1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can someone help me figure this adaware log?

Discussion in 'Earlier Versions of Windows' started by bluejeananjl, Apr 22, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. bluejeananjl

    bluejeananjl Thread Starter

    Joined:
    Feb 23, 2004
    Messages:
    107
    I have reead several things and still cant figure out why so many programs are running.
    Adaware shows 15 running, startup-msconfig shows 4,
    vettray, vetalert, zonelabclients, statemgr
    cntrl/alt/delte shows 4
    how can i stop extra programs ? I can't figure out from what I have read, what needs stopped, or how to stop whatever is uneccesary
    here is adare log, I shortened it to just processes running


    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :Thursday, April 22, 2004 10:30:41 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R299 22.04.2004
    ______________________________________________________

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file


    4-22-2004 10:30:41 PM - Scan started. (Smart mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [kernel32.dll]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4293874309
    Threads : 4
    Priority : High
    FileSize : 524 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1991-2000
    CompanyName : Microsoft Corporation
    FileDescription : Win32 Kernel core component
    InternalName : KERNEL32
    OriginalFilename : KERNEL32.DLL
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:2 [msgsrv32.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294941041
    Threads : 1
    Priority : Normal
    FileSize : 11 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1992-1998
    CompanyName : Microsoft Corporation
    FileDescription : Windows 32-bit VxD Message Server
    InternalName : MSGSRV32
    OriginalFilename : MSGSRV32.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:3 [mmtask.tsk]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294719845
    Threads : 1
    Priority : Normal
    FileSize : 1 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Multimedia background task support module
    InternalName : mmtask.tsk
    OriginalFilename : mmtask.tsk
    ProductName : Microsoft Windows
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:4 [mprexe.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294720673
    Threads : 2
    Priority : Normal
    FileSize : 28 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1993-2000
    CompanyName : Microsoft Corporation
    FileDescription : WIN32 Network Interface Service Process
    InternalName : MPREXE
    OriginalFilename : MPREXE.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:5 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 4294736389
    Threads : 11
    Priority : Normal
    FileSize : 220 KB
    FileVersion : 5.50.4134.100
    ProductVersion : 5.50.4134.100
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft(R) Windows (R) 2000 Operating System
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:6 [vettray.exe]
    FilePath : C:\PROGRAM FILES\CA\ETRUST EZ ARMOR\ETRUST EZ ANTIVIRUS\
    ProcessID : 4294758229
    Threads : 3
    Priority : Normal
    FileSize : 60 KB
    FileVersion : Version 1.0
    Copyright : Copyright
    CompanyName : Computer Associates International, Inc.
    FileDescription : Iconic notifier
    InternalName : VetTray
    OriginalFilename : VetTray.exe
    ProductName : VetTray
    Created on : 4/13/2004 6:21:44 AM
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 7/15/2003 9:56:14 PM

    #:7 [vetmsg9x.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294780325
    Threads : 3
    Priority : Normal
    FileSize : 76 KB
    FileVersion : Version 6.1.7.0
    ProductVersion : Version 6.1.7.0
    Copyright : Copyright
    CompanyName : Computer Associates International, Inc.
    FileDescription : eTrust EZ Antivirus message service for real-time protection.
    InternalName : VetMsg9x
    OriginalFilename : VetMsg9x.exe
    ProductName : VetMsg9x
    Created on : 4/13/2004 6:21:44 AM
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 7/15/2003 10:05:16 PM

    #:8 [ca.exe]
    FilePath : C:\PROGRAM FILES\CA\ETRUST EZ ARMOR\ETRUST EZ FIREWALL\
    ProcessID : 4294802737
    Threads : 6
    Priority : Normal
    FileSize : 685 KB
    FileVersion : 4.5.554.000
    ProductVersion : 4.5.554.000
    Copyright : Copyright
    CompanyName : Computer Associates
    FileDescription : EZ Firewall
    InternalName : ca
    OriginalFilename : ca.exe
    ProductName : EZ Firewall
    Created on : 4/13/2004 6:30:06 AM
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 1/8/2004 7:57:02 PM

    #:9 [stmgr.exe]
    FilePath : C:\WINDOWS\SYSTEM\RESTORE\
    ProcessID : 4294058233
    Threads : 4
    Priority : Normal
    FileSize : 60 KB
    FileVersion : 4.90.0.2533
    ProductVersion : 4.90.0.2533
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft (R) PC State Manager
    InternalName : StateMgr.exe
    OriginalFilename : StateMgr.exe
    ProductName : Microsoft (r) PCHealth
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:10 [vsmon.exe]
    FilePath : C:\WINDOWS\SYSTEM\ZONELABS\
    ProcessID : 4294068597
    Threads : 16
    Priority : Normal
    FileSize : 805 KB
    FileVersion : 4.5.554.000
    ProductVersion : 4.5.554.000
    Copyright : Copyright
    CompanyName : Zone Labs Inc.
    FileDescription : TrueVector Service
    InternalName : vsmon
    OriginalFilename : vsmon.exe
    ProductName : TrueVector Service
    Created on : 4/13/2004 6:30:04 AM
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 1/8/2004 8:00:08 PM

    #:11 [ad-aware.exe]
    FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
    ProcessID : 4294705229
    Threads : 5
    Priority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 4/11/2004 8:22:36 AM
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 7/13/2003 3:00:20 AM

    #:12 [stimon.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4293942369
    Threads : 5
    Priority : Normal
    FileSize : 27 KB
    FileVersion : 4.90.3000.1
    ProductVersion : 4.90.3000.1
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : Still Image Devices Monitor
    InternalName : STIMON
    OriginalFilename : STIMON.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:13 [rnaapp.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4293980713
    Threads : 3
    Priority : Normal
    FileSize : 56 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1992-1996
    CompanyName : Microsoft Corporation
    FileDescription : Dial-Up Networking Application
    InternalName : RNAAPP
    OriginalFilename : RNAAPP.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:14 [tapisrv.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4293978501
    Threads : 5
    Priority : Normal
    FileSize : 120 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1994-1998
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft
    InternalName : Telephony Service
    OriginalFilename : TAPISRV.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 6/8/2000 10:00:00 PM

    #:15 [iexplore.exe]
    FilePath : C:\PROGRAM FILES\AVANT BROWSER\
    ProcessID : 4293986165
    Threads : 10
    Priority : Normal
    FileSize : 674 KB
    FileVersion : 9.0.2.21
    ProductVersion : 9.0
    CompanyName : Avant Browser
    FileDescription : Avant Browser
    ProductName : Avant Browser
    Created on : 4/21/2004 3:36:58 PM
    Last accessed : 4/22/2004 5:00:00 AM
    Last modified : 4/21/2004 3:36:58 PM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0

    Thanks Jeannie
     
  2. lastone

    lastone

    Joined:
    Feb 15, 2004
    Messages:
    50
    If in doubt, with AdAware, just quarantine the questionable, and save it(give it an easily recognizable name). If you remove something that you may have needed..just restore that file.
     
  3. mobo

    mobo

    Joined:
    Feb 23, 2003
    Messages:
    16,274
    Msconfig doesn't show all windows services. It only shows the running programs unlike adaware which shows the built in windows services running.

    If you have still concern then :
    Download 'Hijack This to its own folder http://www.tomcoyote.org/hjt/
    Unzip, doubleclick HijackThis.exe, and hit "Scan".

    When the scan is finished, the "Scan" button will change into a "Save Log" button.
    Press that, save the log, load it in Notepad, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet.
     
  4. bluejeananjl

    bluejeananjl Thread Starter

    Joined:
    Feb 23, 2004
    Messages:
    107
    Logfile of HijackThis v1.97.7
    Scan saved at 11:29:52 PM, on 4/22/2004
    Platform: Windows ME (Win9x 4.90.3000A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\CA\ETRUST EZ ARMOR\ETRUST EZ ANTIVIRUS\VETTRAY.EXE
    C:\WINDOWS\SYSTEM\VETMSG9X.EXE
    C:\PROGRAM FILES\CA\ETRUST EZ ARMOR\ETRUST EZ FIREWALL\CA.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\PROGRAM FILES\AVANT BROWSER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.teoma.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mfire.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = mFire
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN TOOLBAR\01.01.1601.0\EN-US\MSNTB.DLL
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VETTRAY.EXE
    O4 - HKLM\..\Run: [Vet Alert] C:\WINDOWS\System\VetMsg9x.exe
    O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\ca.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Add to AD Black List - C:\PROGRAM FILES\AVANT BROWSER\AddToADBlackList.htm
    O8 - Extra context menu item: Block All Images from the Same Server - C:\PROGRAM FILES\AVANT BROWSER\AddAllToADBlackList.htm
    O8 - Extra context menu item: Search - C:\PROGRAM FILES\AVANT BROWSER\Search.htm
    O8 - Extra context menu item: Highlight - C:\PROGRAM FILES\AVANT BROWSER\Highlight.htm
    O8 - Extra context menu item: Open All Links in This Page... - C:\PROGRAM FILES\AVANT BROWSER\OpenAllLinks.htm
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: RoboForm (HKLM)
    O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
    O9 - Extra button: Fill Forms (HKLM)
    O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
    O9 - Extra button: Save (HKLM)
    O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
    O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38089.9217592593
    O16 - DPF: {E9AE575A-FA4A-11D3-90F7-00C0CA1618FF} (BuzMeSetup Class) - http://www.buzme.com/ActiveX/BMAXSetup.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
     
  5. mobo

    mobo

    Joined:
    Feb 23, 2003
    Messages:
    16,274
    That looks good and the running processes are good as well so nothing to worry about there. If you look at the adaware scan for each item listed you can rerad what each is for and they are all good and nessecary processes..
     
  6. bluejeananjl

    bluejeananjl Thread Starter

    Joined:
    Feb 23, 2004
    Messages:
    107
  7. mobo

    mobo

    Joined:
    Feb 23, 2003
    Messages:
    16,274
    your welcome
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/223061

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice