Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with Adaware


  • This topic is locked This topic is locked
5 replies to this topic

#1 missfilippa

missfilippa

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 09 June 2004 - 02:46 PM

I tried 4 times to post Adaware log to "The Tech Support Guy". I used long and short "Smart Scan" methods. They all came back as TOO LONG. So, I deleted lots of stuff but, I am sure that this is not the correct protocol. Anyway, here is what I am trying to post as my adaware log...... thank you.... missfilippa

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Wednesday, June 09, 2004 2:18:32 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R315 06.06.2004
______________________________________________________

Reffile status:
=========================
Reference file loaded:
Reference Number : 01R314 02.06.2004
Internal build : 246
File location : C:\PROGRA~1\Lavasoft\AD-AWA~1\reflist.ref
Total size : 1201492 Bytes
Signature data size : 1181377 Bytes
Reference data size : 20051 Bytes
Signatures total : 26331
Target categories : 10
Target families : 491
6-9-2004 1:58:28 PM Performing Webupdate...

Installing Update...
Reference file loaded:
Reference Number : 01R315 06.06.2004
Internal build : 247
File location : C:\PROGRA~1\Lavasoft\AD-AWA~1\reflist.ref
Total size : 1211780 Bytes
Signature data size : 1191581 Bytes
Reference data size : 20135 Bytes
Signatures total : 26553
Target categories : 10
Target families : 493

6-9-2004 1:59:14 PM Success.
Update successfully downlodaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:53 %
Total physical memory:523264 kb
Available physical memory:273060 kb
Total page file size:1277436 kb
Available on page file:1064384 kb
Total virtual memory:2097024 kb
Available virtual memory:2042880 kb
OS:

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Automatically try to unregister objects prior to deletion
Set : Let windows remove files in use at next reboot
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result


6-9-2004 2:18:32 PM - Scan started. (Custom mode)

Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 6-9-2004 5:50:07 PM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-9-2004 5:50:10 PM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-9-2004 5:50:11 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/29/2002 11:00:00 AM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-9-2004 5:50:11 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/29/2002 11:00:00 AM

#:5 [ati2evxx.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-9-2004 5:50:14 PM
BasePriority : Normal
FileSize : 312 KB
Created on : 8/25/2003 4:03:20 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/25/2003 4:03:20 AM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-9-2004 5:50:14 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/29/2002 11:00:00 AM

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-9-2004 5:50:14 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/29/2002 11:00:00 AM

#:8 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 6-9-2004 5:50:16 PM
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 11/10/2003 1:30:12 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 11/10/2003 1:30:12 PM

#:9 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-9-2004 5:50:16 PM
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/9/2004 5:50:35 PM
Last modified : 8/29/2002 11:00:00 AM

#:10 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 6-9-2004 5:50:16 PM
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 11/10/2003 1:30:04 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 11/10/2003 1:30:04 PM

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-9-2004 5:50:17 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/29/2002 11:00:00 AM

#:12 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ThreadCreationTime : 6-9-2004 5:50:19 PM
BasePriority : Normal
FileSize : 112 KB
FileVersion : 1.04.05b
Copyright : Copyright
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
Created on : 3/23/2004 9:02:25 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/6/2003 7:04:00 AM

#:13 [support.exe]
FilePath : C:\Program Files\Common Files\Dell\EUSW\
ThreadCreationTime : 6-9-2004 5:50:20 PM
BasePriority : Normal
FileSize : 288 KB
FileVersion : 2, 0, 0, 34
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : Dell
FileDescription : Support
InternalName : Support
OriginalFilename : Support.exe
ProductName : Dell Support
Created on : 10/7/2003 10:21:10 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 10/7/2003 10:21:10 PM

#:14 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 6-9-2004 5:50:20 PM
BasePriority : Normal
FileSize : 69 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 11/10/2003 1:30:02 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 11/10/2003 1:30:02 PM

#:15 [hpztsb09.exe]
FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\
ThreadCreationTime : 6-9-2004 5:50:20 PM
BasePriority : Normal
FileSize : 184 KB
FileVersion : 2.236.2.0
ProductVersion : 2.236.2.0
Copyright : Copyright © Hewlett-Packard Company 1999-2003
CompanyName : HP
ProductName : HP DeskJet
Created on : 4/9/2004 9:24:58 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 7/28/2003 1:43:44 PM

#:16 [hpcmpmgr.exe]
FilePath : C:\Program Files\HP\hpcoretech\
ThreadCreationTime : 6-9-2004 5:50:21 PM
BasePriority : Normal
FileSize : 228 KB
FileVersion : 2.1.1
ProductVersion : 2.1.1
Copyright : Copyright © Hewlett-Packard. 2002-2003
CompanyName : Hewlett-Packard Company
FileDescription : HP Framework Component Manager Service
InternalName : HPComponentManagerService module
OriginalFilename : HPCmpMgr.exe
ProductName : hp coretech (COmponent REuse TECHnology)
Created on : 10/23/2003 11:51:18 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 10/23/2003 11:51:18 PM

#:17 [hpwuschd2.exe]
FilePath : C:\Program Files\Hewlett-Packard\HP Software Update\
ThreadCreationTime : 6-9-2004 5:50:21 PM
BasePriority : Normal
FileSize : 48 KB
FileVersion : 3, 0, 38, 1
ProductVersion : 3, 0, 38, 1
Copyright : Copyright
CompanyName : Hewlett-Packard Company
FileDescription : hpwuSchd
InternalName : hpwuSchd
OriginalFilename : hpwuSchd.exe
ProductName : HP Software Update Application
Created on : 2/18/2004 8:55:28 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 2/18/2004 8:55:28 PM

#:18 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 6-9-2004 5:50:21 PM
BasePriority : Normal
FileSize : 224 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
OriginalFilename : hpotdd01.exe
ProductName : Hewlett-Packard hpotdd01
Created on : 5/21/2003 10:37:08 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 5/21/2003 10:37:08 PM

#:19 [pcmservice.exe]
FilePath : C:\Program Files\Dell\Media Experience\
ThreadCreationTime : 6-9-2004 5:50:21 PM
BasePriority : Normal
FileSize : 200 KB
FileVersion : 1.0.0826
ProductVersion : 1.0.0826
Copyright : Copyright c 2003 CyberLink Corp.
CompanyName : CyberLink Corp.
FileDescription : PowerCinema Resident Program for Dell
InternalName : PowerCinema Resident Program for Dell
OriginalFilename : PCM2Launcher.EXE
ProductName : PCM2Launcher Application
Created on : 3/23/2004 9:02:59 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/27/2003 1:47:34 AM

#:20 [intelmem.exe]
FilePath : C:\Program Files\Intel\Modem Event Monitor\
ThreadCreationTime : 6-9-2004 5:50:21 PM
BasePriority : Normal
FileSize : 216 KB
FileVersion : 0, 1, 0, 10
ProductVersion : 0, 1, 0, 10
Copyright : Copyright © 2003
CompanyName : Intel Corporation
FileDescription : Modem Event Monitor Application
InternalName : Modem Event Monitor
OriginalFilename : IntelMEM.exe
ProductName : Intel Modem Event Monitor Application
Created on : 3/23/2004 9:02:05 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 9/4/2003 2:12:44 AM

#:21 [notifyalert.exe]
FilePath : C:\Program Files\Dell\Support\Alert\bin\
ThreadCreationTime : 6-9-2004 5:50:21 PM
BasePriority : Normal
FileSize : 344 KB
FileVersion : 2.1.0.72
ProductVersion : 2.1.0.72
InternalName : NotifyAlert.exe
OriginalFilename : NotifyAlert.exe
Created on : 10/7/2003 10:20:18 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 10/7/2003 10:20:18 PM

#:22 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ThreadCreationTime : 6-9-2004 5:50:21 PM
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 3/23/2004 9:05:58 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 3/23/2004 9:05:58 PM

#:23 [mmtask.exe]
FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\
ThreadCreationTime : 6-9-2004 5:50:21 PM
BasePriority : Normal
FileSize : 52 KB
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
Copyright : TODO: © <Company name>. All rights reserved.
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : mmtask.exe
OriginalFilename : mmtask.exe
ProductName : TODO: <Product name>
Created on : 3/23/2004 9:11:59 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 10/6/2003 4:05:40 PM

#:24 [wkufind.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ThreadCreationTime : 6-9-2004 5:50:22 PM
BasePriority : Normal
FileSize : 49 KB
FileVersion : 9.00.0607.0
ProductVersion : 9.00.0607.0
Copyright : Copyright
CompanyName : Microsoft
FileDescription : Microsoft
InternalName : WkUFind
OriginalFilename : WkUFind.exe
ProductName : Update Detection Module
Created on : 12/6/2003 4:08:04 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 12/6/2003 4:08:04 AM

#:25 [dsentry.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-9-2004 5:50:22 PM
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 5, 0
ProductVersion : 1, 0, 5, 0
Copyright : Copyright
CompanyName : Dell - Advanced Desktop Engineering
FileDescription : DVDSentry
InternalName : DVDSentry
OriginalFilename : DSentry.exe
ProductName : Dell - DVDSentry
Created on : 8/13/2003 4:27:40 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/13/2003 4:27:40 PM

#:26 [em_exec.exe]
FilePath : C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\
ThreadCreationTime : 6-9-2004 5:50:22 PM
BasePriority : Normal
FileSize : 28 KB
FileVersion : 9.70.216
ProductVersion : 9.70
Copyright : Copyright
CompanyName : Logitech Inc.
FileDescription : Control Center
InternalName : EM_EXEC
OriginalFilename : EM_EXEC.CPP
ProductName : MouseWare
Created on : 3/24/2004 7:41:01 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 7/1/2002 1:50:00 PM

#:27 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-9-2004 5:50:22 PM
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/29/2002 11:00:00 AM

#:28 [backweb-8876480.exe]
FilePath : C:\Program Files\Logitech\Desktop Messenger\8876480\Program\
ThreadCreationTime : 6-9-2004 5:50:23 PM
BasePriority : Normal
FileSize : 16 KB
Created on : 6/3/2004 1:14:13 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 6/3/2004 1:14:09 PM

#:29 [teatimer.exe]
FilePath : C:\Program Files\Spybot - Search & Destroy\
ThreadCreationTime : 6-9-2004 5:50:23 PM
BasePriority : Idle
FileSize : 1014 KB
FileVersion : 1, 3, 0, 12
ProductVersion : 1, 3, 0, 12
CompanyName : Safer Networking Limited
FileDescription : System settings protector
InternalName : TeaTimer
OriginalFilename : TeaTimer.exe
ProductName : Spybot - Search & Destroy
Created on : 5/12/2004 5:03:00 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 5/12/2004 5:03:00 AM

#:30 [newsflsh.exe]
FilePath : C:\Program Files\Common Files\MySoftware\
ThreadCreationTime : 6-9-2004 5:50:24 PM
BasePriority : Normal
FileSize : 212 KB
FileVersion : 1, 0, 0, 0
ProductVersion : 1, 0, 0, 2
Copyright : Copyright
CompanyName : MySoftware, Inc.
FileDescription : WebSniffer
InternalName : WEBSNIFFER
OriginalFilename : WEBSNIFFER.EXE
ProductName : MySoftware InterCom WebSniffer Utility
Created on : 4/1/2004 8:36:47 PM
Last accessed : 6/9/2004 5:50:24 PM
Last modified : 2/6/2001 7:32:02 PM

#:31 [ccproxy.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 6-9-2004 5:50:30 PM
BasePriority : Normal
FileSize : 213 KB
FileVersion : 2.1.2.800
ProductVersion : 2.1.2.800
Copyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Network Proxy Service
InternalName : ccProxy
OriginalFilename : ccProxy.exe
ProductName : Common Client
Created on : 3/24/2004 3:20:54 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 1/28/2004 12:06:54 AM

#:32 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-9-2004 5:50:31 PM
BasePriority : Normal
FileSize : 43 KB
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
Copyright : Copyright © Creative Technology Ltd., 1999. All rights reserved.
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
OriginalFilename : CTsvcCDA.EXE
ProductName : Creative Service for CDROM Access
Created on : 3/23/2004 9:03:51 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 12/13/1999 7:01:00 AM

#:33 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ThreadCreationTime : 6-9-2004 5:50:31 PM
BasePriority : Normal
FileSize : 264 KB
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
Copyright : Copyright © Microsoft Corp. 1997-2000
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft Development Environment
Created on : 2/23/2001 3:07:30 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 2/23/2001 3:07:30 PM

#:34 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 6-9-2004 5:50:31 PM
BasePriority : Normal
FileSize : 155 KB
FileVersion : 10.00.2
ProductVersion : 10.00.2
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 5/15/2004 5:01:43 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 4/23/2004 3:04:18 PM

#:35 [nprotect.exe]
FilePath : C:\Program Files\Norton AntiVirus\AdvTools\
ThreadCreationTime : 6-9-2004 5:50:31 PM
BasePriority : Normal
FileSize : 132 KB
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
Copyright : Copyright © 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
OriginalFilename : NPROTECT.EXE
ProductName : Norton Utilities
Created on : 3/24/2004 3:09:35 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/14/2002 1:03:00 PM

#:36 [diagent.exe]
FilePath : C:\Program Files\Creative\SBLive\Diagnostics\
ThreadCreationTime : 6-9-2004 5:50:32 PM
BasePriority : Normal
FileSize : 132 KB
FileVersion : 1, 1, 4, 0
ProductVersion : 1.01.04
Copyright : Copyright © 2002 Creative Technology Ltd
CompanyName : Creative Technology Ltd
FileDescription : Creative Diagnostics Agent
InternalName : Creative Diagnostics Agent
OriginalFilename : diagent.exe
ProductName : Creative Diagnostics Agent
Created on : 3/23/2004 9:03:47 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 4/3/2002 7:01:00 AM

#:37 [savscan.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 6-9-2004 5:50:35 PM
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.1.14
ProductVersion : 9.2
Copyright : Copyright © 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 11/7/2003 5:46:58 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 11/7/2003 5:46:58 PM

#:38 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 6-9-2004 5:50:36 PM
BasePriority : Normal
FileSize : 189 KB
FileVersion : 5.3.1.53
ProductVersion : 5.3
Copyright : Copyright 2002, 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
OriginalFilename : SndSrvc.exe
ProductName : Symantec Security Drivers
Created on : 4/30/2004 1:27:36 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 4/30/2004 1:27:36 AM

#:39 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-9-2004 5:50:36 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/29/2002 11:00:00 AM

#:40 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ThreadCreationTime : 6-9-2004 5:50:36 PM
BasePriority : Normal
FileSize : 572 KB
FileVersion : 1, 8, 48, 79
ProductVersion : 1, 8, 48, 79
Copyright : Copyright © 2003
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
OriginalFilename : symlcsvc.exe
ProductName : Symantec Core Component
Created on : 3/24/2004 3:08:23 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 3/24/2004 3:08:23 PM

#:41 [mspmspsv.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-9-2004 5:50:37 PM
BasePriority : Normal
FileSize : 52 KB
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
Copyright : Copyright © Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
OriginalFilename : MSPMSPSV.EXE
ProductName : Microsoft ® DRM
Created on : 6/26/2000 1:44:20 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 6/26/2000 1:44:20 PM

#:42 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 6-9-2004 5:52:02 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 6/6/2004 5:14:35 PM
Last accessed : 6/9/2004 5:52:02 PM
Last modified : 7/13/2003 1:00:20 AM

#:43 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ThreadCreationTime : 6-9-2004 6:18:21 PM
BasePriority : Normal
FileSize : 1476 KB
FileVersion : 4.7.0041
ProductVersion : Version 4.7
Copyright : Copyright © Microsoft Corporation 1997-2001
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 8/20/2002 9:08:38 PM
Last accessed : 6/9/2004 5:50:06 PM
Last modified : 8/20/2002 9:08:38 PM

Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


Deep scanning and examining files (C:)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Tracking Cookie Object recognized!
Type : File
Data : ************@2o7[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\************\Cookies\
FileSize : 1 KB
Created on : 6/7/2004 7:31:40 PM
Last accessed : 6/9/2004 6:21:02 PM
Last modified : 6/7/2004 7:32:58 PM



Tracking Cookie Object recognized!
Type : File
Data : ************@bluestreak[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\************\Cookies\

Created on : 6/3/2004 8:01:26 PM
Last accessed : 6/9/2004 6:21:02 PM
Last modified : 6/3/2004 8:01:26 PM



Tracking Cookie Object recognized!
Type : File
Data : ************@server.iad.liveperson[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\************\Cookies\

Created on : 6/7/2004 12:30:48 AM
Last accessed : 6/9/2004 6:21:03 PM
Last modified : 6/7/2004 7:31:40 PM



Tracking Cookie Object recognized!
Type : File
Data : ************@statcounter[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\************\Cookies\

Created on : 6/7/2004 10:38:37 PM
Last accessed : 6/9/2004 6:21:03 PM
Last modified : 6/7/2004 10:38:37 PM



BroadCastPC Object recognized!
Type : File
Data : glc79.tmp
Category : Data Miner
Comment :
Object : C:\Documents and Settings\************\Local Settings\Temp\
FileSize : 161 KB
Created on : 6/3/2004 5:33:28 PM
Last accessed : 6/9/2004 6:21:18 PM
Last modified : 6/3/2004 5:33:28 PM



BroadCastPC Object recognized!
Type : File
Data : glc7d.tmp
Category : Data Miner
Comment :
Object : C:\Documents and Settings\************\Local Settings\Temp\
FileSize : 161 KB
Created on : 6/3/2004 5:34:30 PM
Last accessed : 6/9/2004 6:21:18 PM
Last modified : 6/3/2004 5:34:30 PM



BroadCastPC Object recognized!
Type : File
Data : glk7a.tmp
Category : Data Miner
Comment :
Object : C:\Documents and Settings\************\Local Settings\Temp\
FileSize : 33 KB
Created on : 6/3/2004 5:33:28 PM
Last accessed : 6/9/2004 6:21:18 PM
Last modified : 6/3/2004 5:33:29 PM



BroadCastPC Object recognized!
Type : File
Data : glk7e.tmp
Category : Data Miner
Comment :
Object : C:\Documents and Settings\************\Local Settings\Temp\
FileSize : 33 KB
Created on : 6/3/2004 5:34:30 PM
Last accessed : 6/9/2004 6:21:18 PM
Last modified : 6/3/2004 5:34:30 PM



Disk scan result for C:\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 8


Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Hosts file scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
1 entries scanned.
New objects :0
Objects found so far: 8




Performing conditional scans..
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Conditional scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 8


2:31:43 PM Scan complete

Summary of this scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Total scanning time :00:13:10:421
Objects scanned :194676
Objects identified :8
Objects ignored :0
New objects :8

BC AdBot (Login to Remove)

 


#2 missfilippa

missfilippa
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 09 June 2004 - 02:48 PM

I guess I am not too bright: I cannot seem to post a log that is within the
allowed LENGTH. I need help..... missfilippa..... thank you.....

#3 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:48 PM

Posted 09 June 2004 - 03:11 PM

Please do the following:

Create a directory on your hardrive to save HijackThis.exe. A directory like c:\hijackthis. If you do not do this, you will not be able to use the backup/restore features.

Download HijackThis from:

HijackThis

Save this file into the directory you made previously and then run the program. Click on the Scan button and when it is finished click on the Save Log button. A Notepad window will open with the contents of this log. Click on Edit then click on Select all. Then click on Edit and then Click on Copy.

Create a reply to this post, and right click in message area and select paste to paste the log into the post.

Someone will reply to you after reading this post. DO NOT fix any entries unless you understand what you are doing.

To see a tutorial on using HijackThis you can click on the link below:

HijackThis - Using HijackThis to Remove Spyware, Browser Hijackers, and Dialers

#4 missfilippa

missfilippa
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:11:48 PM

Posted 10 June 2004 - 12:49 AM

Logfile of HijackThis v1.97.7
Scan saved at 1:45:16 AM, on 6/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\DSentry.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\MySoftware\NewsFlsh.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\************\Desktop\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.dell4me.com/myway
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MySoftware NewsFlash.lnk = C:\Program Files\Common Files\MySoftware\NewsFlsh.exe
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?316

#5 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:48 PM

Posted 10 June 2004 - 09:45 AM

This log looks clean to me.

#6 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:48 PM

Posted 10 June 2004 - 10:13 AM

Hi missfilippa, :thumbsup:
I'll confirm Grinler's asessment. There is nothing malicious showing up in your log. Could you tell us what's happening that makes you suspect you have malware on your system?

We always did feel the same

We just started from a different point of view

Tangled up in blue--Bob Dylan





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users