Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

[Referred]Temperror32.dat & Temp532.exe


  • Please log in to reply

#1
slashdash

slashdash

    New Member

  • Member
  • Pip
  • 3 posts
Hi, I really hope anyone can help me with this.
I've read through some forums but Killbox didn't seem to do the trick, neither did any of the scans described in the introduction. ;)

I have a Acer Ferrari 3400 running Windows XP Home, SP2. If you wish to have more detailed information just tell me and I'll get it. ;)
I also have Norton antivirus 2004 and it can locate the files (temperror32.dat & temp532.exe that I know of) but it can't delete them. :tazz:
I have tried to delete them manually but they are like zombies..they won't just die.

I would appriciate any help I can get.

Sincerely,

Tony Ericsson
  • 0

Advertisements


#2
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
In order to assist you, we need to see the log from an Ad-Aware SE 1.06r1 full system scan.

Important Note! Before performing a scan, be sure that you have the most recent definitions file by using WebUpdate. (Click on the Globe icon, Click connect, Click OK, Click Finish.) At this current point * SE1R51 21.06.2005 * is the most recent definition file.

Ad-Aware SE comes preconfigured with default options so we need you to make only one change. Please deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Select "Perform Full System Scan" and press "Next". When the scan has completed, click "Show Logfile".

Please copy/paste the complete log file here using the reply button. Don't quarantine or remove anything at this time, just post a complete logfile. This sometimes takes 2-3 posts to get it all posted. You will know you are at the end when you see the "Summary of this scan" information has been posted.

When you have posted your log here, Team Lavasoft can advise on what to do next.

Please post back if you have any questions or other problems.


Good luck

Andy
  • 0

#3
slashdash

slashdash

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Thank you for your assistance Andy. ;)
I have pasted the text below. Unfortuanly I have already deleted some files as I followed the instructions on the introduction. :tazz:


Ad-Aware SE Build 1.06r1
Logfile Created on:den 30 juni 2005 02:02:59
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R51 21.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ebates MoneyMaker(TAC index:4):8 total references
Tracking Cookie(TAC index:3):5 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R51 21.06.2005
Internal build : 59
File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 483435 Bytes
Total size : 1461660 Bytes
Signature data size : 1429955 Bytes
Reference data size : 31193 Bytes
Signatures total : 40756
CSI Fingerprints total : 906
CSI data size : 31253 Bytes
Target categories : 15
Target families : 694


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:67 %
Total physical memory:1309152 kb
Available physical memory:872724 kb
Total page file size:2467156 kb
Available on page file:2075272 kb
Total virtual memory:2097024 kb
Available virtual memory:2035340 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


2005-06-30 02:02:59 - Scan started. (Custom mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 584
ThreadCreationTime : 2005-06-29 21:07:59
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 652
ThreadCreationTime : 2005-06-29 21:08:08
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 692
ThreadCreationTime : 2005-06-29 21:08:13
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 736
ThreadCreationTime : 2005-06-29 21:08:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Tjänst- och styrenhetsprogram
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 748
ThreadCreationTime : 2005-06-29 21:08:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [ati2evxx.exe]
ModuleName : C:\WINDOWS\system32\Ati2evxx.exe
Command Line : C:\WINDOWS\system32\Ati2evxx.exe
ProcessID : 892
ThreadCreationTime : 2005-06-29 21:08:15
BasePriority : Normal


#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 908
ThreadCreationTime : 2005-06-29 21:08:15
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 984
ThreadCreationTime : 2005-06-29 21:08:15
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 1024
ThreadCreationTime : 2005-06-29 21:08:16
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k NetworkService
ProcessID : 1080
ThreadCreationTime : 2005-06-29 21:08:16
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k LocalService
ProcessID : 1204
ThreadCreationTime : 2005-06-29 21:08:16
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [ccsetmgr.exe]
ModuleName : C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
Command Line : "C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe"
ProcessID : 1456
ThreadCreationTime : 2005-06-29 21:08:17
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:13 [ccevtmgr.exe]
ModuleName : C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
Command Line : "C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1480
ThreadCreationTime : 2005-06-29 21:08:18
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:14 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1656
ThreadCreationTime : 2005-06-29 21:08:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k bthsvcs
ProcessID : 1744
ThreadCreationTime : 2005-06-29 21:08:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:16 [mdm.exe]
ModuleName : C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe
Command Line : "C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe"
ProcessID : 1784
ThreadCreationTime : 2005-06-29 21:08:18
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright © Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:17 [navapsvc.exe]
ModuleName : C:\Program\Norton AntiVirus\navapsvc.exe
Command Line : "C:\Program\Norton AntiVirus\navapsvc.exe"
ProcessID : 1816
ThreadCreationTime : 2005-06-29 21:08:19
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:18 [savscan.exe]
ModuleName : C:\Program\Norton AntiVirus\SAVScan.exe
Command Line : "C:\Program\Norton AntiVirus\SAVScan.exe"
ProcessID : 1884
ThreadCreationTime : 2005-06-29 21:08:19
BasePriority : Normal

ProductVersion : 9.2
ProductName : Symantec AntiVirus AutoProtect
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
LegalCopyright : Copyright © 2004 Symantec Corporation
OriginalFilename : SAVSCAN.EXE

#:19 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k imgsvc
ProcessID : 1936
ThreadCreationTime : 2005-06-29 21:08:19
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:20 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1960
ThreadCreationTime : 2005-06-29 21:08:19
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:21 [symwsc.exe]
ModuleName : C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
Command Line : "C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe"
ProcessID : 180
ThreadCreationTime : 2005-06-29 21:08:20
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright © 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe

#:22 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 1352
ThreadCreationTime : 2005-06-29 21:08:22
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:23 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 2060
ThreadCreationTime : 2005-06-29 21:09:10
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Utforskaren
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : EXPLORER.EXE

#:24 [atiptaxx.exe]
ModuleName : C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
Command Line : "C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe"
ProcessID : 2268
ThreadCreationTime : 2005-06-29 21:09:15
BasePriority : Normal
FileVersion : 6.14.10.5088
ProductVersion : 6.14.10.5088
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2002 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe

#:25 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 2276
ThreadCreationTime : 2005-06-29 21:09:15
BasePriority : Normal
FileVersion : 5.1.0.22
ProductVersion : 5.1.0.22
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:26 [agrsmmsg.exe]
ModuleName : C:\WINDOWS\AGRSMMSG.exe
Command Line : "C:\WINDOWS\AGRSMMSG.exe"
ProcessID : 2304
ThreadCreationTime : 2005-06-29 21:09:15
BasePriority : Normal
FileVersion : 2.1.36 2.1.36 11/19/2003 15:41:01
ProductVersion : 2.1.36 2.1.36 11/19/2003 15:41:01
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe

#:27 [syntplpr.exe]
ModuleName : C:\Program\Synaptics\SynTP\SynTPLpr.exe
Command Line : "C:\Program\Synaptics\SynTP\SynTPLpr.exe"
ProcessID : 2328
ThreadCreationTime : 2005-06-29 21:09:15
BasePriority : Normal
FileVersion : 7.5.4 18Apr03
ProductVersion : 7.5.4 18Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe

#:28 [syntpenh.exe]
ModuleName : C:\Program\Synaptics\SynTP\SynTPEnh.exe
Command Line : "C:\Program\Synaptics\SynTP\SynTPEnh.exe"
ProcessID : 2340
ThreadCreationTime : 2005-06-29 21:09:15
BasePriority : Normal
FileVersion : 7.5.4 18Apr03
ProductVersion : 7.5.4 18Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe

#:29 [pdvdserv.exe]
ModuleName : C:\Program\CyberLink\PowerDVD\PDVDServ.exe
Command Line : "C:\Program\CyberLink\PowerDVD\PDVDServ.exe"
ProcessID : 2356
ThreadCreationTime : 2005-06-29 21:09:15
BasePriority : Normal
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright © CyberLink Corp. 1997-2002
OriginalFilename : PDVDSERV.EXE

#:30 [qtziacer.exe]
ModuleName : C:\Program\LAUNCH~1\QtZiAcer.EXE
Command Line : "C:\Program\LAUNCH~1\QtZiAcer.EXE"
ProcessID : 2468
ThreadCreationTime : 2005-06-29 21:09:16
BasePriority : Normal
FileVersion : 1, 1, 1, 1011
ProductVersion : 1, 1, 1, 1011
ProductName : Acer Launch Manager
CompanyName : Dritek System Inc.
FileDescription : Launch Manager
InternalName : QtZgAcer
LegalCopyright : Copyright © 2001-2004 Dritek System Inc.
OriginalFilename : QtZgAcer.exe

#:31 [ccapp.exe]
ModuleName : C:\Program\Delade filer\Symantec Shared\ccApp.exe
Command Line : "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
ProcessID : 2496
ThreadCreationTime : 2005-06-29 21:09:16
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:32 [jusched.exe]
ModuleName : C:\Program\Java\jre1.5.0_02\bin\jusched.exe
Command Line : "C:\Program\Java\jre1.5.0_02\bin\jusched.exe"
ProcessID : 2512
ThreadCreationTime : 2005-06-29 21:09:16
BasePriority : Normal


#:33 [rundll32.exe]
ModuleName : C:\WINDOWS\system32\rundll32.exe
Command Line : "C:\WINDOWS\system32\rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
ProcessID : 2540
ThreadCreationTime : 2005-06-29 21:09:16
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Kör en DLL-fil som ett program
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : RUNDLL.EXE

#:34 [vproperty.exe]
ModuleName : C:\Program\Philips ToUcam Camera\VProperty.exe
Command Line : "C:\Program\Philips ToUcam Camera\VProperty.exe"
ProcessID : 2548
ThreadCreationTime : 2005-06-29 21:09:16
BasePriority : Normal
FileVersion : 1.05
ProductVersion : 5.1.2600.105
ProductName : Philips PC Cameras ToUcam VProperty
CompanyName : Philips PC Cameras
FileDescription : VProperty
InternalName : VProperty.exe
LegalCopyright : Copyright © 2000...2001
OriginalFilename : VProperty.exe
Comments : ToUcam VProperty

#:35 [qttask.exe]
ModuleName : C:\Program\QuickTime\qttask.exe
Command Line : "C:\Program\QuickTime\qttask.exe" -atboottime
ProcessID : 2568
ThreadCreationTime : 2005-06-29 21:09:16
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:36 [hpwuschd.exe]
ModuleName : C:\Program\HP\HP Software Update\HPWuSchd.exe
Command Line : "C:\Program\HP\HP Software Update\HPWuSchd.exe"
ProcessID : 2628
ThreadCreationTime : 2005-06-29 21:09:17
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Hewlett-Packard hpwuSchd
CompanyName : Hewlett-Packard
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe

#:37 [hppromo.exe]
ModuleName : C:\Program\HP\Digital Imaging\Promotions\HPpromo.exe
Command Line : "C:\Program\HP\Digital Imaging\Promotions\HPpromo.exe" /N "psc 2400 series" -r
ProcessID : 2644
ThreadCreationTime : 2005-06-29 21:09:17
BasePriority : Normal


#:38 [ituneshelper.exe]
ModuleName : C:\Program\iTunes\iTunesHelper.exe
Command Line : "C:\Program\iTunes\iTunesHelper.exe"
ProcessID : 2668
ThreadCreationTime : 2005-06-29 21:09:17
BasePriority : Normal
FileVersion : 4.8.0.32
ProductVersion : 4.8.0.32
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:39 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 2696
ThreadCreationTime : 2005-06-29 21:09:17
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:40 [hdd thermometer.exe]
ModuleName : C:\Program\HDD Thermometer\HDD Thermometer.exe
Command Line : "C:\Program\HDD Thermometer\HDD Thermometer.exe"
ProcessID : 2708
ThreadCreationTime : 2005-06-29 21:09:17
BasePriority : Normal


#:41 [mmdiag.exe]
ModuleName : C:\Program\Musicmatch\Musicmatch Jukebox\MMDiag.exe
Command Line : MMDiag.exe
ProcessID : 2732
ThreadCreationTime : 2005-06-29 21:09:18
BasePriority : Normal
FileVersion : 10.00.2047
ProductVersion : 10.00.2047
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE

#:42 [wcescomm.exe]
ModuleName : C:\Program\Microsoft ActiveSync\WCESCOMM.EXE
Command Line : "C:\Program\Microsoft ActiveSync\WCESCOMM.EXE"
ProcessID : 2764
ThreadCreationTime : 2005-06-29 21:09:18
BasePriority : Normal
FileVersion : 3.7.1.4034
ProductVersion : 3.7.4034
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync Connection Manager
InternalName : wcescomm
LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESCOMM.EXE

#:43 [ipodservice.exe]
ModuleName : C:\Program\iPod\bin\iPodService.exe
Command Line : C:\Program\iPod\bin\iPodService.exe
ProcessID : 2960
ThreadCreationTime : 2005-06-29 21:09:19
BasePriority : Normal
FileVersion : 4.8.0.32
ProductVersion : 4.8.0.32
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:44 [mim.exe]
ModuleName : C:\Program\Musicmatch\Musicmatch Jukebox\mim.exe
Command Line : "C:\Program\Musicmatch\Musicmatch Jukebox\mim.exe" -Embedding
ProcessID : 3024
ThreadCreationTime : 2005-06-29 21:09:19
BasePriority : Normal
FileVersion : 10.00.2047
ProductVersion : 10.00.2047
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe

#:45 [hpqtra08.exe]
ModuleName : C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
Command Line : "C:\Program\HP\Digital Imaging\bin\hpqtra08.exe"
ProcessID : 3124
ThreadCreationTime : 2005-06-29 21:09:20
BasePriority : Normal
FileVersion : 5.31.0.147
ProductVersion : 005.031.000.147
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)

#:46 [objectdock.exe]
ModuleName : C:\Program\Stardock\ObjectDock\ObjectDock.exe
Command Line : "C:\Program\Stardock\ObjectDock\ObjectDock.exe"
ProcessID : 3152
ThreadCreationTime : 2005-06-29 21:09:21
BasePriority : Normal
FileVersion : v1.1.511u
ProductVersion : v1.1.511u
ProductName : Stardock ObjectDock
CompanyName : Stardock
FileDescription : ObjectDock
InternalName : ObjectDock
LegalCopyright : Copyright © 1999-2005 Jeff Bargmann, ©2002-2005 Stardock
OriginalFilename : ObjectDock.exe

#:47 [wuauclt.exe]
ModuleName : C:\WINDOWS\system32\wuauclt.exe
Command Line : "C:\WINDOWS\system32\wuauclt.exe"
ProcessID : 3292
ThreadCreationTime : 2005-06-29 21:09:21
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatiska uppdateringar
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : wuauclt.exe

#:48 [msmsgs.exe]
ModuleName : C:\Program\Messenger\msmsgs.exe
Command Line : C:\Program\Messenger\msmsgs.exe -Embedding
ProcessID : 1928
ThreadCreationTime : 2005-06-29 21:55:33
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:49 [iexplore.exe]
ModuleName : C:\Program\Internet Explorer\iexplore.exe
Command Line : "C:\Program\Internet Explorer\iexplore.exe"
ProcessID : 1856
ThreadCreationTime : 2005-06-29 23:06:28
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : IEXPLORE.EXE

#:50 [ad-aware.exe]
ModuleName : C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 2180
ThreadCreationTime : 2005-06-30 00:02:14
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment : "AC"
Rootkey : HKEY_USERS
Object : S-1-5-21-3534628792-2868853485-530274584-1005\software\lq
Value : AC

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : tony@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:tony@casalemedia.com/
Expires : 2006-06-20 21:54:12
LastSync : Hits:24
UseCount : 0
Hits : 24

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : tony@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:tony@imrworldwide.com/cgi-bin
Expires : 2009-01-19 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : tony@revenue[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:25
Value : Cookie:tony@revenue.net/
Expires : 2022-06-10 07:05:42
LastSync : Hits:25
UseCount : 0
Hits : 25

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : tony@adtech[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:tony@adtech.de/
Expires : 2015-06-28 01:08:24
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : tony@data.coremetrics[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:tony@data.coremetrics.com/
Expires : 2020-06-29 01:08:44
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 6



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6


Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Not Avaliable

Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6


Deep scanning and examining files (G:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Not Avaliable

Disk Scan Result for G:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6


Deep scanning and examining files (H:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Not Avaliable

Disk Scan Result for H:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 6




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ebates MoneyMaker Object Recognized!
Type : Regkey
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AT

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AC

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AD

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AM

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : U

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : I

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 7
Objects found so far: 13

02:08:50 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:50.563
Objects scanned:124861
Objects identified:13
Objects ignored:0
New critical objects:13


I think that's it. ;) Thanks again for your assistance.

/Tony

Edited by slashdash, 29 June 2005 - 06:12 PM.

  • 0

#4
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Hello and Welcome

Ad-aware has found objects on your computer

If you chose to clean your computer from what Ad-aware found please follow these instructions below…

Please make sure that you are using the * SE1R52 30.06.2005 * definition file.


Please launch Ad-Aware SE and click on the gear to access the Configuration Menu. Please make sure that this setting is applied.

Click on Tweak > Cleaning Engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Please then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder):

Please run CCleaner to assist in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Please run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown in bold below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click OK.

Please note that the path above is of the default installion location for Ad-aware SE, if this is different, please adjust it to the location that you have installed it to.

When the scan has completed, select Next. In the Scanning Results window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove. Click next, Click OK.

If problems are caused by deleting a family, please leave it.

Please shutdown/restart your computer after removal, run a new full scan and post the results as a reply. Do not launch any programs or connect to the internet at this time.

Please then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Please remember when posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Please post back here

Good luck

Andy
  • 0

#5
slashdash

slashdash

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Hi, and thank you so much for you help! :tazz:
Here is the new scan-log.

Ad-Aware SE Build 1.06r1
Logfile Created on:den 3 juli 2005 15:10:58
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R52 30.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ebates MoneyMaker(TAC index:4):6 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R52 30.06.2005
Internal build : 60
File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 485588 Bytes
Total size : 1468054 Bytes
Signature data size : 1436270 Bytes
Reference data size : 31272 Bytes
Signatures total : 40920
CSI Fingerprints total : 919
CSI data size : 31888 Bytes
Target categories : 15
Target families : 697


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:70 %
Total physical memory:1309152 kb
Available physical memory:912040 kb
Total page file size:2467156 kb
Available on page file:2181088 kb
Total virtual memory:2097024 kb
Available virtual memory:2035672 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


2005-07-03 15:10:58 - Scan started. (Custom mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 420
ThreadCreationTime : 2005-07-03 13:06:45
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 480
ThreadCreationTime : 2005-07-03 13:06:48
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 504
ThreadCreationTime : 2005-07-03 13:06:50
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 548
ThreadCreationTime : 2005-07-03 13:06:50
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Tjänst- och styrenhetsprogram
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 560
ThreadCreationTime : 2005-07-03 13:06:50
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [ati2evxx.exe]
ModuleName : C:\WINDOWS\system32\Ati2evxx.exe
Command Line : C:\WINDOWS\system32\Ati2evxx.exe
ProcessID : 700
ThreadCreationTime : 2005-07-03 13:06:51
BasePriority : Normal


#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 716
ThreadCreationTime : 2005-07-03 13:06:51
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 792
ThreadCreationTime : 2005-07-03 13:06:52
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 832
ThreadCreationTime : 2005-07-03 13:06:52
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k NetworkService
ProcessID : 884
ThreadCreationTime : 2005-07-03 13:06:52
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k LocalService
ProcessID : 992
ThreadCreationTime : 2005-07-03 13:06:53
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [ccsetmgr.exe]
ModuleName : C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
Command Line : "C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe"
ProcessID : 1100
ThreadCreationTime : 2005-07-03 13:06:54
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:13 [ccevtmgr.exe]
ModuleName : C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
Command Line : "C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1140
ThreadCreationTime : 2005-07-03 13:06:54
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:14 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1304
ThreadCreationTime : 2005-07-03 13:06:55
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k bthsvcs
ProcessID : 1392
ThreadCreationTime : 2005-07-03 13:06:55
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:16 [mdm.exe]
ModuleName : C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe
Command Line : "C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe"
ProcessID : 1432
ThreadCreationTime : 2005-07-03 13:06:55
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright © Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:17 [navapsvc.exe]
ModuleName : C:\Program\Norton AntiVirus\navapsvc.exe
Command Line : "C:\Program\Norton AntiVirus\navapsvc.exe"
ProcessID : 1460
ThreadCreationTime : 2005-07-03 13:06:55
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:18 [savscan.exe]
ModuleName : C:\Program\Norton AntiVirus\SAVScan.exe
Command Line : "C:\Program\Norton AntiVirus\SAVScan.exe"
ProcessID : 1528
ThreadCreationTime : 2005-07-03 13:06:55
BasePriority : Normal

ProductVersion : 9.2
ProductName : Symantec AntiVirus AutoProtect
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
LegalCopyright : Copyright © 2004 Symantec Corporation
OriginalFilename : SAVSCAN.EXE

#:19 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k imgsvc
ProcessID : 1580
ThreadCreationTime : 2005-07-03 13:06:56
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:20 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1620
ThreadCreationTime : 2005-07-03 13:06:56
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:21 [symwsc.exe]
ModuleName : C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
Command Line : "C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe"
ProcessID : 1772
ThreadCreationTime : 2005-07-03 13:06:56
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright © 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe

#:22 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 288
ThreadCreationTime : 2005-07-03 13:06:58
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:23 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1536
ThreadCreationTime : 2005-07-03 13:07:02
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Utforskaren
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : EXPLORER.EXE

#:24 [atiptaxx.exe]
ModuleName : C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
Command Line : "C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe"
ProcessID : 2248
ThreadCreationTime : 2005-07-03 13:07:08
BasePriority : Normal
FileVersion : 6.14.10.5088
ProductVersion : 6.14.10.5088
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2002 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe

#:25 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 2256
ThreadCreationTime : 2005-07-03 13:07:08
BasePriority : Normal
FileVersion : 5.1.0.22
ProductVersion : 5.1.0.22
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:26 [agrsmmsg.exe]
ModuleName : C:\WINDOWS\AGRSMMSG.exe
Command Line : "C:\WINDOWS\AGRSMMSG.exe"
ProcessID : 2264
ThreadCreationTime : 2005-07-03 13:07:08
BasePriority : Normal
FileVersion : 2.1.36 2.1.36 11/19/2003 15:41:01
ProductVersion : 2.1.36 2.1.36 11/19/2003 15:41:01
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe

#:27 [syntplpr.exe]
ModuleName : C:\Program\Synaptics\SynTP\SynTPLpr.exe
Command Line : "C:\Program\Synaptics\SynTP\SynTPLpr.exe"
ProcessID : 2272
ThreadCreationTime : 2005-07-03 13:07:08
BasePriority : Normal
FileVersion : 7.5.4 18Apr03
ProductVersion : 7.5.4 18Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe

#:28 [syntpenh.exe]
ModuleName : C:\Program\Synaptics\SynTP\SynTPEnh.exe
Command Line : "C:\Program\Synaptics\SynTP\SynTPEnh.exe"
ProcessID : 2280
ThreadCreationTime : 2005-07-03 13:07:08
BasePriority : Normal
FileVersion : 7.5.4 18Apr03
ProductVersion : 7.5.4 18Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe

#:29 [pdvdserv.exe]
ModuleName : C:\Program\CyberLink\PowerDVD\PDVDServ.exe
Command Line : "C:\Program\CyberLink\PowerDVD\PDVDServ.exe"
ProcessID : 2288
ThreadCreationTime : 2005-07-03 13:07:08
BasePriority : Normal
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright © CyberLink Corp. 1997-2002
OriginalFilename : PDVDSERV.EXE

#:30 [qtziacer.exe]
ModuleName : C:\Program\LAUNCH~1\QtZiAcer.EXE
Command Line : "C:\Program\LAUNCH~1\QtZiAcer.EXE"
ProcessID : 2340
ThreadCreationTime : 2005-07-03 13:07:09
BasePriority : Normal
FileVersion : 1, 1, 1, 1011
ProductVersion : 1, 1, 1, 1011
ProductName : Acer Launch Manager
CompanyName : Dritek System Inc.
FileDescription : Launch Manager
InternalName : QtZgAcer
LegalCopyright : Copyright © 2001-2004 Dritek System Inc.
OriginalFilename : QtZgAcer.exe

#:31 [ccapp.exe]
ModuleName : C:\Program\Delade filer\Symantec Shared\ccApp.exe
Command Line : "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
ProcessID : 2348
ThreadCreationTime : 2005-07-03 13:07:09
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:32 [jusched.exe]
ModuleName : C:\Program\Java\jre1.5.0_02\bin\jusched.exe
Command Line : "C:\Program\Java\jre1.5.0_02\bin\jusched.exe"
ProcessID : 2372
ThreadCreationTime : 2005-07-03 13:07:09
BasePriority : Normal


#:33 [rundll32.exe]
ModuleName : C:\WINDOWS\system32\rundll32.exe
Command Line : "C:\WINDOWS\system32\rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
ProcessID : 2380
ThreadCreationTime : 2005-07-03 13:07:09
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Kör en DLL-fil som ett program
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : RUNDLL.EXE

#:34 [vproperty.exe]
ModuleName : C:\Program\Philips ToUcam Camera\VProperty.exe
Command Line : "C:\Program\Philips ToUcam Camera\VProperty.exe"
ProcessID : 2396
ThreadCreationTime : 2005-07-03 13:07:09
BasePriority : Normal
FileVersion : 1.05
ProductVersion : 5.1.2600.105
ProductName : Philips PC Cameras ToUcam VProperty
CompanyName : Philips PC Cameras
FileDescription : VProperty
InternalName : VProperty.exe
LegalCopyright : Copyright © 2000...2001
OriginalFilename : VProperty.exe
Comments : ToUcam VProperty

#:35 [qttask.exe]
ModuleName : C:\Program\QuickTime\qttask.exe
Command Line : "C:\Program\QuickTime\qttask.exe" -atboottime
ProcessID : 2404
ThreadCreationTime : 2005-07-03 13:07:09
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:36 [hpwuschd.exe]
ModuleName : C:\Program\HP\HP Software Update\HPWuSchd.exe
Command Line : "C:\Program\HP\HP Software Update\HPWuSchd.exe"
ProcessID : 2440
ThreadCreationTime : 2005-07-03 13:07:09
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Hewlett-Packard hpwuSchd
CompanyName : Hewlett-Packard
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe

#:37 [hppromo.exe]
ModuleName : C:\Program\HP\Digital Imaging\Promotions\HPpromo.exe
Command Line : "C:\Program\HP\Digital Imaging\Promotions\HPpromo.exe" /N "psc 2400 series" -r
ProcessID : 2456
ThreadCreationTime : 2005-07-03 13:07:10
BasePriority : Normal


#:38 [realsched.exe]
ModuleName : C:\Program\Delade filer\Real\Update_OB\realsched.exe
Command Line : "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
ProcessID : 2508
ThreadCreationTime : 2005-07-03 13:07:10
BasePriority : Normal
FileVersion : 0.1.0.3292
ProductVersion : 0.1.0.3292
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:39 [ekort.exe]
ModuleName : C:\Program\ekort\ekort.exe
Command Line : "c:\program\ekort\ekort.exe" /dontopenmycards
ProcessID : 2516
ThreadCreationTime : 2005-07-03 13:07:10
BasePriority : Normal
FileVersion : 2, 4, 0, 1, 81
ProductVersion : 2, 4, 0, 1, 81
ProductName : Swedbank e-kort
CompanyName : Orbiscom Ltd. All rights reserved.
FileDescription : Swedbank e-kort
InternalName : WEBOCARD
LegalCopyright : Copyright © 1999-2002, Orbiscom Ltd.
All rights reserved.
OriginalFilename : WebOCard.EXE

#:40 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 2524
ThreadCreationTime : 2005-07-03 13:07:10
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:41 [skype.exe]
ModuleName : C:\Program\Skype\Phone\Skype.exe
Command Line : "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized
ProcessID : 2536
ThreadCreationTime : 2005-07-03 13:07:10
BasePriority : Normal


#:42 [wcescomm.exe]
ModuleName : C:\Program\Microsoft ActiveSync\WCESCOMM.EXE
Command Line : "C:\Program\Microsoft ActiveSync\WCESCOMM.EXE"
ProcessID : 2592
ThreadCreationTime : 2005-07-03 13:07:11
BasePriority : Normal
FileVersion : 3.7.1.4034
ProductVersion : 3.7.4034
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync Connection Manager
InternalName : wcescomm
LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESCOMM.EXE

#:43 [mim.exe]
ModuleName : C:\Program\Musicmatch\Musicmatch Jukebox\mim.exe
Command Line : "C:\Program\Musicmatch\Musicmatch Jukebox\mim.exe" -Embedding
ProcessID : 2820
ThreadCreationTime : 2005-07-03 13:07:13
BasePriority : Normal
FileVersion : 10.00.2047
ProductVersion : 10.00.2047
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mim
InternalName : mim
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mim.exe

#:44 [hpqtra08.exe]
ModuleName : C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
Command Line : "C:\Program\HP\Digital Imaging\bin\hpqtra08.exe"
ProcessID : 2976
ThreadCreationTime : 2005-07-03 13:08:14
BasePriority : Normal
FileVersion : 5.31.0.147
ProductVersion : 005.031.000.147
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)

#:45 [wuauclt.exe]
ModuleName : C:\WINDOWS\system32\wuauclt.exe
Command Line : "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[340]SUSDSab637581c075e849a04b3e92fabbd4fd
ProcessID : 3012
ThreadCreationTime : 2005-07-03 13:08:18
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatiska uppdateringar
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : wuauclt.exe

#:46 [objectdock.exe]
ModuleName : C:\Program\Stardock\ObjectDock\ObjectDock.exe
Command Line : "C:\Program\Stardock\ObjectDock\ObjectDock.exe"
ProcessID : 3052
ThreadCreationTime : 2005-07-03 13:08:19
BasePriority : Normal
FileVersion : v1.1.511u
ProductVersion : v1.1.511u
ProductName : Stardock ObjectDock
CompanyName : Stardock
FileDescription : ObjectDock
InternalName : ObjectDock
LegalCopyright : Copyright © 1999-2005 Jeff Bargmann, ©2002-2005 Stardock
OriginalFilename : ObjectDock.exe

#:47 [mmdiag.exe]
ModuleName : C:\Program\Musicmatch\Musicmatch Jukebox\MMDiag.exe
Command Line : MMDiag.exe
ProcessID : 3076
ThreadCreationTime : 2005-07-03 13:08:19
BasePriority : Normal
FileVersion : 10.00.2047
ProductVersion : 10.00.2047
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : Logging and tracing manager
InternalName : MMTraceExe
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : MMTraceExe.EXE

#:48 [msmsgs.exe]
ModuleName : C:\Program\Messenger\msmsgs.exe
Command Line : C:\Program\Messenger\msmsgs.exe -Embedding
ProcessID : 3980
ThreadCreationTime : 2005-07-03 13:10:25
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:49 [ad-aware.exe]
ModuleName : C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1956
ThreadCreationTime : 2005-07-03 13:10:38
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment : "AC"
Rootkey : HKEY_USERS
Object : S-1-5-21-3534628792-2868853485-530274584-1005\software\lq
Value : AC

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 1




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ebates MoneyMaker Object Recognized!
Type : Regkey
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AC

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : U

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TM

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : I

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 6

15:18:00 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:07:02.375
Objects scanned:122978
Objects identified:6
Objects ignored:0
New critical objects:6


Best rgrds,
Tony

Edited by slashdash, 03 July 2005 - 07:24 AM.

  • 0

#6
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Please follow the instructions located in Step Five: Posting a Hijack This Log. Post your HJT log as a reply to this thread, which has been relocated to the Malware Removal Forum for providing you with further assistance.

Kindly note that it is very busy in the Malware Removal Forum, so there may be a delay in receiving a reply. Please also note that HJT logfiles are reviewed on a first come/first served basis.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP