Slow Start Up of Windows XP - Footslog's Web Boards

For information on how to deal with, and protect your computer, please go down to the bottom of the help desk to the archive section (main page). From there select how to combat Spyware, in this archive there are many tools, which will help you combat this problem. Problems concerning the Windows XP Operating System should go in this forum.

Thread Closed

Email This Page to Someone

Footslog's Web Boards

Windows XP

Slow Start Up of Windows XP

profile | register | preferences | faq | search

This topic has been transferred to this forum: Cyber safety .

next newest topic | next oldest topic

Author	Topic: Slow Start Up of Windows XP
Josh1 Administrator	posted May 25, 2005 02:44 PM I am going to move your topic to Cyber Safety you can go to your topic here: http://www.footslog.com/board/Forum18/HTML/000514.html ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. [This message has been edited by Josh1 (edited May 25, 2005).] IP: Logged
Josh1 Administrator	posted April 21, 2005 11:07 PM You can use Adaware to delete them or yes go to Internet Options-settings-view files and you will have to find them, you can also have your browser block those cookies. Still in Internet Options go to Privacy-edit then type or copy and paste the cookie you want to block. ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sjs Member	posted April 21, 2005 05:50 AM How do you delete the data miner cookies? Where are they stored? Is it through internet options? IP: Logged
Josh1 Administrator	posted April 17, 2005 12:45 AM Go ahead and delete all the data miner cookies, and see if that helps. ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sjs Member	posted April 16, 2005 04:49 AM I ran Adaware and here is the report Ad-Aware SE Build 1.05 Logfile Created on:16 April 2005 10:34:08 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R39 15.04.2005 ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ References detected during the scan: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ MRU List(TAC index:0):42 total references Tracking Cookie(TAC index:3):22 total references ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 16-04-2005 10:34:08 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Documents and Settings\Simon\recent Description : list of recently opened documents MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start \| run MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start \| run MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\mediaplayer\preferences Description : last cd record path used in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\mediaplayer\preferences Description : last cd record path used in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1008\software\microsoft\windows media\wmsdk\general Description : windows media sdk Listing running processes ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 436 ThreadCreationTime : 16-04-2005 08:43:21 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 492 ThreadCreationTime : 16-04-2005 08:43:22 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 516 ThreadCreationTime : 16-04-2005 08:43:24 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 560 ThreadCreationTime : 16-04-2005 08:43:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 572 ThreadCreationTime : 16-04-2005 08:43:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 748 ThreadCreationTime : 16-04-2005 08:43:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 812 ThreadCreationTime : 16-04-2005 08:43:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 880 ThreadCreationTime : 16-04-2005 08:43:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 956 ThreadCreationTime : 16-04-2005 08:43:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1036 ThreadCreationTime : 16-04-2005 08:43:26 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1152 ThreadCreationTime : 16-04-2005 08:43:27 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:12 [aolacsd.exe] FilePath : C:\PROGRA~1\COMMON~1\AOL\ACS\ ProcessID : 1696 ThreadCreationTime : 16-04-2005 08:43:34 BasePriority : Normal #:13 [ccproxy.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1708 ThreadCreationTime : 16-04-2005 08:43:34 BasePriority : Normal FileVersion : 103.0.4.3 ProductVersion : 103.0.4.3 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Network Proxy Service InternalName : ccProxy LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccProxy.exe #:14 [ccsetmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1752 ThreadCreationTime : 16-04-2005 08:43:34 BasePriority : Normal FileVersion : 103.0.4.3 ProductVersion : 103.0.4.3 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Settings Manager Service InternalName : ccSetMgr LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccSetMgr.exe #:15 [issvc.exe] FilePath : C:\Program Files\Norton Internet Security\ ProcessID : 1812 ThreadCreationTime : 16-04-2005 08:43:34 BasePriority : Normal FileVersion : 8.0.2.5 ProductVersion : 8.0 ProductName : Norton Internet Security CompanyName : Symantec Corporation FileDescription : IS Service InternalName : ISSVC.exe LegalCopyright : Copyright (c) 2004 Symantec Corporation OriginalFilename : ISSVC.exe #:16 [navapsvc.exe] FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\ ProcessID : 1836 ThreadCreationTime : 16-04-2005 08:43:34 BasePriority : Normal FileVersion : 11.0.9.16 ProductVersion : 11.0.9 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright Љ 2004 Symantec Corporation. All rights reserved. OriginalFilename : NAVAPSVC.EXE #:17 [slserv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1944 ThreadCreationTime : 16-04-2005 08:43:35 BasePriority : Normal FileVersion : 2.80.00(24Apr2000) ProductVersion : 2.80.00 ProductName : Modem FileDescription : User-Level Modem Service InternalName : slserv LegalCopyright : Copyright Љ 1999-2000 OriginalFilename : slserv.exe #:18 [sndsrvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1980 ThreadCreationTime : 16-04-2005 08:43:35 BasePriority : Normal FileVersion : 5.4.4.17 ProductVersion : 5.4 ProductName : Symantec Security Drivers CompanyName : Symantec Corporation FileDescription : Network Driver Service InternalName : SndSrvc LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation OriginalFilename : SndSrvc.exe #:19 [spbbcsvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\ ProcessID : 176 ThreadCreationTime : 16-04-2005 08:43:38 BasePriority : Normal FileVersion : 1,0,1,47 ProductVersion : 1,0,1,47 ProductName : SPBBC CompanyName : Symantec Corporation FileDescription : SPBBC Service InternalName : SPBBCSvc LegalCopyright : Copyright (c) 2004 Symantec Corporation. All rights reserved. OriginalFilename : SPBBCSvc.exe #:20 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 192 ThreadCreationTime : 16-04-2005 08:43:38 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:21 [symlcsvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\ ProcessID : 232 ThreadCreationTime : 16-04-2005 08:43:38 BasePriority : Normal FileVersion : 1, 8, 54, 478 ProductVersion : 1, 8, 54, 478 ProductName : Symantec Core Component CompanyName : Symantec Corporation FileDescription : Symantec Core Component InternalName : symlcsvc LegalCopyright : Copyright (C) 2003 OriginalFilename : symlcsvc.exe #:22 [ccevtmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 364 ThreadCreationTime : 16-04-2005 08:43:38 BasePriority : Normal FileVersion : 103.0.4.3 ProductVersion : 103.0.4.3 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:23 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1528 ThreadCreationTime : 16-04-2005 08:45:05 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:24 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 2076 ThreadCreationTime : 16-04-2005 08:53:31 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:25 [pdvdserv.exe] FilePath : C:\Program Files\CyberLink\PowerDVD\ ProcessID : 2516 ThreadCreationTime : 16-04-2005 08:54:11 BasePriority : Normal FileVersion : 5.00.0000 ProductVersion : 5.00.0000 ProductName : PowerDVD CompanyName : Cyberlink Corp. FileDescription : PowerDVD RC Service InternalName : PowerDVD RC Service LegalCopyright : Copyright (c) CyberLink Corp. 1997-2002 OriginalFilename : PDVDSERV.EXE #:26 [zhotkey.exe] FilePath : C:\WINDOWS\ ProcessID : 2636 ThreadCreationTime : 16-04-2005 08:54:15 BasePriority : Normal FileVersion : 3, 0, 0, 1 ProductVersion : 3, 0, 0, 0 ProductName : Chicony Multimedia Driver CompanyName : Chicony FileDescription : Chicony Multimedia Driver InternalName : Multimedia Hotkey Driver LegalCopyright : Copyright (c) 2000 Chicony OriginalFilename : mHotkey.res #:27 [shwiconem.exe] FilePath : C:\Program Files\eMachines Bay Reader\ ProcessID : 2476 ThreadCreationTime : 16-04-2005 08:54:16 BasePriority : Idle FileVersion : 1, 4, 0, 8 ProductVersion : 1, 4, 0, 8 ProductName : Multimedia Card Reader CompanyName : Alcor Micro, Corp. LegalCopyright : Copyright c 2002 #:28 [ccapp.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 2312 ThreadCreationTime : 16-04-2005 08:54:16 BasePriority : Normal FileVersion : 103.0.4.3 ProductVersion : 103.0.4.3 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec User Session InternalName : ccApp LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccApp.exe #:29 [msmsgs.exe] FilePath : C:\Program Files\Messenger\ ProcessID : 2892 ThreadCreationTime : 16-04-2005 08:54:17 BasePriority : Normal FileVersion : 4.7.3001 ProductVersion : Version 4.7.3001 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Windows Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 2004 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:30 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 3764 ThreadCreationTime : 16-04-2005 09:33:29 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright Љ Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 42 Started registry scan ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Registry Scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 42 Started deep registry scan ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Deep registry scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 42 Started Tracking Cookie scan ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Tracking Cookie Object Recognized! Type : IECache Entry Data : simon@cgi-bin[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:simon@imrworldwide.com/cgi-bin Expires : 31-03-2015 11:28:16 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking cookie scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 1 Objects found so far: 43 Deep scanning and examining files (C ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@domainsponsor[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@domainsponsor[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@landing.domainsponsor[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@landing.domainsponsor[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@adviva[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@adviva[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@apmebf[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@apmebf[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@atdmt[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@cgi-bin[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@cgi-bin[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@commission-junction[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@commission-junction[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@doubleclick[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@ehg-littlewoods.hitbox[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@ehg-littlewoods.hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@etype.adbureau[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@etype.adbureau[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@hc2.humanclick[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@hc2.humanclick[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@hitbox[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@overture[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@overture[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@server.iad.liveperson[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@server.iad.liveperson[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@tradedoubler[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@tradedoubler[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@atdmt[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@atdmt[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@doubleclick[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@ehg-hitent.hitbox[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@ehg-hitent.hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@hitbox[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@mediaplex[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@mediaplex[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : simon@doubleclick[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Simon\Local Settings\Temp\Cookies\simon@doubleclick[1].txt Disk Scan Result for C:\ ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 64 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Hosts file scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ 1 entries scanned. New critical objects:0 Objects found so far: 64 Performing conditional scans... ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Conditional scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 64 10:43:23 Scan Complete Summary Of This Scan ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Total scanning time:00:09:14.968 Objects scanned:128329 Objects identified:22 Objects ignored:0 New critical objects:22 Is there anything in this log which could prevent immediate loading of the desktop icons? To get rid of the noise I ran CHKDSK on the PC and it found 4 unreadable files and once they were prepared the noise disappeared. IP: Logged
Josh1 Administrator	posted April 10, 2005 01:27 AM No problem, glad the noise is gone, have the user, or you do it log into their account, and then run Adaware, also run Spybot Search and Destroy, if you do not have it. What did you do to make the login back to normal? ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sjs Member	posted April 09, 2005 07:02 AM Sorry for the delay in replying. I ran CHKDSC on the PC and it found 4 unreadable files, reinstalled them and the noise has disappeared. The Start-up procedure has quickened considerablly i.e. from bootup to Windows XP main menu (where I have 4 users). This is back to normal. However when one of the users logs onto their section, the desktop appears BUT it takes abot 2 minutes for the Icons to appear on the desktop. I consider this too long can you suggest a remedy? Cheers IP: Logged
Josh1 Administrator	posted April 03, 2005 12:57 AM Those files that you have shown me, or the in the results of the adaware scan? You might want to have a look inside the computer, and make sure it is not a fan or one of the drives inside the PC. ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sjs Member	posted April 02, 2005 03:31 AM The noise comes from the base unit. It generally lasts about 20 seconds and then you hear the "normal" base unit sound. It happened on 3 occasions when I ran the Adaware software: File: A)Deep Scanning local registry CLSID\[549B5CF5-4A86-11D7-A4DF-000874180BB3} B)C:\SYSTEMVOLUMEINFORMATION\-RESTORE{F3CAB467-ODFF-45C7-AD76} C) C:\WINDOWS\SYSTEM32\RESTORE IP: Logged
Josh1 Administrator	posted April 02, 2005 12:19 AM Are you able to determine where the noise could be coming from? How long is long? And has it ever been that slow before? ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sjs Member	posted April 01, 2005 04:28 PM No it is more of an intermittent scratching noise. I ran Adaware in safe mode. The log-in process is still extremely slow. Could I be running too many PC protective programs? I'm running MS Spyware and Norton. IP: Logged
Josh1 Administrator	posted March 28, 2005 01:42 PM Is it a clicking noise? Did you also run Spybot, run Adaware and Spybot in safe mode, when the computer is booting up press the F8 key until you get to a menu then from that menu choose safe mode, then run the programs. Just let Adaware run the scan, it may be running slow on that entry, because maybe there are some files associated with that entry that have spyware in them, so it might take a while. ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sjs Member	posted March 28, 2005 12:39 PM You hear the normal moving of data sound associated with all computer base units but occasionally the base unit seams to struggle to read some data. Its like a dull scratching noise but louder than the normal base unit sound. It often happens when you open and close the folders for Simon,Clare,Anna and Francesca, partuclarily when you get the narrative "saving settings" etc IP: Logged
wedor Moderator	posted March 28, 2005 08:29 AM What kind of noise? IP: Logged
sjs Member	posted March 28, 2005 07:13 AM I installed Adaware and ran the file, giving the following result: Ad-Aware SE Build 1.05 Logfile Created on:28 March 2005 12:58:32 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R34 23.03.2005 ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ References detected during the scan: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ BroadCastPC(TAC index:7):1 total references MRU List(TAC index:0):24 total references Tracking Cookie(TAC index:3):48 total references ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 28-03-2005 12:58:32 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start \| run MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\mediaplayer\preferences Description : last cd record path used in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-2572153251-811448530-1521136446-1005\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : C:\Documents and Settings\Simon\recent Description : list of recently opened documents Listing running processes ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 424 ThreadCreationTime : 28-03-2005 11:50:24 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 480 ThreadCreationTime : 28-03-2005 11:50:25 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 516 ThreadCreationTime : 28-03-2005 11:50:27 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 560 ThreadCreationTime : 28-03-2005 11:50:42 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 572 ThreadCreationTime : 28-03-2005 11:50:42 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 740 ThreadCreationTime : 28-03-2005 11:51:13 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 808 ThreadCreationTime : 28-03-2005 11:51:13 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 876 ThreadCreationTime : 28-03-2005 11:51:13 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 948 ThreadCreationTime : 28-03-2005 11:51:35 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1044 ThreadCreationTime : 28-03-2005 11:51:35 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1212 ThreadCreationTime : 28-03-2005 11:51:56 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:12 [aolacsd.exe] FilePath : C:\PROGRA~1\COMMON~1\AOL\ACS\ ProcessID : 1596 ThreadCreationTime : 28-03-2005 11:52:17 BasePriority : Normal #:13 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1636 ThreadCreationTime : 28-03-2005 11:52:33 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:14 [ccproxy.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1720 ThreadCreationTime : 28-03-2005 11:52:34 BasePriority : Normal FileVersion : 103.0.3.8 ProductVersion : 103.0.3.8 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Network Proxy Service InternalName : ccProxy LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccProxy.exe #:15 [ccsetmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1736 ThreadCreationTime : 28-03-2005 11:52:34 BasePriority : Normal FileVersion : 103.0.3.8 ProductVersion : 103.0.3.8 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Settings Manager Service InternalName : ccSetMgr LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccSetMgr.exe #:16 [issvc.exe] FilePath : C:\Program Files\Norton Internet Security\ ProcessID : 1780 ThreadCreationTime : 28-03-2005 11:52:35 BasePriority : Normal FileVersion : 8.0.2.5 ProductVersion : 8.0 ProductName : Norton Internet Security CompanyName : Symantec Corporation FileDescription : IS Service InternalName : ISSVC.exe LegalCopyright : Copyright (c) 2004 Symantec Corporation OriginalFilename : ISSVC.exe #:17 [navapsvc.exe] FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\ ProcessID : 1816 ThreadCreationTime : 28-03-2005 11:52:35 BasePriority : Normal FileVersion : 11.0.9.16 ProductVersion : 11.0.9 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright Љ 2004 Symantec Corporation. All rights reserved. OriginalFilename : NAVAPSVC.EXE #:18 [slserv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1980 ThreadCreationTime : 28-03-2005 11:52:37 BasePriority : Normal FileVersion : 2.80.00(24Apr2000) ProductVersion : 2.80.00 ProductName : Modem FileDescription : User-Level Modem Service InternalName : slserv LegalCopyright : Copyright Љ 1999-2000 OriginalFilename : slserv.exe #:19 [sndsrvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1996 ThreadCreationTime : 28-03-2005 11:52:37 BasePriority : Normal FileVersion : 5.4.4.17 ProductVersion : 5.4 ProductName : Symantec Security Drivers CompanyName : Symantec Corporation FileDescription : Network Driver Service InternalName : SndSrvc LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation OriginalFilename : SndSrvc.exe #:20 [spbbcsvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\ ProcessID : 2044 ThreadCreationTime : 28-03-2005 11:52:38 BasePriority : Normal FileVersion : 1,0,1,47 ProductVersion : 1,0,1,47 ProductName : SPBBC CompanyName : Symantec Corporation FileDescription : SPBBC Service InternalName : SPBBCSvc LegalCopyright : Copyright (c) 2004 Symantec Corporation. All rights reserved. OriginalFilename : SPBBCSvc.exe #:21 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 236 ThreadCreationTime : 28-03-2005 11:52:41 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:22 [symlcsvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\ ProcessID : 352 ThreadCreationTime : 28-03-2005 11:52:42 BasePriority : Normal FileVersion : 1, 8, 54, 478 ProductVersion : 1, 8, 54, 478 ProductName : Symantec Core Component CompanyName : Symantec Corporation FileDescription : Symantec Core Component InternalName : symlcsvc LegalCopyright : Copyright (C) 2003 OriginalFilename : symlcsvc.exe #:23 [ccevtmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 384 ThreadCreationTime : 28-03-2005 11:52:42 BasePriority : Normal FileVersion : 103.0.3.8 ProductVersion : 103.0.3.8 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:24 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 736 ThreadCreationTime : 28-03-2005 11:54:58 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:25 [pdvdserv.exe] FilePath : C:\Program Files\CyberLink\PowerDVD\ ProcessID : 1524 ThreadCreationTime : 28-03-2005 11:55:39 BasePriority : Normal FileVersion : 5.00.0000 ProductVersion : 5.00.0000 ProductName : PowerDVD CompanyName : Cyberlink Corp. FileDescription : PowerDVD RC Service InternalName : PowerDVD RC Service LegalCopyright : Copyright (c) CyberLink Corp. 1997-2002 OriginalFilename : PDVDSERV.EXE #:26 [zhotkey.exe] FilePath : C:\WINDOWS\ ProcessID : 1428 ThreadCreationTime : 28-03-2005 11:55:40 BasePriority : Normal FileVersion : 3, 0, 0, 1 ProductVersion : 3, 0, 0, 0 ProductName : Chicony Multimedia Driver CompanyName : Chicony FileDescription : Chicony Multimedia Driver InternalName : Multimedia Hotkey Driver LegalCopyright : Copyright (c) 2000 Chicony OriginalFilename : mHotkey.res #:27 [shwiconem.exe] FilePath : C:\Program Files\eMachines Bay Reader\ ProcessID : 1668 ThreadCreationTime : 28-03-2005 11:55:41 BasePriority : Idle FileVersion : 1, 4, 0, 8 ProductVersion : 1, 4, 0, 8 ProductName : Multimedia Card Reader CompanyName : Alcor Micro, Corp. LegalCopyright : Copyright c 2002 #:28 [ccapp.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1928 ThreadCreationTime : 28-03-2005 11:55:41 BasePriority : Normal FileVersion : 103.0.3.8 ProductVersion : 103.0.3.8 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec User Session InternalName : ccApp LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. OriginalFilename : ccApp.exe #:29 [gcasserv.exe] FilePath : C:\Program Files\Microsoft AntiSpyware\ ProcessID : 2144 ThreadCreationTime : 28-03-2005 11:55:42 BasePriority : Idle FileVersion : 1.00.0501 ProductVersion : 1.00.0501 ProductName : Microsoft AntiSpyware (Beta 1) CompanyName : Microsoft Corporation FileDescription : Microsoft AntiSpyware Service InternalName : gcasServ LegalCopyright : Copyright Љ 2004-2005 Microsoft Corporation. All rights reserved. LegalTrademarks : MicrosoftЎ and WindowsЎ are registered trademarks of Microsoft Corporation. SpyNet(tm) is a trademark of Microsoft Corporation. OriginalFilename : gcasServ.exe #:30 [msmsgs.exe] FilePath : C:\Program Files\Messenger\ ProcessID : 2168 ThreadCreationTime : 28-03-2005 11:55:43 BasePriority : Normal FileVersion : 4.7.3001 ProductVersion : Version 4.7.3001 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Windows Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 2004 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:31 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2184 ThreadCreationTime : 28-03-2005 11:55:44 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : MicrosoftЎ WindowsЎ Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : Љ Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:32 [gcasdtserv.exe] FilePath : C:\Program Files\Microsoft AntiSpyware\ ProcessID : 2192 ThreadCreationTime : 28-03-2005 11:55:44 BasePriority : Normal FileVersion : 1.00.0501 ProductVersion : 1.00.0501 ProductName : Microsoft AntiSpyware (Beta 1) CompanyName : Microsoft Corporation FileDescription : Microsoft AntiSpyware Data Service InternalName : gcasDtServ LegalCopyright : Copyright Љ 2004-2005 Microsoft Corporation. All rights reserved. LegalTrademarks : MicrosoftЎ and WindowsЎ are registered trademarks of Microsoft Corporation. SpyNet(tm) is a trademark of Microsoft Corporation. OriginalFilename : gcasDtServ.exe #:33 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 3356 ThreadCreationTime : 28-03-2005 11:57:53 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright Љ Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 24 Started registry scan ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Registry Scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 24 Started deep registry scan ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Deep registry scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 24 Started Tracking Cookie scan ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Tracking Cookie Object Recognized! Type : IECache Entry Data : simon@doubleclick[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:simon@doubleclick.net/ Expires : 01-01-2031 01:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : simon@cgi-bin[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:simon@imrworldwide.com/cgi-bin Expires : 24-03-2015 12:32:50 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking cookie scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 2 Objects found so far: 26 Deep scanning and examining files (C ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@2o7[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@2o7[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@atdmt[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@cgi-bin[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@cgi-bin[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@domainsponsor[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@domainsponsor[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@doubleclick[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@edge.ru4[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@edge.ru4[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@fastclick[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@fastclick[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@hitbox[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@hitbox[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@landing.domainsponsor[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@landing.domainsponsor[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@mediaplex[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@mediaplex[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@revenue[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@revenue[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@statcounter[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@statcounter[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : anna@tradedoubler[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Anna\Cookies\anna@tradedoubler[2].txt BroadCastPC Object Recognized! Type : File Data : GLK2.tmp Category : Data Miner Comment : Object : C:\Documents and Settings\Anna\Local Settings\Temp\ Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@2o7[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@2o7[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@atdmt[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@bravenet[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@bravenet[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@cgi-bin[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@cgi-bin[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@cgi-bin[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@cgi-bin[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@cgi-bin[3].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@cgi-bin[3].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@doubleclick[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@edge.ru4[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@edge.ru4[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@etype.adbureau[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@etype.adbureau[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@fastclick[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@fastclick[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@hc2.humanclick[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@hc2.humanclick[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@hitbox[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@hitbox[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@mediaplex[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@mediaplex[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@overture[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@overture[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@server.iad.liveperson[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@server.iad.liveperson[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@statcounter[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@statcounter[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@tradedoubler[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@tradedoubler[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : clare@tripod[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Clare\Cookies\clare@tripod[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@2o7[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@2o7[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@apmebf[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@apmebf[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@as-us.falkag[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@as-us.falkag[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@atdmt[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@domainsponsor[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@domainsponsor[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@doubleclick[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@doubleclick[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@ehg-dig.hitbox[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@ehg-dig.hitbox[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@ehg-hitent.hitbox[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@ehg-hitent.hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@hitbox[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@hitbox[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@landing.domainsponsor[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@landing.domainsponsor[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@mediaplex[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@mediaplex[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@overture[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@overture[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@qksrv[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@qksrv[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@revenue[1].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@revenue[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : francesca@sel.as-us.falkag[2].txt Category : Data Miner Comment : Value : C:\Documents and Settings\Francesca\Cookies\francesca@sel.as-us.falkag[2].txt Disk Scan Result for C:\ ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 73 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Hosts file scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ 1 entries scanned. New critical objects:0 Objects found so far: 73 Performing conditional scans... ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Conditional scan result: ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ New critical objects: 0 Objects found so far: 73 14:03:57 Scan Complete Summary Of This Scan ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ Total scanning time:01:05:24.984 Objects scanned:115625 Objects identified:49 Objects ignored:0 New critical objects:49 When I ran Adaware the program seemed to stop whilst scanning the following: Deep scanning local registry CLSID\{549B5CF5-4A86-11D7-A4DF-000874180BB3} I closed down the PC and tried to boot up again. The system still remained extremely slow. Could it be a hardware problem? Cos sometimes the base unit makes a noise? cheers Simon IP: Logged
Josh1 Administrator	posted March 27, 2005 02:35 PM All I could find were these C:\WINDOWS\zHotkey.exe O4 - HKLM\..\Run: [CHotkey] zHotkey.exe Do you have Adaware and Spybot, go here and download them http://www.footslog.com/board/Archives/Archive-000003/HTML/20050327-16-000026.html Then run them, and if that helps ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sjs Member	posted March 27, 2005 11:35 AM Logfile of HijackThis v1.99.1 Scan saved at 18:28:44, on 27/03/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\zHotkey.exe C:\Program Files\eMachines Bay Reader\shwiconem.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe C:\DOCUME~1\Simon\LOCALS~1\Temp\Temporary Directory 2 for hijackthis[1].zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.freeserve.com/iesearch/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freeserve.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.freeserve.com/iesearch/default.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freeserve.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Freeserve O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Freeserve - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\FREESE~1\FSBar\FSBar.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CHotkey] zHotkey.exe O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\eMachines Bay Reader\shwiconem.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/ O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe I do have MS spyware installed. IP: Logged
Josh1 Administrator	posted March 27, 2005 01:20 AM Go here http://www.spywareinfo.com/~merijn/downloads.html and download Hijack this and then you can paste the results in your reply. Do you have Adaware ro Spybot, and MSAntispyware? ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sjs Member	posted March 26, 2005 03:54 PM I've been using Windows XP for 3 months now and within the last week I have experienced the following problem: The computer takes 2-3 minutes to boot up, when I log onto my machine I get a blank screen for a minute then the desktop appears and I wait another 2 minutes for the start button/desktop icons to appear. Is there some software I can run which examines the start-up profile? I have antispyware software and use Norton 2005. Hello Josh Here is the file when I ran the hijackthis software: Logfile of HijackThis v1.99.1 Scan saved at 18:28:44, on 27/03/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\zHotkey.exe C:\Program Files\eMachines Bay Reader\shwiconem.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe C:\DOCUME~1\Simon\LOCALS~1\Temp\Temporary Directory 2 for hijackthis[1].zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.freeserve.com/iesearch/default.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freeserve.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.freeserve.com/iesearch/default.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.freeserve.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Freeserve O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Freeserve - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\FREESE~1\FSBar\FSBar.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CHotkey] zHotkey.exe O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\eMachines Bay Reader\shwiconem.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/ O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe I do have MS software installed. Many thanks for the quick response [This message has been edited by sjs (edited March 27, 2005).] IP: Logged

All times are CT (US)	next newest topic \| next oldest topic
Administrative Options: Open Topic \| Archive/Move \| Delete Topic
	Hop to:

Contact Us | Footslog Home

The information presented on FootsloG.com is copyrighted as a collective work. FootsloG.com is free for personal use (non-commercial). Any other use FootsloG.com, including copying or reproducing any portion of this web site is strictly prohibited without the express written consent of FootsloG.com. If you have any questions about the usage term please contact us via email: webmaster@footslog.com.

Problems, Knowledge, and Power, powered by intelligent Computing Solutions