here is my ad aware log. thankyou very much.
Logfile removed: Incorrect Logfile type posted
Edited by Andy_veal, 05 May 2005 - 04:52 PM.
ad-aware log
Started by
cdoza28
, May 04 2005 07:44 AM
-
This topic is locked
#1
Posted 04 May 2005 - 07:44 AM
cdoza28
-
- Member
-
- 10 posts
Member
here is my ad aware log. thankyou very much.
Logfile removed: Incorrect Logfile type posted
#2
Posted 04 May 2005 - 08:13 AM
Rawe
-
- Member
-
- 4,746 posts
Visiting Staff
Welcome!
If you need help, post Ad-aware SE scanlog from "Full system scan".
Note; perform Webupdate- feature always before scanning your system, that way you are always up-to-date. At the moment SE1R42 28.04.2005 - definition file is the latest one.
Ad-Aware comes preconfigured with default options, so we need you to make one change. Deselect "Search for negligible risk entries"- setting, because mru-list's aren't considered as a threat. You can change this setting when selecting your scan type. Also, delete all tracking cookies just before scanning, they aren't a threat and just take space in your posts.
Select "Perform full system scan" and click next. When the scan has finished, click "Show logfile".
Then, copy & paste the complete scanlog here using Add Reply- feature. Don't quarantine or remove anything at this time, just post a complete logfile. This may take 2-3 posts to get it all here. You'll know when you are at the end when you see "Summary of this scan" information has posted.
When you have posted complete logfile from "Full system scan", we will tell you what to do.
Good day!
- Rawe
If you need help, post Ad-aware SE scanlog from "Full system scan".
Note; perform Webupdate- feature always before scanning your system, that way you are always up-to-date. At the moment SE1R42 28.04.2005 - definition file is the latest one.
Ad-Aware comes preconfigured with default options, so we need you to make one change. Deselect "Search for negligible risk entries"- setting, because mru-list's aren't considered as a threat. You can change this setting when selecting your scan type. Also, delete all tracking cookies just before scanning, they aren't a threat and just take space in your posts.
Select "Perform full system scan" and click next. When the scan has finished, click "Show logfile".
Then, copy & paste the complete scanlog here using Add Reply- feature. Don't quarantine or remove anything at this time, just post a complete logfile. This may take 2-3 posts to get it all here. You'll know when you are at the end when you see "Summary of this scan" information has posted.
When you have posted complete logfile from "Full system scan", we will tell you what to do.
Good day!
- Rawe
#3
Posted 04 May 2005 - 08:07 PM
cdoza28
- Topic Starter
-
- Member
-
- 10 posts
Member
here is the ad-aware log.
Ad-Aware SE Build 1.05
Logfile Created on:Wednesday, May 04, 2005 8:52:08 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):9 total references
Tracking Cookie(TAC index:3):4 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:9 %
Total physical memory:252656 kb
Available physical memory:21892 kb
Total page file size:618908 kb
Available on page file:388632 kb
Total virtual memory:2097024 kb
Available virtual memory:2043776 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-4-2005 8:52:08 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Owner\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 536
ThreadCreationTime : 5-4-2005 2:06:43 AM
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 608
ThreadCreationTime : 5-4-2005 2:06:47 AM
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 632
ThreadCreationTime : 5-4-2005 2:06:48 AM
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 676
ThreadCreationTime : 5-4-2005 2:06:49 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 688
ThreadCreationTime : 5-4-2005 2:06:49 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 848
ThreadCreationTime : 5-4-2005 2:06:51 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 900
ThreadCreationTime : 5-4-2005 2:06:51 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1040
ThreadCreationTime : 5-4-2005 2:06:52 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1088
ThreadCreationTime : 5-4-2005 2:06:53 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
ProcessID : 1164
ThreadCreationTime : 5-4-2005 2:06:54 AM
BasePriority : Normal
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:11 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1280
ThreadCreationTime : 5-4-2005 2:06:56 AM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:12 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1296
ThreadCreationTime : 5-4-2005 2:06:56 AM
BasePriority : Normal
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:13 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1472
ThreadCreationTime : 5-4-2005 2:06:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:14 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 1616
ThreadCreationTime : 5-4-2005 2:06:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:15 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1684
ThreadCreationTime : 5-4-2005 2:06:59 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:16 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1700
ThreadCreationTime : 5-4-2005 2:06:59 AM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:17 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : "C:\Program Files\Norton AntiVirus\navapsvc.exe"
ProcessID : 1760
ThreadCreationTime : 5-4-2005 2:06:59 AM
BasePriority : Normal
FileVersion : 10.00.109
ProductVersion : 10.00.109
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [ncupdatesvc.exe]
ModuleName : C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
Command Line : "C:\Program Files\Netscape Internet Service\ncupdatesvc.exe"
ProcessID : 1788
ThreadCreationTime : 5-4-2005 2:07:00 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Netscape Update Service
CompanyName : Netscape Communications Corporation
FileDescription : Netscape Update Service
InternalName : Netscape NT Service
LegalCopyright : Copyright © 2003, 2004 Netscape Communications Corporation. All rights reserved.
LegalTrademarks : Netscape Communications Corporation
OriginalFilename : Netscape Update Service
#:19 [savscan.exe]
ModuleName : C:\Program Files\Norton AntiVirus\SAVScan.exe
Command Line : "C:\Program Files\Norton AntiVirus\SAVScan.exe"
ProcessID : 1864
ThreadCreationTime : 5-4-2005 2:07:00 AM
BasePriority : Normal
FileVersion : 9.2.0.79
ProductVersion : 9.2
ProductName : Symantec AntiVirus AutoProtect
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
LegalCopyright : Copyright © 2003 Symantec Corporation
OriginalFilename : SAVSCAN.EXE
#:20 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1940
ThreadCreationTime : 5-4-2005 2:07:01 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:21 [pdvdserv.exe]
ModuleName : C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
Command Line : "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
ProcessID : 204
ThreadCreationTime : 5-4-2005 2:07:08 AM
BasePriority : Normal
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright © CyberLink Corp. 1997-2002
OriginalFilename : PDVDSERV.EXE
#:22 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ProcessID : 192
ThreadCreationTime : 5-4-2005 2:07:08 AM
BasePriority : Normal
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Symantec Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:23 [shwiconem.exe]
ModuleName : C:\Program Files\Digital Media Reader\shwiconem.exe
Command Line : "C:\Program Files\Digital Media Reader\shwiconem.exe"
ProcessID : 180
ThreadCreationTime : 5-4-2005 2:07:08 AM
BasePriority : Idle
FileVersion : 1, 4, 0, 8
ProductVersion : 1, 4, 0, 8
ProductName : Multimedia Card Reader
CompanyName : Alcor Micro, Corp.
LegalCopyright : Copyright c 2002
#:24 [hkcmd.exe]
ModuleName : C:\WINDOWS\System32\hkcmd.exe
Command Line : "C:\WINDOWS\System32\hkcmd.exe"
ProcessID : 136
ThreadCreationTime : 5-4-2005 2:07:09 AM
BasePriority : Normal
FileVersion : 3.0.0.2331
ProductVersion : 7.0.0.2331
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE
#:25 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 152
ThreadCreationTime : 5-4-2005 2:07:09 AM
BasePriority : Normal
FileVersion : 5.1.0.22
ProductVersion : 5.1.0.22
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager
#:26 [gamedrvr.exe]
ModuleName : C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
Command Line : "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
ProcessID : 248
ThreadCreationTime : 5-4-2005 2:07:10 AM
BasePriority : Normal
FileVersion : 5.0.0.190
ProductVersion : 5.0.0.190
ProductName : WildTangent Game Loader
CompanyName : WildTangent, Inc.
FileDescription : WildTangent Automatic Update Manager
LegalCopyright : All Rights Reserved © 2003-2004 WildTangent, Inc.
#:27 [gcasserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
ProcessID : 328
ThreadCreationTime : 5-4-2005 2:07:10 AM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe
#:28 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 380
ThreadCreationTime : 5-4-2005 2:07:12 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:29 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 400
ThreadCreationTime : 5-4-2005 2:07:13 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe
#:30 [gcasdtserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe"
ProcessID : 416
ThreadCreationTime : 5-4-2005 2:07:14 AM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe
#:31 [winpatrol.exe]
ModuleName : C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
Command Line : "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe"
ProcessID : 460
ThreadCreationTime : 5-4-2005 2:07:14 AM
BasePriority : Normal
FileVersion : 9, 1, 0, 0
ProductVersion : 9.1.0.0
ProductName : WinPatrol Monitor
CompanyName : BillP Studios
FileDescription : WinPatrol System Monitor
InternalName : WinPatrol Monitor
LegalCopyright : Copyright © 1997- 2005 BillP Studios
OriginalFilename : Scotty
Comments : Let Scotty the Windows Watchdog patrol your system.
#:32 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 1140
ThreadCreationTime : 5-4-2005 2:07:32 AM
BasePriority : Normal
FileVersion : 4.7.0041
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2001
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:33 [bigfix.exe]
ModuleName : C:\Program Files\BigFix\BigFix.exe
Command Line : "C:\Program Files\BigFix\BigFix.exe" /atstartup
ProcessID : 1008
ThreadCreationTime : 5-4-2005 2:07:46 AM
BasePriority : Normal
FileVersion : 1, 7, 6, 0
ProductVersion : 1, 7, 6, 0
ProductName : BigFix
CompanyName : BigFix Inc.
FileDescription : BigFix Client Application
InternalName : BigFix
LegalCopyright : Copyright © 2002
OriginalFilename : BigFix.exe
#:34 [hpomau08.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe"
ProcessID : 2056
ThreadCreationTime : 5-4-2005 2:07:46 AM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOMAU08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOMAU08.EXE
Comments : HP OfficeJet <Maui> Series COM Device Objects
#:35 [hpotdd01.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe"
ProcessID : 2076
ThreadCreationTime : 5-4-2005 2:07:46 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Hewlett-Packard hpotdd01
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
LegalCopyright : Copyright © 2002
OriginalFilename : hpotdd01.exe
#:36 [gwremind.exe]
ModuleName : C:\Program Files\Greetings Workshop\GWREMIND.EXE
Command Line : "C:\Program Files\Greetings Workshop\GWREMIND.EXE"
ProcessID : 2092
ThreadCreationTime : 5-4-2005 2:07:46 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Microsoft Greetings Workshop Reminder
CompanyName : Microsoft Corporation
FileDescription : gwremind
InternalName : gwremind
LegalCopyright : Copyright © 1996
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : gwremind.exe
Comments : Greetings Workshop Reminder 1.0 for Windows® 95
#:37 [qshelf99.exe]
ModuleName : C:\Program Files\Microsoft Reference\Bookshelf 99\qshelf99.exe
Command Line : "C:\Program Files\Microsoft Reference\Bookshelf 99\qshelf99.exe"
ProcessID : 2136
ThreadCreationTime : 5-4-2005 2:07:48 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 5, 0, 0, 1
ProductName : QuickShelf Application
CompanyName : Microsoft Corporation
FileDescription : QSHELF MFC Application
InternalName : QSHELF
LegalCopyright : Copyright © Microsoft Corporation 1987-1998
OriginalFilename : QSHELF.EXE
#:38 [hpoevm08.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe" -Embedding
ProcessID : 2492
ThreadCreationTime : 5-4-2005 2:08:04 AM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOEVM08.EXE
Comments : HP OfficeJet COM Event Manager
#:39 [hpzipm12.exe]
ModuleName : C:\WINDOWS\System32\HPZipm12.exe
Command Line : C:\WINDOWS\System32\HPZipm12.exe
ProcessID : 2568
ThreadCreationTime : 5-4-2005 2:08:09 AM
BasePriority : Normal
FileVersion : 6, 0, 0, 0
ProductVersion : 6, 0, 0, 0
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe
#:40 [wuauclt.exe]
ModuleName : C:\WINDOWS\System32\wuauclt.exe
Command Line : "C:\WINDOWS\System32\wuauclt.exe"
ProcessID : 2700
ThreadCreationTime : 5-4-2005 2:08:32 AM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
#:41 [hposts08.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe" /CtxID "#Hewlett-Packard#hp officejet 4100 series#1105657325" /Startup
ProcessID : 2812
ThreadCreationTime : 5-4-2005 2:09:02 AM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOSTS08.EXE
Comments : HP OfficeJet Status
#:42 [hpofxm08.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoFXM08.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoFXM08.exe" /CtxID "#Hewlett-Packard#hp officejet 4100 series#1105657325"
ProcessID : 2832
ThreadCreationTime : 5-4-2005 2:09:04 AM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP AiO Fax Manager
InternalName : HPOFXM08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOFXM08.EXE
Comments : HP AiO Fax Manager
#:43 [ymsgr_tray.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe" -ymsgr
ProcessID : 1032
ThreadCreationTime : 5-4-2005 1:39:20 PM
BasePriority : Normal
#:44 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3540
ThreadCreationTime : 5-5-2005 1:49:31 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@tribalfusion[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 13
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 13
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
9:01:20 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:09:12.203
Objects scanned:109201
Objects identified:4
Objects ignored:0
New critical objects:4
also on my display thing i only have screen saver options but not desktop options.
Ad-Aware SE Build 1.05
Logfile Created on:Wednesday, May 04, 2005 8:52:08 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):9 total references
Tracking Cookie(TAC index:3):4 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:9 %
Total physical memory:252656 kb
Available physical memory:21892 kb
Total page file size:618908 kb
Available on page file:388632 kb
Total virtual memory:2097024 kb
Available virtual memory:2043776 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-4-2005 8:52:08 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Owner\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1148755269-3065855527-1215031633-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 536
ThreadCreationTime : 5-4-2005 2:06:43 AM
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 608
ThreadCreationTime : 5-4-2005 2:06:47 AM
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 632
ThreadCreationTime : 5-4-2005 2:06:48 AM
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 676
ThreadCreationTime : 5-4-2005 2:06:49 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 688
ThreadCreationTime : 5-4-2005 2:06:49 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 848
ThreadCreationTime : 5-4-2005 2:06:51 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 900
ThreadCreationTime : 5-4-2005 2:06:51 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1040
ThreadCreationTime : 5-4-2005 2:06:52 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1088
ThreadCreationTime : 5-4-2005 2:06:53 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
ProcessID : 1164
ThreadCreationTime : 5-4-2005 2:06:54 AM
BasePriority : Normal
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:11 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1280
ThreadCreationTime : 5-4-2005 2:06:56 AM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:12 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1296
ThreadCreationTime : 5-4-2005 2:06:56 AM
BasePriority : Normal
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:13 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1472
ThreadCreationTime : 5-4-2005 2:06:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:14 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 1616
ThreadCreationTime : 5-4-2005 2:06:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:15 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1684
ThreadCreationTime : 5-4-2005 2:06:59 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:16 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1700
ThreadCreationTime : 5-4-2005 2:06:59 AM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:17 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : "C:\Program Files\Norton AntiVirus\navapsvc.exe"
ProcessID : 1760
ThreadCreationTime : 5-4-2005 2:06:59 AM
BasePriority : Normal
FileVersion : 10.00.109
ProductVersion : 10.00.109
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [ncupdatesvc.exe]
ModuleName : C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
Command Line : "C:\Program Files\Netscape Internet Service\ncupdatesvc.exe"
ProcessID : 1788
ThreadCreationTime : 5-4-2005 2:07:00 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Netscape Update Service
CompanyName : Netscape Communications Corporation
FileDescription : Netscape Update Service
InternalName : Netscape NT Service
LegalCopyright : Copyright © 2003, 2004 Netscape Communications Corporation. All rights reserved.
LegalTrademarks : Netscape Communications Corporation
OriginalFilename : Netscape Update Service
#:19 [savscan.exe]
ModuleName : C:\Program Files\Norton AntiVirus\SAVScan.exe
Command Line : "C:\Program Files\Norton AntiVirus\SAVScan.exe"
ProcessID : 1864
ThreadCreationTime : 5-4-2005 2:07:00 AM
BasePriority : Normal
FileVersion : 9.2.0.79
ProductVersion : 9.2
ProductName : Symantec AntiVirus AutoProtect
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
LegalCopyright : Copyright © 2003 Symantec Corporation
OriginalFilename : SAVSCAN.EXE
#:20 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1940
ThreadCreationTime : 5-4-2005 2:07:01 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:21 [pdvdserv.exe]
ModuleName : C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
Command Line : "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
ProcessID : 204
ThreadCreationTime : 5-4-2005 2:07:08 AM
BasePriority : Normal
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright © CyberLink Corp. 1997-2002
OriginalFilename : PDVDSERV.EXE
#:22 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ProcessID : 192
ThreadCreationTime : 5-4-2005 2:07:08 AM
BasePriority : Normal
FileVersion : 2.0.0.635
ProductVersion : 2.0.0.635
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Symantec Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:23 [shwiconem.exe]
ModuleName : C:\Program Files\Digital Media Reader\shwiconem.exe
Command Line : "C:\Program Files\Digital Media Reader\shwiconem.exe"
ProcessID : 180
ThreadCreationTime : 5-4-2005 2:07:08 AM
BasePriority : Idle
FileVersion : 1, 4, 0, 8
ProductVersion : 1, 4, 0, 8
ProductName : Multimedia Card Reader
CompanyName : Alcor Micro, Corp.
LegalCopyright : Copyright c 2002
#:24 [hkcmd.exe]
ModuleName : C:\WINDOWS\System32\hkcmd.exe
Command Line : "C:\WINDOWS\System32\hkcmd.exe"
ProcessID : 136
ThreadCreationTime : 5-4-2005 2:07:09 AM
BasePriority : Normal
FileVersion : 3.0.0.2331
ProductVersion : 7.0.0.2331
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE
#:25 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 152
ThreadCreationTime : 5-4-2005 2:07:09 AM
BasePriority : Normal
FileVersion : 5.1.0.22
ProductVersion : 5.1.0.22
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager
#:26 [gamedrvr.exe]
ModuleName : C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
Command Line : "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
ProcessID : 248
ThreadCreationTime : 5-4-2005 2:07:10 AM
BasePriority : Normal
FileVersion : 5.0.0.190
ProductVersion : 5.0.0.190
ProductName : WildTangent Game Loader
CompanyName : WildTangent, Inc.
FileDescription : WildTangent Automatic Update Manager
LegalCopyright : All Rights Reserved © 2003-2004 WildTangent, Inc.
#:27 [gcasserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
ProcessID : 328
ThreadCreationTime : 5-4-2005 2:07:10 AM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe
#:28 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 380
ThreadCreationTime : 5-4-2005 2:07:12 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:29 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 400
ThreadCreationTime : 5-4-2005 2:07:13 AM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe
#:30 [gcasdtserv.exe]
ModuleName : C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
Command Line : "C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe"
ProcessID : 416
ThreadCreationTime : 5-4-2005 2:07:14 AM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe
#:31 [winpatrol.exe]
ModuleName : C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
Command Line : "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe"
ProcessID : 460
ThreadCreationTime : 5-4-2005 2:07:14 AM
BasePriority : Normal
FileVersion : 9, 1, 0, 0
ProductVersion : 9.1.0.0
ProductName : WinPatrol Monitor
CompanyName : BillP Studios
FileDescription : WinPatrol System Monitor
InternalName : WinPatrol Monitor
LegalCopyright : Copyright © 1997- 2005 BillP Studios
OriginalFilename : Scotty
Comments : Let Scotty the Windows Watchdog patrol your system.
#:32 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 1140
ThreadCreationTime : 5-4-2005 2:07:32 AM
BasePriority : Normal
FileVersion : 4.7.0041
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2001
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:33 [bigfix.exe]
ModuleName : C:\Program Files\BigFix\BigFix.exe
Command Line : "C:\Program Files\BigFix\BigFix.exe" /atstartup
ProcessID : 1008
ThreadCreationTime : 5-4-2005 2:07:46 AM
BasePriority : Normal
FileVersion : 1, 7, 6, 0
ProductVersion : 1, 7, 6, 0
ProductName : BigFix
CompanyName : BigFix Inc.
FileDescription : BigFix Client Application
InternalName : BigFix
LegalCopyright : Copyright © 2002
OriginalFilename : BigFix.exe
#:34 [hpomau08.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe"
ProcessID : 2056
ThreadCreationTime : 5-4-2005 2:07:46 AM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOMAU08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOMAU08.EXE
Comments : HP OfficeJet <Maui> Series COM Device Objects
#:35 [hpotdd01.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe"
ProcessID : 2076
ThreadCreationTime : 5-4-2005 2:07:46 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Hewlett-Packard hpotdd01
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
LegalCopyright : Copyright © 2002
OriginalFilename : hpotdd01.exe
#:36 [gwremind.exe]
ModuleName : C:\Program Files\Greetings Workshop\GWREMIND.EXE
Command Line : "C:\Program Files\Greetings Workshop\GWREMIND.EXE"
ProcessID : 2092
ThreadCreationTime : 5-4-2005 2:07:46 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Microsoft Greetings Workshop Reminder
CompanyName : Microsoft Corporation
FileDescription : gwremind
InternalName : gwremind
LegalCopyright : Copyright © 1996
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : gwremind.exe
Comments : Greetings Workshop Reminder 1.0 for Windows® 95
#:37 [qshelf99.exe]
ModuleName : C:\Program Files\Microsoft Reference\Bookshelf 99\qshelf99.exe
Command Line : "C:\Program Files\Microsoft Reference\Bookshelf 99\qshelf99.exe"
ProcessID : 2136
ThreadCreationTime : 5-4-2005 2:07:48 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 5, 0, 0, 1
ProductName : QuickShelf Application
CompanyName : Microsoft Corporation
FileDescription : QSHELF MFC Application
InternalName : QSHELF
LegalCopyright : Copyright © Microsoft Corporation 1987-1998
OriginalFilename : QSHELF.EXE
#:38 [hpoevm08.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe" -Embedding
ProcessID : 2492
ThreadCreationTime : 5-4-2005 2:08:04 AM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOEVM08.EXE
Comments : HP OfficeJet COM Event Manager
#:39 [hpzipm12.exe]
ModuleName : C:\WINDOWS\System32\HPZipm12.exe
Command Line : C:\WINDOWS\System32\HPZipm12.exe
ProcessID : 2568
ThreadCreationTime : 5-4-2005 2:08:09 AM
BasePriority : Normal
FileVersion : 6, 0, 0, 0
ProductVersion : 6, 0, 0, 0
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe
#:40 [wuauclt.exe]
ModuleName : C:\WINDOWS\System32\wuauclt.exe
Command Line : "C:\WINDOWS\System32\wuauclt.exe"
ProcessID : 2700
ThreadCreationTime : 5-4-2005 2:08:32 AM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
#:41 [hposts08.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe" /CtxID "#Hewlett-Packard#hp officejet 4100 series#1105657325" /Startup
ProcessID : 2812
ThreadCreationTime : 5-4-2005 2:09:02 AM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOSTS08.EXE
Comments : HP OfficeJet Status
#:42 [hpofxm08.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoFXM08.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoFXM08.exe" /CtxID "#Hewlett-Packard#hp officejet 4100 series#1105657325"
ProcessID : 2832
ThreadCreationTime : 5-4-2005 2:09:04 AM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP AiO Fax Manager
InternalName : HPOFXM08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOFXM08.EXE
Comments : HP AiO Fax Manager
#:43 [ymsgr_tray.exe]
ModuleName : C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
Command Line : "C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe" -ymsgr
ProcessID : 1032
ThreadCreationTime : 5-4-2005 1:39:20 PM
BasePriority : Normal
#:44 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3540
ThreadCreationTime : 5-5-2005 1:49:31 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@tribalfusion[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 13
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 13
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
9:01:20 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:09:12.203
Objects scanned:109201
Objects identified:4
Objects ignored:0
New critical objects:4
also on my display thing i only have screen saver options but not desktop options.
#4
Posted 04 May 2005 - 08:09 PM
cdoza28
- Topic Starter
-
- Member
-
- 10 posts
Member
i dont know how to delete all tracking cookies. thanks for all your help and information.
#5
Posted 05 May 2005 - 03:05 AM
Rawe
-
- Member
-
- 4,746 posts
Visiting Staff
Hello again..
Try these online virus scans;
- Trend Micro
- Panda Activescan
Post the results here.
- Rawe
Try these online virus scans;
- Trend Micro
- Panda Activescan
Post the results here.
- Rawe
#6
Guest_Andy_veal_*
Posted 05 May 2005 - 04:55 PM
Guest_Andy_veal_*
Guest_Andy_veal_*
-
- Guest
Are you still having problems?
I see another topic of yours and it would seem you were helped recently.
I see another topic of yours and it would seem you were helped recently.
#7
Posted 05 May 2005 - 06:10 PM
cdoza28
- Topic Starter
-
- Member
-
- 10 posts
Member
i ran the trendhome scan and it came up with no viruses. the other person tried to help me but he was not sure about parts of my log. how do i get the desktop back to normal? now it has a message about the trojan spy thing. and when i look in the control panel, display it does not offer desktop choices. when i log on to the internet about:blank comes up and not yahoo. did you see my ad-aware log?
#8
Guest_Andy_veal_*
Posted 06 May 2005 - 06:01 PM
Guest_Andy_veal_*
Guest_Andy_veal_*
-
- Guest
Please read these instructions carefully and print them out! Be sure to follow ALL instructions!
Go to Start > Control Panel > Add or Remove Programs and remove the following programs, if found:
Security IGuard
Virtual Maid
Search Maid
Exit Add/Remove Programs.
*IMPORTANT*CLICK THIS LINK TO LEARN HOW TO VIEW HIDDEN FILES
Press CTRL ALT DELETE to open Windows Task Manger. Click on the Processes tab and end the following processes:
List any files going to be deleted that are running
Exit Task Manager.
I need you to copy all of the Killbox instructions below and paste them into Notepad and save it for use while in Safe Mode.
* Please download the Killbox by Option^Explicit. *In the event you already have Killbox, this is a new version that I need you to download.
Unzip it to the desktop but do NOT run it yet.
* Please reboot into Safe Mode by restarting your computer and tapping F8 continuously as your computer is booting up until a menu appears. use your up arrow key to highlight "Safe Mode", then hit enter
* Once in Safe Mode, please run Killbox.
* Select "Delete on Reboot".
* Open the Notepad file where you saved these instructions earlier, and copy the file names below to the clipboard by highlighting them and pressing CTRL + C:
C:\wp.exe
C:\wp.bmp
C:\Windows\sites.ini
C:\Windows\popuper.exe
C:\WINDOWS\System32\wldr.dll
C:\Windows\System32\helper.exe
C:\Windows\System32\intmonp.exe
C:\Windows\System32\msmsgs.exe
C:\Windows\System32\ole32vbs.exe
C:\Windows\system32\msole32.exe
* Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
* Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
If your computer does not restart automatically, please restart it manually. While your computer is restarting, tap the F8 key continually until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter. Yes, we need you to go back into Safe Mode!
Make sure you can view hidden files.
Using Windows Explorer, delete the following (please do NOT try to find them by "search" because they will not show up that way)
FOLDERS to delete (in bold) if found:
C:\Program Files\Search Maid
C:\Program Files\Virtual Maid
C:\Windows\System32\Log Files
C:\Program Files\Security IGuard
Reboot into normal mode.
*Download and install Registrar Lite version 2.00
*Double click the purple Registrar Lite icon on your desktop.
*Copy the line below and paste it into the "Address" field (located at the top) of the program:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
*Click the "Go" button.
*It will take you into the "Policies" folder.
*Locate the "System" folder (in the right panel)
*If found, right-click on the System folder and go to Delete
*Be very careful that you only delete the System folder that is inside the Policies folder.
Reboot your computer again.
1.) Download the Hoster from HERE Press "Restore Original Hosts" and press "OK". Exit Program.
2.) Download: http://www.mvps.org/winhelp2002/DelDomains.inf
To use: right-click and select: Install (no need to restart)
Note: This will remove all entries in the "Trusted Zone" and "Ranges" also.
3.) Download, install, and run CleanUp!
4.) Run this online virus scan: ActiveScan - Save the results from the scan!
Go to Start > Control Panel > Add or Remove Programs and remove the following programs, if found:
Security IGuard
Virtual Maid
Search Maid
Exit Add/Remove Programs.
*IMPORTANT*CLICK THIS LINK TO LEARN HOW TO VIEW HIDDEN FILES
Press CTRL ALT DELETE to open Windows Task Manger. Click on the Processes tab and end the following processes:
List any files going to be deleted that are running
Exit Task Manager.
I need you to copy all of the Killbox instructions below and paste them into Notepad and save it for use while in Safe Mode.
* Please download the Killbox by Option^Explicit. *In the event you already have Killbox, this is a new version that I need you to download.
Unzip it to the desktop but do NOT run it yet.
* Please reboot into Safe Mode by restarting your computer and tapping F8 continuously as your computer is booting up until a menu appears. use your up arrow key to highlight "Safe Mode", then hit enter
* Once in Safe Mode, please run Killbox.
* Select "Delete on Reboot".
* Open the Notepad file where you saved these instructions earlier, and copy the file names below to the clipboard by highlighting them and pressing CTRL + C:
C:\wp.exe
C:\wp.bmp
C:\Windows\sites.ini
C:\Windows\popuper.exe
C:\WINDOWS\System32\wldr.dll
C:\Windows\System32\helper.exe
C:\Windows\System32\intmonp.exe
C:\Windows\System32\msmsgs.exe
C:\Windows\System32\ole32vbs.exe
C:\Windows\system32\msole32.exe
* Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
* Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
If your computer does not restart automatically, please restart it manually. While your computer is restarting, tap the F8 key continually until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter. Yes, we need you to go back into Safe Mode!
Make sure you can view hidden files.
Using Windows Explorer, delete the following (please do NOT try to find them by "search" because they will not show up that way)
FOLDERS to delete (in bold) if found:
C:\Program Files\Search Maid
C:\Program Files\Virtual Maid
C:\Windows\System32\Log Files
C:\Program Files\Security IGuard
Reboot into normal mode.
*Download and install Registrar Lite version 2.00
*Double click the purple Registrar Lite icon on your desktop.
*Copy the line below and paste it into the "Address" field (located at the top) of the program:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
*Click the "Go" button.
*It will take you into the "Policies" folder.
*Locate the "System" folder (in the right panel)
*If found, right-click on the System folder and go to Delete
*Be very careful that you only delete the System folder that is inside the Policies folder.
Reboot your computer again.
1.) Download the Hoster from HERE Press "Restore Original Hosts" and press "OK". Exit Program.
2.) Download: http://www.mvps.org/winhelp2002/DelDomains.inf
To use: right-click and select: Install (no need to restart)
Note: This will remove all entries in the "Trusted Zone" and "Ranges" also.
3.) Download, install, and run CleanUp!
4.) Run this online virus scan: ActiveScan - Save the results from the scan!
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
