Code:
Current task list information for waggi, running WIN_XP, Service Pack 2, build 2600
Details collected on 2006/07/24 17:03:50
PID Process Name File Version Peak Mem Usage. PageFaults. VM PageFileUsage.Handles.Threads.ReadOperations.WriteOperations.ReadTransferCount.WriteTransferCount.Command line that invoked task
0 System Idle Process 0.0.0.0 0Mb 0 0Mb 0 1 0 0 0 0 ><
4 System 0.0.0.0 2.01Mb 7621 0Mb 1139 62 46696 33492 72980165 270397365 ><
392 smss.exe 5.1.2600.2180 0.45Mb 237 0.16Mb 21 3 472 4 1377672 4 >\SystemRoot\System32\smss.exe<
444 csrss.exe 0.0.0.0 3.2Mb 24147 1.71Mb 707 17 1105172 0 57381826 0 ><
468 winlogon.exe 5.1.2600.2180 32.55Mb 28734 6.77Mb 425 16 107303 102007 54198437 10459836 >winlogon.exe<
516 services.exe 5.1.2600.2180 3.96Mb 8805 1.94Mb 317 15 1642 3364 3724204 523973 >C:\WINDOWS\system32\services.exe<
528 lsass.exe 5.1.2600.2180 5.79Mb 399254 4.87Mb 387 20 115888 85126 9400506 7542954 >C:\WINDOWS\system32\lsass.exe<
688 svchost.exe 5.1.2600.2180 4.4Mb 8539 2.93Mb 212 15 3070 91 6336879 6546 >C:\WINDOWS\system32\svchost -k DcomLaunch<
736 svchost.exe 0.0.0.0 4Mb 8384 2.1Mb 402 11 650 6 1731385 300 ><
792 MsMpEng.exe 1.1.1347.0 16.85Mb 241438 9.21Mb 289 18 183291 1004 1624577885 22457044 >"C:\Program Files\Windows Defender\MsMpEng.exe"<
852 svchost.exe 5.1.2600.2180 72.89Mb 748552 26.14Mb 1876 80 2029024 1752473 4683558001 4736615574 >C:\WINDOWS\System32\svchost.exe -k netsvcs<
912 svchost.exe 0.0.0.0 2.68Mb 6879 1.65Mb 93 6 423 4 1029956 92 ><
972 svchost.exe 0.0.0.0 4.41Mb 2148 2.88Mb 208 13 521 18 1398820 1024 ><
1064 LEXBCES.EXE 8.29.0.0 2.83Mb 882 1.14Mb 139 9 151 4 479032 12 >C:\WINDOWS\system32\LEXBCES.EXE<
1108 LEXPPS.EXE 8.29.0.0 3.16Mb 2541 1.14Mb 92 11 286 1 678153 72 >LEXPPS.EXE<
1112 spoolsv.exe 5.1.2600.2696 5.46Mb 6492 3.71Mb 150 13 678 4 2253163 156 >C:\WINDOWS\system32\spoolsv.exe<
1276 iSafe.exe 8.0.6.0 10.67Mb 8982 7.85Mb 97 7 1173 54 34563299 3185756 >"C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe"<
1308 KodakCCS.exe 1.1.5100.4 2.93Mb 932 0.89Mb 52 2 174 3 549503 84 >C:\WINDOWS\system32\drivers\KodakCCS.exe<
1352 KService.exe 4.21.51215.0 10.64Mb 27336 7.9Mb 468 30 7335 1528678 35728907 17036526 >"C:\Program Files\KService\KService.exe"<
1376 LogWatNT.exe 0.0.1.52 1.32Mb 617 0.6Mb 21 2 65 4 160784 228 >"C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe"<
1400 mdm.exe 7.0.9466.0 2.55Mb 1854 0.93Mb 90 4 420 42 1201016 336 >"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"<
1456 svchost.exe 5.1.2600.2180 3.9Mb 5323 2.3Mb 127 5 302 15 928392 711 >C:\WINDOWS\System32\svchost.exe -k imgsvc<
1476 wdfmgr.exe 0.0.0.0 1.58Mb 520 1.44Mb 65 4 15 6 63764 172 ><
1676 fxssvc.exe 5.2.2600.2180 3.24Mb 1164 1.48Mb 98 15 196 5 684157 8955 >C:\WINDOWS\system32\fxssvc.exe<
1364 alg.exe 0.0.0.0 3.43Mb 1259 1.29Mb 102 5 459 4 1143248 156 ><
2080 explorer.exe 6.0.2900.2180 21.58Mb 422785 19.82Mb 578 15 387452 19792 403022360 41645952 >C:\WINDOWS\Explorer.EXE<
2396 mHotkey.exe 2.2.2.0 3.43Mb 2754 2.14Mb 59 2 361 86 2013750 860304 >"C:\WINDOWS\mHotkey.exe" <
2496 atiptaxx.exe 6.14.10.5102 3.89Mb 4742 2.68Mb 100 2 1117 206 4930968 2355514 >"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" <
2548 lxbkbmgr.exe 0.1.1.1 2.05Mb 2514 0.55Mb 28 1 314 98 1800821 1003520 >"C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" <
2560 dragdiag.exe 301.0.0.12 2.4Mb 3050 1.07Mb 36 1 744 196 3889856 2007040 >"C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon<
2568 WkUFind.exe 9.0.609.0 0.62Mb 255 0.19Mb 8 1 0 0 0 0 >"C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" <
2576 fss.exe 1.0.0.0 3.37Mb 2706 0.87Mb 34 1 593 196 3235275 2007040 >"C:\Program Files\Akidthaine\fss.exe" <
2588 lxbkbmon.exe 0.1.1.1 1.93Mb 7795 0.36Mb 24 1 2574 146 6483403 3317762 >"C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe"<
2604 PicasaMediaDetector. 2.1.0.0 3.95Mb 2664 2.41Mb 104 3 344 86 1995175 860304 >"C:\Program Files\Picasa2\PicasaMediaDetector.exe" <
2612 hpcmpmgr.exe 2.1.1.0 6.93Mb 9128 4.93Mb 201 4 3907 270 6952687 1367068 >"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" <
2624 hpwuSchd2.exe 0.0.0.0 1.75Mb 2779 0.49Mb 24 1 282 98 1660318 1003520 >"C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" <
2676 caissdt.exe 2.0.1.1 7.73Mb 7188 5.75Mb 181 3 1502 145 5550118 888528 >"C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe" <
2700 CAVTray.exe 7.1.8.0 35.63Mb 552127 3.36Mb 127 29 5397956 183709 3229228380 358989897 >"C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVTray.exe" <
2720 CAVRid.exe 7.1.8.0 2.64Mb 3569 0.74Mb 57 3 330 84 1816377 860160 >"C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe" <
2744 qttask.exe 6.4.0.29 12.64Mb 32280 10.13Mb 188 5 38908 97 44915736 1247706 >"C:\Program Files\QuickTime\qttask.exe" -atboottime<
2768 DropBox.exe 4.6.0.0 7.91Mb 19634 4.95Mb 151 5 818 2063 3729445 1721387 >"C:\Program Files\DropBox\DropBox\DropBox.exe" /s<
2800 MSASCui.exe 1.1.1347.0 9.39Mb 37354 8.61Mb 540 20 1151 92 4278468 866287 >"C:\Program Files\Windows Defender\MSASCui.exe" -hide<
2920 ctfmon.exe 5.1.2600.2180 3.07Mb 16818 1.49Mb 197 1 853 196 4063206 2007040 >"C:\WINDOWS\system32\ctfmon.exe" <
2960 drst.exe 1.1.0.10 10.33Mb 21084 9.21Mb 449 5 1641 678 6410826 5171276 >"C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b<
2976 NCLAUNCH.EXe 1.0.0.1591 1.77Mb 2090 0.48Mb 26 1 248 84 1454494 860160 >"C:\WINDOWS\NCLAUNCH.EXe" <
3024 SweetIM.exe 1.1.0.100 5.64Mb 10595 3.25Mb 160 4 989 146 3175111 868105 >"C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" <
3060 KHost.exe 4.20.51102.0 6.35Mb 7653 3.89Mb 144 4 672 173 3231775 1720467 >"C:\WINDOWS\kdx\KHost.exe" -all<
3356 EasyShare.exe 5.0.4.167 17.68Mb 18837 15.69Mb 265 4 6836 249 12725208 2726184 >"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" -h<
3476 Kodak Software Updat 0.0.0.0 8.11Mb 309693 6.21Mb 306 12 41700 4065 137838656 5112264 >"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" <
276 HijackThis.exe 1.99.0.1 5.21Mb 3562 1.84Mb 44 1 885 90 3602145 2760704 >"C:\Documents and Settings\waggi\Local Settings\Temporary Internet Files\Content.IE5\RICTIQ34\HijackThis.exe" /autolog<
3264 VetMsg.exe 7.1.8.0 3.93Mb 1192 1.79Mb 134 8 1363 6 2983531 300 >"C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe"<
2196 WINWORD.EXE 11.0.8026.0 43.82Mb 40133 20.1Mb 271 4 23362 3699 105585799 2528435 >"C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" <
4024 iexplore.exe 7.0.5346.5 41.68Mb 44449 33.59Mb 636 11 14815 3096 24546690 1812792 >"C:\Program Files\Internet Explorer\iexplore.exe" <
3624 iexplore.exe 7.0.5346.5 70.81Mb 70015 64.14Mb 795 25 31836 8279 54278460 13470380 >"C:\Program Files\Internet Explorer\iexplore.exe" <
3332 wuauclt.exe 5.8.0.2469 6.58Mb 1774 6.27Mb 176 8 1609 28 5331422 124560 >"C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[354]SUSDS17ae2abaca7acd4cbbfe814fb62411d2<
3484 BearDiag[1].exe 1.99.5.0 9.57Mb 2993 5.74Mb 231 6 1809 136 11683605 11837489 >"C:\Documents and Settings\waggi\Local Settings\Temporary Internet Files\Content.IE5\2GDZ5KWN\BearDiag[1].exe" <
2400 wmiprvse.exe 0.0.0.0 5.22Mb 1365 2.81Mb 140 6 1439 12 4135900 888 ><
BearShare library folder information for waggi, running WIN_XP, Service Pack 2, build 2600
Details collected on 2006/07/24 17:04:47 Code:
Firewall information for waggi, running WIN_XP, Service Pack 2, build 2600
Details collected on 2006/07/24 17:05:38
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Domain profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No UPnP Framework
Allowed programs configuration for Domain profile:
Mode Name / Program
-------------------------------------------------------------------
Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe
Enable Windows Live Messenger 8.0 / C:\Program Files\MSN Messenger\msnmsgr.exe
Enable Windows Live Messenger 8.0 (Phone) / C:\Program Files\MSN Messenger\msncall.exe
Port configuration for Domain profile:
Port Protocol Mode Name
-------------------------------------------------------------------
1900 UDP Enable SSDP Component of UPnP Framework
2869 TCP Enable UPnP Framework over TCP
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No UPnP Framework
Allowed programs configuration for Standard profile:
Mode Name / Program
-------------------------------------------------------------------
Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe
Enable Dr SpeedTouch / C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
Enable Internet Explorer / C:\Program Files\Internet Explorer\iexplore.exe
Enable Files and Settings Transfer Wizard / C:\WINDOWS\system32\usmt\migwiz.exe
Enable Windows Messenger / C:\Program Files\Messenger\msmsgs.exe
Enable AOL Instant Messenger / C:\Program Files\AIM\aim.exe
Enable IncrediMail Installer / C:\Documents and Settings\waggi\Local Settings\Temporary Internet Files\Content.IE5\CP6F0PEN\incredimail_install[1].exe
Enable IncrediMail / C:\Program Files\IncrediMail\bin\IMApp.exe
Enable IncrediMail / C:\Program Files\IncrediMail\bin\IncMail.exe
Enable IncrediMail / C:\Program Files\IncrediMail\bin\ImpCnt.exe
Enable IncrediMail Installer / C:\Documents and Settings\waggi\Local Settings\Temporary Internet Files\Content.IE5\BNTF7HGW\incredimail_install[1].exe
Enable RealPlayer / C:\Program Files\Real\RealPlayer\realplay.exe
Enable ossproxy.exe / c:\windows\system32\ossproxy.exe
Enable Kaza Gold / C:\Program Files\Kaza Gold 3.2\gift\giFTl.exe
Enable Windows© NetMeeting© / C:\Program Files\NetMeeting\conf.exe
Enable Yahoo! Messenger / C:\Program Files\Yahoo!\Messenger\ypager.exe
Enable Yahoo! FT Server / C:\Program Files\Yahoo!\Messenger\YServer.exe
Enable giFT Loader for KCeasy (http://www.kceasy.com) / C:\Program Files\KGTunes 4.7\giFT\giFTl.exe
Enable Kazaa / C:\Program Files\Kazaa\kazaa.exe
Enable System Process / C:\WINDOWS\system32\ccapp.exe
Enable P2P Networking / C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
Enable Trillian / C:\Program Files\Trillian\trillian.exe
Enable Microsoft Fax Console / C:\WINDOWS\system32\fxsclnt.exe
Enable LimeWire swarmed installer / C:\StubInstaller.exe
Enable HP Software Update Client / C:\Program Files\Hewlett-Packard\HP Software Update\HPWUCli.exe
Enable LimeWire / C:\Program Files\LimeWire\LimeWire.exe
Enable Kodak Software Updater / C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
Enable DropBox / C:\Program Files\DropBox\DropBox\DropBox.exe
Enable Delivery Manager / C:\WINDOWS\kdx\KHost.exe
Enable Delivery Manager Service / C:\Program Files\KService\KService.exe
Enable Windows Live Messenger 8.0 / C:\Program Files\MSN Messenger\msnmsgr.exe
Enable Windows Live Messenger 8.0 (Phone) / C:\Program Files\MSN Messenger\msncall.exe
Enable BitTorrent / C:\Program Files\BitTorrent\bittorrent.exe
Port configuration for Standard profile:
Port Protocol Mode Name
-------------------------------------------------------------------
1900 UDP Enable SSDP Component of UPnP Framework
2869 TCP Enable UPnP Framework over TCP
Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
Local Area Connection firewall configuration:
-------------------------------------------------------------------
Operational mode = Enable
1394 Connection firewall configuration:
-------------------------------------------------------------------
Operational mode = Enable
PRPX firewall configuration:
-------------------------------------------------------------------
Operational mode = Enable
BTOW firewall configuration:
-------------------------------------------------------------------
Operational mode = Enable
Speedtouch Connection firewall configuration:
-------------------------------------------------------------------
Operational mode = Enable
Further firewall information for opened ports on: GREENHALGH
Port configuration for Domain profile:
Port Protocol Mode Name
-------------------------------------------------------------------
1900 UDP Enable SSDP Component of UPnP Framework
2869 TCP Enable UPnP Framework over TCP
Port configuration for Standard profile:
Port Protocol Mode Name
-------------------------------------------------------------------
1900 UDP Enable SSDP Component of UPnP Framework
2869 TCP Enable UPnP Framework over TCP
Important listing 'hijackthis.log' could not be found - details not available. Please re-run from C:\Documents and Settings\waggi\Local Settings\Temporary Internet Files\Content.IE5\2GDZ5KWN\HijackThis.exe to generate and paste in forum.