Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Anti-Virus gold

Started by risgeo , Jun 12 2005 04:31 AM

  • Please log in to reply

#1
risgeo
Posted 12 June 2005 - 04:31 AM

risgeo

    New Member

  • Member
  • Pip
  • 1 posts
Hi to all. What a great site nice one.
I first found this site trying to help a friend with smitfraud and now what do you know i need somebodys assistance.

I got hit with anti virus gold today and i'm not at all happy about it.


Desktop bombed with icons and wall paper has been hi jacked and my computer is running considerabley slower than it was yesterday. I also have an icon in the system tray which keeps popping up It's quite annoying.


If some body were able to help me rectify the problem i have i would appreciate it very much so. The problems im getting are as follows:


Ive read the forums and to my knoweledge i have done everything that i was able to do. Here it my hijack log:


Logfile of HijackThis v1.99.1
Scan saved at 7:45:39 PM, on 12/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Information Update\iu.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Time Sync\time.exe
C:\Program Files\RedLine\Taskbar.exe
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\musicmatch\MUSICMATCH Jukebox\mm_server.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\essspk.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\WINDOWS\system32\hookdump.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\redline\gameutil.exe
C:\Documents and Settings\George\My Documents\downloads\spyware removal\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.sensis.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AzEntretien Class - {0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} - %SystemRoot%\azentretien.dll (file missing)
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: - {38E1F34D-8C49-4EDE-88D8-60C54A4BA4E5} - C:\WINDOWS\lbbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Information Update] C:\Program Files\Information Update\iu.exe
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [AntivirusGold] C:\Program Files\AntivirusGold\AntivirusGold.exe /h
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [WinGuard Pro] C:\WINDOWS\system32\lockctrl.exe C:\WINDOWS\system32\wgp.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Windows AdControl] C:\Program Files\Windows AdControl\WinAdCtl.exe
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe
O4 - HKLM\..\Run: [umzxmtoixlg] C:\WINDOWS\System32\rfftbr.exe
O4 - HKLM\..\Run: [Time Sync] C:\Program Files\Time Sync\time.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [SAHAgent] C:\WINDOWS\System32\SahAgent.exe
O4 - HKLM\..\Run: [rgbcckulvbd] C:\WINDOWS\System32\rfftbr.exe
O4 - HKLM\..\Run: [RedLine Taskbar] C:\Program Files\RedLine\Taskbar.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [PhilipsRemote] C:\Program Files\musicmatch\MUSICMATCH Jukebox\PhilipsRemote.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mswspl] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [mm_server] C:\Program Files\musicmatch\MUSICMATCH Jukebox\mm_server.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [ifml] C:\WINDOWS\ifml.exe
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [Desksite CMA] C:\Program Files\desksite\bin\cma.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Intel system tool] C:\WINDOWS\system32\hookdump.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kbdtuq] C:\WINDOWS\System32\kbdtuq.exe
O4 - Startup: PalNetaware.lnk = H:\Program Files\Paltalk\pnetaware.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: gameutil.exe.lnk = ?
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.13....chm::/file.exe
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.co...l/azesearch.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.game...aploader_v6.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

I also did a panda scan here is my log:ncident Status Location

Adware:Adware/AzeSearch No disinfected C:\WINDOWS\azentretien.dll
Adware:Adware/RelatedLinks No disinfected C:\WINDOWS\lbbho.dll
Spyware:Spyware/Cydoor No disinfected C:\WINDOWS\cdmxtras
Adware:Adware/KeenValue No disinfected C:\Program Files\Common Files\SearchUpgrader
Adware:Adware/CWS No disinfected Windows Registry
Adware:Adware/ILookup No disinfected C:\Documents and Settings\George\Favorites\Gambling
Adware:Adware/BlazeFind No disinfected Windows Registry
Adware:Adware/Startpage.LH No disinfected C:\Documents and Settings\George\Favorites\Adult\Single Girls.url
Spyware:Spyware/YourSiteBar No disinfected Windows Registry
Virus:Trj/Downloader.AEE Disinfected Operating system
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\azentretien.dll
Adware:Adware/P2PNetworking No disinfected C:\WINDOWS\system32\P2P Networking
Adware:Adware/Perfect-Search No disinfected C:\Documents and Settings\George\Favorites\Adult\Escorts.url
Adware:Adware/Startpage.LH No disinfected C:\Documents and Settings\George\Favorites\Adult\Single Girls.url
Adware:Adware/AzeSearch No disinfected C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\KZM3YDMD\azesearch[1].cab
Adware:Adware/AzeSearch No disinfected C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\KZM3YDMD\azesearch[1].cab[azesearch4.ocx]
Adware:Adware/AzeSearch No disinfected C:\Documents and Settings\George\Local Settings\Temporary Internet Files\Content.IE5\KZM3YDMD\azesearch[1].cab[azesearch.inf]
Possible Virus. No disinfected C:\Documents and Settings\George\My Documents\downloads\BeSweetv1.5b29\BeSweet.exe
Possible Virus. No disinfected C:\Documents and Settings\George\My Documents\downloads\BeSweetv1.5b29.zip[BeSweet.exe]
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\George\My Documents\downloads\New Folder\crack_1955142201012748\TMPGEnc DVD Author v1.5.11.37\TMPGEnc_DVD_Author_v1.5.11.37\syz.exe
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\George\My Documents\downloads\New Folder\crack_1955142201012748\TMPGEnc DVD Author v1.5.11.37\TMPGEnc_DVD_Author_v1.5.11.37.zip[syz.exe]
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\George\My Documents\downloads\New Folder\Pegasys TMPGEnc DVD Author v1.6.26.73\dwn.exe
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\George\My Documents\downloads\New Folder\Pegasys TMPGEnc DVD Author v1.6.26.73\Pegasys_TMPGEnc_DVD_Author_v1.6.26.73.zip[dwn.exe]
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\George\My Documents\downloads\New Folder\TMPGEnc DVD Author 1.5.19.59\TMPGEnc_DVD_Author_1.5.19.59\led.exe
Spyware:Spyware/ISTbar No disinfected C:\Documents and Settings\George\My Documents\downloads\New Folder\TMPGEnc DVD Author v1.0.4.20\TMPGEnc_DVD_Author_v1.0.4.20\nac.exe
Spyware:Spyware/BetterInet No disinfected C:\Program Files\Common Files\SearchUpgrader\system.cfg
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\azentretien.dll
Adware:Adware/KeenValue No disinfected C:\WINDOWS\browserxtras\pn\remove.exe
Adware:Adware/CWS.Searchmeup No disinfected C:\WINDOWS\desktop.html
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\Downloaded Program Files\azesearch.inf
Spyware:Spyware/Iehelp No disinfected C:\WINDOWS\Downloaded Program Files\ipreg32.inf
Adware:Adware/PopCapLoader No disinfected C:\WINDOWS\Downloaded Program Files\popcaploader.inf
Adware:Adware/RelatedLinks No disinfected C:\WINDOWS\lbbho.dll
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\system32\azesearch4.ocx
Adware:Adware/P2PNetworking No disinfected C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\xmlparse.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\xmltok.dll
Possible Virus. No disinfected E:\files\toolkits\UBCD4WinV241Full.exe[NwDetect.exe]
Possible Virus. No disinfected E:\files\toolkits\UBCD4WinV241Full.exe[PasswdRenew.exe]
Possible Virus. No disinfected E:\files\toolkits\UBCD4WinV241Full.exe[SAMInside_Demo.exe]

This is my adaware log:

Ad-Aware SE Build 1.05
Logfile Created on:Sunday, 12 June 2005 7:47:10 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R49 31.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BlazeFind(TAC index:5):1 total references
Claria(TAC index:7):2 total references
DyFuCA(TAC index:3):1 total references
MRU List(TAC index:0):11 total references
SahAgent(TAC index:9):2 total references
WhenU(TAC index:3):1 total references
WindUpdates(TAC index:8):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R49 31.05.2005
Internal build : 57
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 481469 Bytes
Total size : 1455496 Bytes
Signature data size : 1423833 Bytes
Reference data size : 31151 Bytes
Signatures total : 40572
Fingerprints total : 902
Fingerprints size : 31096 Bytes
Target categories : 15
Target families : 692


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:63 %
Total physical memory:1048032 kb
Available physical memory:657012 kb
Total page file size:1737840 kb
Available on page file:1435392 kb
Total virtual memory:2097024 kb
Available virtual memory:2047092 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


12-06-2005 7:47:10 PM - Scan started. (Custom mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 548
ThreadCreationTime : 12-06-2005 9:36:03 AM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 624
ThreadCreationTime : 12-06-2005 9:36:04 AM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 648
ThreadCreationTime : 12-06-2005 9:36:06 AM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 692
ThreadCreationTime : 12-06-2005 9:36:06 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 704
ThreadCreationTime : 12-06-2005 9:36:06 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [ati2evxx.exe]
ModuleName : C:\WINDOWS\system32\Ati2evxx.exe
Command Line : C:\WINDOWS\system32\Ati2evxx.exe
ProcessID : 860
ThreadCreationTime : 12-06-2005 9:36:06 AM
BasePriority : Normal


#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 872
ThreadCreationTime : 12-06-2005 9:36:06 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 956
ThreadCreationTime : 12-06-2005 9:36:07 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 1052
ThreadCreationTime : 12-06-2005 9:36:07 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1104
ThreadCreationTime : 12-06-2005 9:36:07 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1212
ThreadCreationTime : 12-06-2005 9:36:07 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : n/a
ProcessID : 1396
ThreadCreationTime : 12-06-2005 9:36:08 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:13 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : n/a
ProcessID : 1408
ThreadCreationTime : 12-06-2005 9:36:08 AM
BasePriority : Normal
FileVersion : 5.5.1.6
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:14 [spbbcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Command Line : n/a
ProcessID : 1428
ThreadCreationTime : 12-06-2005 9:36:08 AM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:15 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : n/a
ProcessID : 1464
ThreadCreationTime : 12-06-2005 9:36:09 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:16 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1644
ThreadCreationTime : 12-06-2005 9:36:10 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:17 [ctsvccda.exe]
ModuleName : C:\WINDOWS\System32\CTsvcCDA.exe
Command Line : C:\WINDOWS\System32\CTsvcCDA.exe
ProcessID : 1756
ThreadCreationTime : 12-06-2005 9:36:10 AM
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Service for CDROM Access
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
LegalCopyright : Copyright © Creative Technology Ltd., 1999. All rights reserved.
OriginalFilename : CTsvcCDA.EXE

#:18 [ewidoctrl.exe]
ModuleName : C:\Program Files\ewido\security suite\ewidoctrl.exe
Command Line : "C:\Program Files\ewido\security suite\ewidoctrl.exe"
ProcessID : 1788
ThreadCreationTime : 12-06-2005 9:36:10 AM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe

#:19 [ewidoguard.exe]
ModuleName : C:\Program Files\ewido\security suite\ewidoguard.exe
Command Line : n/a
ProcessID : 1836
ThreadCreationTime : 12-06-2005 9:36:12 AM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : guard
CompanyName : ewido networks
FileDescription : guard
InternalName : guard
LegalCopyright : Copyright © 2004
OriginalFilename : guard.exe

#:20 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Command Line : "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
ProcessID : 1896
ThreadCreationTime : 12-06-2005 9:36:13 AM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:21 [sqlservr.exe]
ModuleName : C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
Command Line : "C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe" -sMICROSOFTBCM
ProcessID : 1924
ThreadCreationTime : 12-06-2005 9:36:13 AM
BasePriority : Normal
FileVersion : 2000.080.0818.00
ProductVersion : 8.00.818
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Windows NT
InternalName : SQLSERVR
LegalCopyright : © 1988-2003 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows™ is a trademark of Microsoft Corporation
OriginalFilename : SQLSERVR.EXE
Comments : NT INTEL X86

#:22 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : n/a
ProcessID : 468
ThreadCreationTime : 12-06-2005 9:36:14 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:23 [npfmntor.exe]
ModuleName : C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
Command Line : n/a
ProcessID : 488
ThreadCreationTime : 12-06-2005 9:36:15 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:24 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 816
ThreadCreationTime : 12-06-2005 9:36:15 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:25 [symlcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Command Line : n/a
ProcessID : 908
ThreadCreationTime : 12-06-2005 9:36:16 AM
BasePriority : Normal
FileVersion : 1, 8, 54, 534
ProductVersion : 1, 8, 54, 534
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:26 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1016
ThreadCreationTime : 12-06-2005 9:36:16 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:27 [mspmspsv.exe]
ModuleName : C:\WINDOWS\System32\MsPMSPSv.exe
Command Line : C:\WINDOWS\System32\MsPMSPSv.exe
ProcessID : 1112
ThreadCreationTime : 12-06-2005 9:36:17 AM
BasePriority : Normal
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
ProductName : Microsoft ® DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE

#:28 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 2156
ThreadCreationTime : 12-06-2005 9:36:25 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:29 [ati2evxx.exe]
ModuleName : C:\WINDOWS\system32\Ati2evxx.exe
Command Line : Ati2evxx.exe -Client
ProcessID : 3440
ThreadCreationTime : 12-06-2005 9:41:19 AM
BasePriority : Normal


#:30 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 3528
ThreadCreationTime : 12-06-2005 9:41:20 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:31 [atiptaxx.exe]
ModuleName : C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Command Line : "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
ProcessID : 3624
ThreadCreationTime : 12-06-2005 9:41:24 AM
BasePriority : Normal
FileVersion : 6.14.10.5113
ProductVersion : 6.14.10.5113
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2004 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe

#:32 [jusched.exe]
ModuleName : C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
Command Line : "C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe"
ProcessID : 3648
ThreadCreationTime : 12-06-2005 9:41:25 AM
BasePriority : Normal


#:33 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 3656
ThreadCreationTime : 12-06-2005 9:41:25 AM
BasePriority : Normal
FileVersion : 0.1.0.1612
ProductVersion : 0.1.0.1612
ProductName : RealOne Player (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:34 [iu.exe]
ModuleName : C:\Program Files\Information Update\iu.exe
Command Line : "C:\Program Files\Information Update\iu.exe"
ProcessID : 3672
ThreadCreationTime : 12-06-2005 9:41:26 AM
BasePriority : Normal


#:35 [dumeter.exe]
ModuleName : C:\Program Files\DU Meter\DUMeter.exe
Command Line : "C:\Program Files\DU Meter\DUMeter.exe"
ProcessID : 3812
ThreadCreationTime : 12-06-2005 9:41:30 AM
BasePriority : Normal
FileVersion : 3.07 Build 200
ProductVersion : 3.07 Build 200
ProductName : DU Meter
CompanyName : Hagel Technologies
FileDescription : DU Meter
InternalName : DU Meter
LegalCopyright : Copyright © 1997-2004 Hagel Technologies
OriginalFilename : DUMETER.EXE

#:36 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : n/a
ProcessID : 3836
ThreadCreationTime : 12-06-2005 9:41:31 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:37 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : ctfmon.exe
ProcessID : 3912
ThreadCreationTime : 12-06-2005 9:41:33 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:38 [cthelper.exe]
ModuleName : C:\WINDOWS\system32\CTHELPER.EXE
Command Line : "C:\WINDOWS\system32\CTHELPER.EXE"
ProcessID : 484
ThreadCreationTime : 12-06-2005 9:41:40 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : CtHelper Application
CompanyName : Creative Technology Ltd
FileDescription : CtHelper Application
InternalName : CtHelper
LegalCopyright : Copyright © 2002
OriginalFilename : CtHelper.EXE

#:39 [time.exe]
ModuleName : C:\Program Files\Time Sync\time.exe
Command Line : "C:\Program Files\Time Sync\time.exe"
ProcessID : 2200
ThreadCreationTime : 12-06-2005 9:41:45 AM
BasePriority : Normal


#:40 [taskbar.exe]
ModuleName : C:\Program Files\RedLine\Taskbar.exe
Command Line : "C:\Program Files\RedLine\Taskbar.exe"
ProcessID : 2204
ThreadCreationTime : 12-06-2005 9:41:46 AM
BasePriority : Normal
FileVersion : 0, 0, 0, 16
ProductVersion : 0, 0, 0, 16
ProductName : Registry Tweak
CompanyName : Byron Montgomerie
FileDescription : Taskbar icon exe
InternalName : RegTwk.exe
LegalCopyright : Copyright © 1999-2002
OriginalFilename : RegTwk.exe
Comments : Taskbar program for RegTweak

#:41 [trayap~1.exe]
ModuleName : C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
Command Line : "C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE"
ProcessID : 2356
ThreadCreationTime : 12-06-2005 9:41:50 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 22
ProductVersion : 1, 0, 0, 0
ProductName : Nokia Tray Application
FileDescription : Nokia Tray Application
InternalName : Nokia Tray Application
LegalCopyright : Copyright © 2001 - 2004 Nokia. All Rights Reserved.
OriginalFilename : TrayApplication.EXE

#:42 [p2p networking.exe]
ModuleName : C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
Command Line : "C:\WINDOWS\System32\P2P Networking\P2P Networking.exe" /AUTOSTART
ProcessID : 2140
ThreadCreationTime : 12-06-2005 9:41:59 AM
BasePriority : Normal
FileVersion : 1, 26, 0, 10
ProductVersion : 1, 26, 0, 10
ProductName : P2P Networking
CompanyName : Joltid Ltd.
FileDescription : P2P Networking
InternalName : P2P Networking
LegalCopyright : Copyright © 2001 - 2004 Joltid Ltd. All Rights Reserved.
LegalTrademarks : Joltid is a registered trademark of Joltid Ltd.
OriginalFilename : P2P Networking.exe

#:43 [mm_server.exe]
ModuleName : C:\Program Files\musicmatch\MUSICMATCH Jukebox\mm_server.exe
Command Line : "C:\Program Files\musicmatch\MUSICMATCH Jukebox\mm_server.exe"
ProcessID : 2880
ThreadCreationTime : 12-06-2005 9:42:03 AM
BasePriority : Normal
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : MusicServer.exe
LegalCopyright : TODO: © <Company name>. All rights reserved.
OriginalFilename : MusicServer.exe

#:44 [mmtask.exe]
ModuleName : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
Command Line : "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
ProcessID : 3080
ThreadCreationTime : 12-06-2005 9:42:05 AM
BasePriority : Normal
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : mmtask.exe
LegalCopyright : TODO: © <Company name>. All rights reserved.
OriginalFilename : mmtask.exe

#:45 [type32.exe]
ModuleName : C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
Command Line : "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
ProcessID : 3300
ThreadCreationTime : 12-06-2005 9:42:10 AM
BasePriority : Normal


#:46 [msiexec.exe]
ModuleName : C:\WINDOWS\system32\msiexec.exe
Command Line : C:\WINDOWS�
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP