Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Infections


  • This topic is locked This topic is locked

#1
skyeltd

skyeltd

    New Member

  • Member
  • Pip
  • 2 posts
C:\RECYCLER\S-1-5-21-109665610-3467998345-2573863714-1005\Dc731\Deployment\cache\javapi\v1.0\jar\archive.jar-7e6d2ce4-1d895609.zip>BlackBox.class - Java.ByteVerify!exploit trojan.
C:\RECYCLER\S-1-5-21-109665610-3467998345-2573863714-1005\Dc731\Deployment\cache\javapi\v1.0\jar\archive.jar-7e6d2ce4-1d895609.zip>VB.class - Java.ByteVerify!exploit trojan.
C:\RECYCLER\S-1-5-21-109665610-3467998345-2573863714-1005\Dc731\Deployment\cache\javapi\v1.0\jar\archive.jar-7e6d2ce4-1d895609.zip>Dummy.class - Java.ByteVerify!exploit trojan.
C:\RECYCLER\S-1-5-21-109665610-3467998345-2573863714-1005\Dc731\Deployment\cache\javapi\v1.0\jar\archive.jar-7e6d2ce4-1d895609.zip>Beyond.class - Java.Shinwow.AM trojan.
C:\RECYCLER\S-1-5-21-109665610-3467998345-2573863714-1005\Dc731\Deployment\cache\javapi\v1.0\jar\archive.jar-7e6d2ce4-1d895609.zip contains infected files.

:tazz:
  • 0

Advertisements


#2
[email protected];<'S

[email protected];<'S

    Member

  • Member
  • PipPipPip
  • 135 posts
skyeltd,
those items are in your recycal-bin ;)
Please can you make sure that you are using
Ad-aware SE (Free/Personal)
[if not Uninstall your old Ad-aware first then install SE]
Then use the WebUpDate
to get the latest Definition file
(SE1R40.20.04.2005)
To do this Open Ad-aware
Click the WebUpDate
button at the top right hand side of the Ad-aware screen (The world globe).
Click "Connect"
Ad-aware will then download the latest Definition file for you.
To make sure it is updated , look at the main
Ad-aware screen, and look under "Initialization Status"
It should say the Latest Definition file
also see
Before Posting A Logfile, (Mandatory Settings)
then scan doing a ""Full Scan"" and post your logfile here by using the "Add-reply" feature.
If needed here how to post your Ad-aware Logfile ;)
As Logs are stored in :
C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.
An easy way to get there is to
click Start,
click Run
And type in and press ENTER: %appdata%
then click Lavasoft
then Ad-Aware
and then Logs.
scroll down to find the latest one that you have
(by date & time)
and open it right Click select all
copy and then paste the contents of it here.
(Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all)
I recommend that you use the WebUpDate just before you scan that way you will always be up to date.

(note The Application Data is a hidden folder, so you will need to show hidden files and folders
and for Windows 98*admin users your logs are stored in
C:\WINDOWS\All Users\Application Data\ ) by default
[email protected];<'S :tazz:
  • 0

#3
skyeltd

skyeltd

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Thanks! You can I am newbie to all this as did not know how to get the log up? I cannot see the ones I was talking about and thinking about it now it happens everytime I do Adaware scan that eTrust pops up with the infections that Adaware obviously is not picking up? Adaware cannot get rid off the reg key that shows up in log? Does that mean I cannot do anything about it or is there a way? Thank you in advance for your patience!! :tazz:

Here is the log:


Ad-Aware SE Build 1.05
Logfile Created on:24 April 2005 13:44:38
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R40 20.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
AltnetBDE(TAC index:4):1 total references
MRU List(TAC index:0):38 total references
Tracking Cookie(TAC index:3):51 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


04-24-2005 13:44:38 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\MAI LIS SIVERTSEN\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\MAI LIS SIVERTSEN\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\office\10.0\publisher\recent file list
Description : list of recent files used by microsoft publisher


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-109665610-3467998345-2573863714-1005\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 532
ThreadCreationTime : 04-24-2005 09:53:33
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 604
ThreadCreationTime : 04-24-2005 09:53:40
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 628
ThreadCreationTime : 04-24-2005 09:53:41
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 672
ThreadCreationTime : 04-24-2005 09:53:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 684
ThreadCreationTime : 04-24-2005 09:53:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 828
ThreadCreationTime : 04-24-2005 09:53:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 884
ThreadCreationTime : 04-24-2005 09:53:43
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 928
ThreadCreationTime : 04-24-2005 09:53:43
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1012
ThreadCreationTime : 04-24-2005 09:53:43
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1080
ThreadCreationTime : 04-24-2005 09:53:44
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1252
ThreadCreationTime : 04-24-2005 09:53:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [isafe.exe]
FilePath : C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\
ProcessID : 1368
ThreadCreationTime : 04-24-2005 09:53:48
BasePriority : Normal
FileVersion : Version 10.65.0.4
ProductVersion : Version 10.65.0.4
ProductName : ISafe
CompanyName : Computer Associates International, Inc.
FileDescription : ISafe Service
InternalName : ISafe
LegalCopyright : © 2003 Computer Associates International, Inc.
LegalTrademarks : Vet is a trademark of Computer Associates International, Inc.
OriginalFilename : ISafe.exe
Comments : ISafe

#:13 [ceepwrsvc.exe]
FilePath : C:\Program Files\TOSHIBA\Power Management\
ProcessID : 1380
ThreadCreationTime : 04-24-2005 09:53:49
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : CeEPwrSvc Module
CompanyName : COMPAL ELECTRONIC INC.
FileDescription : CeEPwrSvc Module
InternalName : CeEPwrSvc
LegalCopyright : Copyright 2003 Compal Electronic Inc.
OriginalFilename : CeEPwrSvc.EXE
Comments : James Kang

#:14 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1436
ThreadCreationTime : 04-24-2005 09:53:49
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:15 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1452
ThreadCreationTime : 04-24-2005 09:53:49
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:16 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZoneLabs\
ProcessID : 1472
ThreadCreationTime : 04-24-2005 09:53:49
BasePriority : Normal
FileVersion : 5.1.039.000
ProductVersion : 5.1.039.000
ProductName : TrueVector Service
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2004, Zone Labs Inc.
OriginalFilename : vsmon.exe

#:17 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1728
ThreadCreationTime : 04-24-2005 09:53:56
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:18 [vetmsg.exe]
FilePath : C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\
ProcessID : 1808
ThreadCreationTime : 04-24-2005 09:53:57
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : vetmsg
CompanyName : Computer Associates International, Inc.
FileDescription : vetmsg
InternalName : vetmsg
LegalCopyright : Copyright © 1989-2003 Computer Associates International, Inc.
OriginalFilename : vetmsg.exe

#:19 [vettray.exe]
FilePath : C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\
ProcessID : 1980
ThreadCreationTime : 04-24-2005 09:54:08
BasePriority : Normal
FileVersion : Version 1.0
ProductName : VetTray
CompanyName : Computer Associates International, Inc.
FileDescription : Iconic notifier
InternalName : VetTray
LegalCopyright : Copyright © 1997-2001 Computer Associates International, Inc.
OriginalFilename : VetTray.exe

#:20 [ca.exe]
FilePath : C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Firewall\
ProcessID : 2012
ThreadCreationTime : 04-24-2005 09:54:11
BasePriority : Normal
FileVersion : 5.1.039.000
ProductVersion : 5.1.039.000
ProductName : eTrust EZ Security Products
CompanyName : Computer Associates
FileDescription : eTrust EZ Security Products
InternalName : OEM
LegalCopyright : Copyright © 1998-2004, Computer Associates
OriginalFilename : CA

#:21 [msnappau.exe]
FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\
ProcessID : 296
ThreadCreationTime : 04-24-2005 09:54:26
BasePriority : Normal


#:22 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 368
ThreadCreationTime : 04-24-2005 09:54:26
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:23 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 440
ThreadCreationTime : 04-24-2005 09:54:28
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:24 [clientmgr2.exe]
FilePath : C:\Program Files\BUFFALO\Client Manager 2\
ProcessID : 560
ThreadCreationTime : 04-24-2005 09:54:34
BasePriority : Normal
FileVersion : 1, 0, 8, 1
ProductVersion : 1, 0, 8, 1
ProductName : ClientManager
CompanyName : BUFFALO INC.
FileDescription : BUFFALO WLAN Utility
InternalName : ClientManager
LegalCopyright : Copyright © 2004 BUFFALO INC.
OriginalFilename : ClientMgr2.exe

#:25 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1428
ThreadCreationTime : 04-24-2005 09:54:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:26 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2112
ThreadCreationTime : 04-24-2005 09:54:56
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:27 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3400
ThreadCreationTime : 04-24-2005 12:43:59
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 38


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\altnet

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 39


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 39


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:87
Value : Cookie:mai lis [email protected]/
Expires : 04-22-2015 07:16:08
LastSync : Hits:87
UseCount : 0
Hits : 87

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:21
Value : Cookie:mai lis [email protected]/
Expires : 04-23-2010 11:06:26
LastSync : Hits:21
UseCount : 0
Hits : 21

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:169
Value : Cookie:mai lis [email protected]/
Expires : 04-23-2010 11:16:06
LastSync : Hits:169
UseCount : 0
Hits : 169

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:85
Value : Cookie:mai lis [email protected]/
Expires : 06-22-2009 01:00:00
LastSync : Hits:85
UseCount : 0
Hits : 85

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:182
Value : Cookie:mai lis [email protected]/
Expires : 05-24-2005 11:16:06
LastSync : Hits:182
UseCount : 0
Hits : 182

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:78
Value : Cookie:mai lis [email protected]/
Expires : 04-13-2010 01:00:00
LastSync : Hits:78
UseCount : 0
Hits : 78

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:90
Value : Cookie:mai lis [email protected]/
Expires : 04-13-2008 23:29:56
LastSync : Hits:90
UseCount : 0
Hits : 90

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:mai lis [email protected]/
Expires : 04-14-2015 00:45:34
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 05-23-2005 20:12:44
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:48
Value : Cookie:mai lis [email protected]/cgi-bin
Expires : 04-22-2015 02:00:22
LastSync : Hits:48
UseCount : 0
Hits : 48

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:mai lis [email protected]/
Expires : 01-01-2030 01:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:199
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 02:05:06
LastSync : Hits:199
UseCount : 0
Hits : 199

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:31
Value : Cookie:mai lis [email protected]/
Expires : 04-17-2006 09:01:46
LastSync : Hits:31
UseCount : 0
Hits : 31

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 01:55:26
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 01:35:42
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 00:39:24
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 00:40:02
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:mai lis [email protected]/
Expires : 03-22-2010 18:59:26
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:mai lis [email protected]/
Expires : 04-17-2020 17:33:08
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:12
Value : Cookie:mai lis [email protected]/
Expires : 01-18-2038 01:00:00
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:24
Value : Cookie:mai lis [email protected]/
Expires : 04-06-2007 00:30:26
LastSync : Hits:24
UseCount : 0
Hits : 24

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:mai lis [email protected]/
Expires : 04-17-2010 18:21:10
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 01:25:38
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 01:54:18
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:40
Value : Cookie:mai lis [email protected]/
Expires : 04-23-2015 02:07:56
LastSync : Hits:40
UseCount : 0
Hits : 40

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:mai lis [email protected]/
Expires : 04-19-2015 23:21:40
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:mai lis [email protected]/
Expires : 12-30-2037 17:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:mai lis [email protected]/
Expires : 01-18-2038 06:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis siver[email protected][2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:mai lis [email protected]/
Expires : 04-21-2015 03:11:28
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:mai lis [email protected]/cgi-bin/
Expires : 05-24-2005 01:41:56
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 01-01-2011 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:18
Value : Cookie:mai lis [email protected]/
Expires : 01-18-2038 01:00:00
LastSync : Hits:18
UseCount : 0
Hits : 18

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:mai lis [email protected]/
Expires : 01-01-2038 01:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:mai lis [email protected]/
Expires : 01-01-2010 01:00:00
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 13:40:52
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:mai lis [email protected]/
Expires : 04-19-2005 17:24:08
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:mai lis [email protected]/
Expires : 01-01-2038 06:00:00
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:mai lis [email protected]/
Expires : 05-23-2005 20:12:44
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:mai lis [email protected]/
Expires : 04-10-2035 01:12:30
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 04-23-2009 01:35:40
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:mai lis [email protected]/
Expires : 04-23-2006 03:13:46
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:21
Value : Cookie:mai lis [email protected]/
Expires : 04-22-2015 02:00:24
LastSync : Hits:21
UseCount : 0
Hits : 21

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:mai lis [email protected]/
Expires : 04-11-2025 00:46:26
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 04-21-2006 11:17:38
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:95
Value : Cookie:mai lis [email protected]/
Expires : 04-23-2010 01:39:26
LastSync : Hits:95
UseCount : 0
Hits : 95

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:mai lis [email protected]/
Expires : 02-01-2020 01:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:mai lis [email protected]/
Expires : 01-01-2011 01:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:mai lis [email protected]/
Expires : 04-17-2010 18:21:08
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:mai lis [email protected]/
Expires : 04-17-2015 18:50:22
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:59
Value : Cookie:mai lis [email protected]/
Expires : 04-24-2006 02:05:06
LastSync : Hits:59
UseCount : 0
Hits : 59

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mai lis [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:mai lis [email protected]/
Expires : 06-10-2006 01:05:22
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 51
Objects found so far: 90



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 90


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 90




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 90

14:08:25 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:23:47.94
Objects scanned:200834
Objects identified:52
Objects ignored:0
New critical objects:52
  • 0

#4
Rawe

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hi.
What come's to mru item's and tracking cookies, they are safe to delete. Do this;
download/install this brilliant tool here;
http://www.ccleaner.com/
After installed, open it up and bush the button "Run cleaner".
Then, when ccleaner has done it's cleaning, open up your Ad-aware, and follow these guidelines in this topic;
http://www.geekstogo...ons-t16830.html
Run a full system scan and post a new logfile here.
Thanks,

- Rawe :tazz:
  • 0

#5
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Hello and Welcome

Ad-aware has found objects on your computer

If you chose to clean your computer from what Ad-aware found please follow these instructions below…

Please make sure that you are using the * SE1R41 25.04.2005 * definition file.


Please launch Ad-Aware SE and click on the gear to access the Configuration Menu. Please make sure that this setting is applied.

Click on Tweak > Cleaning Engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder):

Please run CCleaner to assist in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Please run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown in bold below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click OK.

Please note that the path above is of the default installion location for Ad-aware SE, if this is different, please adjust it to the location that you have installed it to.

When the scan has completed, select Next. In the Scanning Results window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove. Click next, Click OK.

If problems are caused by deleting a family, please leave it.

Please shutdown/restart your computer after removal, run a new full scan and post the results as a reply. Do not launch any programs or connect to the internet at this time.

If additional critical objects are found, please do the following:

Please then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Please remember when posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Please post back here

Good luck

Andy

Edited by Andy_veal, 25 April 2005 - 05:28 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP