Jump to content


Photo

Adware Infection, please help me!


  • Please log in to reply
8 replies to this topic

#1 RossieW

RossieW

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 18 May 2006 - 11:54 PM

My computer has been infected by an adware or spyware and for the life of me I have been unable to fix it. The virus is 404dns[1] i believe and it is affecting my use of the internet by continually blocking sites and redirecting my explorer to www.404dns.com. If anyone could help be I would be extremely grateful.

#2 ___

___

    Advanced Member

  • Members
  • PipPipPip
  • 143 posts

Posted 19 May 2006 - 04:26 PM

Please post an Ad-Aware log file here for us to look at. We'll be able to help you better with the information contained within it.

#3 GRAFX

GRAFX

    Advanced Member

  • Members
  • PipPipPip
  • 515 posts

Posted 19 May 2006 - 09:37 PM

RossieW,
Please can you make sure that you are using
Ad-aware SE Build 106
[if not Uninstall your old Ad-aware first then install SE]
Then use the WebUpDate
to get the latest Definition file
(SE1R108 17.05.2006)
To do this Open Ad-aware
Click the WebUpDate
button at the top right hand side of the Ad-aware screen (The world globe).
Click "Connect"
Ad-aware will then download the latest Definition file for you.
To make sure it is updated , look at the main
Ad-aware screen, and look under "Initialization Status"
It should say the Latest Definition file.
then scan doing a "Full Scan" and then post your logfile here by using the Add-Reply Feature .
As Logs are stored in :
C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.
An easy way to get there is to
click Start,
click Run
And type in and press ENTER: %appdata%
then click Lavasoft
then Ad-Aware
and then Logs.
scroll down to find the latest one that you have
(by date & time)
and open it right Click select all
copy and then paste the contents of it here.
(Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all)
I recommend that you use the WebUpDate just before you scan that way you will always be up to date.

(note The Application Data is a hidden folder, so you will need to show hidden files and folders
and for Windows 98/ME users your logs are stored in
C:\WINDOWS\All Users\Application Data\ ) by default.

GRAFX Posted Image
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least
LandzDown

#4 ReemaB

ReemaB

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 22 May 2006 - 01:17 PM

Hi, could you please help me with the same problem. I keep getting redirected to www.404dns.com but before that my homepage is http://www.safetyuptodate.com/ and it won't let me change it back to google.

I followed ur instructions, which you gave to rosiew. Here is my Ad-Aware log file:


Ad-Aware SE Build 1.06r1
Logfile Created on:22 May 2006 11:45:55
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R109 22.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
ClickSpring(TAC index:6):1 total references
Tracking Cookie(TAC index:3):4 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


22-05-2006 11:45:55 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 740
ThreadCreationTime : 22-05-2006 10:00:03
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 788
ThreadCreationTime : 22-05-2006 10:00:07
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 812
ThreadCreationTime : 22-05-2006 10:00:16
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 856
ThreadCreationTime : 22-05-2006 10:00:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 868
ThreadCreationTime : 22-05-2006 10:00:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1032
ThreadCreationTime : 22-05-2006 10:00:23
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1120
ThreadCreationTime : 22-05-2006 10:00:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1164
ThreadCreationTime : 22-05-2006 10:00:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [evteng.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1248
ThreadCreationTime : 22-05-2006 10:00:26
BasePriority : Normal
FileVersion : 9, 0, 2, 10
ProductVersion : 9, 0, 2, 0
ProductName : EvtEng Module
CompanyName : Intel Corporation
FileDescription : EvtEng Module
InternalName : EvtEng
LegalCopyright : Copyright © Intel Corporation 1999-2005
OriginalFilename : EvtEng.EXE

#:10 [s24evmon.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1308
ThreadCreationTime : 22-05-2006 10:00:30
BasePriority : Normal
FileVersion : 9, 0, 2, 10
ProductVersion : 9, 0, 2, 0
ProductName : Mobile Unit Support Service
CompanyName : Intel Corporation
FileDescription : Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.
InternalName : S24EvMon
LegalCopyright : Copyright © Intel Corporation 1999-2005
OriginalFilename : S24EvMon.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1360
ThreadCreationTime : 22-05-2006 10:00:30
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1456
ThreadCreationTime : 22-05-2006 10:00:30
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:13 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1664
ThreadCreationTime : 22-05-2006 10:00:33
BasePriority : Normal
FileVersion : 104.0.8.3
ProductVersion : 104.0.8.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:14 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1744
ThreadCreationTime : 22-05-2006 10:00:33
BasePriority : Normal
FileVersion : 104.0.8.3
ProductVersion : 104.0.8.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:15 [ccproxy.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1856
ThreadCreationTime : 22-05-2006 10:00:35
BasePriority : Normal
FileVersion : 104.0.7.3
ProductVersion : 104.0.7.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe

#:16 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 240
ThreadCreationTime : 22-05-2006 10:00:36
BasePriority : Normal
FileVersion : 6.0.2.211
ProductVersion : 6.0
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002 - 2005 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:17 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 464
ThreadCreationTime : 22-05-2006 10:00:36
BasePriority : Normal
FileVersion : 2.1.0.4
ProductVersion : 2.1.0.4
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004, 2005 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:18 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 516
ThreadCreationTime : 22-05-2006 10:00:37
BasePriority : Normal
FileVersion : 1.9.1.762
ProductVersion : 1.9.1.762
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:19 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1228
ThreadCreationTime : 22-05-2006 10:00:42
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:20 [photoshopelementsfileagent.exe]
FilePath : C:\Program Files\Adobe\Photoshop Elements 3.0\
ProcessID : 1580
ThreadCreationTime : 22-05-2006 10:00:50
BasePriority : Normal


#:21 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1696
ThreadCreationTime : 22-05-2006 10:00:51
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:22 [sqlservr.exe]
FilePath : C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\
ProcessID : 1932
ThreadCreationTime : 22-05-2006 10:00:52
BasePriority : Normal
FileVersion : 2000.080.0760.00
ProductVersion : 8.00.760
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Windows NT
InternalName : SQLSERVR
LegalCopyright : © 1988-2003 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows™ is a trademark of Microsoft Corporation
OriginalFilename : SQLSERVR.EXE
Comments : NT INTEL X86

#:23 [navapsvc.exe]
FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\
ProcessID : 308
ThreadCreationTime : 22-05-2006 10:00:57
BasePriority : Normal
FileVersion : 12.2.0.13
ProductVersion : 12.2.0
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:24 [apoint.exe]
FilePath : C:\Program Files\Apoint\
ProcessID : 436
ThreadCreationTime : 22-05-2006 10:00:58
BasePriority : Normal
FileVersion : 5.5.7.136
ProductVersion : 5.5.7.136
ProductName : Alps Pointing-device Driver
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
LegalCopyright : Copyright © 1999-2003 Alps Electric Co., Ltd.
OriginalFilename : Apoint.exe

#:25 [rthdcpl.exe]
FilePath : C:\WINDOWS\
ProcessID : 452
ThreadCreationTime : 22-05-2006 10:00:59
BasePriority : Normal
FileVersion : 1.1.2.1
ProductVersion : 1.1.2.1
ProductName : Realtek HD Audio Sound Effect Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek HD Audio Control Panel
LegalCopyright : Copyright © 2004 Realtek Semiconductor Corp.
OriginalFilename : RTHDCPL.EXE

#:26 [ico.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 572
ThreadCreationTime : 22-05-2006 10:00:59
BasePriority : Normal
FileVersion : 1, 0, 0, 8
ProductVersion : 1.0.0.0
ProductName : MouseSuite 98
CompanyName : Primax Electronics Ltd.
FileDescription : Mouse Suite 98 Daemon
InternalName : pelmiced.exe
LegalCopyright : Copyright © 1997, Primax Electronics Ltd.
LegalTrademarks : Primax Electronics Ltd.

#:27 [spmgr.exe]
FilePath : C:\Program Files\Sony\VAIO Power Management\
ProcessID : 720
ThreadCreationTime : 22-05-2006 10:00:59
BasePriority : Normal
FileVersion : 1.7.00.05130
ProductVersion : 1.7.00
ProductName : Sony Power Management
CompanyName : Sony Corporation
FileDescription : SPM Module
LegalCopyright : Copyright 2003-2005 Sony Corporation

#:28 [isbmgr.exe]
FilePath : C:\Program Files\Sony\ISB Utility\
ProcessID : 732
ThreadCreationTime : 22-05-2006 10:00:59
BasePriority : Normal


#:29 [vaioupdt.exe]
FilePath : C:\Program Files\Sony\VAIO Update 2\
ProcessID : 756
ThreadCreationTime : 22-05-2006 10:01:00
BasePriority : Normal


#:30 [pdservice.exe]
FilePath : C:\Program Files\Utimaco\SafeGuard PrivateDisk\
ProcessID : 776
ThreadCreationTime : 22-05-2006 10:01:00
BasePriority : Normal
FileVersion : 1.00.6.7
ProductVersion : 1.00.6.7
ProductName : PrivateDisk
CompanyName : Utimaco Safeware AG
FileDescription : PrivateDisk Service
InternalName : PDService
LegalCopyright : Copyright © 1996 - 2004 Utimaco Safeware AG
OriginalFilename : PDService.exe

#:31 [acrotray.exe]
FilePath : C:\Program Files\Adobe\Acrobat 7.0\Distillr\
ProcessID : 920
ThreadCreationTime : 22-05-2006 10:01:00
BasePriority : Normal
FileVersion : 6.0.1.2005030300
ProductVersion : 6.0.1.2005030300
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2005 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe

#:32 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_06\bin\
ProcessID : 1340
ThreadCreationTime : 22-05-2006 10:01:00
BasePriority : Normal


#:33 [vmconsole.exe]
FilePath : C:\Program Files\Sony\VAIO Media Integrated Server\Platform\
ProcessID : 1388
ThreadCreationTime : 22-05-2006 10:01:01
BasePriority : Normal
FileVersion : 4.2.00.06070
ProductVersion : 4.2.00.06070
ProductName : VAIO Media Integrated Server
CompanyName : Sony Corporation
FileDescription : VAIO Media Console
InternalName : VMConsole
LegalCopyright : Copyright 2002, 2003, 2004, 2005 Sony Corporation
OriginalFilename : VMConsole.exe

#:34 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 1404
ThreadCreationTime : 22-05-2006 10:01:01
BasePriority : Normal
FileVersion : 0.1.0.3427
ProductVersion : 0.1.0.3427
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:35 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1412
ThreadCreationTime : 22-05-2006 10:01:01
BasePriority : Normal
FileVersion : 104.0.8.3
ProductVersion : 104.0.8.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:36 [dragdiag.exe]
FilePath : C:\Program Files\Thomson\SpeedTouch USB\
ProcessID : 1300
ThreadCreationTime : 22-05-2006 10:01:02
BasePriority : Normal
FileVersion : 301.0.0.12
ProductVersion : 301.0.0.12
ProductName : SpeedTouch USB
CompanyName : THOMSON Telecom Belgium
FileDescription : SpeedTouch Statistics
LegalCopyright : Copyright© THOMSON Telecom Belgium 1999-2004
LegalTrademarks : SpeedTouch

#:37 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1808
ThreadCreationTime : 22-05-2006 10:01:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:38 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 1616
ThreadCreationTime : 22-05-2006 10:01:03
BasePriority : Normal
FileVersion : 7.5.0324
ProductVersion : 7.5.0324
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:39 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1244
ThreadCreationTime : 22-05-2006 10:01:04
BasePriority : Normal
FileVersion : 6.14.10.7743
ProductVersion : 6.14.10.7743
ProductName : NVIDIA Driver Helper Service, Version 77.43
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 77.43
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:40 [skype.exe]
FilePath : C:\Program Files\Skype\Phone\
ProcessID : 2088
ThreadCreationTime : 22-05-2006 10:01:05
BasePriority : Normal


#:41 [superantispyware.exe]
FilePath : C:\Program Files\SUPERAntiSpyware\
ProcessID : 2152
ThreadCreationTime : 22-05-2006 10:01:05
BasePriority : Normal
FileVersion : 3, 1, 0, 1010
ProductVersion : 3, 1, 0, 1010
ProductName : SUPERAntiSpyware
CompanyName : SUPERAntiSpyware.com
FileDescription : SUPERAntiSpyware
InternalName : SUPERAntiSpyware
LegalCopyright : Copyright © 2006 by SUPERAntiSpyware.com and SUPERAdBlocker.com
OriginalFilename : SUPERAntiSpyware.exe

#:42 [apntex.exe]
FilePath : C:\Program Files\Apoint\
ProcessID : 2248
ThreadCreationTime : 22-05-2006 10:01:06
BasePriority : Normal
FileVersion : 5.0.1.15
ProductVersion : 5.0.1.15
ProductName : Alps Pointing-device Driver for Windows NT/2000/XP
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP
InternalName : Alps Pointing-device Driver for Windows NT/2000/XP
LegalCopyright : Copyright © 1998-2003 Alps Electric Co., Ltd.
OriginalFilename : ApntEx.exe

#:43 [photoshopelementsdeviceconnect.exe]
FilePath : C:\Program Files\Adobe\Photoshop Elements 3.0\
ProcessID : 2324
ThreadCreationTime : 22-05-2006 10:01:07
BasePriority : Normal


#:44 [regsrvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 2504
ThreadCreationTime : 22-05-2006 10:01:11
BasePriority : Normal
FileVersion : 9, 0, 2, 10
ProductVersion : 9, 0, 2, 0
ProductName : RegSrvc Module
CompanyName : Intel Corporation
FileDescription : RegSrvc Module
InternalName : RegSrvc
LegalCopyright : Copyright © Intel Corporation 1999-2005
OriginalFilename : RegSrvc.EXE
Comments : Registry Interface for Intel Wireless Products

#:45 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2560
ThreadCreationTime : 22-05-2006 10:01:11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:46 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2752
ThreadCreationTime : 22-05-2006 10:01:15
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:47 [vesmgr.exe]
FilePath : C:\Program Files\Sony\VAIO Event Service\
ProcessID : 2900
ThreadCreationTime : 22-05-2006 10:01:18
BasePriority : Normal
FileVersion : 2.2.00.04040
ProductVersion : 2.2.00
ProductName : VAIO Event Service
CompanyName : Sony Corporation
FileDescription : VAIO Event Service (Service Module)
InternalName : VESMgr.exe
LegalCopyright : Copyright 2004,2005 Sony Corp.
OriginalFilename : VESMgr.exe

#:48 [hcwsyncit.exe]
FilePath : C:\Program Files\WinTV\Scheduler\EPG\TvTv\
ProcessID : 2920
ThreadCreationTime : 22-05-2006 10:01:19
BasePriority : Normal
FileVersion : 1.01.4025
ProductVersion : 1.01.4025
ProductName : HcwSyncIt
CompanyName : HCW
InternalName : HcwSyncIt
OriginalFilename : HcwSyncIt.exe

#:49 [vmisrv.exe]
FilePath : C:\Program Files\Sony\VAIO Media Integrated Server\
ProcessID : 3004
ThreadCreationTime : 22-05-2006 10:01:20
BasePriority : Normal


#:50 [ymsgr_tray.exe]
FilePath : C:\PROGRA~1\Yahoo!\MESSEN~1\
ProcessID : 3372
ThreadCreationTime : 22-05-2006 10:01:33
BasePriority : Normal


#:51 [vcsw.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\
ProcessID : 3480
ThreadCreationTime : 22-05-2006 10:01:38
BasePriority : Normal


#:52 [vzcdbsvc.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\
ProcessID : 3664
ThreadCreationTime : 22-05-2006 10:01:41
BasePriority : Normal


#:53 [sv_httpd.exe]
FilePath : C:\Program Files\Sony\VAIO Media Integrated Server\Platform\
ProcessID : 3892
ThreadCreationTime : 22-05-2006 10:01:49
BasePriority : Normal
FileVersion : 3.0.00.18070
ProductVersion : 3.0.00.18070
ProductName : SV_Httpd.exe
CompanyName : Sony Corporation
FileDescription : Sony HTTP Server
InternalName : SV_Httpd
LegalCopyright : Copyright 2002, 2003, 2004 Sony Corp.
OriginalFilename : SV_Httpd.exe

#:54 [vzfw.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\
ProcessID : 4004
ThreadCreationTime : 22-05-2006 10:01:50
BasePriority : Normal


#:55 [upnpframework.exe]
FilePath : C:\Program Files\Sony\VAIO Media Integrated Server\Platform\
ProcessID : 300
ThreadCreationTime : 22-05-2006 10:01:51
BasePriority : Normal


#:56 [vzrs.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\
ProcessID : 2100
ThreadCreationTime : 22-05-2006 10:02:07
BasePriority : Normal


#:57 [wscntfy.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3520
ThreadCreationTime : 22-05-2006 10:02:11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wscntfy.exe

#:58 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3544
ThreadCreationTime : 22-05-2006 10:02:11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:59 [nscsrvce.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\Security Console\
ProcessID : 2332
ThreadCreationTime : 22-05-2006 10:02:19
BasePriority : Normal
FileVersion : 2006.1.5.17
ProductVersion : 2006.1.5
ProductName : Norton Security Console
CompanyName : Symantec Corporation
FileDescription : Norton Security Console Norton Protection Center Service
InternalName : NSCService
LegalCopyright : Norton Security Console 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.
OriginalFilename : NSCSrvce.exe

#:60 [igfxsrvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 4032
ThreadCreationTime : 22-05-2006 10:06:42
BasePriority : Normal
FileVersion : 3.0.0.4333
ProductVersion : 7.0.0.4333
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxsrvc Module
InternalName : IGFXSRVC
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXSRVC.EXE

#:61 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1756
ThreadCreationTime : 22-05-2006 10:12:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:62 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 1964
ThreadCreationTime : 22-05-2006 10:17:39
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:63 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 2268
ThreadCreationTime : 22-05-2006 10:30:50
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:64 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ProcessID : 3552
ThreadCreationTime : 22-05-2006 10:45:25
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : reema@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:reema@casalemedia.com/
Expires : 11-05-2007 13:17:40
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : reema@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:reema@tribalfusion.com/
Expires : 01-01-2038 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : reema@clickbank[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:reema@clickbank.net/
Expires : 18-11-2006 11:33:50
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : reema@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:reema@statcounter.com/
Expires : 21-05-2011 11:33:50
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 4



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

ClickSpring Object Recognized!
Type : File
Data : A0016253.exe
TAC Rating : 6
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{EE8B4CBF-618C-47CB-973B-B509954157CB}\RP120\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 5




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5

12:54:37 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:01:08:41.974
Objects scanned:172960
Objects identified:5
Objects ignored:0
New critical objects:5


THANKYOU

#5 GRAFX

GRAFX

    Advanced Member

  • Members
  • PipPipPip
  • 515 posts

Posted 22 May 2006 - 01:54 PM

ReemaB,
clear out your cache folder ie: temporary internet folder There are some free programs that you can use that will do that for you if needed like ;)
CCleaner
(Note in CCleaner: go to >options > advanced > Uncheck "Only delete files in Windows Temp folders older than 48 hours"). but see CCleaner Set up
then scan by doing a "Full Scan" then and once the scan has finished
mark and remove the items then Reboot (ie: Re-start your PC)
Then re-scan doing a "Full Scan"
Also can you do as CalamityJane has recommended here for removing Smitfraud

then after you have done can you scan with Ad-aware SE Build 106 doing a "Full Scan" and then post your logfile here by using the Add-Reply Feature .

GRAFX Posted Image
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least
LandzDown

#6 ReemaB

ReemaB

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 22 May 2006 - 09:48 PM

Grafx,
Here is my latest log file, thank you ever so much for your help :)

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):16 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


22-05-2006 21:29:27 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Reema\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-367936288-815237224-3399706203-1006\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 740
ThreadCreationTime : 22-05-2006 20:26:25
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 788
ThreadCreationTime : 22-05-2006 20:26:29
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 812
ThreadCreationTime : 22-05-2006 20:26:33
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 856
ThreadCreationTime : 22-05-2006 20:26:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 868
ThreadCreationTime : 22-05-2006 20:26:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1024
ThreadCreationTime : 22-05-2006 20:26:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1116
ThreadCreationTime : 22-05-2006 20:26:40
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1160
ThreadCreationTime : 22-05-2006 20:26:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [evteng.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1232
ThreadCreationTime : 22-05-2006 20:26:42
BasePriority : Normal
FileVersion : 9, 0, 2, 10
ProductVersion : 9, 0, 2, 0
ProductName : EvtEng Module
CompanyName : Intel Corporation
FileDescription : EvtEng Module
InternalName : EvtEng
LegalCopyright : Copyright © Intel Corporation 1999-2005
OriginalFilename : EvtEng.EXE

#:10 [s24evmon.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1308
ThreadCreationTime : 22-05-2006 20:26:46
BasePriority : Normal
FileVersion : 9, 0, 2, 10
ProductVersion : 9, 0, 2, 0
ProductName : Mobile Unit Support Service
CompanyName : Intel Corporation
FileDescription : Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.
InternalName : S24EvMon
LegalCopyright : Copyright © Intel Corporation 1999-2005
OriginalFilename : S24EvMon.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1356
ThreadCreationTime : 22-05-2006 20:26:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1432
ThreadCreationTime : 22-05-2006 20:26:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:13 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1704
ThreadCreationTime : 22-05-2006 20:26:49
BasePriority : Normal
FileVersion : 104.0.8.3
ProductVersion : 104.0.8.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:14 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1764
ThreadCreationTime : 22-05-2006 20:26:50
BasePriority : Normal
FileVersion : 104.0.8.3
ProductVersion : 104.0.8.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:15 [ccproxy.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1936
ThreadCreationTime : 22-05-2006 20:26:52
BasePriority : Normal
FileVersion : 104.0.7.3
ProductVersion : 104.0.7.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe

#:16 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 228
ThreadCreationTime : 22-05-2006 20:26:53
BasePriority : Normal
FileVersion : 6.0.2.211
ProductVersion : 6.0
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002 - 2005 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:17 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 432
ThreadCreationTime : 22-05-2006 20:26:53
BasePriority : Normal
FileVersion : 2.1.0.4
ProductVersion : 2.1.0.4
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004, 2005 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:18 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 588
ThreadCreationTime : 22-05-2006 20:26:54
BasePriority : Normal
FileVersion : 1.9.1.762
ProductVersion : 1.9.1.762
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:19 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1412
ThreadCreationTime : 22-05-2006 20:27:00
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1836
ThreadCreationTime : 22-05-2006 20:27:08
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:21 [photoshopelementsfileagent.exe]
FilePath : C:\Program Files\Adobe\Photoshop Elements 3.0\
ProcessID : 1956
ThreadCreationTime : 22-05-2006 20:27:09
BasePriority : Normal


#:22 [ewidoctrl.exe]
FilePath : C:\Program Files\ewido anti-malware\
ProcessID : 2044
ThreadCreationTime : 22-05-2006 20:27:10
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe

#:23 [ewidoguard.exe]
FilePath : C:\Program Files\ewido anti-malware\
ProcessID : 148
ThreadCreationTime : 22-05-2006 20:27:12
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : guard
CompanyName : ewido networks
FileDescription : guard
InternalName : guard
LegalCopyright : Copyright © 2004
OriginalFilename : guard.exe

#:24 [apoint.exe]
FilePath : C:\Program Files\Apoint\
ProcessID : 512
ThreadCreationTime : 22-05-2006 20:27:18
BasePriority : Normal
FileVersion : 5.5.7.136
ProductVersion : 5.5.7.136
ProductName : Alps Pointing-device Driver
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
LegalCopyright : Copyright © 1999-2003 Alps Electric Co., Ltd.
OriginalFilename : Apoint.exe

#:25 [rthdcpl.exe]
FilePath : C:\WINDOWS\
ProcessID : 524
ThreadCreationTime : 22-05-2006 20:27:18
BasePriority : Normal
FileVersion : 1.1.2.1
ProductVersion : 1.1.2.1
ProductName : Realtek HD Audio Sound Effect Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek HD Audio Control Panel
LegalCopyright : Copyright © 2004 Realtek Semiconductor Corp.
OriginalFilename : RTHDCPL.EXE

#:26 [sqlservr.exe]
FilePath : C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\
ProcessID : 912
ThreadCreationTime : 22-05-2006 20:27:18
BasePriority : Normal
FileVersion : 2000.080.0760.00
ProductVersion : 8.00.760
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Windows NT
InternalName : SQLSERVR
LegalCopyright : © 1988-2003 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows™ is a trademark of Microsoft Corporation
OriginalFilename : SQLSERVR.EXE
Comments : NT INTEL X86

#:27 [ico.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 668
ThreadCreationTime : 22-05-2006 20:27:18
BasePriority : Normal
FileVersion : 1, 0, 0, 8
ProductVersion : 1.0.0.0
ProductName : MouseSuite 98
CompanyName : Primax Electronics Ltd.
FileDescription : Mouse Suite 98 Daemon
InternalName : pelmiced.exe
LegalCopyright : Copyright © 1997, Primax Electronics Ltd.
LegalTrademarks : Primax Electronics Ltd.

#:28 [spmgr.exe]
FilePath : C:\Program Files\Sony\VAIO Power Management\
ProcessID : 768
ThreadCreationTime : 22-05-2006 20:27:19
BasePriority : Normal
FileVersion : 1.7.00.05130
ProductVersion : 1.7.00
ProductName : Sony Power Management
CompanyName : Sony Corporation
FileDescription : SPM Module
LegalCopyright : Copyright 2003-2005 Sony Corporation

#:29 [isbmgr.exe]
FilePath : C:\Program Files\Sony\ISB Utility\
ProcessID : 780
ThreadCreationTime : 22-05-2006 20:27:19
BasePriority : Normal


#:30 [vaioupdt.exe]
FilePath : C:\Program Files\Sony\VAIO Update 2\
ProcessID : 792
ThreadCreationTime : 22-05-2006 20:27:19
BasePriority : Normal


#:31 [pdservice.exe]
FilePath : C:\Program Files\Utimaco\SafeGuard PrivateDisk\
ProcessID : 916
ThreadCreationTime : 22-05-2006 20:27:20
BasePriority : Normal
FileVersion : 1.00.6.7
ProductVersion : 1.00.6.7
ProductName : PrivateDisk
CompanyName : Utimaco Safeware AG
FileDescription : PrivateDisk Service
InternalName : PDService
LegalCopyright : Copyright © 1996 - 2004 Utimaco Safeware AG
OriginalFilename : PDService.exe

#:32 [acrotray.exe]
FilePath : C:\Program Files\Adobe\Acrobat 7.0\Distillr\
ProcessID : 252
ThreadCreationTime : 22-05-2006 20:27:20
BasePriority : Normal
FileVersion : 6.0.1.2005030300
ProductVersion : 6.0.1.2005030300
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2005 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe

#:33 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_06\bin\
ProcessID : 1064
ThreadCreationTime : 22-05-2006 20:27:20
BasePriority : Normal


#:34 [vmconsole.exe]
FilePath : C:\Program Files\Sony\VAIO Media Integrated Server\Platform\
ProcessID : 1200
ThreadCreationTime : 22-05-2006 20:27:20
BasePriority : Normal
FileVersion : 4.2.00.06070
ProductVersion : 4.2.00.06070
ProductName : VAIO Media Integrated Server
CompanyName : Sony Corporation
FileDescription : VAIO Media Console
InternalName : VMConsole
LegalCopyright : Copyright 2002, 2003, 2004, 2005 Sony Corporation
OriginalFilename : VMConsole.exe

#:35 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 1504
ThreadCreationTime : 22-05-2006 20:27:21
BasePriority : Normal
FileVersion : 0.1.0.3427
ProductVersion : 0.1.0.3427
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:36 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1600
ThreadCreationTime : 22-05-2006 20:27:22
BasePriority : Normal
FileVersion : 104.0.8.3
ProductVersion : 104.0.8.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:37 [dragdiag.exe]
FilePath : C:\Program Files\Thomson\SpeedTouch USB\
ProcessID : 1620
ThreadCreationTime : 22-05-2006 20:27:22
BasePriority : Normal
FileVersion : 301.0.0.12
ProductVersion : 301.0.0.12
ProductName : SpeedTouch USB
CompanyName : THOMSON Telecom Belgium
FileDescription : SpeedTouch Statistics
LegalCopyright : Copyright© THOMSON Telecom Belgium 1999-2004
LegalTrademarks : SpeedTouch

#:38 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 696
ThreadCreationTime : 22-05-2006 20:27:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:39 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 1668
ThreadCreationTime : 22-05-2006 20:27:24
BasePriority : Normal
FileVersion : 7.5.0324
ProductVersion : 7.5.0324
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:40 [skype.exe]
FilePath : C:\Program Files\Skype\Phone\
ProcessID : 1908
ThreadCreationTime : 22-05-2006 20:27:25
BasePriority : Normal


#:41 [superantispyware.exe]
FilePath : C:\Program Files\SUPERAntiSpyware\
ProcessID : 1648
ThreadCreationTime : 22-05-2006 20:27:25
BasePriority : Normal
FileVersion : 3, 1, 0, 1010
ProductVersion : 3, 1, 0, 1010
ProductName : SUPERAntiSpyware
CompanyName : SUPERAntiSpyware.com
FileDescription : SUPERAntiSpyware
InternalName : SUPERAntiSpyware
LegalCopyright : Copyright © 2006 by SUPERAntiSpyware.com and SUPERAdBlocker.com
OriginalFilename : SUPERAntiSpyware.exe

#:42 [navapsvc.exe]
FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\
ProcessID : 2112
ThreadCreationTime : 22-05-2006 20:27:26
BasePriority : Normal
FileVersion : 12.2.0.13
ProductVersion : 12.2.0
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:43 [apntex.exe]
FilePath : C:\Program Files\Apoint\
ProcessID : 2228
ThreadCreationTime : 22-05-2006 20:27:27
BasePriority : Normal
FileVersion : 5.0.1.15
ProductVersion : 5.0.1.15
ProductName : Alps Pointing-device Driver for Windows NT/2000/XP
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP
InternalName : Alps Pointing-device Driver for Windows NT/2000/XP
LegalCopyright : Copyright © 1998-2003 Alps Electric Co., Ltd.
OriginalFilename : ApntEx.exe

#:44 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2436
ThreadCreationTime : 22-05-2006 20:27:33
BasePriority : Normal
FileVersion : 6.14.10.7743
ProductVersion : 6.14.10.7743
ProductName : NVIDIA Driver Helper Service, Version 77.43
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 77.43
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:45 [hcwsyncit.exe]
FilePath : C:\Program Files\WinTV\Scheduler\EPG\TvTv\
ProcessID : 2540
ThreadCreationTime : 22-05-2006 20:27:35
BasePriority : Normal
FileVersion : 1.01.4025
ProductVersion : 1.01.4025
ProductName : HcwSyncIt
CompanyName : HCW
InternalName : HcwSyncIt
OriginalFilename : HcwSyncIt.exe

#:46 [photoshopelementsdeviceconnect.exe]
FilePath : C:\Program Files\Adobe\Photoshop Elements 3.0\
ProcessID : 2544
ThreadCreationTime : 22-05-2006 20:27:35
BasePriority : Normal


#:47 [regsrvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 2940
ThreadCreationTime : 22-05-2006 20:27:39
BasePriority : Normal
FileVersion : 9, 0, 2, 10
ProductVersion : 9, 0, 2, 0
ProductName : RegSrvc Module
CompanyName : Intel Corporation
FileDescription : RegSrvc Module
InternalName : RegSrvc
LegalCopyright : Copyright © Intel Corporation 1999-2005
OriginalFilename : RegSrvc.EXE
Comments : Registry Interface for Intel Wireless Products

#:48 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2972
ThreadCreationTime : 22-05-2006 20:27:40
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:49 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3080
ThreadCreationTime : 22-05-2006 20:27:42
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:50 [vesmgr.exe]
FilePath : C:\Program Files\Sony\VAIO Event Service\
ProcessID : 3148
ThreadCreationTime : 22-05-2006 20:27:45
BasePriority : Normal
FileVersion : 2.2.00.04040
ProductVersion : 2.2.00
ProductName : VAIO Event Service
CompanyName : Sony Corporation
FileDescription : VAIO Event Service (Service Module)
InternalName : VESMgr.exe
LegalCopyright : Copyright 2004,2005 Sony Corp.
OriginalFilename : VESMgr.exe

#:51 [ymsgr_tray.exe]
FilePath : C:\PROGRA~1\Yahoo!\MESSEN~1\
ProcessID : 3416
ThreadCreationTime : 22-05-2006 20:27:54
BasePriority : Normal


#:52 [vmisrv.exe]
FilePath : C:\Program Files\Sony\VAIO Media Integrated Server\
ProcessID : 3540
ThreadCreationTime : 22-05-2006 20:27:57
BasePriority : Normal


#:53 [vcsw.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\
ProcessID : 3748
ThreadCreationTime : 22-05-2006 20:28:04
BasePriority : Normal


#:54 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3760
ThreadCreationTime : 22-05-2006 20:28:04
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:55 [sv_httpd.exe]
FilePath : C:\Program Files\Sony\VAIO Media Integrated Server\Platform\
ProcessID : 3948
ThreadCreationTime : 22-05-2006 20:28:08
BasePriority : Normal
FileVersion : 3.0.00.18070
ProductVersion : 3.0.00.18070
ProductName : SV_Httpd.exe
CompanyName : Sony Corporation
FileDescription : Sony HTTP Server
InternalName : SV_Httpd
LegalCopyright : Copyright 2002, 2003, 2004 Sony Corp.
OriginalFilename : SV_Httpd.exe

#:56 [vzcdbsvc.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\
ProcessID : 4044
ThreadCreationTime : 22-05-2006 20:28:09
BasePriority : Normal


#:57 [upnpframework.exe]
FilePath : C:\Program Files\Sony\VAIO Media Integrated Server\Platform\
ProcessID : 328
ThreadCreationTime : 22-05-2006 20:28:14
BasePriority : Normal


#:58 [vzfw.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\
ProcessID : 1608
ThreadCreationTime : 22-05-2006 20:28:17
BasePriority : Normal


#:59 [wscntfy.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3280
ThreadCreationTime : 22-05-2006 20:28:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wscntfy.exe

#:60 [vzrs.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\
ProcessID : 3412
ThreadCreationTime : 22-05-2006 20:28:34
BasePriority : Normal


#:61 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2412
ThreadCreationTime : 22-05-2006 20:28:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:62 [nscsrvce.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\Security Console\
ProcessID : 2148
ThreadCreationTime : 22-05-2006 20:28:42
BasePriority : Normal
FileVersion : 2006.1.5.17
ProductVersion : 2006.1.5
ProductName : Norton Security Console
CompanyName : Symantec Corporation
FileDescription : Norton Security Console Norton Protection Center Service
InternalName : NSCService
LegalCopyright : Norton Security Console 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.
OriginalFilename : NSCSrvce.exe

#:63 [launcher.exe]
FilePath : C:\Program Files\Sony\VAIO Launcher\
ProcessID : 2260
ThreadCreationTime : 22-05-2006 20:28:42
BasePriority : Normal
FileVersion : 1.4.10.06170
ProductVersion : 1.4.10.06170
ProductName : VAIO?????
CompanyName : Sony Corporation
FileDescription : VAIO?????
InternalName : Launcher
LegalCopyright : Copyright 2004 Sony Corp.
OriginalFilename : Launcher.exe

#:64 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2312
ThreadCreationTime : 22-05-2006 20:28:44
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:65 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1568
ThreadCreationTime : 22-05-2006 20:28:58
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:66 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 2672
ThreadCreationTime : 22-05-2006 20:29:17
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 16




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16

21:40:55 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:11:28.0
Objects scanned:159071
Objects identified:0
Objects ignored:0
New critical objects:0

#7 GRAFX

GRAFX

    Advanced Member

  • Members
  • PipPipPip
  • 515 posts

Posted 22 May 2006 - 10:55 PM

ReemaB,
Your Ad-aware log is clean :)
To be sure your pc is clean can you download HijackThis
After you have downloaded it and Unzipped it, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and then can you please post you Logfile in the
HijackThis Logs forum.
Call it some ting like "my HijachThis log" in the Topic Title
and then put "referred by GRAFX" as the Topic Description

Also Please can you include a link to this post for reference

GRAFX Posted Image
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least
LandzDown

#8 ReemaB

ReemaB

    Newbie

  • Members
  • Pip
  • 3 posts

Posted 23 May 2006 - 09:52 PM

Thank you Grafx,
I'll b glad to do that.
Take care and thank you again

#9 GRAFX

GRAFX

    Advanced Member

  • Members
  • PipPipPip
  • 515 posts

Posted 23 May 2006 - 10:10 PM

ReemaB,
Posted Image

GRAFX Posted Image
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least
LandzDown




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users