersion : 1,2,2,2
ProductVersion : 2,0,1,0
ProductName : My Web Search Bar for Internet Explorer, email clients, and messenger clients
CompanyName : MyWebSearch.com
FileDescription : My Web Search Email Plugin
InternalName : mwsoemon
LegalCopyright : Copyright © 2003-2004 MyWebSearch.com
OriginalFilename : mwsoemon.exe

#:37 [alcxmntr.exe]
ModuleName : C:\WINDOWS\ALCXMNTR.EXE
Command Line : "C:\WINDOWS\ALCXMNTR.EXE"
ProcessID : 2232
ThreadCreationTime : 5-10-2005 3:25:50 AM
BasePriority : Normal
FileVersion : 1.5
ProductVersion : 1.5
ProductName : Realtek Audio - Event Monitor
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Audio - Event Monitor
InternalName : Alcxmntr
LegalCopyright : Copyright © 2004 Realtek Semiconductor Corp.
OriginalFilename : Alcxmntr.exe

#:38 [igfxtray.exe]
ModuleName : C:\WINDOWS\System32\igfxtray.exe
Command Line : "C:\WINDOWS\System32\igfxtray.exe"
ProcessID : 2264
ThreadCreationTime : 5-10-2005 3:25:51 AM
BasePriority : Normal
FileVersion : 3.0.0.3889
ProductVersion : 7.0.0.3889
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxTray Module
InternalName : IGFXTRAY
LegalCopyright : Copyright 1999-2002, Intel Corporation
OriginalFilename : IGFXTRAY.EXE

#:39 [ares.exe]
ModuleName : C:\Program Files\Ares\Ares.exe
Command Line : "C:\Program Files\Ares\Ares.exe" -h
ProcessID : 2544
ThreadCreationTime : 5-10-2005 3:26:02 AM
BasePriority : Normal
FileVersion : 1.8.1.2962
ProductVersion : 1.8.1
ProductName : Ares for windows
CompanyName : Ares Development Group
FileDescription : Ares
InternalName : Ares
OriginalFilename : ARES.EXE
Comments : http://www.aresgalaxy.org

#:40 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 2560
ThreadCreationTime : 5-10-2005 3:26:02 AM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:41 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 2636
ThreadCreationTime : 5-10-2005 3:26:03 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:42 [accagnt.exe]
ModuleName : C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
Command Line : "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
ProcessID : 2652
ThreadCreationTime : 5-10-2005 3:26:04 AM
BasePriority : ?
FileVersion : 1, 1, 0, 98
ProductVersion : 1, 1, 0, 98
ProductName : AOL Computer Check-Up
CompanyName : America Online Inc.
FileDescription : AOL Computer Check-Up
InternalName : AUAgent
LegalCopyright : Copyright © 2000 - 2004 America Online Inc.
OriginalFilename : AUAgent.exe

#:43 [waol.exe]
ModuleName : C:\Program Files\America Online 9.0a\waol.exe
Command Line : "C:\Program Files\America Online 9.0a\waol.exe" -b
ProcessID : 2660
ThreadCreationTime : 5-10-2005 3:26:05 AM
BasePriority : Normal


#:44 [hpqtra08.exe]
ModuleName : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Command Line : "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"
ProcessID : 2860
ThreadCreationTime : 5-10-2005 3:26:11 AM
BasePriority : Normal
FileVersion : 5.35.0.035
ProductVersion : 005.035.000.035
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)

#:45 [backweb-137903.exe]
ModuleName : C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
Command Line : "C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe" -startup
ProcessID : 2884
ThreadCreationTime : 5-10-2005 3:26:13 AM
BasePriority : Normal


#:46 [spamsub.exe]
ModuleName : C:\Program Files\interMute\SpamSubtract\SpamSub.exe
Command Line : "C:\Program Files\interMute\SpamSubtract\SpamSub.exe" -q
ProcessID : 2972
ThreadCreationTime : 5-10-2005 3:26:25 AM
BasePriority : Normal
FileVersion : 1,0,0,76
ProductVersion : 1,0,0,76
ProductName : SpamSubtract from interMute
CompanyName : interMute, Inc.
FileDescription : SpamSubtract
InternalName : SpamSubtract
LegalCopyright : Copyright © 2002
OriginalFilename : SpamSubtract.EXE

#:47 [shellmon.exe]
ModuleName : C:\Program Files\America Online 9.0a\shellmon.exe
Command Line : "C:\Program Files\America Online 9.0a\shellmon.exe"
ProcessID : 3620
ThreadCreationTime : 5-10-2005 3:27:17 AM
BasePriority : Normal


#:48 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 4044
ThreadCreationTime : 5-10-2005 3:31:44 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@tribalfusion[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:owner@tribalfusion.com/
Expires : 12-31-2037 5:00:00 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:owner@bluestreak.com/
Expires : 5-7-2015 1:28:54 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@2o7[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:owner@2o7.net/
Expires : 5-8-2010 5:27:36 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@atdmt[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:owner@atdmt.com/
Expires : 5-8-2010 5:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 4



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 4


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 4


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 4




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 4

8:47:43 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:11:43.891
Objects scanned:148864
Objects identified:4
Objects ignored:0
New critical objects:4
  • 0

Advertisements


#2
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
We'll need you to use a free diagnostic tool, Hijack This. Follow the instructions in step five of this guide, and post your log here.

Most of what Hijack This lists will be harmless AND essential, DO NOT delete or modify anything yet!
  • 0

#3
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP