Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows shut down SVCHOST Process -- HELP!

Started by mightymouse87 , Aug 09 2005 02:16 PM

  • Please log in to reply

#1
mightymouse87
Posted 09 August 2005 - 02:16 PM

mightymouse87

    New Member

  • Member
  • Pip
  • 1 posts
After I took my laptop out of hibernation this morning, I got a message from Widows stating
"To help protect your computer, Windows has closed this program
Name: Generic Host Process for Win32 services"
I looked around the internet for information on this, but it got too technical. I know you guys can help me, and I need it!

I ran the following scans, and enclosed are the reports from their scans.

Hijack This:

Logfile of HijackThis v1.99.1
Scan saved at 12:42:25 PM, on 09/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Battery miser\batterymiser.exe
C:\Program Files\On Screen Display\Hotkey.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\RMan\RMan.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\dllhost.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\WINDOWS\system32\wuauclt.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Mike\My Documents\Misc\Anti-Virus\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [batterymiser] C:\Program Files\Battery miser\batterymiser.exe
O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\On Screen Display\Hotkey.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RMan] C:\Program Files\RMan\RMan.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NetFxUpdate_v1.1.4322] "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

CWShredder

**** Run Keys ****

RUN: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
RUN: [AGRSMMSG] AGRSMMSG.exe
RUN: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
RUN: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
RUN: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
RUN: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
RUN: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
RUN: [batterymiser] C:\Program Files\Battery miser\batterymiser.exe
RUN: [KeybdUtility] "C:\Program Files\On Screen Display\Hotkey.exe"
RUN: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
RUN: [RMan] C:\Program Files\RMan\RMan.exe
RUN: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
RUN: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP Operator 2005.exe" -aUtOsTaRtFrOmReG
RUN: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
RUN: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
RUN: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
RUN: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
RUN: [NetFxUpdate_v1.1.4322] "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe


**** Browser Helper Objects ****

BHO: [AcroIEHlprObj Class] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [] C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: [] C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: [CNavExtBho Class] C:\Program Files\Norton AntiVirus\NavShExt.dll


**** IE Toolbars ****

TOOLBAR: [Norton AntiVirus] C:\Program Files\Norton AntiVirus\NavShExt.dll


**** IE Extensions ****

IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe


**** Hosts File Entries ****

HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost


**** IE Settings ****

Default Page: http://www.microsoft...er=6&ar=msnhome
Default Search: http://www.microsoft...=ie&ar=iesearch
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: http://www.microsoft...=ie&ar=iesearch


**** IE Context Menu (Right click) ****

IEContext: [E&xport to Microsoft Excel] res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000


**** Layered Service Providers ****

LSP: MSAFD Irda [IrDA]
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7B5B4333-7F69-45A7-B2C2-710299AD3F68}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7B5B4333-7F69-45A7-B2C2-710299AD3F68}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2B808ED2-580A-4A4F-A890-D03B3C95A7C7}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{2B808ED2-580A-4A4F-A890-D03B3C95A7C7}] DATAGRAM 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FF4E15AE-4969-4BFC-B8B4-68A0AB404590}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{FF4E15AE-4969-4BFC-B8B4-68A0AB404590}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1023490A-FCB5-4785-A421-F3543EB5FCC3}] SEQPACKET 12
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1023490A-FCB5-4785-A421-F3543EB5FCC3}] DATAGRAM 12
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{731DBA2B-275A-4745-95FA-EB6A1F3A1899}] SEQPACKET 11
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{731DBA2B-275A-4745-95FA-EB6A1F3A1899}] DATAGRAM 11
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CCBFB508-C07A-460B-AE3D-91E8088BC3C8}] SEQPACKET 9
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{CCBFB508-C07A-460B-AE3D-91E8088BC3C8}] DATAGRAM 9
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A520837F-E68C-4A69-954B-FEE0A5432227}] SEQPACKET 8
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A520837F-E68C-4A69-954B-FEE0A5432227}] DATAGRAM 8
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E679C60C-1144-4F80-8755-CFF3F4612B52}] SEQPACKET 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E679C60C-1144-4F80-8755-CFF3F4612B52}] DATAGRAM 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8C1AE80E-B0C1-4E6E-AE49-C4196713CD19}] SEQPACKET 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8C1AE80E-B0C1-4E6E-AE49-C4196713CD19}] DATAGRAM 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0EAB4590-F34E-49CF-95CE-1EA017622B25}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{0EAB4590-F34E-49CF-95CE-1EA017622B25}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1B341359-3633-4BEA-9EBC-9FCCD2CCC9A6}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1B341359-3633-4BEA-9EBC-9FCCD2CCC9A6}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{13EA17E0-F52E-4DBF-A3BA-3B15DE9F0B28}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{13EA17E0-F52E-4DBF-A3BA-3B15DE9F0B28}] DATAGRAM 2


**** Blocked Control Panel Items ****

BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No


**** Downloaded Program Files ****

{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} [http://messenger.msn...Downloader.cab] C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
{D27CDB6E-AE6D-11CF-96B8-444553540000} [http://fpdownload.ma...sh/swflash.cab]


**** Windows Services ****

[Alerter] %SystemRoot%\system32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[Ati HotKey Poller] %SystemRoot%\system32\Ati2evxx.exe
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\system32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\system32\svchost.exe -k netsvcs
[ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
[ccPwdSvc] "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
[ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[IDriverT] "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
[ImapiService] C:\WINDOWS\system32\imapi.exe
[iPodService] "C:\Program Files\iPod\bin\iPodService.exe"
[Irmon] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanserver] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService
[MDM] "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
[Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\system32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[navapsvc] "C:\Program Files\Norton AntiVirus\navapsvc.exe"
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\system32\svchost.exe -k netsvcs
[NPFMntor] "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"
[NtLmSsp] %SystemRoot%\system32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\system32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\system32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SAVScan] "C:\Program Files\Norton AntiVirus\SAVScan.exe"
[SBService] C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[SNDSrvc] "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
[SPBBCSvc] "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\system32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService
[StarWindService] C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{B77A3CF3-81DA-442D-B085-516A27A95B95}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[UMWdf] C:\WINDOWS\system32\wdfmgr.exe
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[vsmon] C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs
[aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[ewido security suite control] C:\Program Files\ewido\security suite\ewidoctrl.exe


**** Custom IE Search Items ****

SEARCH: [SearchAssistant] http://ie.search.msn...st/srchasst.htm
SEARCH: [CustomizeSearch] http://ie.search.msn...st/srchcust.htm


**** Complete IE Options ****

IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] http://www.google.ca/
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page] http://www.microsoft...=ie&ar=iesearch
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [Use FormSuggest] no
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [FormSuggest PW Ask] no
IEOPT: [StatusBarOther]
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Use Custom Search URL]
IEOPT: [AutoSearch]
IEOPT: [HistoryViewType]
IEOPT: [AddToFavoritesExpanded]
IEOPT: [Default_Page_URL] http://www.microsoft...er=6&ar=msnhome
IEOPT: [Default_Search_URL] http://www.microsoft...=ie&ar=iesearch
IEOPT: [Search Page] http://www.microsoft...=ie&ar=iesearch
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] http://www.microsoft...B_PVER}&ar=home
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.00.2800.1017
IEOPT: [FullScreen] no

Ad-Aware

Ad-Aware SE Build 1.06r1
Logfile Created on:August 9, 2005 12:46:43 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R60 04.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


09-08-2005 12:46:43 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : S-1-5-21-1448460498-1704948819-536893483-1005\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1448460498-1704948819-536893483-1005\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 892
ThreadCreationTime : 09-08-2005 7:11:45 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 976
ThreadCreationTime : 09-08-2005 7:11:48 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1016
ThreadCreationTime : 09-08-2005 7:11:54 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1060
ThreadCreationTime : 09-08-2005 7:11:57 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1072
ThreadCreationTime : 09-08-2005 7:11:57 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1228
ThreadCreationTime : 09-08-2005 7:11:59 PM
BasePriority : Normal
FileVersion : 6.14.10.4115
ProductVersion : 6.14.10.4115.01
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1252
ThreadCreationTime : 09-08-2005 7:11:59 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1340
ThreadCreationTime : 09-08-2005 7:12:00 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1500
ThreadCreationTime : 09-08-2005 7:12:00 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1556
ThreadCreationTime : 09-08-2005 7:12:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1704
ThreadCreationTime : 09-08-2005 7:12:02 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 180
ThreadCreationTime : 09-08-2005 7:12:05 PM
BasePriority : Normal
FileVersion : 103.0.5.2
ProductVersion : 103.0.5.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:13 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 708
ThreadCreationTime : 09-08-2005 7:12:05 PM
BasePriority : Normal
FileVersion : 5.5.1.6
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:14 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 740
ThreadCreationTime : 09-08-2005 7:12:06 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:15 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 756
ThreadCreationTime : 09-08-2005 7:12:07 PM
BasePriority : Normal
FileVersion : 103.0.5.2
ProductVersion : 103.0.5.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:16 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1232
ThreadCreationTime : 09-08-2005 7:12:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:17 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ProcessID : 1608
ThreadCreationTime : 09-08-2005 7:12:15 PM
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright © Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:18 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1624
ThreadCreationTime : 09-08-2005 7:12:15 PM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:19 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1872
ThreadCreationTime : 09-08-2005 7:12:18 PM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:20 [starwindservice.exe]
FilePath : C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\
ProcessID : 1760
ThreadCreationTime : 09-08-2005 7:12:19 PM
BasePriority : Normal
FileVersion : 2.6.1 Build 0x20050401
ProductVersion : 2.6.1 Build 0x20050401
ProductName : StarWind
CompanyName : Rocket Division Software
FileDescription : StarWind iSCSI Target (Alcohol Edition)
InternalName : StarWind
LegalCopyright : Copyright © Rocket Division Software 2003-2005. All rights reserved.
OriginalFilename : StarWind

#:21 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 204
ThreadCreationTime : 09-08-2005 7:12:19 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:22 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZoneLabs\
ProcessID : 296
ThreadCreationTime : 09-08-2005 7:12:21 PM
BasePriority : Normal
FileVersion : 6.0.631.003
ProductVersion : 6.0.631.003
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:23 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1844
ThreadCreationTime : 09-08-2005 7:12:36 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:24 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1780
ThreadCreationTime : 09-08-2005 7:19:06 PM
BasePriority : Normal
FileVersion : 6.14.10.4115
ProductVersion : 6.14.10.4115.01
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE

#:25 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1884
ThreadCreationTime : 09-08-2005 7:19:07 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:26 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1320
ThreadCreationTime : 09-08-2005 7:19:12 PM
BasePriority : Normal
FileVersion : 103.0.5.2
ProductVersion : 103.0.5.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:27 [agrsmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 1272
ThreadCreationTime : 09-08-2005 7:19:13 PM
BasePriority : Normal
FileVersion : 2.1.53 2.1.53 05/11/2005 13:12:28
ProductVersion : 2.1.53 2.1.53 05/11/2005 13:12:28
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe

#:28 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2168
ThreadCreationTime : 09-08-2005 7:19:15 PM
BasePriority : Normal
FileVersion : 7.12.6 29Oct04
ProductVersion : 7.12.6 29Oct04
ProductName : Synaptics Pointing Device Driver
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2004
OriginalFilename : SynTPLpr.exe

#:29 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 2188
ThreadCreationTime : 09-08-2005 7:19:15 PM
BasePriority : Normal
FileVersion : 7.12.6 29Oct04
ProductVersion : 7.12.6 29Oct04
ProductName : Synaptics Pointing Device Driver
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Synaptics Enhancements Application
LegalCopyright : Copyright © Synaptics, Inc. 1996-2004
OriginalFilename : SynTPEnh.exe

#:30 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 2216
ThreadCreationTime : 09-08-2005 7:19:16 PM
BasePriority : Normal
FileVersion : 6.14.10.5154
ProductVersion : 6.14.10.5154
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2005 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe

#:31 [batterymiser.exe]
FilePath : C:\Program Files\Battery miser\
ProcessID : 2236
ThreadCreationTime : 09-08-2005 7:19:16 PM
BasePriority : Normal
FileVersion : 3, 24, 6, 0
ProductVersion : 3, 24, 6, 0
ProductName : Battery miser
CompanyName : LG Electronics Inc.
FileDescription : Battery miser
InternalName : batterymiser.exe
LegalCopyright : Copyright© 2005 LG Electronics Inc. All rights reserved.
OriginalFilename : batterymiser.exe

#:32 [hotkey.exe]
FilePath : C:\Program Files\On Screen Display\
ProcessID : 2260
ThreadCreationTime : 09-08-2005 7:19:16 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : HotKey
CompanyName : LG Electronics
FileDescription : HotKey
InternalName : HotKey
LegalCopyright : Copyright © 2003
OriginalFilename : HotKey.EXE

#:33 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2352
ThreadCreationTime : 09-08-2005 7:19:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:34 [rman.exe]
FilePath : C:\Program Files\RMan\
ProcessID : 2368
ThreadCreationTime : 09-08-2005 7:19:18 PM
BasePriority : Normal
FileVersion : 1, 1205, 315, 1
ProductVersion : 1, 1205, 315, 1
ProductName : Remote Controller Manager
CompanyName : LG Electronics Inc.
FileDescription : Remote Controller Manager
InternalName : RMan
LegalCopyright : Copyright © 2004-2005 LG Electronics Inc.
OriginalFilename : RMan.exe
Comments : Remote Controller Manager

#:35 [zlclient.exe]
FilePath : C:\Program Files\Zone Labs\ZoneAlarm\
ProcessID : 2408
ThreadCreationTime : 09-08-2005 7:19:19 PM
BasePriority : Normal
FileVersion : 6.0.631.003
ProductVersion : 6.0.631.003
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:36 [ip operator 2005.exe]
FilePath : C:\Program Files\LG Software\IP Operator 2005\
ProcessID : 2476
ThreadCreationTime : 09-08-2005 7:19:20 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : IPO3 ?? ????
FileDescription : IPO3 MFC ?? ????
InternalName : IPO3
LegalCopyright : Copyright © 2004
OriginalFilename : IPO3.EXE

#:37 [pdvdserv.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 2504
ThreadCreationTime : 09-08-2005 7:19:21 PM
BasePriority : Normal
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright © CyberLink Corp. 1997-2002
OriginalFilename : PDVDSERV.EXE

#:38 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2556
ThreadCreationTime : 09-08-2005 7:19:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:39 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3832
ThreadCreationTime : 09-08-2005 7:34:08 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:40 [msiexec.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3432
ThreadCreationTime : 09-08-2005 7:35:45 PM
BasePriority : Normal


#:41 [dllhost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 4020
ThreadCreationTime : 09-08-2005 7:37:23 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : dllhost.exe

#:42 [msdtc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1852
ThreadCreationTime : 09-08-2005 7:37:28 PM
BasePriority : Normal
FileVersion : 2001.12.4414.258
ProductVersion : 03.01.00.4414
ProductName : Microsoft Distributed Transaction Coordinator
CompanyName : Microsoft Corporation
FileDescription : MS DTC console program
InternalName : MSDTC.EXE
LegalCopyright : Copyright © Microsoft Corp. 1995-1998
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows™ is a trademark of Microsoft Corporation

#:43 [wmiadap.exe]
FilePath : \\?\C:\WINDOWS\system32\WBEM\
ProcessID : 700
ThreadCreationTime : 09-08-2005 7:38:46 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : wmicookr.dll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wmicookr.dll

#:44 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2020
ThreadCreationTime : 09-08-2005 7:39:50 PM
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:45 [wmiadap.exe]
FilePath : \\?\C:\WINDOWS\system32\WBEM\
ProcessID : 1616
ThreadCreationTime : 09-08-2005 7:40:33 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : wmicookr.dll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wmicookr.dll

#:46 [sapisvr.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Speech\
ProcessID : 2056
ThreadCreationTime : 09-08-2005 7:42:47 PM
BasePriority : Normal
FileVersion : 5.1.4111.00 (XPClient.010817-1148)
ProductVersion : 5.1.4111.00
ProductName : Microsoft® Windows™ Operating System
CompanyName : Microsoft Corporation
FileDescription : SAPISVR 5
InternalName : SAPISVR5
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : SAPISVR5

#:47 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2364
ThreadCreationTime : 09-08-2005 7:44:39 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:48 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 2680
ThreadCreationTime : 09-08-2005 7:45:21 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 2




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

12:53:25 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:06:42.78
Objects scanned:122097
Objects identified:0
Objects ignored:0
New critical objects:0

ewido security suite

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 1:07:36 PM, 09/08/2005
+ Report-Checksum: 7BF66A8

+ Scan result:

C:\Documents and Settings\Mike\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup


::Report End

Please note that I properly removed this file and an additional scan found nothing wrong, but I included this scan as maybe it contributed to the problem?


Spybot - S&D found nothing, and it gives me no options for a report, so I cannot include one.

I am running Windows XP Home on a brand new LG LW70 notebook, with Norton Anti-Virus, Zone Alarm Pro, and Windows Firewall. I am also behind a hardware firewall from my router. I also have SpywareBlaster and SpywareGuard.

Please help me, guys.

P.S. Also included is a screen shot of the process section of Task Manager.
Untitled_2_copy.jpg

Edited by mightymouse87, 09 August 2005 - 02:42 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP