Joined
·
115 Posts
My comp is so slow at everything. I ran adaware and deleted 8 objects, 7 tracking cookies and something called alexa.
it said I had 24 processes running, I have no idea what or how I can eliminate some of them can someone plz review my logs and help me?
Hijack log
Logfile of HijackThis v1.97.7
Scan saved at 1:47:09 PM, on 3/31/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\System32\dllhost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\MaryJ\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O15 - Trusted Zone: http://forums.techguy.org
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
O16 - DPF: {E9AE575A-FA4A-11D3-90F7-00C0CA1618FF} (BuzMeSetup Class) - http://www.buzme.com/ActiveX/BMAXSetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58E4EAB5-DE9B-410D-A1CD-DFB6F44D8282}: NameServer = 205.171.3.65 205.171.16.251
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Wednesday, March 31, 2004 1:40:49 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R279 31.03.2004
______________________________________________________
Reffile status:
=========================
Reference file loaded:
Reference Number : 01R217 08.09.2003
Internal build : 107
File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
Total size : 574398 Bytes
Signature data size : 563299 Bytes
Reference data size : 11035 Bytes
Signatures total : 12937
Target categories : 10
Target families : 267
3-31-2004 1:11:41 PM Performing Webupdate...
Installing Update...
Reference file loaded:
Reference Number : 01R279 31.03.2004
Internal build : 207
File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1010390 Bytes
Signature data size : 992994 Bytes
Reference data size : 17332 Bytes
Signatures total : 22327
Target categories : 10
Target families : 470
3-31-2004 1:13:38 PM Success.
Update successfully downlodaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:15 %
Total physical memory:63984 kb
Available physical memory:9084 kb
Total page file size:151732 kb
Available on page file:35008 kb
Total virtual memory:2097024 kb
Available virtual memory:2039340 kb
OS:
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
3-31-2004 1:40:49 PM - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 3-31-2004 5:57:45 PM
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:01 PM
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:04 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:04 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:55:00 PM
Last modified : 3/31/2003 12:00:00 PM
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:08 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 5:58:09 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:7 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 3-31-2004 5:58:20 PM
BasePriority : Normal
FileSize : 973 KB
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 5/12/2003 2:12:10 AM
Last accessed : 3/31/2004 6:04:44 PM
Last modified : 5/12/2003 2:12:10 AM
#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:26 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:55:01 PM
Last modified : 3/31/2003 12:00:00 PM
#:9 [netdde.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:32 PM
BasePriority : Normal
FileSize : 103 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : Network DDE - DDE Communication
InternalName : NETDDE.EXE
OriginalFilename : NETDDE.EXE
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:55:00 PM
Last modified : 3/31/2003 12:00:00 PM
#:10 [mcvsshld.exe]
FilePath : C:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 3-31-2004 5:58:49 PM
BasePriority : Normal
FileSize : 160 KB
FileVersion : 8, 0, 0, 15
ProductVersion : 8, 0, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan ActiveShield Resource
InternalName : msvcshld
OriginalFilename : mcvsshld.exe
ProductName : McAfee VirusScan
Created on : 3/28/2004 8:05:19 AM
Last accessed : 3/31/2004 5:58:00 PM
Last modified : 8/18/2003 2:50:34 AM
#:11 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ThreadCreationTime : 3-31-2004 5:58:49 PM
BasePriority : Normal
FileSize : 240 KB
FileVersion : 4, 3, 0, 27
ProductVersion : 4, 3, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
OriginalFilename : mcagent.exe
ProductName : McAfee SecurityCenter
Created on : 3/26/2004 1:13:16 AM
Last accessed : 3/31/2004 5:58:00 PM
Last modified : 12/8/2003 8:38:52 PM
#:12 [mcvsescn.exe]
FilePath : c:\progra~1\mcafee.com\vso\
ThreadCreationTime : 3-31-2004 5:58:52 PM
BasePriority : Normal
FileSize : 404 KB
FileVersion : 8, 0, 0, 20
ProductVersion : 8, 0, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan E-mail Scan Module
InternalName : mcvsescn
OriginalFilename : mcvsescn.EXE
ProductName : McAfee VirusScan
Created on : 3/26/2004 1:14:32 AM
Last accessed : 3/31/2004 6:17:40 PM
Last modified : 9/28/2003 6:47:00 PM
#:13 [cisvc.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:57 PM
BasePriority : Normal
FileSize : 5 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Content Index service
InternalName : cisvc.exe
OriginalFilename : cisvc.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:14 [clipsrv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:59:05 PM
BasePriority : Normal
FileSize : 30 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Windows NT DDE Server
InternalName : CLIPSRV.EXE
OriginalFilename : CLIPSRV.EXE
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:15 [dllhost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 5:59:07 PM
BasePriority : Normal
FileSize : 4 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
OriginalFilename : dllhost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:16 [mcshield.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 3-31-2004 5:59:12 PM
BasePriority : High
FileSize : 220 KB
Created on : 3/28/2004 8:05:07 AM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/13/2002 1:50:34 PM
#:17 [mcvsrte.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 3-31-2004 5:59:16 PM
BasePriority : Normal
FileSize : 104 KB
FileVersion : 8, 0, 0, 12
ProductVersion : 8, 0, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan Real-time Engine
InternalName : mcvsrte
OriginalFilename : mcvsrte.exe
ProductName : McAfee VirusScan
Created on : 3/28/2004 8:05:18 AM
Last accessed : 3/31/2004 5:46:44 PM
Last modified : 8/8/2003 11:04:38 PM
#:18 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 6:00:13 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:19 [dllhost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 6:00:17 PM
BasePriority : Normal
FileSize : 4 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
OriginalFilename : dllhost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:20 [vssvc.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 6:00:38 PM
BasePriority : Normal
FileSize : 269 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Microsoft
InternalName : VSSVC.EXE
OriginalFilename : VSSVC.EXE
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:55:01 PM
Last modified : 3/31/2003 12:00:00 PM
#:21 [wmiapsrv.exe]
FilePath : C:\WINDOWS\System32\wbem\
ThreadCreationTime : 3-31-2004 6:00:48 PM
BasePriority : Normal
FileSize : 114 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : WMI Performance Adapter Service
InternalName : WmiApSrv.exe
OriginalFilename : WmiApSrv.exe
ProductName : Microsoft
Created on : 3/28/2004 7:06:54 AM
Last accessed : 3/31/2004 5:55:01 PM
Last modified : 3/31/2003 12:00:00 PM
#:22 [dmadmin.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 6:00:56 PM
BasePriority : Normal
FileSize : 200 KB
FileVersion : 2600.0.503.0
ProductVersion : 1.0
Copyright : Copyright
CompanyName : Microsoft Corp., Veritas Software
FileDescription : Logical Disk Manager service process
InternalName : dmadmin
OriginalFilename : dmadmin.exe
ProductName : Logical Disk Manager for Windows NT
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:45:05 PM
Last modified : 3/31/2003 12:00:00 PM
#:23 [cidaemon.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 6:05:57 PM
BasePriority : Idle
FileSize : 8 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Indexing Service filter daemon
InternalName : cidaemon.exe
OriginalFilename : cidaemon.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:51:09 PM
Last modified : 3/31/2003 12:00:00 PM
#:24 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 3-31-2004 6:09:16 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 3/31/2004 6:08:14 PM
Last accessed : 3/31/2004 6:09:19 PM
Last modified : 7/13/2003 3:00:20 AM
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
1 entries scanned.
New objects :0
Objects found so far: 0
1:45:07 PM Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:04:16:609
Objects scanned :34067
Objects identified :0
Objects ignored :0
New objects :0
it said I had 24 processes running, I have no idea what or how I can eliminate some of them can someone plz review my logs and help me?
Hijack log
Logfile of HijackThis v1.97.7
Scan saved at 1:47:09 PM, on 3/31/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\System32\dllhost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\MaryJ\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O15 - Trusted Zone: http://forums.techguy.org
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
O16 - DPF: {E9AE575A-FA4A-11D3-90F7-00C0CA1618FF} (BuzMeSetup Class) - http://www.buzme.com/ActiveX/BMAXSetup.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58E4EAB5-DE9B-410D-A1CD-DFB6F44D8282}: NameServer = 205.171.3.65 205.171.16.251
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Wednesday, March 31, 2004 1:40:49 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R279 31.03.2004
______________________________________________________
Reffile status:
=========================
Reference file loaded:
Reference Number : 01R217 08.09.2003
Internal build : 107
File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
Total size : 574398 Bytes
Signature data size : 563299 Bytes
Reference data size : 11035 Bytes
Signatures total : 12937
Target categories : 10
Target families : 267
3-31-2004 1:11:41 PM Performing Webupdate...
Installing Update...
Reference file loaded:
Reference Number : 01R279 31.03.2004
Internal build : 207
File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1010390 Bytes
Signature data size : 992994 Bytes
Reference data size : 17332 Bytes
Signatures total : 22327
Target categories : 10
Target families : 470
3-31-2004 1:13:38 PM Success.
Update successfully downlodaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:15 %
Total physical memory:63984 kb
Available physical memory:9084 kb
Total page file size:151732 kb
Available on page file:35008 kb
Total virtual memory:2097024 kb
Available virtual memory:2039340 kb
OS:
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
3-31-2004 1:40:49 PM - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 3-31-2004 5:57:45 PM
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:01 PM
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:04 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:04 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:55:00 PM
Last modified : 3/31/2003 12:00:00 PM
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:08 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 5:58:09 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:7 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 3-31-2004 5:58:20 PM
BasePriority : Normal
FileSize : 973 KB
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 5/12/2003 2:12:10 AM
Last accessed : 3/31/2004 6:04:44 PM
Last modified : 5/12/2003 2:12:10 AM
#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:26 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:55:01 PM
Last modified : 3/31/2003 12:00:00 PM
#:9 [netdde.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:32 PM
BasePriority : Normal
FileSize : 103 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : Network DDE - DDE Communication
InternalName : NETDDE.EXE
OriginalFilename : NETDDE.EXE
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:55:00 PM
Last modified : 3/31/2003 12:00:00 PM
#:10 [mcvsshld.exe]
FilePath : C:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 3-31-2004 5:58:49 PM
BasePriority : Normal
FileSize : 160 KB
FileVersion : 8, 0, 0, 15
ProductVersion : 8, 0, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan ActiveShield Resource
InternalName : msvcshld
OriginalFilename : mcvsshld.exe
ProductName : McAfee VirusScan
Created on : 3/28/2004 8:05:19 AM
Last accessed : 3/31/2004 5:58:00 PM
Last modified : 8/18/2003 2:50:34 AM
#:11 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ThreadCreationTime : 3-31-2004 5:58:49 PM
BasePriority : Normal
FileSize : 240 KB
FileVersion : 4, 3, 0, 27
ProductVersion : 4, 3, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
OriginalFilename : mcagent.exe
ProductName : McAfee SecurityCenter
Created on : 3/26/2004 1:13:16 AM
Last accessed : 3/31/2004 5:58:00 PM
Last modified : 12/8/2003 8:38:52 PM
#:12 [mcvsescn.exe]
FilePath : c:\progra~1\mcafee.com\vso\
ThreadCreationTime : 3-31-2004 5:58:52 PM
BasePriority : Normal
FileSize : 404 KB
FileVersion : 8, 0, 0, 20
ProductVersion : 8, 0, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan E-mail Scan Module
InternalName : mcvsescn
OriginalFilename : mcvsescn.EXE
ProductName : McAfee VirusScan
Created on : 3/26/2004 1:14:32 AM
Last accessed : 3/31/2004 6:17:40 PM
Last modified : 9/28/2003 6:47:00 PM
#:13 [cisvc.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:58:57 PM
BasePriority : Normal
FileSize : 5 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Content Index service
InternalName : cisvc.exe
OriginalFilename : cisvc.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:14 [clipsrv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 5:59:05 PM
BasePriority : Normal
FileSize : 30 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Windows NT DDE Server
InternalName : CLIPSRV.EXE
OriginalFilename : CLIPSRV.EXE
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:15 [dllhost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 5:59:07 PM
BasePriority : Normal
FileSize : 4 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
OriginalFilename : dllhost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:16 [mcshield.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 3-31-2004 5:59:12 PM
BasePriority : High
FileSize : 220 KB
Created on : 3/28/2004 8:05:07 AM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/13/2002 1:50:34 PM
#:17 [mcvsrte.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 3-31-2004 5:59:16 PM
BasePriority : Normal
FileSize : 104 KB
FileVersion : 8, 0, 0, 12
ProductVersion : 8, 0, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan Real-time Engine
InternalName : mcvsrte
OriginalFilename : mcvsrte.exe
ProductName : McAfee VirusScan
Created on : 3/28/2004 8:05:18 AM
Last accessed : 3/31/2004 5:46:44 PM
Last modified : 8/8/2003 11:04:38 PM
#:18 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 6:00:13 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:19 [dllhost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 6:00:17 PM
BasePriority : Normal
FileSize : 4 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
OriginalFilename : dllhost.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:54:59 PM
Last modified : 3/31/2003 12:00:00 PM
#:20 [vssvc.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 6:00:38 PM
BasePriority : Normal
FileSize : 269 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Microsoft
InternalName : VSSVC.EXE
OriginalFilename : VSSVC.EXE
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:55:01 PM
Last modified : 3/31/2003 12:00:00 PM
#:21 [wmiapsrv.exe]
FilePath : C:\WINDOWS\System32\wbem\
ThreadCreationTime : 3-31-2004 6:00:48 PM
BasePriority : Normal
FileSize : 114 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : WMI Performance Adapter Service
InternalName : WmiApSrv.exe
OriginalFilename : WmiApSrv.exe
ProductName : Microsoft
Created on : 3/28/2004 7:06:54 AM
Last accessed : 3/31/2004 5:55:01 PM
Last modified : 3/31/2003 12:00:00 PM
#:22 [dmadmin.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 3-31-2004 6:00:56 PM
BasePriority : Normal
FileSize : 200 KB
FileVersion : 2600.0.503.0
ProductVersion : 1.0
Copyright : Copyright
CompanyName : Microsoft Corp., Veritas Software
FileDescription : Logical Disk Manager service process
InternalName : dmadmin
OriginalFilename : dmadmin.exe
ProductName : Logical Disk Manager for Windows NT
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:45:05 PM
Last modified : 3/31/2003 12:00:00 PM
#:23 [cidaemon.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 3-31-2004 6:05:57 PM
BasePriority : Idle
FileSize : 8 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Indexing Service filter daemon
InternalName : cidaemon.exe
OriginalFilename : cidaemon.exe
ProductName : Microsoft
Created on : 3/31/2003 12:00:00 PM
Last accessed : 3/31/2004 5:51:09 PM
Last modified : 3/31/2003 12:00:00 PM
#:24 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 3-31-2004 6:09:16 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 3/31/2004 6:08:14 PM
Last accessed : 3/31/2004 6:09:19 PM
Last modified : 7/13/2003 3:00:20 AM
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
1 entries scanned.
New objects :0
Objects found so far: 0
1:45:07 PM Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:04:16:609
Objects scanned :34067
Objects identified :0
Objects ignored :0
New objects :0
