Can someone help me figure this adaware log?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

bluejeananjl

Thread Starter
Joined
Feb 23, 2004
Messages
107
I have reead several things and still cant figure out why so many programs are running.
Adaware shows 15 running, startup-msconfig shows 4,
vettray, vetalert, zonelabclients, statemgr
cntrl/alt/delte shows 4
how can i stop extra programs ? I can't figure out from what I have read, what needs stopped, or how to stop whatever is uneccesary
here is adare log, I shortened it to just processes running


Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Thursday, April 22, 2004 10:30:41 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R299 22.04.2004
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file


4-22-2004 10:30:41 PM - Scan started. (Smart mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293874309
Threads : 4
Priority : High
FileSize : 524 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1991-2000
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294941041
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:3 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294719845
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:4 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294720673
Threads : 2
Priority : Normal
FileSize : 28 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1993-2000
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:5 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294736389
Threads : 11
Priority : Normal
FileSize : 220 KB
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:6 [vettray.exe]
FilePath : C:\PROGRAM FILES\CA\ETRUST EZ ARMOR\ETRUST EZ ANTIVIRUS\
ProcessID : 4294758229
Threads : 3
Priority : Normal
FileSize : 60 KB
FileVersion : Version 1.0
Copyright : Copyright
CompanyName : Computer Associates International, Inc.
FileDescription : Iconic notifier
InternalName : VetTray
OriginalFilename : VetTray.exe
ProductName : VetTray
Created on : 4/13/2004 6:21:44 AM
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 7/15/2003 9:56:14 PM

#:7 [vetmsg9x.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294780325
Threads : 3
Priority : Normal
FileSize : 76 KB
FileVersion : Version 6.1.7.0
ProductVersion : Version 6.1.7.0
Copyright : Copyright
CompanyName : Computer Associates International, Inc.
FileDescription : eTrust EZ Antivirus message service for real-time protection.
InternalName : VetMsg9x
OriginalFilename : VetMsg9x.exe
ProductName : VetMsg9x
Created on : 4/13/2004 6:21:44 AM
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 7/15/2003 10:05:16 PM

#:8 [ca.exe]
FilePath : C:\PROGRAM FILES\CA\ETRUST EZ ARMOR\ETRUST EZ FIREWALL\
ProcessID : 4294802737
Threads : 6
Priority : Normal
FileSize : 685 KB
FileVersion : 4.5.554.000
ProductVersion : 4.5.554.000
Copyright : Copyright
CompanyName : Computer Associates
FileDescription : EZ Firewall
InternalName : ca
OriginalFilename : ca.exe
ProductName : EZ Firewall
Created on : 4/13/2004 6:30:06 AM
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 1/8/2004 7:57:02 PM

#:9 [stmgr.exe]
FilePath : C:\WINDOWS\SYSTEM\RESTORE\
ProcessID : 4294058233
Threads : 4
Priority : Normal
FileSize : 60 KB
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Microsoft (R) PC State Manager
InternalName : StateMgr.exe
OriginalFilename : StateMgr.exe
ProductName : Microsoft (r) PCHealth
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:10 [vsmon.exe]
FilePath : C:\WINDOWS\SYSTEM\ZONELABS\
ProcessID : 4294068597
Threads : 16
Priority : Normal
FileSize : 805 KB
FileVersion : 4.5.554.000
ProductVersion : 4.5.554.000
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
OriginalFilename : vsmon.exe
ProductName : TrueVector Service
Created on : 4/13/2004 6:30:04 AM
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 1/8/2004 8:00:08 PM

#:11 [ad-aware.exe]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4294705229
Threads : 5
Priority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 4/11/2004 8:22:36 AM
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 7/13/2003 3:00:20 AM

#:12 [stimon.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293942369
Threads : 5
Priority : Normal
FileSize : 27 KB
FileVersion : 4.90.3000.1
ProductVersion : 4.90.3000.1
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
OriginalFilename : STIMON.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:13 [rnaapp.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293980713
Threads : 3
Priority : Normal
FileSize : 56 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1992-1996
CompanyName : Microsoft Corporation
FileDescription : Dial-Up Networking Application
InternalName : RNAAPP
OriginalFilename : RNAAPP.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:14 [tapisrv.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293978501
Threads : 5
Priority : Normal
FileSize : 120 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1994-1998
CompanyName : Microsoft Corporation
FileDescription : Microsoft
InternalName : Telephony Service
OriginalFilename : TAPISRV.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 6/8/2000 10:00:00 PM

#:15 [iexplore.exe]
FilePath : C:\PROGRAM FILES\AVANT BROWSER\
ProcessID : 4293986165
Threads : 10
Priority : Normal
FileSize : 674 KB
FileVersion : 9.0.2.21
ProductVersion : 9.0
CompanyName : Avant Browser
FileDescription : Avant Browser
ProductName : Avant Browser
Created on : 4/21/2004 3:36:58 PM
Last accessed : 4/22/2004 5:00:00 AM
Last modified : 4/21/2004 3:36:58 PM

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Thanks Jeannie
 
Joined
Feb 15, 2004
Messages
50
If in doubt, with AdAware, just quarantine the questionable, and save it(give it an easily recognizable name). If you remove something that you may have needed..just restore that file.
 
Joined
Feb 23, 2003
Messages
16,274
Msconfig doesn't show all windows services. It only shows the running programs unlike adaware which shows the built in windows services running.

If you have still concern then :
Download 'Hijack This to its own folder http://www.tomcoyote.org/hjt/
Unzip, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log, load it in Notepad, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet.
 

bluejeananjl

Thread Starter
Joined
Feb 23, 2004
Messages
107
Logfile of HijackThis v1.97.7
Scan saved at 11:29:52 PM, on 4/22/2004
Platform: Windows ME (Win9x 4.90.3000A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\CA\ETRUST EZ ARMOR\ETRUST EZ ANTIVIRUS\VETTRAY.EXE
C:\WINDOWS\SYSTEM\VETMSG9X.EXE
C:\PROGRAM FILES\CA\ETRUST EZ ARMOR\ETRUST EZ FIREWALL\CA.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\AVANT BROWSER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.teoma.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mfire.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = mFire
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN TOOLBAR\01.01.1601.0\EN-US\MSNTB.DLL
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VETTRAY.EXE
O4 - HKLM\..\Run: [Vet Alert] C:\WINDOWS\System\VetMsg9x.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\ca.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Add to AD Black List - C:\PROGRAM FILES\AVANT BROWSER\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\PROGRAM FILES\AVANT BROWSER\AddAllToADBlackList.htm
O8 - Extra context menu item: Search - C:\PROGRAM FILES\AVANT BROWSER\Search.htm
O8 - Extra context menu item: Highlight - C:\PROGRAM FILES\AVANT BROWSER\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\PROGRAM FILES\AVANT BROWSER\OpenAllLinks.htm
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38089.9217592593
O16 - DPF: {E9AE575A-FA4A-11D3-90F7-00C0CA1618FF} (BuzMeSetup Class) - http://www.buzme.com/ActiveX/BMAXSetup.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
 
Joined
Feb 23, 2003
Messages
16,274
That looks good and the running processes are good as well so nothing to worry about there. If you look at the adaware scan for each item listed you can rerad what each is for and they are all good and nessecary processes..
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top