# Please help computer being attacked



## scheenz570 (Mar 16, 2006)

My computer runs on windows XP service pack 2. Today all of a sudden norton antivirus started showing pop ups every two minitues. It says

SECURITY ALERT
HIGH RISK

Intrusion: MS ASN1 Integer Overflow TCP.
Intruder: 218.191.36.153(1232).
Risk Level : High
Protocol: TCP.
Attacked Port: netbios-ssn(139).

I am new to computers and the security world. Could you tell me what to do? How to do? Am I in serious trouble?

Thank You


----------



## scheenz570 (Mar 16, 2006)

*Adware Logfile*

Ad-Aware SE Build 1.06r1
Logfile Created on:Thursday, March 16, 2006 1:21:52 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R97 13.03.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):5 total references
Tracking Cookie(TAC index:3):4 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


3-16-2006 1:21:52 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Sheen Mathew\Application Data\microsoft\office\recent
Description : 


MRU List Object Recognized!
Location: : S-1-5-21-514352727-3894602836-3178344726-1005\software\google\navclient\1.1\history
Description : 


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : 


MRU List Object Recognized!
Location: : S-1-5-21-514352727-3894602836-3178344726-1005\software\microsoft\internet explorer\typedurls
Description : 


MRU List Object Recognized!
Location: : S-1-5-21-514352727-3894602836-3178344726-1005\software\microsoft\microsoft management console\recent file list
Description : 


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 452
ThreadCreationTime : 3-16-2006 4:28:52 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 504
ThreadCreationTime : 3-16-2006 4:28:54 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 532
ThreadCreationTime : 3-16-2006 4:28:56 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 576
ThreadCreationTime : 3-16-2006 4:28:57 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 588
ThreadCreationTime : 3-16-2006 4:28:57 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 3-16-2006 4:28:58 AM
BasePriority : Normal
FileVersion : 6.14.10.4123
ProductVersion : 6.14.10.4123
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 748
ThreadCreationTime : 3-16-2006 4:28:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 812
ThreadCreationTime : 3-16-2006 4:28:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 880
ThreadCreationTime : 3-16-2006 4:28:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 920
ThreadCreationTime : 3-16-2006 4:28:58 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 968
ThreadCreationTime : 3-16-2006 4:28:59 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1160
ThreadCreationTime : 3-16-2006 4:29:00 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:13 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1240
ThreadCreationTime : 3-16-2006 4:29:01 AM
BasePriority : Normal
FileVersion : 6.14.10.4123
ProductVersion : 6.14.10.4123
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE

#:14 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1288
ThreadCreationTime : 3-16-2006 4:29:01 AM
BasePriority : Normal
FileVersion : 5.5.1.6
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:15 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 1312
ThreadCreationTime : 3-16-2006 4:29:01 AM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright (c) 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:16 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1324
ThreadCreationTime : 3-16-2006 4:29:01 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:17 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1368
ThreadCreationTime : 3-16-2006 4:29:02 AM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:18 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1840
ThreadCreationTime : 3-16-2006 4:29:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:19 [em_exec.exe]
FilePath : C:\PROGRA~1\MOUSEW~1\SYSTEM\
ProcessID : 1996
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion : 9.40.139
ProductVersion : 9.40
ProductName : MouseWare
CompanyName : Logitech Inc. 
FileDescription : Control Center
InternalName : EM_EXEC
LegalCopyright : Copyright © Logitech Inc. 1987-2001.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : EM_EXEC.CPP
Comments : Created by the MouseWare Team 

#:20 [mmkeybd.exe]
FilePath : C:\Apps\ActivBoard\
ProcessID : 2004
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion : 1.00
ProductVersion : 1.00
ProductName : Netropa Hot Key
CompanyName : Netropa Corp.
FileDescription : Netropa(R) Hot Key
InternalName : Netropa Hot Key
LegalCopyright : Copyright (C) 2000-2001 Netropa Corp.
OriginalFilename : nhk.exe

#:21 [datala~1.exe]
FilePath : C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\
ProcessID : 2012
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion : 5, 0, 2, 561
ProductVersion : 5, 0
ProductName : Nokia PC Suite
CompanyName : Nokia Mobile Phones Ltd.
FileDescription : DataLayer 2.0 Module
InternalName : DataLayer 2.0
LegalCopyright : Copyright (c) 2004. Nokia. All rights reserved.
OriginalFilename : DataLayer.exe

#:22 [trayap~1.exe]
FilePath : C:\PROGRA~1\Nokia\NOKIAP~1\
ProcessID : 2020
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 22
ProductVersion : 1, 0, 0, 0
ProductName : Nokia Tray Application
FileDescription : Nokia Tray Application
InternalName : Nokia Tray Application
LegalCopyright : Copyright © 2001 - 2004 Nokia. All Rights Reserved.
OriginalFilename : TrayApplication.EXE

#:23 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 2028
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion : 6.0.2.23
ProductVersion : 6.0.2.23
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:24 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 2036
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion : 7.0.4
ProductVersion : QuickTime 7.0.4
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
LegalCopyright : Copyright Apple Computer, Inc. 1989-2006
OriginalFilename : QTTask.exe

#:25 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2044
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion  : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:26 [googletalk.exe]
FilePath : C:\Program Files\Google\Google Talk\
ProcessID : 160
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion : 1,0,0,86
ProductVersion : 1,0,0,86
ProductName : Google Talk
CompanyName : Google
FileDescription : Google Talk
InternalName : Google Talk
LegalCopyright : Copyright (C) 2005
OriginalFilename : googletalk.exe

#:27 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 176
ThreadCreationTime : 3-16-2006 4:29:06 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:28 [hpomau08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 220
ThreadCreationTime : 3-16-2006 4:29:07 AM
BasePriority : Normal
FileVersion : 4.2.0.021
ProductVersion : 2.4.1.021
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOMAU08
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOMAU08.EXE
Comments : HP OfficeJet <Maui> Series COM Device Objects

#:29 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 228
ThreadCreationTime : 3-16-2006 4:29:07 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Hewlett-Packard hpotdd01
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
LegalCopyright : Copyright © 2002
OriginalFilename : hpotdd01.exe

#:30 [servic~1.exe]
FilePath : C:\PROGRA~1\COMMON~1\PCSuite\Services\
ProcessID : 368
ThreadCreationTime : 3-16-2006 4:29:07 AM
BasePriority : Normal
FileVersion : 6, 0, 9, 0
ProductVersion : 6.0
ProductName : Nokia Connectivity Library
CompanyName : Nokia.
FileDescription : ServiceLayer Module
InternalName : ServiceLayer
LegalCopyright : Copyright © 2002-2004 Nokia. All Rights Reserved.
OriginalFilename : ServiceLayer.exe

#:31 [traymon.exe]
FilePath : C:\Apps\ActivBoard\
ProcessID : 980
ThreadCreationTime : 3-16-2006 4:29:10 AM
BasePriority : Normal


#:32 [hpoevm08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 1120
ThreadCreationTime : 3-16-2006 4:29:11 AM
BasePriority : Normal
FileVersion : 4.2.0.021
ProductVersion : 2.4.1.021
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOEVM08.EXE
Comments : HP OfficeJet COM Event Manager

#:33 [nhksrv.exe]
FilePath : C:\Apps\ActivBoard\
ProcessID : 1164
ThreadCreationTime : 3-16-2006 4:29:11 AM
BasePriority : Normal


#:34 [photoshopelementsfileagent.exe]
FilePath : C:\Program Files\Adobe\Photoshop Elements 3.0\
ProcessID : 1200
ThreadCreationTime : 3-16-2006 4:29:12 AM
BasePriority : Normal


#:35 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1480
ThreadCreationTime : 3-16-2006 4:29:15 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:36 [osd.exe]
FilePath : C:\Apps\ActivBoard\
ProcessID : 1488
ThreadCreationTime : 3-16-2006 4:29:15 AM
BasePriority : Normal
FileVersion : 2.02
ProductVersion : 2.02
ProductName : Onscreen Display
CompanyName : Netropa Corp.
FileDescription : Netropa(r) Onscreen Display
InternalName : OSD
LegalCopyright : Copyright © 1997-2001 Netropa Corp.
OriginalFilename : osd.exe

#:37 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 2068
ThreadCreationTime : 3-16-2006 4:29:18 AM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:38 [photoshopelementsdeviceconnect.exe]
FilePath : C:\Program Files\Adobe\Photoshop Elements 3.0\
ProcessID : 2100
ThreadCreationTime : 3-16-2006 4:29:18 AM
BasePriority : Normal


#:39 [slserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2232
ThreadCreationTime : 3-16-2006 4:29:19 AM
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:40 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2268
ThreadCreationTime : 3-16-2006 4:29:19 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:41 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 2304
ThreadCreationTime : 3-16-2006 4:29:19 AM
BasePriority : Normal
FileVersion : 1, 8, 54, 419
ProductVersion : 1, 8, 54, 419
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright (C) 2003
OriginalFilename : symlcsvc.exe

#:42 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2364
ThreadCreationTime : 3-16-2006 4:29:21 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:43 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 2820
ThreadCreationTime : 3-16-2006 4:29:33 AM
BasePriority : Normal
FileVersion : 6.0.2.23
ProductVersion : 6.0.2.23
ProductName : iTunes
CompanyName : Apple Computer, Inc.
 FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:44 [hposts08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
ProcessID : 3324
ThreadCreationTime : 3-16-2006 4:29:39 AM
BasePriority : Normal
FileVersion : 4.2.0.021
ProductVersion : 2.4.1.021
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOSTS08.EXE
Comments : HP OfficeJet Status

#:45 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3356
ThreadCreationTime : 3-16-2006 4:29:42 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:46 [hpofxm08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
ProcessID : 3512
ThreadCreationTime : 3-16-2006 4:29:44 AM
BasePriority : Normal
FileVersion : 4.2.0.021
ProductVersion : 2.4.1.021
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP AiO Fax Manager
InternalName : HPOFXM08
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOFXM08.EXE
Comments : HP AiO Fax Manager

#:47 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3672
ThreadCreationTime : 3-16-2006 5:10:07 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:48 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3128
ThreadCreationTime : 3-16-2006 5:21:15 AM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:49 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3232
ThreadCreationTime : 3-16-2006 5:21:17 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sheen [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:sheen [email protected]/
Expires : 3-15-2011 8:00:00 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sheen [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:sheen [email protected]/
Expires : 6-22-2009 8:00:00 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sheen [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:sheen [email protected]/
Expires : 1-1-2038 8:00:00 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sheen [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:sheen [email protected]/
Expires : 3-13-2016 12:48:54 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 9



Deep scanning and examining files (C
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9


Deep scanning and examining files (D
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 9




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9

1:36:08 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:14:15.672
Objects scanned:140802
Objects identified:4
Objects ignored:0
New critical objects:4


----------

