1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

argh... new comp, suddenly slow

Discussion in 'Virus & Other Malware Removal' started by Yazan, Oct 18, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    This is driving me nuts! I have an antivirus, and since my old comp's burner wasnt working, i decided to dl my files again from internet... and i got carried away a bit and started dling other stuff for those files... anyway, so now I've got so many processes running, and my comp has become slow as hell... ticking me off! I'm doing a virus scan with pc-cililn 2002 (Thanks msi). I used hijackthis, and this is the log I got:

    Logfile of HijackThis v1.97.3
    Scan saved at 6:47:51 PM, on 18/10/2003
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Kazaa Lite K++\KazaaLite.kpp
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\System32\taskmgr.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\PCCMAIN.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Yazan\LOCALS~1\Temp\Rar$EX00.125\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
    O4 - HKLM\..\Run: [POINTER] point32.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
    O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zapro.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
    O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
    O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WinServices] noob.exe
    O4 - HKLM\..\Run: [MsProt] MsProt32.exe
    O4 - HKLM\..\RunServices: [MsProt] MsProt32.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
    O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojanscan.com/trojanscan/TDECntrl.CAB
    O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37907.8333680556
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4298/mcfscan.cab

    ALso, The following processes are running:

    svchost.exe
    taskmgr.exe (Duh)
    hpotdd01.exe
    WINWORD.EXE
    notepad.exe
    iexplore.exe
    hposts08.exe
    iexplore.exe
    pccmain.exe
    emule.exe
    iexplore.exe
    hpoevm08.exe
    msnmsgr.exe
    cftmon.exe
    realsched.exe
    Pop3trap.exe
    PCCClient.exe
    pccguide.exe
    point32.exe
    type32.exe
    atiptaxx.exe
    spoolsv.exe
    mdm.exe
    svchost.exe
    svchost.exe
    sapisvr.exe
    svchost.exe
    svchost.exe
    ati2evxx.exe
    explorer.exe
    lsass.exe
    services.exe
    winlogon.exe
    csrss.exe
    KazaaLite.kpp
    smss.exe
    WebTrap.exe
    Tmntsrv.exe
    PCAlert4.exe
    hpohmr08.exe
    System
    System Idle Processes

    Anyway, if you just think that i'm being paranoid... I don't really think so. I was download so many zip archives, then open them up and forget to scan... so just like that my comp is very very very slow... and I really want some help, I don't want to format for the 5th time in a week.
    Thanks in advance.

    edit: I forgot to mention, but it's already in the log file.
    msprot32.exe and noob.exe were running... i shutdown noob.exe cuz it's obviously a virus, and msprot32.exe i shut it down cuz of a result i got in a search saying it's a virus, but i can't search by myself anymore cuz i have a project due monday...
    so anyway, thanks for all help
     
  2. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    I just scanned using ad-aware 6, and it found 10 objects.. here's the log thinghy


    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :October 18, 2003 7:56:28 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R217 08.09.2003
    ______________________________________________________

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry


    18-10-2003 7:56:28 PM - Scan started. (Smart mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ThreadCreationTime : 18-10-2003 2:07:19 PM
    BasePriority : Normal


    #:2 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : High


    #:3 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : Normal
    FileSize : 99 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    OriginalFilename : services.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:4 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : Normal
    FileSize : 11 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    OriginalFilename : lsass.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:5 [ati2evxx.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 312 KB
    Created on : 14/10/2003 1:43:29 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 13/08/2003 2:25:24 PM

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:8 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:22 PM
    BasePriority : Normal
    FileSize : 50 KB
    FileVersion : 5.1.2600.0 (XPClient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    OriginalFilename : spoolsv.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:9 [atiptaxx.exe]
    FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 328 KB
    FileVersion : 6.14.10.5029
    ProductVersion : 6.14.10.5029
    Copyright : Copyright (C) 1998-2002 ATI Technologies Inc.
    CompanyName : ATI Technologies, Inc.
    FileDescription : ATI Desktop Control Panel
    InternalName : Atiptaxx.exe
    OriginalFilename : Atiptaxx.exe
    ProductName : ATI Desktop Component
    Created on : 14/10/2003 11:38:11 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 13/08/2003 1:10:00 AM

    #:10 [type32.exe]
    FilePath : C:\Program Files\Microsoft Hardware\Keyboard\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 92 KB
    FileVersion : 2.20.447.0
    ProductVersion : 2.2
    Copyright : Copyright (C) Microsoft Corp. 1995-2001
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft IntelliType Pro
    InternalName : Type32
    OriginalFilename : Type32.exe
    ProductName : Microsoft IntelliType Pro
    Created on : 22/03/2002 4:41:56 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 22/03/2002 4:41:56 AM

    #:11 [point32.exe]
    FilePath : C:\Program Files\Microsoft Hardware\Mouse\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 172 KB
    FileVersion : 4.10.0851.0
    ProductVersion : 4.1
    Copyright : Copyright (C) Microsoft Corp. 1983-2002
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft IntelliPoint
    InternalName : POINT32
    OriginalFilename : POINT32.EXE
    ProductName : Microsoft IntelliPoint
    Created on : 11/04/2002 6:47:52 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 11/04/2002 6:47:52 PM

    #:12 [pccguide.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 252 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : PCCGuide
    InternalName : PCCGuide
    OriginalFilename : PCCGuide
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:18:42 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 1:00:14 AM

    #:13 [pccclient.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 452 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : PCCClient
    InternalName : PCCClient
    OriginalFilename : PCCClient
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:12:50 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:52:28 AM

    #:14 [pop3trap.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 308 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : POP3Trap
    InternalName : POP3Trap
    OriginalFilename : POP3Trap
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:15:32 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:56:02 AM

    #:15 [realsched.exe]
    FilePath : C:\Program Files\Common Files\Real\Update_OB\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 148 KB
    FileVersion : 0.1.0.1622
    ProductVersion : 0.1.0.1622
    Copyright : Copyright
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks Scheduler
    InternalName : schedapp
    OriginalFilename : realsched.exe
    ProductName : RealOne Player (32-bit)
    Created on : 16/10/2003 1:56:34 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 16/10/2003 1:56:34 AM

    #:16 [ctfmon.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 13 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    OriginalFilename : CTFMON.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:18 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:22 AM

    #:17 [msnmsgr.exe]
    FilePath : C:\Program Files\MSN Messenger\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 4084 KB
    FileVersion : 6.0.0602
    ProductVersion : Version 6.0
    Copyright : Copyright (c) Microsoft Corporation 1997-2003
    CompanyName : Microsoft Corporation
    FileDescription : Messenger
    InternalName : msnmsgr
    OriginalFilename : msnmsgr.exe
    ProductName : Messenger
    Created on : 11/07/2003 6:57:42 PM
    Last accessed : 18/10/2003 11:20:11 PM
    Last modified : 11/07/2003 6:57:42 PM

    #:18 [pcalert4.exe]
    FilePath : C:\Program Files\MSI\PC Alert 4\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 540 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright (C) 2002
    FileDescription : PCAlert4 MFC Application
    InternalName : PCAlert4
    OriginalFilename : PCAlert4.EXE
    ProductName : PCAlert4 Application
    Created on : 15/10/2003 9:29:54 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 20/01/2003 2:27:34 PM

    #:19 [tmntsrv.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 172 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : Tmntsrv
    InternalName : Tmntsrv
    OriginalFilename : Tmntsrv.exe
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:15:52 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:56:24 AM

    #:20 [webtrap.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:33 PM
    BasePriority : Normal
    FileSize : 228 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : WebTrap
    InternalName : WebTrap
    OriginalFilename : WebTrap
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:17:04 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:58:12 AM

    #:21 [emule.exe]
    FilePath : C:\Program Files\eMule\
    ThreadCreationTime : 18-10-2003 2:13:32 PM
    BasePriority : Normal
    FileSize : 2732 KB
    FileVersion : 0.30.1
    ProductVersion : 0.30.1
    Copyright : Copyright
    CompanyName : http://www.emule-project.net
    FileDescription : eMule
    InternalName : emule.exe
    OriginalFilename : emule.exe
    ProductName : eMule
    Created on : 28/09/2003 11:23:44 AM
    Last accessed : 18/10/2003 11:08:09 PM
    Last modified : 28/09/2003 11:23:44 AM

    #:22 [kazaalite.kpp]
    FilePath : C:\Program Files\Kazaa Lite K++\
    ThreadCreationTime : 18-10-2003 4:03:08 PM
    BasePriority : Normal
    FileSize : 2182 KB
    Created on : 16/07/2003 10:19:52 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 16/07/2003 10:19:52 PM

    #:23 [mdm.exe]
    FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
    ThreadCreationTime : 18-10-2003 6:16:52 PM
    BasePriority : Normal
    FileSize : 264 KB
    FileVersion : 7.00.9064.9150
    ProductVersion : 7.00.9064.9150
    Copyright : Copyright (C) Microsoft Corp. 1997-2000
    CompanyName : Microsoft Corporation
    FileDescription : Machine Debug Manager
    InternalName : mdm.exe
    OriginalFilename : mdm.exe
    ProductName : Microsoft Development Environment
    Created on : 23/02/2001 2:07:30 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/02/2001 2:07:30 PM

    #:24 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 6:16:53 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:25 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 6:21:30 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:26 [winword.exe]
    FilePath : C:\Program Files\Microsoft Office\Office10\
    ThreadCreationTime : 18-10-2003 6:21:56 PM
    BasePriority : Normal
    FileSize : 10324 KB
    FileVersion : 10.0.2627
    ProductVersion : 10.0.2627
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft Word
    InternalName : WinWord
    OriginalFilename : WinWord.exe
    ProductName : Microsoft Office XP
    Created on : 28/02/2001 2:02:04 PM
    Last accessed : 18/10/2003 11:32:38 PM
    Last modified : 28/02/2001 2:02:04 PM

    #:27 [sapisvr.exe]
    FilePath : C:\Program Files\Common Files\Microsoft Shared\Speech\
    ThreadCreationTime : 18-10-2003 6:45:20 PM
    BasePriority : Normal
    FileSize : 36 KB
    FileVersion : 5.1.4111.00 (XPClient.010817-1148)
    ProductVersion : 5.1.4111.00
    CompanyName : Microsoft Corporation
    FileDescription : SAPISVR 5
    InternalName : SAPISVR5
    OriginalFilename : SAPISVR5
    ProductName : Microsoft
    Created on : 13/10/2003 8:55:46 PM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:28 [hpotdd01.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:03 PM
    BasePriority : Normal
    FileSize : 28 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright
    CompanyName : Hewlett-Packard
    FileDescription : hpotdd01
    InternalName : hpotdd01
    OriginalFilename : hpotdd01.exe
    ProductName : Hewlett-Packard hpotdd01
    Created on : 06/04/2003 5:06:58 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 5:06:58 AM

    #:29 [hpohmr08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:13 PM
    BasePriority : Normal
    FileSize : 144 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet COM Device Objects
    InternalName : HPOHMR08
    OriginalFilename : HPOHMR08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 5:17:18 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 5:17:18 AM

    #:30 [hpoevm08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:24 PM
    BasePriority : Normal
    FileSize : 280 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet COM Event Manager
    InternalName : HPOEVM08
    OriginalFilename : HPOEVM08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 4:45:10 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 4:45:10 AM

    #:31 [hposts08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
    ThreadCreationTime : 18-10-2003 7:25:46 PM
    BasePriority : Normal
    FileSize : 304 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet Status
    InternalName : HPOSTS08
    OriginalFilename : HPOSTS08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 4:55:04 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 4:55:04 AM

    #:32 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 8:41:28 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:33 [explorer.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 18-10-2003 9:54:53 PM
    BasePriority : Normal
    FileSize : 973 KB
    FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
    ProductVersion : 6.00.2800.1221
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft
    Created on : 12/05/2003 1:12:10 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 12/05/2003 1:12:10 AM

    #:34 [pccmain.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 10:30:40 PM
    BasePriority : Normal
    FileSize : 2100 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : PCCMAIN
    InternalName : PCCMAIN
    OriginalFilename : PCCMAIN
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:18:16 PM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 27/03/2003 12:59:38 AM

    #:35 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 10:44:55 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:36 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
    ThreadCreationTime : 18-10-2003 11:56:12 PM
    BasePriority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 18/10/2003 11:41:53 PM
    Last accessed : 18/10/2003 11:56:12 PM
    Last modified : 13/07/2003 2:00:20 AM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Dialer Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\MainPean Highspeed


    Alexa Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}


    Windows Object recognized!
    Type : RegData
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : Software\Microsoft\MediaPlayer\Player\Settings
    Value : Client ID
    Data :


    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 3
    Objects found so far: 3


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 3


    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\Documents and Settings\Yazan\Cookies\

    Created on : 17/10/2003 10:37:15 PM
    Last accessed : 18/10/2003 11:57:30 PM
    Last modified : 17/10/2003 10:37:15 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\Documents and Settings\Yazan\Cookies\

    Created on : 17/10/2003 10:37:15 PM
    Last accessed : 18/10/2003 11:57:30 PM
    Last modified : 17/10/2003 10:39:00 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\Documents and Settings\Yazan\Cookies\

    Created on : 18/10/2003 2:45:29 PM
    Last accessed : 18/10/2003 11:57:31 PM
    Last modified : 18/10/2003 2:45:29 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\Documents and Settings\Yazan\Cookies\

    Created on : 18/10/2003 3:57:52 PM
    Last accessed : 18/10/2003 11:57:31 PM
    Last modified : 18/10/2003 3:57:52 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]person[1].txt
    Object : C:\Documents and Settings\Yazan\Cookies\

    Created on : 18/10/2003 2:18:20 PM
    Last accessed : 18/10/2003 11:57:31 PM
    Last modified : 18/10/2003 2:18:20 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\Documents and Settings\Yazan\Cookies\

    Created on : 18/10/2003 5:51:40 PM
    Last accessed : 18/10/2003 11:37:06 PM
    Last modified : 18/10/2003 5:51:40 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]www.paypopup[1].txt
    Object : C:\Documents and Settings\Yazan\Cookies\

    Created on : 18/10/2003 3:58:49 PM
    Last accessed : 18/10/2003 11:57:31 PM
    Last modified : 18/10/2003 3:58:49 PM


    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


    Performing conditional scans..
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Conditional scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 10


    7:58:04 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:01:34:844
    Objects scanned :36637
    Objects identified :10
    Objects ignored :0
    New objects :10
     
  3. winchester73

    winchester73

    Joined:
    Aug 18, 2003
    Messages:
    2,438
    Before tackling your A-A scan, unfortunately you were using an old reference file ... 01R225 13.10.2003 is the current one. Please use the webupdate feature on the start screen, or click "check for updates" to secure that current reference file ... then re-scan and let's see what is found.

    The 7 tracking cookies can be safely deleted.

    Alexa ... here is some information about it:

    Alexa key:HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}\ is the "What's related links" feature on your Internet Explorer toolbar. It's not a big deal, if you use it don't delete it. You can add it to the Ad-Aware Ignore list if you want to keep it. Some people find the toolbar handy, others don't, and don't want anything transmitting data about them or their computer, so they remove it.

    Alexa technology does use a 'web crawler' (bot) that records the information found on webpages accessed when the 'What's related feature' is being used in Internet Explorer. When the 'What's related feature' in IE is not being used, no information is sent to Alexa.

    I should add that if you remove Alexa, and need to reinstall IE or repair it, Alexa will come back automatically ... a service pack update to your OS will likely return it as well.

    Alexa's privacy policy.:

    "ALEXA COLLECTS AND STORES INFORMATION ABOUT THE WEB PAGES YOU VIEW, THE DATA YOU ENTER IN ONLINE FORMS AND SEARCH FIELDS WHILE USING THE ALEXA SOFTWARE, AND, WITH VERSIONS 5.0 AND HIGHER OF THE BROWSER COMPANION SOFTWARE, THE PRODUCTS YOU PURCHASE ONLINE. ALTHOUGH ALEXA DOES NOT ATTEMPT TO ANALYZE WEB USAGE DATA TO DETERMINE THE IDENTITY OF ANY ALEXA USER, SOME INFORMATION COLLECTED BY THE SOFTWARE IS PERSONALLY IDENTIFIABLE. ALEXA AGGREGATES AND ANALYZES THE INFORMATION IT COLLECTS TO IMPROVE ITS SERVICE AND TO PREPARE REPORTS ABOUT AGGREGATE WEB USAGE AND SHOPPING HABITS."

    Ad-aware 6 removes the components of Alexa that could be malicious if they were used, nothing more. It does not completely remove the Host of the malicious content of any object, that is up to the user ... in this case there is no need to remove Alexa completely as it is harmless without the objects removed by Ad-aware 6. With regard to Alexa, A-A disables the menu item in Internet Explorer directly.

    The Windows Media Player target is safe to delete. It is the Windows Media PlayerClient ID. Removing it will not harm the functionality of WMP in any way. It's only that ID that is being removed, there are no changes made to any WMP core files. Ad-aware 6 will only blank out this number, no other changes are made.

    If you remove this object, your WMP will continue to function just fine. If you prefer to have your ID transmitted, place that object in the ignore list.
     
  4. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    Do you mean windows auto update or update all antivirus and stuff?
     
  5. winchester73

    winchester73

    Joined:
    Aug 18, 2003
    Messages:
    2,438
  6. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    I got it now. I scanned again, 2 more things came up... Here's the log file.. Thanks for all your help BTW


    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :October 18, 2003 8:21:25 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R225 13.10.2003
    ______________________________________________________

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry


    18-10-2003 8:21:25 PM - Scan started. (Smart mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ThreadCreationTime : 18-10-2003 2:07:19 PM
    BasePriority : Normal


    #:2 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : High


    #:3 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : Normal
    FileSize : 99 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    OriginalFilename : services.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:4 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : Normal
    FileSize : 11 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    OriginalFilename : lsass.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:5 [ati2evxx.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 312 KB
    Created on : 14/10/2003 1:43:29 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 13/08/2003 2:25:24 PM

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:8 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:22 PM
    BasePriority : Normal
    FileSize : 50 KB
    FileVersion : 5.1.2600.0 (XPClient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    OriginalFilename : spoolsv.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:9 [atiptaxx.exe]
    FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 328 KB
    FileVersion : 6.14.10.5029
    ProductVersion : 6.14.10.5029
    Copyright : Copyright (C) 1998-2002 ATI Technologies Inc.
    CompanyName : ATI Technologies, Inc.
    FileDescription : ATI Desktop Control Panel
    InternalName : Atiptaxx.exe
    OriginalFilename : Atiptaxx.exe
    ProductName : ATI Desktop Component
    Created on : 14/10/2003 11:38:11 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 13/08/2003 1:10:00 AM

    #:10 [type32.exe]
    FilePath : C:\Program Files\Microsoft Hardware\Keyboard\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 92 KB
    FileVersion : 2.20.447.0
    ProductVersion : 2.2
    Copyright : Copyright (C) Microsoft Corp. 1995-2001
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft IntelliType Pro
    InternalName : Type32
    OriginalFilename : Type32.exe
    ProductName : Microsoft IntelliType Pro
    Created on : 22/03/2002 4:41:56 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 22/03/2002 4:41:56 AM

    #:11 [point32.exe]
    FilePath : C:\Program Files\Microsoft Hardware\Mouse\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 172 KB
    FileVersion : 4.10.0851.0
    ProductVersion : 4.1
    Copyright : Copyright (C) Microsoft Corp. 1983-2002
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft IntelliPoint
    InternalName : POINT32
    OriginalFilename : POINT32.EXE
    ProductName : Microsoft IntelliPoint
    Created on : 11/04/2002 6:47:52 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 11/04/2002 6:47:52 PM

    #:12 [pccguide.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 252 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : PCCGuide
    InternalName : PCCGuide
    OriginalFilename : PCCGuide
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:18:42 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 1:00:14 AM

    #:13 [pccclient.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 452 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : PCCClient
    InternalName : PCCClient
    OriginalFilename : PCCClient
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:12:50 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:52:28 AM

    #:14 [pop3trap.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 308 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : POP3Trap
    InternalName : POP3Trap
    OriginalFilename : POP3Trap
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:15:32 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:56:02 AM

    #:15 [realsched.exe]
    FilePath : C:\Program Files\Common Files\Real\Update_OB\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 148 KB
    FileVersion : 0.1.0.1622
    ProductVersion : 0.1.0.1622
    Copyright : Copyright
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks Scheduler
    InternalName : schedapp
    OriginalFilename : realsched.exe
    ProductName : RealOne Player (32-bit)
    Created on : 16/10/2003 1:56:34 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 16/10/2003 1:56:34 AM

    #:16 [ctfmon.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 13 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    OriginalFilename : CTFMON.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:18 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:22 AM

    #:17 [msnmsgr.exe]
    FilePath : C:\Program Files\MSN Messenger\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 4084 KB
    FileVersion : 6.0.0602
    ProductVersion : Version 6.0
    Copyright : Copyright (c) Microsoft Corporation 1997-2003
    CompanyName : Microsoft Corporation
    FileDescription : Messenger
    InternalName : msnmsgr
    OriginalFilename : msnmsgr.exe
    ProductName : Messenger
    Created on : 11/07/2003 6:57:42 PM
    Last accessed : 19/10/2003 12:21:25 AM
    Last modified : 11/07/2003 6:57:42 PM

    #:18 [pcalert4.exe]
    FilePath : C:\Program Files\MSI\PC Alert 4\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 540 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright (C) 2002
    FileDescription : PCAlert4 MFC Application
    InternalName : PCAlert4
    OriginalFilename : PCAlert4.EXE
    ProductName : PCAlert4 Application
    Created on : 15/10/2003 9:29:54 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 20/01/2003 2:27:34 PM

    #:19 [tmntsrv.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 172 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : Tmntsrv
    InternalName : Tmntsrv
    OriginalFilename : Tmntsrv.exe
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:15:52 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:56:24 AM

    #:20 [webtrap.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:33 PM
    BasePriority : Normal
    FileSize : 228 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : WebTrap
    InternalName : WebTrap
    OriginalFilename : WebTrap
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:17:04 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:58:12 AM

    #:21 [emule.exe]
    FilePath : C:\Program Files\eMule\
    ThreadCreationTime : 18-10-2003 2:13:32 PM
    BasePriority : Normal
    FileSize : 2732 KB
    FileVersion : 0.30.1
    ProductVersion : 0.30.1
    Copyright : Copyright
    CompanyName : http://www.emule-project.net
    FileDescription : eMule
    InternalName : emule.exe
    OriginalFilename : emule.exe
    ProductName : eMule
    Created on : 28/09/2003 11:23:44 AM
    Last accessed : 19/10/2003 12:14:53 AM
    Last modified : 28/09/2003 11:23:44 AM

    #:22 [kazaalite.kpp]
    FilePath : C:\Program Files\Kazaa Lite K++\
    ThreadCreationTime : 18-10-2003 4:03:08 PM
    BasePriority : Normal
    FileSize : 2182 KB
    Created on : 16/07/2003 10:19:52 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 16/07/2003 10:19:52 PM

    #:23 [mdm.exe]
    FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
    ThreadCreationTime : 18-10-2003 6:16:52 PM
    BasePriority : Normal
    FileSize : 264 KB
    FileVersion : 7.00.9064.9150
    ProductVersion : 7.00.9064.9150
    Copyright : Copyright (C) Microsoft Corp. 1997-2000
    CompanyName : Microsoft Corporation
    FileDescription : Machine Debug Manager
    InternalName : mdm.exe
    OriginalFilename : mdm.exe
    ProductName : Microsoft Development Environment
    Created on : 23/02/2001 2:07:30 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/02/2001 2:07:30 PM

    #:24 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 6:16:53 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:25 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 6:21:30 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:26 [hpotdd01.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:03 PM
    BasePriority : Normal
    FileSize : 28 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright
    CompanyName : Hewlett-Packard
    FileDescription : hpotdd01
    InternalName : hpotdd01
    OriginalFilename : hpotdd01.exe
    ProductName : Hewlett-Packard hpotdd01
    Created on : 06/04/2003 5:06:58 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 5:06:58 AM

    #:27 [hpohmr08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:13 PM
    BasePriority : Normal
    FileSize : 144 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet COM Device Objects
    InternalName : HPOHMR08
    OriginalFilename : HPOHMR08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 5:17:18 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 5:17:18 AM

    #:28 [hpoevm08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:24 PM
    BasePriority : Normal
    FileSize : 280 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet COM Event Manager
    InternalName : HPOEVM08
    OriginalFilename : HPOEVM08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 4:45:10 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 4:45:10 AM

    #:29 [hposts08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
    ThreadCreationTime : 18-10-2003 7:25:46 PM
    BasePriority : Normal
    FileSize : 304 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet Status
    InternalName : HPOSTS08
    OriginalFilename : HPOSTS08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 4:55:04 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 4:55:04 AM

    #:30 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 8:41:28 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:31 [explorer.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 18-10-2003 9:54:53 PM
    BasePriority : Normal
    FileSize : 973 KB
    FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
    ProductVersion : 6.00.2800.1221
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft
    Created on : 12/05/2003 1:12:10 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 12/05/2003 1:12:10 AM

    #:32 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 10:44:55 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:33 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
    ThreadCreationTime : 18-10-2003 11:56:12 PM
    BasePriority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 18/10/2003 11:41:53 PM
    Last accessed : 18/10/2003 11:56:12 PM
    Last modified : 13/07/2003 2:00:20 AM

    #:34 [notepad.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 11:59:36 PM
    BasePriority : Normal
    FileSize : 64 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Notepad
    InternalName : Notepad
    OriginalFilename : NOTEPAD.EXE
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:57:52 PM
    Last modified : 23/08/2001 12:00:00 PM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Alexa Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}


    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 1
    Objects found so far: 1


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Teknum Updater Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : CLSID\{916F1ADF-2F02-46C2-B7D2-310468390750}


    Teknum Updater Object recognized!
    Type : File
    Data : ssmenu.dll
    Object : c:\windows\system32\
    FileSize : 26 KB
    FileVersion : 5.4.0.122
    ProductVersion : 1.0.0.0
    Copyright : Copyright
    CompanyName : Teknum Systems AS
    FileDescription : Shared Shell Menu Handler
    OriginalFilename : ssmenu.dll
    ProductName : Shared Shell Menu Handler
    Created on : 16/10/2003 9:31:26 PM
    Last accessed : 19/10/2003 12:21:48 AM
    Last modified : 16/10/2003 9:31:26 PM



    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 1
    Objects found so far: 3


    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


    Performing conditional scans..
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Conditional scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 3


    8:22:53 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:01:27:906
    Objects scanned :37140
    Objects identified :3
    Objects ignored :0
    New objects :3
     
  7. winchester73

    winchester73

    Joined:
    Aug 18, 2003
    Messages:
    2,438
    I already posted about Alexa ...

    The other two items can be safely removed if you wish.

    You ran a smart scan ... at some point, it might make sense to run a full custom scan to thoroughly clean your computer ... that link I gave you above http://forums.techguy.org/t164245/s.html will help you configure A-A to do so.

    Post a fresh HT log and let's see if anything else needs to go.
     
  8. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    I'll run a full system scan with adaware in a minute, I'm scanning with the panda thingy you gave me :D
    again thanks so much for all this help.
     
  9. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    ALright, finshed the custom adaware thingy with yuour instructions. Here is the loggy:


    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :October 18, 2003 8:52:58 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R225 13.10.2003
    ______________________________________________________

    Reffile status:
    =========================
    Reference file loaded:
    Reference Number : 01R217 08.09.2003
    Internal build : 107
    File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
    Total size : 574398 Bytes
    Signature data size : 563299 Bytes
    Reference data size : 11035 Bytes
    Signatures total : 12937
    Target categories : 10
    Target families : 267
    18-10-2003 8:21:06 PM Performing Webupdate...

    Installing Update...
    Reference file loaded:
    Reference Number : 01R225 13.10.2003
    Internal build : 136
    File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
    Total size : 620107 Bytes
    Signature data size : 608063 Bytes
    Reference data size : 11980 Bytes
    Signatures total : 13947
    Target categories : 10
    Target families : 303

    18-10-2003 8:21:19 PM Success.
    Update successfully downlodaded and installed.


    Memory + processor status:
    ==========================
    Number of processors : 1
    Processor architecture : Intel Pentium III
    Memory available:30 %
    Total physical memory:523760 kb
    Available physical memory:152448 kb
    Total page file size:1280672 kb
    Available on page file:946328 kb
    Total virtual memory:2097024 kb
    Available virtual memory:2037188 kb
    OS:

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file

    Extended Ad-aware Settings
    =========================
    Set : Unload recognized processes during scanning
    Set : Include basic Ad-aware settings in logfile
    Set : Include additional Ad-aware settings in logfile
    Set : Automatically try to unregister objects prior to deletion
    Set : Let windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Always back up reference file, before updating
    Set : Play sound if scan produced a result


    18-10-2003 8:52:58 PM - Scan started. (Custom mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ThreadCreationTime : 18-10-2003 2:07:19 PM
    BasePriority : Normal


    #:2 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : High


    #:3 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : Normal
    FileSize : 99 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    OriginalFilename : services.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:4 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:20 PM
    BasePriority : Normal
    FileSize : 11 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    OriginalFilename : lsass.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:5 [ati2evxx.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 312 KB
    Created on : 14/10/2003 1:43:29 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 13/08/2003 2:25:24 PM

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:21 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:8 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 18-10-2003 2:07:22 PM
    BasePriority : Normal
    FileSize : 50 KB
    FileVersion : 5.1.2600.0 (XPClient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    OriginalFilename : spoolsv.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:9 [atiptaxx.exe]
    FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 328 KB
    FileVersion : 6.14.10.5029
    ProductVersion : 6.14.10.5029
    Copyright : Copyright (C) 1998-2002 ATI Technologies Inc.
    CompanyName : ATI Technologies, Inc.
    FileDescription : ATI Desktop Control Panel
    InternalName : Atiptaxx.exe
    OriginalFilename : Atiptaxx.exe
    ProductName : ATI Desktop Component
    Created on : 14/10/2003 11:38:11 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 13/08/2003 1:10:00 AM

    #:10 [type32.exe]
    FilePath : C:\Program Files\Microsoft Hardware\Keyboard\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 92 KB
    FileVersion : 2.20.447.0
    ProductVersion : 2.2
    Copyright : Copyright (C) Microsoft Corp. 1995-2001
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft IntelliType Pro
    InternalName : Type32
    OriginalFilename : Type32.exe
    ProductName : Microsoft IntelliType Pro
    Created on : 22/03/2002 4:41:56 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 22/03/2002 4:41:56 AM

    #:11 [point32.exe]
    FilePath : C:\Program Files\Microsoft Hardware\Mouse\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 172 KB
    FileVersion : 4.10.0851.0
    ProductVersion : 4.1
    Copyright : Copyright (C) Microsoft Corp. 1983-2002
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft IntelliPoint
    InternalName : POINT32
    OriginalFilename : POINT32.EXE
    ProductName : Microsoft IntelliPoint
    Created on : 11/04/2002 6:47:52 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 11/04/2002 6:47:52 PM

    #:12 [pccclient.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:29 PM
    BasePriority : Normal
    FileSize : 452 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : PCCClient
    InternalName : PCCClient
    OriginalFilename : PCCClient
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:12:50 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:52:28 AM

    #:13 [pop3trap.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 308 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : POP3Trap
    InternalName : POP3Trap
    OriginalFilename : POP3Trap
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:15:32 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:56:02 AM

    #:14 [realsched.exe]
    FilePath : C:\Program Files\Common Files\Real\Update_OB\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 148 KB
    FileVersion : 0.1.0.1622
    ProductVersion : 0.1.0.1622
    Copyright : Copyright
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks Scheduler
    InternalName : schedapp
    OriginalFilename : realsched.exe
    ProductName : RealOne Player (32-bit)
    Created on : 16/10/2003 1:56:34 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 16/10/2003 1:56:34 AM

    #:15 [ctfmon.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 13 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    OriginalFilename : CTFMON.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:18 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:22 AM

    #:16 [msnmsgr.exe]
    FilePath : C:\Program Files\MSN Messenger\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 4084 KB
    FileVersion : 6.0.0602
    ProductVersion : Version 6.0
    Copyright : Copyright (c) Microsoft Corporation 1997-2003
    CompanyName : Microsoft Corporation
    FileDescription : Messenger
    InternalName : msnmsgr
    OriginalFilename : msnmsgr.exe
    ProductName : Messenger
    Created on : 11/07/2003 6:57:42 PM
    Last accessed : 19/10/2003 12:21:25 AM
    Last modified : 11/07/2003 6:57:42 PM

    #:17 [pcalert4.exe]
    FilePath : C:\Program Files\MSI\PC Alert 4\
    ThreadCreationTime : 18-10-2003 2:07:30 PM
    BasePriority : Normal
    FileSize : 540 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright (C) 2002
    FileDescription : PCAlert4 MFC Application
    InternalName : PCAlert4
    OriginalFilename : PCAlert4.EXE
    ProductName : PCAlert4 Application
    Created on : 15/10/2003 9:29:54 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 20/01/2003 2:27:34 PM

    #:18 [webtrap.exe]
    FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
    ThreadCreationTime : 18-10-2003 2:07:33 PM
    BasePriority : Normal
    FileSize : 228 KB
    FileVersion : 9.0.5.1389
    ProductVersion : 9.0.5
    Copyright : Copyright (C) 2001-2002 Trend Micro Inc. All rights reserved.
    CompanyName : Trend Micro Inc.
    FileDescription : WebTrap
    InternalName : WebTrap
    OriginalFilename : WebTrap
    ProductName : Trend Pc-cillin 9.0
    Created on : 18/07/2002 3:17:04 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 27/03/2003 12:58:12 AM

    #:19 [emule.exe]
    FilePath : C:\Program Files\eMule\
    ThreadCreationTime : 18-10-2003 2:13:32 PM
    BasePriority : Normal
    FileSize : 2732 KB
    FileVersion : 0.30.1
    ProductVersion : 0.30.1
    Copyright : Copyright
    CompanyName : http://www.emule-project.net
    FileDescription : eMule
    InternalName : emule.exe
    OriginalFilename : emule.exe
    ProductName : eMule
    Created on : 28/09/2003 11:23:44 AM
    Last accessed : 19/10/2003 12:14:53 AM
    Last modified : 28/09/2003 11:23:44 AM

    #:20 [kazaalite.kpp]
    FilePath : C:\Program Files\Kazaa Lite K++\
    ThreadCreationTime : 18-10-2003 4:03:08 PM
    BasePriority : Normal
    FileSize : 2182 KB
    Created on : 16/07/2003 10:19:52 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 16/07/2003 10:19:52 PM

    #:21 [mdm.exe]
    FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
    ThreadCreationTime : 18-10-2003 6:16:52 PM
    BasePriority : Normal
    FileSize : 264 KB
    FileVersion : 7.00.9064.9150
    ProductVersion : 7.00.9064.9150
    Copyright : Copyright (C) Microsoft Corp. 1997-2000
    CompanyName : Microsoft Corporation
    FileDescription : Machine Debug Manager
    InternalName : mdm.exe
    OriginalFilename : mdm.exe
    ProductName : Microsoft Development Environment
    Created on : 23/02/2001 2:07:30 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/02/2001 2:07:30 PM

    #:22 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 18-10-2003 6:16:53 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 23/08/2001 12:00:00 PM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 23/08/2001 12:00:00 PM

    #:23 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 6:21:30 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:24 [hpotdd01.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:03 PM
    BasePriority : Normal
    FileSize : 28 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright
    CompanyName : Hewlett-Packard
    FileDescription : hpotdd01
    InternalName : hpotdd01
    OriginalFilename : hpotdd01.exe
    ProductName : Hewlett-Packard hpotdd01
    Created on : 06/04/2003 5:06:58 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 5:06:58 AM

    #:25 [hpohmr08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:13 PM
    BasePriority : Normal
    FileSize : 144 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet COM Device Objects
    InternalName : HPOHMR08
    OriginalFilename : HPOHMR08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 5:17:18 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 5:17:18 AM

    #:26 [hpoevm08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
    ThreadCreationTime : 18-10-2003 7:25:24 PM
    BasePriority : Normal
    FileSize : 280 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet COM Event Manager
    InternalName : HPOEVM08
    OriginalFilename : HPOEVM08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 4:45:10 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 4:45:10 AM

    #:27 [hposts08.exe]
    FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
    ThreadCreationTime : 18-10-2003 7:25:46 PM
    BasePriority : Normal
    FileSize : 304 KB
    FileVersion : 4.2.0.020
    ProductVersion : 2.4.1.020
    Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP OfficeJet Status
    InternalName : HPOSTS08
    OriginalFilename : HPOSTS08.EXE
    ProductName : hp digital imaging - hp all-in-one series
    Created on : 06/04/2003 4:55:04 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 06/04/2003 4:55:04 AM

    #:28 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 8:41:28 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:29 [explorer.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 18-10-2003 9:54:53 PM
    BasePriority : Normal
    FileSize : 973 KB
    FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
    ProductVersion : 6.00.2800.1221
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft
    Created on : 12/05/2003 1:12:10 AM
    Last accessed : 18/10/2003 11:56:29 PM
    Last modified : 12/05/2003 1:12:10 AM

    #:30 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 18-10-2003 10:44:55 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 14/10/2003 2:44:49 AM
    Last accessed : 18/10/2003 11:56:28 PM
    Last modified : 29/08/2002 7:41:26 AM

    #:31 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
    ThreadCreationTime : 18-10-2003 11:56:12 PM
    BasePriority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 18/10/2003 11:41:53 PM
    Last accessed : 18/10/2003 11:56:12 PM
    Last modified : 13/07/2003 2:00:20 AM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Alexa Object recognized!
    Type : RegKey
    Data :
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}


    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 1
    Objects found so far: 1


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 1


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Teknum Updater Object recognized!
    Type : File
    Data : errorlog.exe
    Category : Data Miner
    Comment :
    Object : C:\Program Files\Common Files\Teknum Systems\
    FileSize : 34 KB
    FileVersion : 5.5.0.14
    ProductVersion : 1.0.0.0
    Copyright : Teknum Systems AS
    CompanyName : Teknum Systems AS
    Created on : 16/10/2003 9:31:26 PM
    Last accessed : 19/10/2003 12:39:23 AM
    Last modified : 16/10/2003 9:31:26 PM



    Teknum Updater Object recognized!
    Type : File
    Data : sendmail.exe
    Category : Data Miner
    Comment :
    Object : C:\Program Files\Common Files\Teknum Systems\
    FileSize : 15 KB
    FileVersion : 5.5.0.44
    ProductVersion : 1.0.0.0
    Copyright : Teknum Systems AS
    CompanyName : Teknum Systems AS
    Created on : 16/10/2003 9:31:25 PM
    Last accessed : 19/10/2003 12:39:23 AM
    Last modified : 16/10/2003 9:31:25 PM



    Teknum Updater Object recognized!
    Type : File
    Data : tshkdrag.dll
    Category : Data Miner
    Comment :
    Object : C:\Program Files\Common Files\Teknum Systems\
    FileSize : 9 KB
    FileVersion : 5.0.0.22
    ProductVersion : 1.0.0.0
    Copyright : Teknum Systems AS
    CompanyName : Teknum Systems AS
    Created on : 16/10/2003 9:31:26 PM
    Last accessed : 19/10/2003 12:39:23 AM
    Last modified : 16/10/2003 9:31:26 PM



    Teknum Updater Object recognized!
    Type : File
    Data : tssetup.exe
    Category : Data Miner
    Comment :
    Object : C:\Program Files\Common Files\Teknum Systems\
    FileSize : 230 KB
    FileVersion : 5.5.0.292
    ProductVersion : 1.0.0.0
    CompanyName : Teknum Systems
    FileDescription : Shared Windows Setup Engine
    Created on : 16/10/2003 9:31:25 PM
    Last accessed : 19/10/2003 12:39:23 AM
    Last modified : 16/10/2003 9:31:25 PM



    Teknum Updater Object recognized!
    Type : File
    Data : tsuninst.exe
    Category : Data Miner
    Comment :
    Object : C:\Program Files\Common Files\Teknum Systems\
    FileSize : 24 KB
    FileVersion : 5.5.1.34
    ProductVersion : 1.0
    CompanyName : Teknum Systems
    ProductName : Teknum Systems Uninstaller
    Created on : 16/10/2003 9:31:26 PM
    Last accessed : 19/10/2003 12:39:23 AM
    Last modified : 16/10/2003 9:31:26 PM



    Teknum Updater Object recognized!
    Type : File
    Data : update.exe
    Category : Data Miner
    Comment :
    Object : C:\Program Files\Common Files\Teknum Systems\
    FileSize : 19 KB
    FileVersion : 5.5.0.85
    ProductVersion : 1.0.0.0
    Copyright : Teknum Systems AS
    CompanyName : Teknum Systems AS
    Created on : 16/10/2003 9:31:25 PM
    Last accessed : 19/10/2003 12:39:23 AM
    Last modified : 16/10/2003 9:31:25 PM



    Teknum Updater Object recognized!
    Type : File
    Data : updsvc.exe
    Category : Data Miner
    Comment :
    Object : C:\Program Files\Common Files\Teknum Systems\
    FileSize : 91 KB
    FileVersion : 5.5.0.149
    ProductVersion : 5.5
    Copyright : Teknum Systems AS
    CompanyName : Teknum Systems AS
    FileDescription : Shared Update Service
    OriginalFilename : updsvc.exe
    ProductName : Shared Update Service
    Created on : 16/10/2003 9:31:25 PM
    Last accessed : 19/10/2003 12:39:24 AM
    Last modified : 16/10/2003 9:31:25 PM



    Teknum Updater Object recognized!
    Type : Folder
    Category : Data Miner
    Comment :
    Object : C:\Program Files\Common Files\Teknum Systems



    Disk scan result for C:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 9


    Deep scanning and examining files (D:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Disk scan result for D:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 9


    Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Hosts file scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    901 entries scanned.
    New objects :0
    Objects found so far: 9




    Performing conditional scans..
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Conditional scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 9


    8:56:58 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:04:00:156
    Objects scanned :96930
    Objects identified :9
    Objects ignored :0
    New objects :9
     
  10. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    Why does it say that I have a pentium III processor? I'm using AMD ATHLON XP 2500+ BARTON, not P3
     
  11. winchester73

    winchester73

    Joined:
    Aug 18, 2003
    Messages:
    2,438
    You are most welcome for the help ...

    All of those objects are safe to remove if you wish ...

    If you want to keep the Alexa item, place it in the ignore list (explained in that thread I've linked) ... then it won't be "detected" with each scan.

    As for your question about the processor detection ... I have an AMD also, and it is displayed as "non-Intel" ... I'll see if I can get an answer for you. I'm sure there is some technical explanation that is way over my head.

    After deleting those items, run a fresh A-A scan ... no reason to post it unless something is uncovered.

    A new HT scan would be good to see, just in case some orphan was left behind.
     
  12. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    Wha'ts HT?
    What about the hijackthis log? Nothing there ? I mean the noob.exe and the other one, those are viruses aren't they? How do I remove those? all I did is end them.
     
  13. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    ooh... HT = HIjackthis.. heh...
    here's the new hijackthis log.. note that i just installed quicktime if it makes a difference.

    Logfile of HijackThis v1.97.3
    Scan saved at 9:34:58 PM, on 18/10/2003
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
    C:\Program Files\Microsoft Hardware\Mouse\point32.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Kazaa Lite K++\KazaaLite.kpp
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\QUICKT~1\QuickTimePlayer.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Yazan\LOCALS~1\Temp\Rar$EX00.079\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
    O4 - HKLM\..\Run: [POINTER] point32.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
    O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zapro.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
    O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
    O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WinServices] noob.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
    O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.trojanscan.com/trojanscan/TDECntrl.CAB
    O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37907.8333680556
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4298/mcfscan.cab
     
  14. winchester73

    winchester73

    Joined:
    Aug 18, 2003
    Messages:
    2,438
    I'm assuming the Panda scan came up clean.

    I'm afraid you'll have to wait until someone quicker at HT logs stops by your thread.

    If there is anything objectionable in your HT log, I might ask you to submit it for further evaluation ... the reference files are built from submissions of new objects.
     
  15. Yazan

    Yazan Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    51
    Yup, the scan is clean. Thanks soooo much
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/172942

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice