Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pop-ups[RESOLVED]

Started by APK , Jun 02 2005 12:38 PM

  • This topic is locked This topic is locked

#1
APK
Posted 02 June 2005 - 12:38 PM

APK

    New Member

  • Member
  • Pip
  • 7 posts
Everyday when I logon to my PC I get hit with a half dozen pop-up ads. I can close them out and may have one or two come back the rest of the day.

Using Ad-Aware does not get rid of them, they come back.

Here is my Ad-Aware log with the lastest definition.

Thanks for you help in advance.

Ad-Aware SE Build 1.05
Logfile Created on:Thursday, June 02, 2005 1:27:06 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R49 31.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R49 31.05.2005
Internal build : 57
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 481469 Bytes
Total size : 1455496 Bytes
Signature data size : 1423833 Bytes
Reference data size : 31151 Bytes
Signatures total : 40572
Fingerprints total : 902
Fingerprints size : 31096 Bytes
Target categories : 15
Target families : 692


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:38 %
Total physical memory:522464 kb
Available physical memory:198248 kb
Total page file size:886112 kb
Available on page file:572236 kb
Total virtual memory:2097024 kb
Available virtual memory:2048296 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Obtain command line of scanned processes
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Play sound at scan completion if scan locates critical objects


6-2-2005 1:27:06 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 448
ThreadCreationTime : 5-31-2005 1:17:14 PM
BasePriority : Normal


#:2 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : n/a
ProcessID : 528
ThreadCreationTime : 5-31-2005 1:17:16 PM
BasePriority : High


VX2 Object Recognized!
Type : Process
Data : j60s0gd7e60.dll
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\system32\


Warning! VX2 Object found in memory(C:\WINDOWS\system32\j60s0gd7e60.dll)


#:3 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : n/a
ProcessID : 572
ThreadCreationTime : 5-31-2005 1:17:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:4 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : n/a
ProcessID : 584
ThreadCreationTime : 5-31-2005 1:17:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:5 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : n/a
ProcessID : 752
ThreadCreationTime : 5-31-2005 1:17:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 800
ThreadCreationTime : 5-31-2005 1:17:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : n/a
ProcessID : 1080
ThreadCreationTime : 5-31-2005 1:17:19 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:8 [clisvcl.exe]
ModuleName : C:\WINDOWS\MS\SMS\CORE\BIN\CLISVCL.EXE
Command Line : C:\WINDOWS\MS\SMS\CORE\BIN\CLISVCL.EXE
ProcessID : 1228
ThreadCreationTime : 5-31-2005 1:17:19 PM
BasePriority : Normal
FileVersion : 2.00.1493.4000
ProductVersion : 2.00.1493.4000
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : SMS 2.0 Client - Client Service
InternalName : CLISVCL
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : CLISVCL.EXE

#:9 [frameworkservice.exe]
ModuleName : C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
Command Line : n/a
ProcessID : 1272
ThreadCreationTime : 5-31-2005 1:17:19 PM
BasePriority : Normal
FileVersion : 3.1.1.184
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2003 Networks Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe

#:10 [mcshield.exe]
ModuleName : C:\Program Files\Network Associates\VirusScan\mcshield.exe
Command Line : n/a
ProcessID : 1312
ThreadCreationTime : 5-31-2005 1:17:19 PM
BasePriority : High


#:11 [vstskmgr.exe]
ModuleName : C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
Command Line : n/a
ProcessID : 1364
ThreadCreationTime : 5-31-2005 1:17:20 PM
BasePriority : Normal


#:12 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Command Line : n/a
ProcessID : 1396
ThreadCreationTime : 5-31-2005 1:17:20 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:13 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 1484
ThreadCreationTime : 5-31-2005 1:17:20 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:14 [wuser32.exe]
ModuleName : C:\WINDOWS\TIREMOTE\wuser32.exe
Command Line : n/a
ProcessID : 1504
ThreadCreationTime : 5-31-2005 1:17:20 PM
BasePriority : Normal
FileVersion : 5.0.0.2
ProductVersion : 6.0
ProductName : Intuit Track-It! Remote
CompanyName : Intuit Track-It!
FileDescription : Remote Control Agent
InternalName : wuser32
LegalCopyright : Copyright © 2003
OriginalFilename : wuser32.exe

#:15 [wuser32.exe]
ModuleName : C:\WINDOWS\MS\SMS\CLICOMP\RemCtrl\Wuser32.exe
Command Line : n/a
ProcessID : 1600
ThreadCreationTime : 5-31-2005 1:17:21 PM
BasePriority : Normal
FileVersion : 2.00.1493.4007
ProductVersion : 2.00.1493.4007
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : Systems Management Server
InternalName : WUSER32
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : WUSER32.EXE

#:16 [smsapm32.exe]
ModuleName : C:\WINDOWS\MS\SMS\clicomp\apa\Bin\smsapm32.exe
Command Line : C:\WINDOWS\MS\SMS\clicomp\apa\Bin\smsapm32.exe
ProcessID : 3092
ThreadCreationTime : 6-2-2005 11:16:39 AM
BasePriority : Normal
FileVersion : 2.00.1493.4012
ProductVersion : 2.00.1493.4012
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : SMS 2.0 Client - Advertised Programs Manager (Win32)
InternalName : SMSAPM32
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : SMSAPM32.EXE

#:17 [ssonsvr.exe]
ModuleName : C:\Program Files\Citrix\PNAgent\ssonsvr.exe
Command Line : n/a
ProcessID : 2952
ThreadCreationTime : 6-2-2005 1:31:17 PM
BasePriority : Normal


#:18 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1112
ThreadCreationTime : 6-2-2005 1:31:19 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

VX2 Object Recognized!
Type : Process
Data : guard.tmp
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\system32\


Warning! VX2 Object found in memory(C:\WINDOWS\system32\guard.tmp)


#:19 [shstat.exe]
ModuleName : C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
Command Line : "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
ProcessID : 1648
ThreadCreationTime : 6-2-2005 1:31:21 PM
BasePriority : Normal


#:20 [updaterui.exe]
ModuleName : C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
Command Line : "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
ProcessID : 2924
ThreadCreationTime : 6-2-2005 1:31:21 PM
BasePriority : Normal
FileVersion : 3.1.1.184
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2003 Networks Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe

#:21 [launch32.exe]
ModuleName : C:\WINDOWS\MS\SMS\CORE\BIN\LAUNCH32.EXE
Command Line : "C:\WINDOWS\MS\SMS\CORE\BIN\LAUNCH32.EXE"
ProcessID : 2864
ThreadCreationTime : 6-2-2005 1:31:21 PM
BasePriority : Normal
FileVersion : 2.00.1493.4000
ProductVersion : 2.00.1493.4000
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : Systems Management Server
InternalName : LAUNCH32
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : LAUNCH32.EXE

#:22 [ctmix32.exe]
ModuleName : C:\Program Files\Creative\Audio\PROGRAM\CTMIX32.EXE
Command Line : "C:\Program Files\Creative\Audio\PROGRAM\CTMIX32.EXE" /t
ProcessID : 1772
ThreadCreationTime : 6-2-2005 1:31:22 PM
BasePriority : Normal
FileVersion : 6.01.1
ProductVersion : 6.01.1
ProductName : Creative Mixer Loader
CompanyName : Creative Technology Ltd.
FileDescription : Creative Mixer Loader
InternalName : Creative Mixer Loader
LegalCopyright : Copyright © Creative Technology Ltd 1991-1999.
OriginalFilename : CTMXLD32.EXE

#:23 [jusched.exe]
ModuleName : C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
Command Line : "C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe"
ProcessID : 2448
ThreadCreationTime : 6-2-2005 1:31:22 PM
BasePriority : Normal


#:24 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 3408
ThreadCreationTime : 6-2-2005 1:31:22 PM
BasePriority : Normal
FileVersion : 5.0.0468
ProductVersion : Version 5.0
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:25 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 376
ThreadCreationTime : 6-2-2005 1:31:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:26 [smsmon32.exe]
ModuleName : C:\WINDOWS\MS\SMS\CLICOMP\SWDist32\bin\smsmon32.exe
Command Line : C:\WINDOWS\MS\SMS\CLICOMP\SWDist32\bin\smsmon32.exe -startup
ProcessID : 1196
ThreadCreationTime : 6-2-2005 1:31:24 PM
BasePriority : Normal
FileVersion : 2.00.1493.4000
ProductVersion : 2.00.1493.4000
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : SMS 2.0 Client - Advertised Programs Monitor (Win32)
InternalName : SMSMON32
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : SMSMON32.EXE

#:27 [osa.exe]
ModuleName : C:\Program Files\Microsoft Office\Office\OSA.EXE
Command Line : "C:\Program Files\Microsoft Office\Office\OSA.EXE" -b
ProcessID : 3612
ThreadCreationTime : 6-2-2005 1:31:24 PM
BasePriority : Normal


#:28 [pnagent.exe]
ModuleName : C:\Program Files\Citrix\PNAgent\pnagent.exe
Command Line : "C:\Program Files\Citrix\PNAgent\pnagent.exe"
ProcessID : 2620
ThreadCreationTime : 6-2-2005 1:31:24 PM
BasePriority : Normal
FileVersion : 8.100.29670
ProductVersion : 8.100
ProductName : Citrix ICA Client
CompanyName : Citrix Systems, Inc.
FileDescription : Citrix ICA Client PNAgent (Win32)
InternalName : PNAGENT
LegalCopyright : Copyright © 1990-2003 Citrix Systems, Inc.
OriginalFilename : PNAGENT.EXE

#:29 [wzqkpick.exe]
ModuleName : C:\Program Files\WinZip\WZQKPICK.EXE
Command Line : "C:\Program Files\WinZip\WZQKPICK.EXE"
ProcessID : 2616
ThreadCreationTime : 6-2-2005 1:31:25 PM
BasePriority : Normal
FileVersion : 1.0 (32-bit)
ProductVersion : 8.1 (4319)
ProductName : WinZip
CompanyName : WinZip Computing, Inc.
FileDescription : WinZip Executable
InternalName : WZQKPICK.EXE
LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved
LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc
OriginalFilename : WZQKPICK.EXE
Comments : StringFileInfo: U.S. English

#:30 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRA~1\ATTACH~1\E!E2K\Sessions\PRODCI~1.EDP
ProcessID : 2312
ThreadCreationTime : 6-2-2005 1:47:52 PM
BasePriority : Normal


#:31 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\PROD TSO1.EDP
ProcessID : 484
ThreadCreationTime : 6-2-2005 1:48:23 PM
BasePriority : Normal


#:32 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\TEST TSO.EDP
ProcessID : 4056
ThreadCreationTime : 6-2-2005 1:48:42 PM
BasePriority : Normal


#:33 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\PROD TSO2.EDP
ProcessID : 320
ThreadCreationTime : 6-2-2005 1:49:08 PM
BasePriority : Normal


#:34 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\SMS TSO.EDP
ProcessID : 2232
ThreadCreationTime : 6-2-2005 1:49:27 PM
BasePriority : Normal


#:35 [outlook.exe]
ModuleName : C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
Command Line : "C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE" /recycle
ProcessID : 3828
ThreadCreationTime : 6-2-2005 1:50:15 PM
BasePriority : Normal


#:36 [newregistry.exe]
ModuleName : C:\Program Files\Registry\NewRegistry.exe
Command Line : "C:\Program Files\Registry\NewRegistry.exe"
ProcessID : 1540
ThreadCreationTime : 6-2-2005 1:51:30 PM
BasePriority : Normal
FileVersion : 1.03.0002
ProductVersion : 1.03.0002
ProductName : Registry
CompanyName : Cox Health Systems
InternalName : NewRegistry
OriginalFilename : NewRegistry.exe

#:37 [acrord32.exe]
ModuleName : C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
Command Line : "C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe" /o
ProcessID : 2416
ThreadCreationTime : 6-2-2005 4:23:06 PM
BasePriority : Normal
FileVersion : 6.0.0.2003051900
ProductVersion : 6.0.0.2003051900
ProductName : Adobe Reader
CompanyName : Adobe Systems Incorporated
FileDescription : Adobe Reader 6.0
LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroRd32.exe

#:38 [wisptis.exe]
ModuleName : C:\WINDOWS\System32\wisptis.exe
Command Line : "C:\WINDOWS\System32\wisptis.exe" -Embedding
ProcessID : 3480
ThreadCreationTime : 6-2-2005 4:23:09 PM
BasePriority : High
FileVersion : 1.0.2201.0 (xpsp1.020820-1800)
ProductVersion : 1.0.2201.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft Tablet PC Platform Component
InternalName : WISPTIS.EXE
LegalCopyright : Copyright © 1998-2002 Microsoft Corporation.
OriginalFilename : WISPTIS.EXE

#:39 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Command Line : "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
ProcessID : 2600
ThreadCreationTime : 6-2-2005 4:32:41 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:40 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 396
ThreadCreationTime : 6-2-2005 6:23:28 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "AC"
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AC

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 3


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 3


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:36
Value : Cookie:[email protected]/
Expires : 6-9-2005 11:48:12 AM
LastSync : Hits:36
UseCount : 0
Hits : 36

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@bfast[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 5-26-2025 8:55:30 AM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@atdmt[2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:[email protected]/
Expires : 5-24-2010 7:00:00 PM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@advertising[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 5-26-2010 3:47:04 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@adrevolver[1].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:[email protected]/adrevolver/
Expires : 2-6-2008 10:49:48 PM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 5-26-2020 3:36:20 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@fastclick[1].txt
Category : Data Miner
Comment : Hits:32
Value : Cookie:[email protected]/
Expires : 6-2-2007 12:17:50 PM
LastSync : Hits:32
UseCount : 0
Hits : 32

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@2o7[1].txt
Category : Data Miner
Comment : Hits:90
Value : Cookie:[email protected]/
Expires : 6-1-2010 1:03:38 PM
LastSync : Hits:90
UseCount : 0
Hits : 90

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 5-25-2009 9:15:10 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@zedo[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:[email protected]/
Expires : 5-26-2006 9:15:08 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@mediaplex[1].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 6-21-2009 7:00:00 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 12-31-2009 7:00:00 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@bluestreak[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 5-25-2015 11:49:32 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 6-26-2005 3:47:04 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:92
Value : Cookie:[email protected]/
Expires : 12-31-2037 7:00:00 PM
LastSync : Hits:92
UseCount : 0
Hits : 92

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@apmebf[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:[email protected]/
Expires : 5-31-2010 3:21:30 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@valueclick[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 5-21-2030 3:47:02 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 6-1-2005 3:44:06 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:[email protected]/
Expires : 6-2-2006 1:03:22 PM
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@revenue[2].txt
Category : Data Miner
Comment : Hits:40
Value : Cookie:[email protected]/
Expires : 6-10-2022 12:05:42 AM
LastSync : Hits:40
UseCount : 0
Hits : 40

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@doubleclick[1].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:[email protected]/
Expires : 5-25-2008 2:54:02 PM
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 9-6-2014 6:50:08 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 5-29-2015 8:17:46 AM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 5-31-2010 3:21:30 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 24
Objects found so far: 27



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

ClientMan Object Recognized!
Type : File
Data : msnkmi.dll
Category : Malware
Comment :
Object : C:\Documents and Settings\akloehn\Local Settings\Temp\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 28




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ebates MoneyMaker Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TM

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : U

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AD

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : I

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AT

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AM

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TR

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : leck

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : country

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : city

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : state

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX2.8

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX2.9

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.0

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.1

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.2

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.3

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : FU3.4

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : FU3.5

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : FU3.6

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : LU3.7

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 23
Objects found so far: 51

1:32:58 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:52.775
Objects scanned:56287
Objects identified:50
Objects ignored:0
New critical objects:50
  • 0

Advertisements

#2
Guest_Andy_veal_*
Posted 02 June 2005 - 05:22 PM

Guest_Andy_veal_*
  • Guest
Hello and Welcome

Ad-aware has found objects on your computer

If you chose to clean your computer from what Ad-aware found please follow these instructions below…

Please make sure that you are using the * SE1R49 31.05.2005 * definition file.


Please launch Ad-Aware SE and click on the gear to access the Configuration Menu. Please make sure that this setting is applied.

Click on Tweak > Cleaning Engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Please then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder):

Please run CCleaner to assist in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Please run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown in bold below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click OK.

Please note that the path above is of the default installion location for Ad-aware SE, if this is different, please adjust it to the location that you have installed it to.

When the scan has completed, select Next. In the Scanning Results window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove. Click next, Click OK.

If problems are caused by deleting a family, please leave it.

Please shutdown/restart your computer after removal, run a new full scan and post the results as a reply. Do not launch any programs or connect to the internet at this time.

Please then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Please remember when posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Please post back here

Good luck

Andy
  • 0

#3
APK
Posted 06 June 2005 - 10:06 AM

APK

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Here's what I did....

1. I ran Ad-Aware with "Always try to unload modules before deletion" UNchecked and my PC booted normally. At the end of the Ad-Aware scan removed all items found. Two files were listed that could not be removed:
C:\windows\system32\mvr2cenu.dll
C:\windows\system32\nrcfg.dll

Made note of the names and tried to deleting them via windows explorer, but message stated they were in use and could not.

2. Ran CCleaner with "Only delete files in Windows Temp foleder older than 48 hours" UNcheck.

3. Re-booted pc in "Safe Mode".

4. Ran Ad-Aware again with "Always try to unload modules before deletion" Checked and removed all items found. Of the two listed in the earlier scan under normal boot, C:\windows\system32\mvr2cenu.dll was gone, but C:\windows\system32\nrcfg.dll still exist, but now was able to delete it with windows explorer.

5. Started the Registry Editor (Start>Run>Regedit). Went to
'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run
delete item listed called "CheckRun" with data name had the term "MoneyMaker" in it. Referenced in: http://www3.ca.com/s...px?id=453060426

Today have not seen any pop-ups, below is my new log.

Thanks for your help. :tazz:

APK


Ad-Aware SE Build 1.05
Logfile Created on:Monday, June 06, 2005 10:30:26 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R49 31.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R49 31.05.2005
Internal build : 57
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 481469 Bytes
Total size : 1455496 Bytes
Signature data size : 1423833 Bytes
Reference data size : 31151 Bytes
Signatures total : 40572
Fingerprints total : 902
Fingerprints size : 31096 Bytes
Target categories : 15
Target families : 692


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:53 %
Total physical memory:522464 kb
Available physical memory:274140 kb
Total page file size:886112 kb
Available on page file:637652 kb
Total virtual memory:2097024 kb
Available virtual memory:2048416 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Obtain command line of scanned processes
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Play sound at scan completion if scan locates critical objects


6-6-2005 10:30:26 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 448
ThreadCreationTime : 6-3-2005 8:00:13 PM
BasePriority : Normal


#:2 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : n/a
ProcessID : 528
ThreadCreationTime : 6-3-2005 8:00:15 PM
BasePriority : High


#:3 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : n/a
ProcessID : 572
ThreadCreationTime : 6-3-2005 8:00:15 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:4 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : n/a
ProcessID : 584
ThreadCreationTime : 6-3-2005 8:00:15 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:5 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : n/a
ProcessID : 752
ThreadCreationTime : 6-3-2005 8:00:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 800
ThreadCreationTime : 6-3-2005 8:00:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : n/a
ProcessID : 1056
ThreadCreationTime : 6-3-2005 8:00:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:8 [clisvcl.exe]
ModuleName : C:\WINDOWS\MS\SMS\CORE\BIN\CLISVCL.EXE
Command Line : C:\WINDOWS\MS\SMS\CORE\BIN\CLISVCL.EXE
ProcessID : 1260
ThreadCreationTime : 6-3-2005 8:00:24 PM
BasePriority : Normal
FileVersion : 2.00.1493.4000
ProductVersion : 2.00.1493.4000
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : SMS 2.0 Client - Client Service
InternalName : CLISVCL
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : CLISVCL.EXE

#:9 [frameworkservice.exe]
ModuleName : C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
Command Line : n/a
ProcessID : 1296
ThreadCreationTime : 6-3-2005 8:00:24 PM
BasePriority : Normal
FileVersion : 3.1.1.184
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2003 Networks Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe

#:10 [mcshield.exe]
ModuleName : C:\Program Files\Network Associates\VirusScan\mcshield.exe
Command Line : n/a
ProcessID : 1332
ThreadCreationTime : 6-3-2005 8:00:24 PM
BasePriority : High


#:11 [vstskmgr.exe]
ModuleName : C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
Command Line : n/a
ProcessID : 1364
ThreadCreationTime : 6-3-2005 8:00:24 PM
BasePriority : Normal


#:12 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Command Line : n/a
ProcessID : 1428
ThreadCreationTime : 6-3-2005 8:00:24 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:13 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 1500
ThreadCreationTime : 6-3-2005 8:00:25 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:14 [wuser32.exe]
ModuleName : C:\WINDOWS\TIREMOTE\wuser32.exe
Command Line : n/a
ProcessID : 1532
ThreadCreationTime : 6-3-2005 8:00:25 PM
BasePriority : Normal
FileVersion : 5.0.0.2
ProductVersion : 6.0
ProductName : Intuit Track-It! Remote
CompanyName : Intuit Track-It!
FileDescription : Remote Control Agent
InternalName : wuser32
LegalCopyright : Copyright © 2003
OriginalFilename : wuser32.exe

#:15 [wuser32.exe]
ModuleName : C:\WINDOWS\MS\SMS\CLICOMP\RemCtrl\Wuser32.exe
Command Line : n/a
ProcessID : 1628
ThreadCreationTime : 6-3-2005 8:00:25 PM
BasePriority : Normal
FileVersion : 2.00.1493.4007
ProductVersion : 2.00.1493.4007
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : Systems Management Server
InternalName : WUSER32
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : WUSER32.EXE

#:16 [smsapm32.exe]
ModuleName : C:\WINDOWS\MS\SMS\clicomp\apa\Bin\smsapm32.exe
Command Line : C:\WINDOWS\MS\SMS\clicomp\apa\Bin\smsapm32.exe
ProcessID : 2188
ThreadCreationTime : 6-5-2005 5:59:15 PM
BasePriority : Normal
FileVersion : 2.00.1493.4012
ProductVersion : 2.00.1493.4012
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : SMS 2.0 Client - Advertised Programs Manager (Win32)
InternalName : SMSAPM32
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : SMSAPM32.EXE

#:17 [ssonsvr.exe]
ModuleName : C:\Program Files\Citrix\PNAgent\ssonsvr.exe
Command Line : n/a
ProcessID : 2764
ThreadCreationTime : 6-6-2005 1:42:53 PM
BasePriority : Normal


#:18 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1844
ThreadCreationTime : 6-6-2005 1:42:54 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:19 [shstat.exe]
ModuleName : C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
Command Line : "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
ProcessID : 2808
ThreadCreationTime : 6-6-2005 1:42:58 PM
BasePriority : Normal


#:20 [updaterui.exe]
ModuleName : C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
Command Line : "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
ProcessID : 1084
ThreadCreationTime : 6-6-2005 1:42:59 PM
BasePriority : Normal
FileVersion : 3.1.1.184
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2003 Networks Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe

#:21 [launch32.exe]
ModuleName : C:\WINDOWS\MS\SMS\CORE\BIN\LAUNCH32.EXE
Command Line : "C:\WINDOWS\MS\SMS\CORE\BIN\LAUNCH32.EXE"
ProcessID : 3328
ThreadCreationTime : 6-6-2005 1:43:00 PM
BasePriority : Normal
FileVersion : 2.00.1493.4000
ProductVersion : 2.00.1493.4000
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : Systems Management Server
InternalName : LAUNCH32
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : LAUNCH32.EXE

#:22 [ctmix32.exe]
ModuleName : C:\Program Files\Creative\Audio\PROGRAM\CTMIX32.EXE
Command Line : "C:\Program Files\Creative\Audio\PROGRAM\CTMIX32.EXE" /t
ProcessID : 1088
ThreadCreationTime : 6-6-2005 1:43:00 PM
BasePriority : Normal
FileVersion : 6.01.1
ProductVersion : 6.01.1
ProductName : Creative Mixer Loader
CompanyName : Creative Technology Ltd.
FileDescription : Creative Mixer Loader
InternalName : Creative Mixer Loader
LegalCopyright : Copyright © Creative Technology Ltd 1991-1999.
OriginalFilename : CTMXLD32.EXE

#:23 [jusched.exe]
ModuleName : C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
Command Line : "C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe"
ProcessID : 3352
ThreadCreationTime : 6-6-2005 1:43:01 PM
BasePriority : Normal


#:24 [smsmon32.exe]
ModuleName : C:\WINDOWS\MS\SMS\CLICOMP\SWDist32\bin\smsmon32.exe
Command Line : C:\WINDOWS\MS\SMS\CLICOMP\SWDist32\bin\smsmon32.exe -startup
ProcessID : 2732
ThreadCreationTime : 6-6-2005 1:43:01 PM
BasePriority : Normal
FileVersion : 2.00.1493.4000
ProductVersion : 2.00.1493.4000
ProductName : Systems Management Server
CompanyName : Microsoft Corporation
FileDescription : SMS 2.0 Client - Advertised Programs Monitor (Win32)
InternalName : SMSMON32
LegalCopyright : Copyright © Microsoft Corporation 1994-2000
OriginalFilename : SMSMON32.EXE

#:25 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 3224
ThreadCreationTime : 6-6-2005 1:43:03 PM
BasePriority : Normal
FileVersion : 5.0.0468
ProductVersion : Version 5.0
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:26 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 2904
ThreadCreationTime : 6-6-2005 1:43:03 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:27 [osa.exe]
ModuleName : C:\Program Files\Microsoft Office\Office\OSA.EXE
Command Line : "C:\Program Files\Microsoft Office\Office\OSA.EXE" -b
ProcessID : 288
ThreadCreationTime : 6-6-2005 1:43:04 PM
BasePriority : Normal


#:28 [pnagent.exe]
ModuleName : C:\Program Files\Citrix\PNAgent\pnagent.exe
Command Line : "C:\Program Files\Citrix\PNAgent\pnagent.exe"
ProcessID : 3536
ThreadCreationTime : 6-6-2005 1:43:04 PM
BasePriority : Normal
FileVersion : 8.100.29670
ProductVersion : 8.100
ProductName : Citrix ICA Client
CompanyName : Citrix Systems, Inc.
FileDescription : Citrix ICA Client PNAgent (Win32)
InternalName : PNAGENT
LegalCopyright : Copyright © 1990-2003 Citrix Systems, Inc.
OriginalFilename : PNAGENT.EXE

#:29 [wzqkpick.exe]
ModuleName : C:\Program Files\WinZip\WZQKPICK.EXE
Command Line : "C:\Program Files\WinZip\WZQKPICK.EXE"
ProcessID : 3672
ThreadCreationTime : 6-6-2005 1:43:04 PM
BasePriority : Normal
FileVersion : 1.0 (32-bit)
ProductVersion : 8.1 (4319)
ProductName : WinZip
CompanyName : WinZip Computing, Inc.
FileDescription : WinZip Executable
InternalName : WZQKPICK.EXE
LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved
LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc
OriginalFilename : WZQKPICK.EXE
Comments : StringFileInfo: U.S. English

#:30 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRA~1\ATTACH~1\E!E2K\Sessions\PRODCI~1.EDP
ProcessID : 3728
ThreadCreationTime : 6-6-2005 1:48:34 PM
BasePriority : Normal


#:31 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\PROD TSO1.EDP
ProcessID : 4056
ThreadCreationTime : 6-6-2005 1:48:58 PM
BasePriority : Normal


#:32 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\TEST TSO.EDP
ProcessID : 3752
ThreadCreationTime : 6-6-2005 1:49:35 PM
BasePriority : Normal


#:33 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\PROD TSO2.EDP
ProcessID : 388
ThreadCreationTime : 6-6-2005 1:50:03 PM
BasePriority : Normal


#:34 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\SMS TSO.EDP
ProcessID : 2464
ThreadCreationTime : 6-6-2005 1:50:30 PM
BasePriority : Normal


#:35 [outlook.exe]
ModuleName : C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
Command Line : "C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE" /recycle
ProcessID : 876
ThreadCreationTime : 6-6-2005 1:51:43 PM
BasePriority : Normal


#:36 [newregistry.exe]
ModuleName : C:\Program Files\Registry\NewRegistry.exe
Command Line : "C:\Program Files\Registry\NewRegistry.exe"
ProcessID : 1076
ThreadCreationTime : 6-6-2005 1:52:13 PM
BasePriority : Normal
FileVersion : 1.03.0002
ProductVersion : 1.03.0002
ProductName : Registry
CompanyName : Cox Health Systems
InternalName : NewRegistry
OriginalFilename : NewRegistry.exe

#:37 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\iexplore.exe
Command Line : "C:\Program Files\Internet Explorer\iexplore.exe"
ProcessID : 3460
ThreadCreationTime : 6-6-2005 1:52:23 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:38 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3068
ThreadCreationTime : 6-6-2005 3:30:13 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 6-10-2005 2:50:02 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@atdmt[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 6-1-2010 7:00:00 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@advertising[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 6-2-2010 3:26:06 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 6-2-2020 4:18:42 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@fastclick[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 5-24-2007 3:46:54 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@2o7[1].txt
Category : Data Miner
Comment : Hits:19
Value : Cookie:[email protected]/
Expires : 6-2-2010 3:48:42 PM
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 6-21-2009 7:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 5-27-2035 4:18:52 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 7-3-2005 3:26:06 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 6-2-2010 3:57:22 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 6-3-2006 3:48:42 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@doubleclick[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:[email protected]/
Expires : 6-2-2008 3:26:06 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : akloehn@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 6-2-2010 3:57:22 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 13
Objects found so far: 13



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 13




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13

10:36:02 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:35.563
Objects scanned:54389
Objects identified:13
Objects ignored:0
New critical objects:13
  • 0

#4
Guest_Andy_veal_*
Posted 06 June 2005 - 04:28 PM

Guest_Andy_veal_*
  • Guest

#:30 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRA~1\ATTACH~1\E!E2K\Sessions\PRODCI~1.EDP
ProcessID : 3728
ThreadCreationTime : 6-6-2005 1:48:34 PM
BasePriority : Normal


#:31 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\PROD TSO1.EDP
ProcessID : 4056
ThreadCreationTime : 6-6-2005 1:48:58 PM
BasePriority : Normal


#:32 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\TEST TSO.EDP
ProcessID : 3752
ThreadCreationTime : 6-6-2005 1:49:35 PM
BasePriority : Normal


#:33 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\PROD TSO2.EDP
ProcessID : 388
ThreadCreationTime : 6-6-2005 1:50:03 PM
BasePriority : Normal


#:34 [extra.exe]
ModuleName : C:\Program Files\Attachmate\E!E2K\EXTRA.EXE
Command Line : "C:\Program Files\Attachmate\E!E2K\EXTRA.EXE" C:\PROGRAM FILES\ATTACHMATE\E!E2K\SESSIONS\SMS TSO.EDP
ProcessID : 2464
ThreadCreationTime : 6-6-2005 1:50:30 PM
BasePriority : Normal


#:36 [newregistry.exe]
ModuleName : C:\Program Files\Registry\NewRegistry.exe
Command Line : "C:\Program Files\Registry\NewRegistry.exe"
ProcessID : 1076
ThreadCreationTime : 6-6-2005 1:52:13 PM
BasePriority : Normal
FileVersion : 1.03.0002
ProductVersion : 1.03.0002
ProductName : Registry
CompanyName : Cox Health Systems
InternalName : NewRegistry
OriginalFilename : NewRegistry.exe


Your logfile is clean, except for these processes....


Do you know what any of them are?
  • 0

#5
APK
Posted 06 June 2005 - 08:55 PM

APK

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
>Do you know what any of them are?<

yes, there are ok.
  • 0

#6
Guest_Andy_veal_*
Posted 07 June 2005 - 05:38 PM

Guest_Andy_veal_*
  • Guest
All those processes clean?

How is your computer running?

Do you still have problems?
  • 0

#7
APK
Posted 07 June 2005 - 09:05 PM

APK

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
I have not had a single pop-up on Monday or Tuesday. I think I'm cured!!
  • 0

#8
Guest_Andy_veal_*
Posted 09 June 2005 - 04:02 PM

Guest_Andy_veal_*
  • Guest
To keep your computer safe
-Make sure you have all critical updates installed.
-To make sure that you have got a firewall running when your connected to the internet and Anti-virus software which has the latest updates.

Two great sites to check for good advice and top rated software are http://members.acces...ntomPhixer.html and http://www.spywareai...p?file=toprated
  • 0

#9
Guest_Andy_veal_*
Posted 09 June 2005 - 04:02 PM

Guest_Andy_veal_*
  • Guest
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Lavasoft Support (Ad-aware) · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Lavasoft Support (Ad-aware)

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP