Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Another AdAware Log[RESOLVED]


  • This topic is locked This topic is locked

#1
ShoalBear

ShoalBear

    Member

  • Member
  • PipPipPip
  • 212 posts
Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 15, 2005 10:51:18 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R45 13.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
AltnetBDE(TAC index:4):3 total references
Claria(TAC index:7):31 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 51
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663

5-15-2005 10:48:12 AM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R45 13.05.2005
Internal build : 53
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 473168 Bytes
Total size : 1430575 Bytes
Signature data size : 1399518 Bytes
Reference data size : 30545 Bytes
Signatures total : 39932
Fingerprints total : 881
Fingerprints size : 30173 Bytes
Target categories : 15
Target families : 672


5-15-2005 10:48:28 AM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:48 %
Total physical memory:1047272 kb
Available physical memory:493136 kb
Total page file size:2499240 kb
Available on page file:2140620 kb
Total virtual memory:2097024 kb
Available virtual memory:2030212 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-15-2005 10:51:18 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 468
ThreadCreationTime : 5-15-2005 3:18:30 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 516
ThreadCreationTime : 5-15-2005 3:18:32 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 540
ThreadCreationTime : 5-15-2005 3:18:33 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 584
ThreadCreationTime : 5-15-2005 3:18:34 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 596
ThreadCreationTime : 5-15-2005 3:18:34 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 764
ThreadCreationTime : 5-15-2005 3:18:35 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 808
ThreadCreationTime : 5-15-2005 3:18:35 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 876
ThreadCreationTime : 5-15-2005 3:18:35 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 932
ThreadCreationTime : 5-15-2005 3:18:35 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1020
ThreadCreationTime : 5-15-2005 3:18:36 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1172
ThreadCreationTime : 5-15-2005 3:18:36 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [agentsrv.exe]
ModuleName : C:\Program Files\Connected\AgentSrv.EXE
Command Line : "C:\Program Files\Connected\AgentSrv.EXE" -asv
ProcessID : 1324
ThreadCreationTime : 5-15-2005 3:18:44 PM
BasePriority : Idle
FileVersion : 7.1.5.1086
ProductVersion : 7.1.5
ProductName : Connected DataProtector
CompanyName : Connected Corporation
FileDescription : Agent Service Module
InternalName : AgentSrv
LegalCopyright : © 1996-2004 by Connected Corporation
OriginalFilename : AgentSrv.exe

#:13 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
ProcessID : 1352
ThreadCreationTime : 5-15-2005 3:18:44 PM
BasePriority : Normal


#:14 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1376
ThreadCreationTime : 5-15-2005 3:18:44 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:15 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1436
ThreadCreationTime : 5-15-2005 3:18:44 PM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:16 [upssrv.exe]
ModuleName : C:\PowerPanel\upssrv.exe
Command Line : C:\PowerPanel\upssrv.exe
ProcessID : 1468
ThreadCreationTime : 5-15-2005 3:18:44 PM
BasePriority : Normal
FileVersion : 2, 1, 4, 0
ProductVersion : 2, 1, 4, 0
ProductName : Power Panel ( Plus )
CompanyName : Cyber Power System Inc.
FileDescription : UPS Service
InternalName : upssrv.exe
LegalCopyright : Copyright © 2002 Cyber Power System Inc.
LegalTrademarks : CyberPower
OriginalFilename : upssrv.exe

#:17 [inetinfo.exe]
ModuleName : C:\WINDOWS\system32\inetsrv\inetinfo.exe
Command Line : C:\WINDOWS\system32\inetsrv\inetinfo.exe
ProcessID : 1504
ThreadCreationTime : 5-15-2005 3:18:45 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Internet Information Services
CompanyName : Microsoft Corporation
FileDescription : Internet Information Services
InternalName : INETINFO.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : INETINFO.EXE

#:18 [upsio.exe]
ModuleName : C:\PowerPanel\upsio.exe
Command Line : 1 0
ProcessID : 1512
ThreadCreationTime : 5-15-2005 3:18:45 PM
BasePriority : Realtime
FileVersion : 2, 1, 4, 0
ProductVersion : 2, 1, 4, 0
ProductName : PowerPanel (Plus)
CompanyName : Cyber Power System Inc.
FileDescription : upsio
InternalName : upsio.exe
LegalCopyright : Copyright © 2002 Cyber Power System Inc.
LegalTrademarks : CyberPower
OriginalFilename : upsio.exe

#:19 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Command Line : "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
ProcessID : 1584
ThreadCreationTime : 5-15-2005 3:18:45 PM
BasePriority : Normal
FileVersion : 7.10.3077
ProductVersion : 7.10.3077
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright© Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:20 [smagent.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe"
ProcessID : 1664
ThreadCreationTime : 5-15-2005 3:18:45 PM
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe

#:21 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1780
ThreadCreationTime : 5-15-2005 3:18:48 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:22 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1836
ThreadCreationTime : 5-15-2005 3:18:48 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:23 [vsmon.exe]
ModuleName : C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Command Line : n/a
ProcessID : 1888
ThreadCreationTime : 5-15-2005 3:18:49 PM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:24 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 1804
ThreadCreationTime : 5-15-2005 3:18:53 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:25 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 2672
ThreadCreationTime : 5-15-2005 3:21:43 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:26 [smax4pnp.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"
ProcessID : 2824
ThreadCreationTime : 5-15-2005 3:21:45 PM
BasePriority : Normal
FileVersion : 4, 0, 4, 11
ProductVersion : 4, 0, 4, 11
ProductName : SMax4PNP Application
CompanyName : Analog Devices, Inc.
FileDescription : SMax4PNP MFC Application
InternalName : SMax4PNP
LegalCopyright : Copyright © 2002-2003 Analog Devices
OriginalFilename : SMax4PNP.EXE

#:27 [smax4.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\smax4.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
ProcessID : 2852
ThreadCreationTime : 5-15-2005 3:21:46 PM
BasePriority : Normal
FileVersion : 4, 0, 4, 25
ProductVersion : 4, 0, 4, 25
ProductName : SoundMAX Control Panel
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX Control Center
InternalName : SMax4
LegalCopyright : Copyright © 2002-2003, Analog Devices
OriginalFilename : SMax4.EXE

#:28 [gwhotkey.exe]
ModuleName : C:\WINDOWS\GWHotKey.exe
Command Line : "C:\WINDOWS\GWHotKey.exe"
ProcessID : 2868
ThreadCreationTime : 5-15-2005 3:21:46 PM
BasePriority : Normal
FileVersion : 4.4.1
ProductVersion : 4.4.1
ProductName : Gateway Multi-function Keyboard Utility
CompanyName : Tartan Software www.BillP.com
FileDescription : Multi-function Keyboard Utility By Bill Pytlovany
LegalCopyright : Copyright © 1997-1998 Gateway 2000 Inc.
Comments : "You've got a friend in the business"

#:29 [ndetect.exe]
ModuleName : C:\Program Files\ICQ\NDetect.exe
Command Line : "C:\Program Files\ICQ\NDetect.exe"
ProcessID : 2904
ThreadCreationTime : 5-15-2005 3:21:46 PM
BasePriority : Normal


#:30 [hpztsb06.exe]
ModuleName : C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
Command Line : "C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe"
ProcessID : 2936
ThreadCreationTime : 5-15-2005 3:21:46 PM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002

#:31 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 2956
ThreadCreationTime : 5-15-2005 3:21:46 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:32 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 2968
ThreadCreationTime : 5-15-2005 3:21:47 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:33 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 2984
ThreadCreationTime : 5-15-2005 3:21:47 PM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:34 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 3000
ThreadCreationTime : 5-15-2005 3:21:47 PM
BasePriority : Normal
FileVersion : 1, 5, 0, 0
ProductVersion : 1, 5, 0, 0
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:35 [em_exec.exe]
ModuleName : C:\Program Files\Logitech\MouseWare\system\em_exec.exe
Command Line : "C:\Program Files\Logitech\MouseWare\system\em_exec.exe"
ProcessID : 3012
ThreadCreationTime : 5-15-2005 3:21:47 PM
BasePriority : Normal
FileVersion : 9.76.046
ProductVersion : 9.76.046
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Logitech Events Handler Application
InternalName : Em_Exec
LegalCopyright : © 1987-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : Em_Exec.exe
Comments : Created by the MouseWare team

#:36 [directcd.exe]
ModuleName : C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
Command Line : "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
ProcessID : 3024
ThreadCreationTime : 5-15-2005 3:21:47 PM
BasePriority : Normal
FileVersion : 5.3.2.34
ProductVersion : 5.3.2.34
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001,2002, Roxio, Inc.
OriginalFilename : Directcd.exe

#:37 [p2p networking.exe]
ModuleName : C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
Command Line : "C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" /AUTOSTART
ProcessID : 3036
ThreadCreationTime : 5-15-2005 3:21:48 PM
BasePriority : Normal
FileVersion : 1, 26, 0, 10
ProductVersion : 1, 26, 0, 10
ProductName : P2P Networking
CompanyName : Joltid Ltd.
FileDescription : P2P Networking
InternalName : P2P Networking
LegalCopyright : Copyright © 2001 - 2004 Joltid Ltd. All Rights Reserved.
LegalTrademarks : Joltid is a registered trademark of Joltid Ltd.
OriginalFilename : P2P Networking.exe

#:38 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 3044
ThreadCreationTime : 5-15-2005 3:21:48 PM
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:39 [zlclient.exe]
ModuleName : C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Command Line : n/a
ProcessID : 3076
ThreadCreationTime : 5-15-2005 3:21:49 PM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:40 [cookie.exe]
ModuleName : C:\Program Files\AnalogX\CookieWall\cookie.exe
Command Line : "C:\Program Files\AnalogX\CookieWall\cookie.exe"
ProcessID : 3084
ThreadCreationTime : 5-15-2005 3:21:49 PM
BasePriority : Normal


#:41 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 3120
ThreadCreationTime : 5-15-2005 3:21:49 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:42 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
ProcessID : 3168
ThreadCreationTime : 5-15-2005 3:21:50 PM
BasePriority : Normal
FileVersion : 6,0,0,1750
ProductVersion : 6,0,0,1750
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2004
OriginalFilename : YPager.exe

#:43 [msnmsgr.exe]
ModuleName : C:\Program Files\MSN Messenger\msnmsgr.exe
Command Line : "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
ProcessID : 3252
ThreadCreationTime : 5-15-2005 3:21:51 PM
BasePriority : Normal
FileVersion : 7.0.0777
ProductVersion : 7.0.0777
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:44 [aim.exe]
ModuleName : C:\Program Files\AIM95\aim.exe
Command Line : "C:\Program Files\AIM95\aim.exe" -cnetwait.odl
ProcessID : 3280
ThreadCreationTime : 5-15-2005 3:21:51 PM
BasePriority : Normal
FileVersion : 5.9.3690
ProductVersion : 5.9.3690
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE

#:45 [desktopweather.exe]
ModuleName : C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
Command Line : "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
ProcessID : 3292
ThreadCreationTime : 5-15-2005 3:21:51 PM
BasePriority : Normal
FileVersion : 4.0.0.1
ProductVersion : 4.0.0.1
ProductName : Desktop Weather 4
CompanyName : TWCi
FileDescription : DesktopWeather4
InternalName : DesktopWeather.exe
LegalCopyright : © The Weather Channel Interactive. All rights reserved.
OriginalFilename : DesktopWeather4.exe

#:46 [cbsystray.exe]
ModuleName : C:\Program Files\Connected\CBSysTray.exe
Command Line : "C:\Program Files\Connected\CBSysTray.exe"
ProcessID : 3404
ThreadCreationTime : 5-15-2005 3:21:53 PM
BasePriority : Normal
FileVersion : 7.1.5.1086
ProductVersion : 7.1.5
ProductName : Connected DataProtector
CompanyName : Connected Corporation
FileDescription : Connected DataProtector System Tray
InternalName : CBSysTray
LegalCopyright : © 1996-2004 by Connected Corporation
OriginalFilename : CBSysTray.exe

#:47 [dvzincmsgr.exe]
ModuleName : C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
Command Line : "C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe"
ProcessID : 3424
ThreadCreationTime : 5-15-2005 3:21:53 PM
BasePriority : Normal
FileVersion : 6,0,1,723
ProductVersion : 6,0,1,723
ProductName : Documents To Go
CompanyName : DataViz, Inc.
FileDescription : DataViz Update Checker
InternalName : Web Savvy Agent
LegalCopyright : Copyright © 1998-2004 by DataViz, Inc.
OriginalFilename : WebSavvyAgent.exe
Comments : This component checks for updates of DataViz products.

#:48 [hotsync.exe]
ModuleName : C:\Program Files\Palm\HOTSYNC.EXE
Command Line : "C:\Program Files\Palm\HOTSYNC.EXE"
ProcessID : 3500
ThreadCreationTime : 5-15-2005 3:21:54 PM
BasePriority : Normal
FileVersion : 4.0.4
ProductVersion : 4.1.0
ProductName : HotSync® Manager, Palm Desktop
CompanyName : Palm, Inc.
FileDescription : HotSync® Manager Application
InternalName : HotSync®
LegalCopyright : Copyright © 1995-2001 Palm, Inc.
LegalTrademarks : HotSync® is a registered trademark of Palm, Inc.
OriginalFilename : Hotsync.exe

#:49 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 3784
ThreadCreationTime : 5-15-2005 3:22:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:50 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 2608
ThreadCreationTime : 5-15-2005 3:48:00 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Claria Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : uets

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GEF

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMG

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : LastInstall

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : PAK

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SSeq

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SEvt

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\altnet

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\altnet
Value : SharedMediaDir

Claria Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\gator.com

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 12
Objects found so far: 12


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 12


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:kari-lyn [email protected]/
Expires : 5-9-2015 8:49:24 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:kari-lyn [email protected]/
Expires : 5-11-2006 6:32:36 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:kari-lyn [email protected]/
Expires : 5-14-2010 9:55:18 AM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:kari-lyn [email protected]/
Expires : 5-9-2015 6:19:48 PM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:kari-lyn [email protected]/
Expires : 5-7-2035 11:37:10 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:kari-lyn [email protected]/
Expires : 12-31-2029 7:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:kari-lyn [email protected]/
Expires : 9-8-2009 7:01:00 PM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:25
Value : Cookie:kari-lyn [email protected]/
Expires : 5-11-2006 6:26:08 PM
LastSync : Hits:25
UseCount : 0
Hits : 25

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:kari-lyn [email protected]/
Expires : 12-31-2009 7:00:00 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:kari-lyn [email protected]/
Expires : 12-30-2037 11:00:00 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:kari-lyn [email protected]/
Expires : 7-6-2006 1:51:40 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 23



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Claria Object Recognized!
Type : File
Data : CMEIIAPI.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : CMEIIAPI.DLL
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : CMEIIAPI.DLL


Claria Object Recognized!
Type : File
Data : CMESys.exe
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : CMESys.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : CMESys.exe


Claria Object Recognized!
Type : File
Data : GAppMgr.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GAppMgr.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GAppMgr.dll


Claria Object Recognized!
Type : File
Data : GController.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GController.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GController.dll


Claria Object Recognized!
Type : File
Data : GDwldEng.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GDlwdEng.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GDlwdEng.dll


Claria Object Recognized!
Type : File
Data : GIocl.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GIocl.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GIocl.dll


Claria Object Recognized!
Type : File
Data : GIoclClient.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GIoclClient.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GIoclClient.dll


Claria Object Recognized!
Type : File
Data : GMTProxy.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GMTProxy.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GMTProxy.dll


Claria Object Recognized!
Type : File
Data : GObjs.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GObjs.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GObjs.dll


Claria Object Recognized!
Type : File
Data : GStore.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GStore.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GStore.dll


Claria Object Recognized!
Type : File
Data : GStoreServer.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GStoreServer.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GStoreServer.dll


Claria Object Recognized!
Type : File
Data : Gtools.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\CMEII\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GTools.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GTools.dll


Claria Object Recognized!
Type : File
Data : EGGCEngine.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\GMT\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGGCEngine Dynamic Link Library
InternalName : EGGCEngine dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGGCEngine dll


Claria Object Recognized!
Type : File
Data : egIEEngine.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\GMT\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : egIEClient Dynamic Link Library
InternalName : egIEClient.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : egIEClient.dll


Claria Object Recognized!
Type : File
Data : EGIEProcess.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\GMT\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGIEProcess Dynamic Link Library
InternalName : EGIEProcess dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGIEProcess dll


Claria Object Recognized!
Type : File
Data : EGNSEngine.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\GMT\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGNSEngine Dynamic Link Library
InternalName : EGNSEngine dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGNSEngine dll


Claria Object Recognized!
Type : File
Data : GatorRes.dll
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\GMT\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : GatorRes Dynamic Link Library
InternalName : GatorRes DLL
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GatorRes DLL


Claria Object Recognized!
Type : File
Data : GatorStubSetup.exe
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\GMT\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : Gator Client Application
InternalName : Gator.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : Gator.exe


Claria Object Recognized!
Type : File
Data : GUninstaller.exe
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\GMT\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : GAIN Uninstaller applet
InternalName : GUninstaller.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GUninstaller.exe


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 42


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 42




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Claria Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Documents and Settings\All Users\Start Menu\Programs\Startup\..\GAIN Publishing

Claria Object Recognized!
Type : File
Data : GatorPdpSetup.log
Category : Data Miner
Comment :
Object : C:\WINDOWS\



AltnetBDE Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\Altnet

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 45

11:05:20 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:14:01.938
Objects scanned:219744
Objects identified:45
Objects ignored:0
New critical objects:45
  • 0

Advertisements


#2
Mannen

Mannen

    Ad-Aware Expert

  • Member
  • PipPipPip
  • 110 posts
Hi and welcome!


Try this and see if we can get them!

How to see hidden files and folder
http://www.bleepingc...showtutorial=62

Boot into safe mode
http://www.computerh...sues/chsafe.htm

Run a full system scan and delete everything found

Then delete these two folder in bold

C:\Program Files\Common Files\CMEII\
C:\Program Files\Altnet\

Reboot and run a new scan.
Post the log here

Cheers
Mannen
  • 0

#3
ShoalBear

ShoalBear

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

Hi and welcome!
Try this and see if we can get them!

How to see hidden files and folder
http://www.bleepingc...showtutorial=62

Boot into safe mode
http://www.computerh...sues/chsafe.htm

Run a full system scan and delete everything found

Then delete these two folder in bold

C:\Program Files\Common Files\CMEII\
C:\Program Files\Altnet\

Reboot and run a new scan.
Post the log here

Cheers
Mannen

View Post



Well, did most all of that....the C:\Program Files\Altnet\ did not exist. Here is my new log.


Ad-Aware SE Build 1.05
Logfile Created on:Monday, May 16, 2005 6:17:32 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R45 13.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria(TAC index:7):19 total references
TopMoxie(TAC index:3):1 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R45 13.05.2005
Internal build : 53
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 473168 Bytes
Total size : 1430575 Bytes
Signature data size : 1399518 Bytes
Reference data size : 30545 Bytes
Signatures total : 39932
Fingerprints total : 881
Fingerprints size : 30173 Bytes
Target categories : 15
Target families : 672


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:59 %
Total physical memory:1047272 kb
Available physical memory:610096 kb
Total page file size:2499240 kb
Available on page file:2188732 kb
Total virtual memory:2097024 kb
Available virtual memory:2045928 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-16-2005 6:17:32 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 464
ThreadCreationTime : 5-16-2005 11:15:15 AM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 512
ThreadCreationTime : 5-16-2005 11:15:17 AM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 536
ThreadCreationTime : 5-16-2005 11:15:17 AM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 580
ThreadCreationTime : 5-16-2005 11:15:18 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 592
ThreadCreationTime : 5-16-2005 11:15:18 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 776
ThreadCreationTime : 5-16-2005 11:15:19 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 820
ThreadCreationTime : 5-16-2005 11:15:19 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 888
ThreadCreationTime : 5-16-2005 11:15:20 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 948
ThreadCreationTime : 5-16-2005 11:15:20 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1036
ThreadCreationTime : 5-16-2005 11:15:20 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1192
ThreadCreationTime : 5-16-2005 11:15:21 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1412
ThreadCreationTime : 5-16-2005 11:15:27 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:13 [agentsrv.exe]
ModuleName : C:\Program Files\Connected\AgentSrv.EXE
Command Line : "C:\Program Files\Connected\AgentSrv.EXE" -asv
ProcessID : 1556
ThreadCreationTime : 5-16-2005 11:15:28 AM
BasePriority : Idle
FileVersion : 7.1.5.1086
ProductVersion : 7.1.5
ProductName : Connected DataProtector
CompanyName : Connected Corporation
FileDescription : Agent Service Module
InternalName : AgentSrv
LegalCopyright : © 1996-2004 by Connected Corporation
OriginalFilename : AgentSrv.exe

#:14 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
ProcessID : 1572
ThreadCreationTime : 5-16-2005 11:15:28 AM
BasePriority : Normal


#:15 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1604
ThreadCreationTime : 5-16-2005 11:15:29 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:16 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1664
ThreadCreationTime : 5-16-2005 11:15:29 AM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:17 [upssrv.exe]
ModuleName : C:\PowerPanel\upssrv.exe
Command Line : C:\PowerPanel\upssrv.exe
ProcessID : 1708
ThreadCreationTime : 5-16-2005 11:15:29 AM
BasePriority : Normal
FileVersion : 2, 1, 4, 0
ProductVersion : 2, 1, 4, 0
ProductName : Power Panel ( Plus )
CompanyName : Cyber Power System Inc.
FileDescription : UPS Service
InternalName : upssrv.exe
LegalCopyright : Copyright © 2002 Cyber Power System Inc.
LegalTrademarks : CyberPower
OriginalFilename : upssrv.exe

#:18 [inetinfo.exe]
ModuleName : C:\WINDOWS\system32\inetsrv\inetinfo.exe
Command Line : C:\WINDOWS\system32\inetsrv\inetinfo.exe
ProcessID : 1740
ThreadCreationTime : 5-16-2005 11:15:29 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Internet Information Services
CompanyName : Microsoft Corporation
FileDescription : Internet Information Services
InternalName : INETINFO.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : INETINFO.EXE

#:19 [upsio.exe]
ModuleName : C:\PowerPanel\upsio.exe
Command Line : 1 0
ProcessID : 1756
ThreadCreationTime : 5-16-2005 11:15:29 AM
BasePriority : Realtime
FileVersion : 2, 1, 4, 0
ProductVersion : 2, 1, 4, 0
ProductName : PowerPanel (Plus)
CompanyName : Cyber Power System Inc.
FileDescription : upsio
InternalName : upsio.exe
LegalCopyright : Copyright © 2002 Cyber Power System Inc.
LegalTrademarks : CyberPower
OriginalFilename : upsio.exe

#:20 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Command Line : "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
ProcessID : 1772
ThreadCreationTime : 5-16-2005 11:15:29 AM
BasePriority : Normal
FileVersion : 7.10.3077
ProductVersion : 7.10.3077
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright© Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:21 [smagent.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe"
ProcessID : 1904
ThreadCreationTime : 5-16-2005 11:15:30 AM
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe

#:22 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1932
ThreadCreationTime : 5-16-2005 11:15:30 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:23 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 172
ThreadCreationTime : 5-16-2005 11:15:33 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:24 [vsmon.exe]
ModuleName : C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Command Line : n/a
ProcessID : 328
ThreadCreationTime : 5-16-2005 11:15:33 AM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:25 [upromise0.exe]
ModuleName : C:\Program Files\Upromise_RemindU\Upromise0.exe
Command Line : "C:\Program Files\Upromise_RemindU\Upromise0.exe"
ProcessID : 392
ThreadCreationTime : 5-16-2005 11:15:34 AM
BasePriority : Normal


TopMoxie Object Recognized!
Type : Process
Data : Upromise0.exe
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\Program Files\Upromise_RemindU\


Warning! TopMoxie Object found in memory(C:\Program Files\Upromise_RemindU\Upromise0.exe)

"C:\Program Files\Upromise_RemindU\Upromise0.exe"Process terminated successfully
"C:\Program Files\Upromise_RemindU\Upromise0.exe"Process terminated successfully

#:26 [smax4pnp.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"
ProcessID : 400
ThreadCreationTime : 5-16-2005 11:15:34 AM
BasePriority : Normal
FileVersion : 4, 0, 4, 11
ProductVersion : 4, 0, 4, 11
ProductName : SMax4PNP Application
CompanyName : Analog Devices, Inc.
FileDescription : SMax4PNP MFC Application
InternalName : SMax4PNP
LegalCopyright : Copyright © 2002-2003 Analog Devices
OriginalFilename : SMax4PNP.EXE

#:27 [smax4.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\smax4.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
ProcessID : 412
ThreadCreationTime : 5-16-2005 11:15:35 AM
BasePriority : Normal
FileVersion : 4, 0, 4, 25
ProductVersion : 4, 0, 4, 25
ProductName : SoundMAX Control Panel
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX Control Center
InternalName : SMax4
LegalCopyright : Copyright © 2002-2003, Analog Devices
OriginalFilename : SMax4.EXE

#:28 [gwhotkey.exe]
ModuleName : C:\WINDOWS\GWHotKey.exe
Command Line : "C:\WINDOWS\GWHotKey.exe"
ProcessID : 112
ThreadCreationTime : 5-16-2005 11:15:35 AM
BasePriority : Normal
FileVersion : 4.4.1
ProductVersion : 4.4.1
ProductName : Gateway Multi-function Keyboard Utility
CompanyName : Tartan Software www.BillP.com
FileDescription : Multi-function Keyboard Utility By Bill Pytlovany
LegalCopyright : Copyright © 1997-1998 Gateway 2000 Inc.
Comments : "You've got a friend in the business"

#:29 [ndetect.exe]
ModuleName : C:\Program Files\ICQ\NDetect.exe
Command Line : "C:\Program Files\ICQ\NDetect.exe"
ProcessID : 488
ThreadCreationTime : 5-16-2005 11:15:35 AM
BasePriority : Normal


#:30 [hpztsb06.exe]
ModuleName : C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
Command Line : "C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe"
ProcessID : 728
ThreadCreationTime : 5-16-2005 11:15:35 AM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002

#:31 [em_exec.exe]
ModuleName : C:\Program Files\Logitech\MouseWare\system\em_exec.exe
Command Line : "C:\Program Files\Logitech\MouseWare\system\em_exec.exe"
ProcessID : 784
ThreadCreationTime : 5-16-2005 11:15:36 AM
BasePriority : Normal
FileVersion : 9.76.046
ProductVersion : 9.76.046
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Logitech Events Handler Application
InternalName : Em_Exec
LegalCopyright : © 1987-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : Em_Exec.exe
Comments : Created by the MouseWare team

#:32 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 596
ThreadCreationTime : 5-16-2005 11:15:36 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:33 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 956
ThreadCreationTime : 5-16-2005 11:15:36 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:34 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 1048
ThreadCreationTime : 5-16-2005 11:15:37 AM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:35 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 1184
ThreadCreationTime : 5-16-2005 11:15:38 AM
BasePriority : Normal
FileVersion : 1, 5, 0, 0
ProductVersion : 1, 5, 0, 0
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:36 [directcd.exe]
ModuleName : C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
Command Line : "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
ProcessID : 1272
ThreadCreationTime : 5-16-2005 11:15:39 AM
BasePriority : Normal
FileVersion : 5.3.2.34
ProductVersion : 5.3.2.34
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001,2002, Roxio, Inc.
OriginalFilename : Directcd.exe

#:37 [p2p networking.exe]
ModuleName : C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
Command Line : "C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" /AUTOSTART
ProcessID : 1212
ThreadCreationTime : 5-16-2005 11:15:39 AM
BasePriority : Normal
FileVersion : 1, 26, 0, 10
ProductVersion : 1, 26, 0, 10
ProductName : P2P Networking
CompanyName : Joltid Ltd.
FileDescription : P2P Networking
InternalName : P2P Networking
LegalCopyright : Copyright © 2001 - 2004 Joltid Ltd. All Rights Reserved.
LegalTrademarks : Joltid is a registered trademark of Joltid Ltd.
OriginalFilename : P2P Networking.exe

#:38 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 1344
ThreadCreationTime : 5-16-2005 11:15:40 AM
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:39 [zlclient.exe]
ModuleName : C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Command Line : n/a
ProcessID : 1436
ThreadCreationTime : 5-16-2005 11:15:41 AM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:40 [cookie.exe]
ModuleName : C:\Program Files\AnalogX\CookieWall\cookie.exe
Command Line : "C:\Program Files\AnalogX\CookieWall\cookie.exe"
ProcessID : 1336
ThreadCreationTime : 5-16-2005 11:15:41 AM
BasePriority : Normal


#:41 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 1364
ThreadCreationTime : 5-16-2005 11:15:41 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:42 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
ProcessID : 1812
ThreadCreationTime : 5-16-2005 11:15:42 AM
BasePriority : Normal
FileVersion : 6,0,0,1750
ProductVersion : 6,0,0,1750
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2004
OriginalFilename : YPager.exe

#:43 [msnmsgr.exe]
ModuleName : C:\Program Files\MSN Messenger\msnmsgr.exe
Command Line : "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
ProcessID : 1476
ThreadCreationTime : 5-16-2005 11:15:42 AM
BasePriority : Normal
FileVersion : 7.0.0777
ProductVersion : 7.0.0777
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:44 [aim.exe]
ModuleName : C:\Program Files\AIM95\aim.exe
Command Line : "C:\Program Files\AIM95\aim.exe" -cnetwait.odl
ProcessID : 2072
ThreadCreationTime : 5-16-2005 11:15:42 AM
BasePriority : Normal
FileVersion : 5.9.3690
ProductVersion : 5.9.3690
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE

#:45 [reader_sl.exe]
ModuleName : C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Command Line : "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe"
ProcessID : 2224
ThreadCreationTime : 5-16-2005 11:15:44 AM
BasePriority : Normal
FileVersion : 7.0.0.0
ProductVersion : 7.0.0.0
ProductName : Adobe Acrobat
CompanyName : Adobe Systems Incorporated
FileDescription : Adobe Acrobat SpeedLauncher
LegalCopyright : Copyright Adobe Systems Incorporated 2004
OriginalFilename : AcroSpeedLaunch.exe

#:46 [cbsystray.exe]
ModuleName : C:\Program Files\Connected\CBSysTray.exe
Command Line : "C:\Program Files\Connected\CBSysTray.exe"
ProcessID : 2288
ThreadCreationTime : 5-16-2005 11:15:44 AM
BasePriority : Normal
FileVersion : 7.1.5.1086
ProductVersion : 7.1.5
ProductName : Connected DataProtector
CompanyName : Connected Corporation
FileDescription : Connected DataProtector System Tray
InternalName : CBSysTray
LegalCopyright : © 1996-2004 by Connected Corporation
OriginalFilename : CBSysTray.exe

#:47 [dvzincmsgr.exe]
ModuleName : C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
Command Line : "C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe"
ProcessID : 2348
ThreadCreationTime : 5-16-2005 11:15:45 AM
BasePriority : Normal
FileVersion : 6,0,1,723
ProductVersion : 6,0,1,723
ProductName : Documents To Go
CompanyName : DataViz, Inc.
FileDescription : DataViz Update Checker
InternalName : Web Savvy Agent
LegalCopyright : Copyright © 1998-2004 by DataViz, Inc.
OriginalFilename : WebSavvyAgent.exe
Comments : This component checks for updates of DataViz products.

#:48 [hotsync.exe]
ModuleName : C:\Program Files\Palm\HOTSYNC.EXE
Command Line : "C:\Program Files\Palm\HOTSYNC.EXE"
ProcessID : 2400
ThreadCreationTime : 5-16-2005 11:15:45 AM
BasePriority : Normal
FileVersion : 4.0.4
ProductVersion : 4.1.0
ProductName : HotSync® Manager, Palm Desktop
CompanyName : Palm, Inc.
FileDescription : HotSync® Manager Application
InternalName : HotSync®
LegalCopyright : Copyright © 1995-2001 Palm, Inc.
LegalTrademarks : HotSync® is a registered trademark of Palm, Inc.
OriginalFilename : Hotsync.exe

#:49 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 2804
ThreadCreationTime : 5-16-2005 11:15:50 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:50 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 3424
ThreadCreationTime : 5-16-2005 11:16:13 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:51 [wuauclt.exe]
ModuleName : C:\WINDOWS\system32\wuauclt.exe
Command Line : "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[378]SUSDS1c67d3240d04bb40aac71f7abb19d12e
ProcessID : 3988
ThreadCreationTime : 5-16-2005 11:16:28 AM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:52 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1292
ThreadCreationTime : 5-16-2005 11:17:11 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:kari-lyn [email protected]/
Expires : 5-9-2015 8:49:24 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:kari-lyn [email protected]/
Expires : 5-11-2006 6:32:36 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:kari-lyn [email protected]/
Expires : 5-14-2010 3:03:50 PM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:kari-lyn [email protected]/
Expires : 5-9-2015 6:19:48 PM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:kari-lyn [email protected]/
Expires : 5-7-2035 11:37:10 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:kari-lyn [email protected]/
Expires : 12-31-2029 7:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:kari-lyn [email protected]/
Expires : 9-8-2009 7:01:00 PM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:25
Value : Cookie:kari-lyn [email protected]/
Expires : 5-11-2006 6:26:08 PM
LastSync : Hits:25
UseCount : 0
Hits : 25

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:kari-lyn [email protected]/
Expires : 12-31-2009 7:00:00 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:kari-lyn [email protected]/
Expires : 12-30-2037 11:00:00 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:kari-lyn [email protected]/
Expires : 7-6-2006 1:51:40 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 12



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Claria Object Recognized!
Type : File
Data : A0000590.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : CMEIIAPI.DLL
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : CMEIIAPI.DLL


Claria Object Recognized!
Type : File
Data : A0000591.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : CMESys.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : CMESys.exe


Claria Object Recognized!
Type : File
Data : A0000592.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GAppMgr.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GAppMgr.dll


Claria Object Recognized!
Type : File
Data : A0000593.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GController.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GController.dll


Claria Object Recognized!
Type : File
Data : A0000594.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GDlwdEng.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GDlwdEng.dll


Claria Object Recognized!
Type : File
Data : A0000595.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GIocl.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GIocl.dll


Claria Object Recognized!
Type : File
Data : A0000596.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GIoclClient.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GIoclClient.dll


Claria Object Recognized!
Type : File
Data : A0000597.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GMTProxy.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GMTProxy.dll


Claria Object Recognized!
Type : File
Data : A0000598.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GObjs.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GObjs.dll


Claria Object Recognized!
Type : File
Data : A0000599.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GStore.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GStore.dll


Claria Object Recognized!
Type : File
Data : A0000600.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GStoreServer.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GStoreServer.dll


Claria Object Recognized!
Type : File
Data : A0000601.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : GTools.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GTools.dll


Claria Object Recognized!
Type : File
Data : A0000602.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGGCEngine Dynamic Link Library
InternalName : EGGCEngine dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGGCEngine dll


Claria Object Recognized!
Type : File
Data : A0000603.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : egIEClient Dynamic Link Library
InternalName : egIEClient.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : egIEClient.dll


Claria Object Recognized!
Type : File
Data : A0000604.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGIEProcess Dynamic Link Library
InternalName : EGIEProcess dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGIEProcess dll


Claria Object Recognized!
Type : File
Data : A0000605.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGNSEngine Dynamic Link Library
InternalName : EGNSEngine dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGNSEngine dll


Claria Object Recognized!
Type : File
Data : A0000606.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : GatorRes Dynamic Link Library
InternalName : GatorRes DLL
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GatorRes DLL


Claria Object Recognized!
Type : File
Data : A0000607.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : Gator Client Application
InternalName : Gator.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : Gator.exe


Claria Object Recognized!
Type : File
Data : A0000608.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{4276FC52-9D56-4C0A-B1AB-DB7AAC1679AF}\RP10\
FileVersion : 6.0.5.3
ProductVersion : 6.0.5.3
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : GAIN Uninstaller applet
InternalName : GUninstaller.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GUninstaller.exe


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 31


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 31




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 31

6:32:16 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:14:44.703
Objects scanned:220015
Objects identified:31
Objects ignored:0
New critical objects:31
  • 0

#4
Mannen

Mannen

    Ad-Aware Expert

  • Member
  • PipPipPip
  • 110 posts
Greetings!


Your log is looking better but you have a new program running?

So disconnect from the internet and run Adaware. Delete everything found and then delete this folder

C:\Program Files\Upromise_RemindU\

The rest found is in your system restore folder. Read below how to restore that folder
http://service1.syma...src=sec_doc_nam

Reboot and run Adaware once more. post the new log here

Cheers
Mannen
  • 0

#5
ShoalBear

ShoalBear

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

Greetings!
Your log is looking better but you have a new program running?

So disconnect from the internet and run Adaware. Delete everything found and then delete this folder

C:\Program Files\Upromise_RemindU\

The rest found is in your system restore folder. Read below how to restore that folder
http://service1.syma...src=sec_doc_nam

Reboot and run Adaware once more. post the new log here

Cheers
Mannen

View Post


Erm...not to be difficult, but do I do that first step in Safe Mode, or normal mode?
  • 0

#6
Mannen

Mannen

    Ad-Aware Expert

  • Member
  • PipPipPip
  • 110 posts
Hi again!


You can do this in "normal" mode and if you cant delete the folder after using Adaware you can try in safe mode

Cheers
Mannen
  • 0

#7
ShoalBear

ShoalBear

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts
Ad-Aware SE Build 1.05
Logfile Created on:Tuesday, May 17, 2005 3:54:53 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R46 17.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R45 13.05.2005
Internal build : 53
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 473168 Bytes
Total size : 1430575 Bytes
Signature data size : 1399518 Bytes
Reference data size : 30545 Bytes
Signatures total : 39932
Fingerprints total : 881
Fingerprints size : 30173 Bytes
Target categories : 15
Target families : 672

5-17-2005 3:54:37 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R46 17.05.2005
Internal build : 54
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 474775 Bytes
Total size : 1435210 Bytes
Signature data size : 1404100 Bytes
Reference data size : 30598 Bytes
Signatures total : 40060
Fingerprints total : 883
Fingerprints size : 30250 Bytes
Target categories : 15
Target families : 674


5-17-2005 3:54:49 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:60 %
Total physical memory:1047272 kb
Available physical memory:619740 kb
Total page file size:2499304 kb
Available on page file:2201816 kb
Total virtual memory:2097024 kb
Available virtual memory:2045072 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-17-2005 3:54:53 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 464
ThreadCreationTime : 5-17-2005 8:50:38 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 512
ThreadCreationTime : 5-17-2005 8:50:40 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 536
ThreadCreationTime : 5-17-2005 8:50:40 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 580
ThreadCreationTime : 5-17-2005 8:50:41 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 592
ThreadCreationTime : 5-17-2005 8:50:41 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 756
ThreadCreationTime : 5-17-2005 8:50:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 800
ThreadCreationTime : 5-17-2005 8:50:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 840
ThreadCreationTime : 5-17-2005 8:50:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 892
ThreadCreationTime : 5-17-2005 8:50:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 944
ThreadCreationTime : 5-17-2005 8:50:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1096
ThreadCreationTime : 5-17-2005 8:50:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [agentsrv.exe]
ModuleName : C:\Program Files\Connected\AgentSrv.EXE
Command Line : "C:\Program Files\Connected\AgentSrv.EXE" -asv
ProcessID : 1224
ThreadCreationTime : 5-17-2005 8:50:44 PM
BasePriority : Idle
FileVersion : 7.1.5.1086
ProductVersion : 7.1.5
ProductName : Connected DataProtector
CompanyName : Connected Corporation
FileDescription : Agent Service Module
InternalName : AgentSrv
LegalCopyright : © 1996-2004 by Connected Corporation
OriginalFilename : AgentSrv.exe

#:13 [aolacsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
ProcessID : 1244
ThreadCreationTime : 5-17-2005 8:50:45 PM
BasePriority : Normal


#:14 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1272
ThreadCreationTime : 5-17-2005 8:50:45 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:15 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1332
ThreadCreationTime : 5-17-2005 8:50:45 PM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:16 [upssrv.exe]
ModuleName : C:\PowerPanel\upssrv.exe
Command Line : C:\PowerPanel\upssrv.exe
ProcessID : 1364
ThreadCreationTime : 5-17-2005 8:50:45 PM
BasePriority : Normal
FileVersion : 2, 1, 4, 0
ProductVersion : 2, 1, 4, 0
ProductName : Power Panel ( Plus )
CompanyName : Cyber Power System Inc.
FileDescription : UPS Service
InternalName : upssrv.exe
LegalCopyright : Copyright © 2002 Cyber Power System Inc.
LegalTrademarks : CyberPower
OriginalFilename : upssrv.exe

#:17 [upsio.exe]
ModuleName : C:\PowerPanel\upsio.exe
Command Line : 1 0
ProcessID : 1404
ThreadCreationTime : 5-17-2005 8:50:45 PM
BasePriority : Realtime
FileVersion : 2, 1, 4, 0
ProductVersion : 2, 1, 4, 0
ProductName : PowerPanel (Plus)
CompanyName : Cyber Power System Inc.
FileDescription : upsio
InternalName : upsio.exe
LegalCopyright : Copyright © 2002 Cyber Power System Inc.
LegalTrademarks : CyberPower
OriginalFilename : upsio.exe

#:18 [inetinfo.exe]
ModuleName : C:\WINDOWS\system32\inetsrv\inetinfo.exe
Command Line : C:\WINDOWS\system32\inetsrv\inetinfo.exe
ProcessID : 1412
ThreadCreationTime : 5-17-2005 8:50:45 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Internet Information Services
CompanyName : Microsoft Corporation
FileDescription : Internet Information Services
InternalName : INETINFO.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : INETINFO.EXE

#:19 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Command Line : "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
ProcessID : 1456
ThreadCreationTime : 5-17-2005 8:50:45 PM
BasePriority : Normal
FileVersion : 7.10.3077
ProductVersion : 7.10.3077
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright© Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:20 [smagent.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe"
ProcessID : 1528
ThreadCreationTime : 5-17-2005 8:50:46 PM
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe

#:21 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1608
ThreadCreationTime : 5-17-2005 8:50:46 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:22 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1636
ThreadCreationTime : 5-17-2005 8:50:46 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:23 [vsmon.exe]
ModuleName : C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Command Line : n/a
ProcessID : 1676
ThreadCreationTime : 5-17-2005 8:50:46 PM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:24 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 908
ThreadCreationTime : 5-17-2005 8:50:51 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:25 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 2284
ThreadCreationTime : 5-17-2005 8:50:56 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:26 [smax4pnp.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"
ProcessID : 2356
ThreadCreationTime : 5-17-2005 8:50:58 PM
BasePriority : Normal
FileVersion : 4, 0, 4, 11
ProductVersion : 4, 0, 4, 11
ProductName : SMax4PNP Application
CompanyName : Analog Devices, Inc.
FileDescription : SMax4PNP MFC Application
InternalName : SMax4PNP
LegalCopyright : Copyright © 2002-2003 Analog Devices
OriginalFilename : SMax4PNP.EXE

#:27 [smax4.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\smax4.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
ProcessID : 2368
ThreadCreationTime : 5-17-2005 8:50:58 PM
BasePriority : Normal
FileVersion : 4, 0, 4, 25
ProductVersion : 4, 0, 4, 25
ProductName : SoundMAX Control Panel
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX Control Center
InternalName : SMax4
LegalCopyright : Copyright © 2002-2003, Analog Devices
OriginalFilename : SMax4.EXE

#:28 [gwhotkey.exe]
ModuleName : C:\WINDOWS\GWHotKey.exe
Command Line : "C:\WINDOWS\GWHotKey.exe"
ProcessID : 2428
ThreadCreationTime : 5-17-2005 8:50:58 PM
BasePriority : Normal
FileVersion : 4.4.1
ProductVersion : 4.4.1
ProductName : Gateway Multi-function Keyboard Utility
CompanyName : Tartan Software www.BillP.com
FileDescription : Multi-function Keyboard Utility By Bill Pytlovany
LegalCopyright : Copyright © 1997-1998 Gateway 2000 Inc.
Comments : "You've got a friend in the business"

#:29 [ndetect.exe]
ModuleName : C:\Program Files\ICQ\NDetect.exe
Command Line : "C:\Program Files\ICQ\NDetect.exe"
ProcessID : 2452
ThreadCreationTime : 5-17-2005 8:50:58 PM
BasePriority : Normal


#:30 [hpztsb06.exe]
ModuleName : C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
Command Line : "C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe"
ProcessID : 2484
ThreadCreationTime : 5-17-2005 8:50:58 PM
BasePriority : Normal
FileVersion : 2,133,0,0
ProductVersion : 2,133,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002

#:31 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 2504
ThreadCreationTime : 5-17-2005 8:50:59 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:32 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 2516
ThreadCreationTime : 5-17-2005 8:50:59 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:33 [em_exec.exe]
ModuleName : C:\Program Files\Logitech\MouseWare\system\em_exec.exe
Command Line : "C:\Program Files\Logitech\MouseWare\system\em_exec.exe"
ProcessID : 2528
ThreadCreationTime : 5-17-2005 8:50:59 PM
BasePriority : Normal
FileVersion : 9.76.046
ProductVersion : 9.76.046
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Logitech Events Handler Application
InternalName : Em_Exec
LegalCopyright : © 1987-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : Em_Exec.exe
Comments : Created by the MouseWare team

#:34 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 2540
ThreadCreationTime : 5-17-2005 8:50:59 PM
BasePriority : Normal
FileVersion : 2.0.20.1.US.1
ProductVersion : 2.0.20.1.US.1
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:35 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 2548
ThreadCreationTime : 5-17-2005 8:50:59 PM
BasePriority : Normal
FileVersion : 1, 5, 0, 0
ProductVersion : 1, 5, 0, 0
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe

#:36 [directcd.exe]
ModuleName : C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
Command Line : "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
ProcessID : 2556
ThreadCreationTime : 5-17-2005 8:50:59 PM
BasePriority : Normal
FileVersion : 5.3.2.34
ProductVersion : 5.3.2.34
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001,2002, Roxio, Inc.
OriginalFilename : Directcd.exe

#:37 [p2p networking.exe]
ModuleName : C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
Command Line : "C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" /AUTOSTART
ProcessID : 2564
ThreadCreationTime : 5-17-2005 8:50:59 PM
BasePriority : Normal
FileVersion : 1, 26, 0, 10
ProductVersion : 1, 26, 0, 10
ProductName : P2P Networking
CompanyName : Joltid Ltd.
FileDescription : P2P Networking
InternalName : P2P Networking
LegalCopyright : Copyright © 2001 - 2004 Joltid Ltd. All Rights Reserved.
LegalTrademarks : Joltid is a registered trademark of Joltid Ltd.
OriginalFilename : P2P Networking.exe

#:38 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 2576
ThreadCreationTime : 5-17-2005 8:50:59 PM
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:39 [zlclient.exe]
ModuleName : C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Command Line : n/a
ProcessID : 2612
ThreadCreationTime : 5-17-2005 8:51:00 PM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:40 [cookie.exe]
ModuleName : C:\Program Files\AnalogX\CookieWall\cookie.exe
Command Line : "C:\Program Files\AnalogX\CookieWall\cookie.exe"
ProcessID : 2620
ThreadCreationTime : 5-17-2005 8:51:00 PM
BasePriority : Normal


#:41 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 2640
ThreadCreationTime : 5-17-2005 8:51:00 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:42 [ypager.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ypager.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
ProcessID : 2652
ThreadCreationTime : 5-17-2005 8:51:00 PM
BasePriority : Normal
FileVersion : 6,0,0,1750
ProductVersion : 6,0,0,1750
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2004
OriginalFilename : YPager.exe

#:43 [msnmsgr.exe]
ModuleName : C:\Program Files\MSN Messenger\msnmsgr.exe
Command Line : "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
ProcessID : 2668
ThreadCreationTime : 5-17-2005 8:51:00 PM
BasePriority : Normal
FileVersion : 7.0.0777
ProductVersion : 7.0.0777
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:44 [aim.exe]
ModuleName : C:\Program Files\AIM95\aim.exe
Command Line : "C:\Program Files\AIM95\aim.exe" -cnetwait.odl
ProcessID : 2688
ThreadCreationTime : 5-17-2005 8:51:00 PM
BasePriority : Normal
FileVersion : 5.9.3690
ProductVersion : 5.9.3690
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE

#:45 [reader_sl.exe]
ModuleName : C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Command Line : "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe"
ProcessID : 2724
ThreadCreationTime : 5-17-2005 8:51:01 PM
BasePriority : Normal
FileVersion : 7.0.0.0
ProductVersion : 7.0.0.0
ProductName : Adobe Acrobat
CompanyName : Adobe Systems Incorporated
FileDescription : Adobe Acrobat SpeedLauncher
LegalCopyright : Copyright Adobe Systems Incorporated 2004
OriginalFilename : AcroSpeedLaunch.exe

#:46 [cbsystray.exe]
ModuleName : C:\Program Files\Connected\CBSysTray.exe
Command Line : "C:\Program Files\Connected\CBSysTray.exe"
ProcessID : 2796
ThreadCreationTime : 5-17-2005 8:51:01 PM
BasePriority : Normal
FileVersion : 7.1.5.1086
ProductVersion : 7.1.5
ProductName : Connected DataProtector
CompanyName : Connected Corporation
FileDescription : Connected DataProtector System Tray
InternalName : CBSysTray
LegalCopyright : © 1996-2004 by Connected Corporation
OriginalFilename : CBSysTray.exe

#:47 [dvzincmsgr.exe]
ModuleName : C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
Command Line : "C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe"
ProcessID : 2816
ThreadCreationTime : 5-17-2005 8:51:02 PM
BasePriority : Normal
FileVersion : 6,0,1,723
ProductVersion : 6,0,1,723
ProductName : Documents To Go
CompanyName : DataViz, Inc.
FileDescription : DataViz Update Checker
InternalName : Web Savvy Agent
LegalCopyright : Copyright © 1998-2004 by DataViz, Inc.
OriginalFilename : WebSavvyAgent.exe
Comments : This component checks for updates of DataViz products.

#:48 [hotsync.exe]
ModuleName : C:\Program Files\Palm\HOTSYNC.EXE
Command Line : "C:\Program Files\Palm\HOTSYNC.EXE"
ProcessID : 2948
ThreadCreationTime : 5-17-2005 8:51:03 PM
BasePriority : Normal
FileVersion : 4.0.4
ProductVersion : 4.1.0
ProductName : HotSync® Manager, Palm Desktop
CompanyName : Palm, Inc.
FileDescription : HotSync® Manager Application
InternalName : HotSync®
LegalCopyright : Copyright © 1995-2001 Palm, Inc.
LegalTrademarks : HotSync® is a registered trademark of Palm, Inc.
OriginalFilename : Hotsync.exe

#:49 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 3196
ThreadCreationTime : 5-17-2005 8:51:13 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:50 [wuauclt.exe]
ModuleName : C:\WINDOWS\system32\wuauclt.exe
Command Line : "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[348]SUSDS15923e897a6cd3429c290b61af55b453
ProcessID : 3652
ThreadCreationTime : 5-17-2005 8:51:37 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:51 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3912
ThreadCreationTime : 5-17-2005 8:54:04 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : kari-lyn [email protected][2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:kari-lyn [email protected]/
Expires : 4-12-2006 3:24:04 AM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 1




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1

4:09:54 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:15:00.547
Objects scanned:218981
Objects identified:1
Objects ignored:0
New critical objects:1
  • 0

#8
Mannen

Mannen

    Ad-Aware Expert

  • Member
  • PipPipPip
  • 110 posts
Hi again!


This is one clean log!
Tracking cookies are no security threat and can always be removed

But to be on the safe side please update Adaware, but only post a new log if it finds anything new

I hope everything is running well now

Cheers
Mannen
  • 0

#9
ShoalBear

ShoalBear

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts
:tazz: I bow before you and give thanks!!!!! :) and :)

Have a few ;) ;) :) on me!
  • 0

#10
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
To keep your computer safe
-Make sure you have all critical updates installed.
-To make sure that you have got a firewall running when your connected to the internet and Anti-virus software which has the latest updates.

Two great sites to check for good advice and top rated software are http://members.acces...ntomPhixer.html and http://www.spywareai...p?file=toprated
  • 0

#11
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If your the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP