Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

AdAware Log Evaluation

Started by KEYBOARDER , May 04 2005 01:07 PM

  • This topic is locked This topic is locked

#1
KEYBOARDER
Posted 04 May 2005 - 01:07 PM

KEYBOARDER

    New Member

  • Member
  • Pip
  • 1 posts
Ad-Aware SE Build 1.05
Logfile Created on:Wednesday, May 04, 2005 2:29:14 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):9 total references
CoolWebSearch(TAC index:10):96 total references
DSSAgent(TAC index:8):8 total references
PeopleOnPage(TAC index:9):1 total references
Possible Browser Hijack attempt(TAC index:3):4 total references
Tracking Cookie(TAC index:3):51 total references
VX2(TAC index:10):16 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R38 11.04.2005
Internal build : 45
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\defs.ref
File size : 458867 Bytes
Total size : 1387485 Bytes
Signature data size : 1357114 Bytes
Reference data size : 29859 Bytes
Signatures total : 38669
Fingerprints total : 783
Fingerprints size : 29483 Bytes
Target categories : 15
Target families : 648

5-4-05 2:15:29 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


5-4-05 2:20:32 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:0 %
Total physical memory:64928 kb
Available physical memory:580 kb
Total page file size:2032220 kb
Available on page file:1876184 kb
Total virtual memory:2093056 kb
Available virtual memory:2044864 kb
OS:Microsoft Windows 98 SE

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


5-4-05 2:29:14 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4293861603
Threads : 4
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL

#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294923379
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE

#:3 [SPOOL32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SPOOL32.EXE
Command Line : C:\WINDOWS\SYSTEM\spool32.exe
ProcessID : 4294925419
Threads : 2
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright © Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe

#:4 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294930143
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE

#:5 [SYSHO32.EXE]
ModuleName : C:\WINDOWS\SYSHO32.EXE
Command Line : C:\WINDOWS\SYSHO32.EXE /s
ProcessID : 4294892171
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : SYSHO32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSHO32.EXE)

"C:\WINDOWS\SYSHO32.EXE"Process terminated successfully

#:6 [NETUT.EXE]
ModuleName : C:\WINDOWS\NETUT.EXE
Command Line : C:\WINDOWS\NETUT.EXE /s
ProcessID : 4294894223
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : NETUT.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\NETUT.EXE)

"C:\WINDOWS\NETUT.EXE"Process terminated successfully

#:7 [NTJF.EXE]
ModuleName : C:\WINDOWS\SYSTEM\NTJF.EXE
Command Line : C:\WINDOWS\SYSTEM\NTJF.EXE /s
ProcessID : 4294896647
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : NTJF.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\NTJF.EXE)

"C:\WINDOWS\SYSTEM\NTJF.EXE"Process terminated successfully

#:8 [D3IS32.EXE]
ModuleName : C:\WINDOWS\D3IS32.EXE
Command Line : C:\WINDOWS\D3IS32.EXE /s
ProcessID : 4294899331
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : D3IS32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\D3IS32.EXE)

"C:\WINDOWS\D3IS32.EXE"Process terminated successfully

#:9 [mmtask.tsk]
ModuleName : C:\WINDOWS\SYSTEM\mmtask.tsk
Command Line : n/a
ProcessID : 4294836443
Threads : 1
Priority : Normal
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-1998
OriginalFilename : mmtask.tsk

#:10 [WINLC32.EXE]
ModuleName : C:\WINDOWS\WINLC32.EXE
Command Line : C:\WINDOWS\WINLC32.EXE /s
ProcessID : 4294838311
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : WINLC32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\WINLC32.EXE)

"C:\WINDOWS\WINLC32.EXE"Process terminated successfully

#:11 [APICL32.EXE]
ModuleName : C:\WINDOWS\APICL32.EXE
Command Line : C:\WINDOWS\APICL32.EXE /s
ProcessID : 4294841067
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : APICL32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\APICL32.EXE)

"C:\WINDOWS\APICL32.EXE"Process terminated successfully

#:12 [WINCD32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\WINCD32.EXE
Command Line : C:\WINDOWS\SYSTEM\WINCD32.EXE /s
ProcessID : 4294850347
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : WINCD32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\WINCD32.EXE)

"C:\WINDOWS\SYSTEM\WINCD32.EXE"Process terminated successfully

#:13 [WINZM.EXE]
ModuleName : C:\WINDOWS\SYSTEM\WINZM.EXE
Command Line : C:\WINDOWS\SYSTEM\WINZM.EXE /s
ProcessID : 4294862479
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : WINZM.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\WINZM.EXE)

"C:\WINDOWS\SYSTEM\WINZM.EXE"Process terminated successfully

#:14 [CRBV.EXE]
ModuleName : C:\WINDOWS\SYSTEM\CRBV.EXE
Command Line : C:\WINDOWS\SYSTEM\CRBV.EXE /s
ProcessID : 4294847395
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : CRBV.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\CRBV.EXE)

"C:\WINDOWS\SYSTEM\CRBV.EXE"Process terminated successfully

#:15 [CRUT.EXE]
ModuleName : C:\WINDOWS\SYSTEM\CRUT.EXE
Command Line : C:\WINDOWS\SYSTEM\CRUT.EXE /s
ProcessID : 4294808259
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : CRUT.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\CRUT.EXE)

"C:\WINDOWS\SYSTEM\CRUT.EXE"Process terminated successfully

#:16 [NTCR.EXE]
ModuleName : C:\WINDOWS\SYSTEM\NTCR.EXE
Command Line : C:\WINDOWS\SYSTEM\NTCR.EXE /s
ProcessID : 4294812023
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : NTCR.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\NTCR.EXE)

"C:\WINDOWS\SYSTEM\NTCR.EXE"Process terminated successfully

#:17 [IPLU.EXE]
ModuleName : C:\WINDOWS\SYSTEM\IPLU.EXE
Command Line : C:\WINDOWS\SYSTEM\IPLU.EXE /s
ProcessID : 4294812903
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : IPLU.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\IPLU.EXE)

"C:\WINDOWS\SYSTEM\IPLU.EXE"Process terminated successfully

#:18 [SYSWW.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SYSWW.EXE
Command Line : C:\WINDOWS\SYSTEM\SYSWW.EXE /s
ProcessID : 4294817115
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : SYSWW.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\SYSWW.EXE)

"C:\WINDOWS\SYSTEM\SYSWW.EXE"Process terminated successfully

#:19 [MSRZ32.EXE]
ModuleName : C:\WINDOWS\MSRZ32.EXE
Command Line : C:\WINDOWS\MSRZ32.EXE /s
ProcessID : 4294818467
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : MSRZ32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\MSRZ32.EXE)

"C:\WINDOWS\MSRZ32.EXE"Process terminated successfully

#:20 [MSTASK.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSTASK.EXE
Command Line : mstask.exe
ProcessID : 4294825543
Threads : 3
Priority : Normal
FileVersion : 4.71.1959.1
ProductVersion : 4.71.1959.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 1997
OriginalFilename : mstask.exe

#:21 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294825219
Threads : 18
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE

#:22 [SDKHO.EXE]
ModuleName : C:\WINDOWS\SDKHO.EXE
Command Line : "C:\WINDOWS\SDKHO.EXE"
ProcessID : 4294746023
Threads : 5
Priority : Normal


#:23 [SYSTRAY.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SYSTRAY.EXE
Command Line : "C:\WINDOWS\SYSTEM\SysTray.Exe"
ProcessID : 4294751279
Threads : 2
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : SYSTRAY.EXE

#:24 [WMIEXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\WMIEXE.EXE
Command Line : WmiExe 92
ProcessID : 4294658111
Threads : 3
Priority : Normal
FileVersion : 5.00.1755.1
ProductVersion : 5.00.1755.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : wmiexe.exe

#:25 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 4294769611
Threads : 3
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:26 [HH.EXE]
ModuleName : C:\WINDOWS\HH.EXE
Command Line : n/a
ProcessID : 4294595423
Threads : 6
Priority : Normal
FileVersion : 5.2.3644.0
ProductVersion : 5.2.3644.0
ProductName : HTML Help
CompanyName : Microsoft Corporation
FileDescription : Microsoft® HTML Help Executable
InternalName : HH 1.4
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : HH.exe

#:27 [NTJF.EXE]
ModuleName : C:\WINDOWS\SYSTEM\NTJF.EXE
Command Line : C:\WINDOWS\SYSTEM\NTJF.EXE /s
ProcessID : 4294566139
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : NTJF.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\NTJF.EXE)

"C:\WINDOWS\SYSTEM\NTJF.EXE"Process terminated successfully

#:28 [JUNO.EXE]
ModuleName : C:\PROGRAM FILES\JUNO\BIN\JUNO.EXE
Command Line : "C:\Program Files\Juno\bin\juno.exe"
ProcessID : 4294583467
Threads : 18
Priority : Normal
FileVersion : 5.0.33
ProductVersion : 5.0.33
ProductName : Juno
CompanyName : Juno Online Services, Inc.
FileDescription : Juno
InternalName : juno
LegalCopyright : Copyright © 1995-2001 Juno Online Services, Inc.
OriginalFilename : juno.exe

#:29 [TAPISRV.EXE]
ModuleName : C:\WINDOWS\SYSTEM\TAPISRV.EXE
Command Line : tapisrv.exe
ProcessID : 4294488571
Threads : 8
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft® Windows™ Telephony Server
InternalName : Telephony Service
LegalCopyright : Copyright © Microsoft Corp. 1994-1998
OriginalFilename : TAPISRV.EXE

#:30 [RNAAPP.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RNAAPP.EXE
Command Line : rnaapp.exe -l
ProcessID : 4294469167
Threads : 4
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Dial-Up Networking Application
InternalName : RNAAPP
LegalCopyright : Copyright © Microsoft Corp. 1992-1996
OriginalFilename : RNAAPP.EXE

#:31 [DDHELP.EXE]
ModuleName : C:\WINDOWS\SYSTEM\DDHELP.EXE
Command Line : ddhelp.exe
ProcessID : 4294491067
Threads : 6
Priority : Realtime
FileVersion : 4.06.03.0518
ProductVersion : 4.06.03.0518
ProductName : Microsoft® DirectX for Windows® 95 and 98
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : ddhelp.exe
LegalCopyright : Copyright © Microsoft Corp. 1994-1999
OriginalFilename : ddhelp.exe

#:32 [MSRZ32.EXE]
ModuleName : C:\WINDOWS\MSRZ32.EXE
Command Line : n/a
ProcessID : 4294313919
Threads : 2
Priority : Normal


#:33 [SYSHO32.EXE]
ModuleName : C:\WINDOWS\SYSHO32.EXE
Command Line : n/a
ProcessID : 4294356787
Threads : 2
Priority : Normal


Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 15
Objects found so far: 15


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{676575dd-4d46-911d-8037-9b10d6ee8bb5}

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{676575dd-4d46-911d-8037-9b10d6ee8bb5}
Value :

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{1de9ee01-df51-49db-9bdd-5990b35c1c2a}

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{1de9ee01-df51-49db-9bdd-5990b35c1c2a}
Value :

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf}

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf}
Value :

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.startbho

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.startbho
Value :

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.startbho.1

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.startbho.1
Value :

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.toolbandobj

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.toolbandobj
Value :

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.toolbandobj.1

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolband.toolbandobj.1
Value :

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{5297e905-1dfb-4a9c-9871-a4f95fd58945}

PeopleOnPage Object Recognized!
Type : Regkey
Data : InstID
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\pop

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\serg

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\serg\searchbar

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\serg\searchbar
Value : ID1

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\serg\searchbar
Value : ID2

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\serg\searchbar
Value : ID4

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\serg\searchbar
Value : Next

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\serg\searchbar
Value : CLSID

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\serg\searchbar
Value : PanelNumber

DSSAgent Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\broderbund software\dss

DSSAgent Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\broderbund software\dss
Value : StorageLocation

DSSAgent Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\broderbund software\dss
Value : CobwebInterval

DSSAgent Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\broderbund software\dss
Value : ServerURL

DSSAgent Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\broderbund software\dss
Value : Active

DSSAgent Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\broderbund software\dss
Value : AutolaunchRemoved

DSSAgent Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\broderbund software\dss
Value : ContentCheckDelay

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "HOMEOldSP"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\main
Value : HOMEOldSP

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 41
Objects found so far: 56


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 56


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-13-06 11:13:16 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:doug [email protected]/
Expires : 12-31-09 8:00:00 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 1-1-38 1:00:00 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][2].txt
Category : Data Miner
Comment : Hits:26
Value : Cookie:doug [email protected]/
Expires : 4-26-06 1:38:10 PM
LastSync : Hits:26
UseCount : 0
Hits : 26

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-28-05 12:30:38 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@theadvertisingnetwork[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 5-8-05 12:47:54 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@sextracker[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:doug [email protected]/
Expires : 5-3-05 1:24:26 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:doug [email protected]/
Expires : 5-2-05 6:24:26 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:doug [email protected]/
Expires : 5-1-05 6:33:18 PM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-20-05 6:29:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@doubleclick[1].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:doug [email protected]/
Expires : 5-1-08 1:28:28 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@bfast[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:doug [email protected]/
Expires : 4-16-25 7:07:08 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][2].txt
Category : Data Miner
Comment : Hits:38
Value : Cookie:doug [email protected]/
Expires : 4-29-06 11:29:04 PM
LastSync : Hits:38
UseCount : 0
Hits : 38

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@cgi-bin[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/cgi-bin
Expires : 2-27-15 7:59:58 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@mediaplex[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:doug [email protected]/
Expires : 6-21-09 8:00:00 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@qksrv[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:doug [email protected]/
Expires : 4-24-10 2:12:44 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:doug [email protected]/
Expires : 4-25-05 5:46:24 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@serving-sys[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:doug [email protected]/
Expires : 1-1-38 1:00:00 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][2].txt
Category : Data Miner
Comment : Hits:71
Value : Cookie:doug [email protected]/
Expires : 5-12-24 2:07:28 PM
LastSync : Hits:71
UseCount : 0
Hits : 71

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@sexlist[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 5-2-06 9:43:56 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@bravenet[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:doug [email protected]/
Expires : 4-17-15 1:45:30 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:doug [email protected]/
Expires : 4-29-05 6:51:22 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:doug [email protected]/
Expires : 4-19-05 2:32:20 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@casalemedia[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:doug [email protected]/
Expires : 4-7-06 3:15:56 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:doug [email protected]/
Expires : 12-31-37 8:00:00 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:doug [email protected]/
Expires : 4-28-05 12:30:42 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@paycounter[1].txt
Category : Data Miner
Comment : Hits:21
Value : Cookie:doug [email protected]/
Expires : 12-30-30 9:00:00 PM
LastSync : Hits:21
UseCount : 0
Hits : 21

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-17-15 8:57:14 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:doug [email protected]/
Expires : 4-25-05 6:53:02 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@2o7[2].txt
Category : Data Miner
Comment : Hits:18
Value : Cookie:doug [email protected]/
Expires : 4-23-10 6:00:14 PM
LastSync : Hits:18
UseCount : 0
Hits : 18

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@trafficmp[1].txt
Category : Data Miner
Comment : Hits:22
Value : Cookie:doug [email protected]/
Expires : 4-18-06 2:41:22 PM
LastSync : Hits:22
UseCount : 0
Hits : 22

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-25-05 8:34:46 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:doug [email protected]/
Expires : 4-25-05 5:46:44 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@apmebf[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:doug [email protected]/
Expires : 4-24-10 2:12:42 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-19-05 7:57:38 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:doug [email protected]/
Expires : 4-27-06 3:41:00 AM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@overture[1].txt
Category : Data Miner
Comment : Hits:70
Value : Cookie:doug [email protected]/
Expires : 4-21-15 8:42:30 AM
LastSync : Hits:70
UseCount : 0
Hits : 70

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@centrport[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:doug [email protected]/
Expires : 12-31-29 8:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-25-05 6:46:16 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:doug [email protected]/
Expires : 4-24-35 10:01:20 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@hitbox[2].txt
Category : Data Miner
Comment : Hits:70
Value : Cookie:doug [email protected]/
Expires : 4-29-06 11:29:04 PM
LastSync : Hits:70
UseCount : 0
Hits : 70

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@advertising[1].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:doug [email protected]/
Expires : 4-30-10 9:57:36 PM
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-30-20 9:59:36 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:doug [email protected]/
Expires : 5-31-05 9:57:36 PM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@xxxcounter[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-25-05 6:52:52 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:doug [email protected]/
Expires : 4-25-05 5:46:24 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 46
Objects found so far: 102



Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CoolWebSearch Object Recognized!
Type : File
Data : sprestrst.exe
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



CoolWebSearch Object Recognized!
Type : File
Data : od-stnd807.exe
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



CoolWebSearch Object Recognized!
Type : File
Data : gpkxq.dat
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



CoolWebSearch Object Recognized!
Type : File
Data : eklkd.log
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



CoolWebSearch Object Recognized!
Type : File
Data : ytutk.dat
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



CoolWebSearch Object Recognized!
Type : File
Data : mmfsz.dat
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



CoolWebSearch Object Recognized!
Type : File
Data : chhnz.log
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



CoolWebSearch Object Recognized!
Type : File
Data : gunsw.txt
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



CoolWebSearch Object Recognized!
Type : File
Data : xkjyo.log
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\



Possible Browser Hijack attempt Object Recognized!
Type : File
Data : windrv.dll
Category : Malware
Comment : scagent core component
Object : c:\WINDOWS\SYSTEM32\



Possible Browser Hijack attempt Object Recognized!
Type : File
Data : scagent.exe
Category : Malware
Comment : scagent core component
Object : c:\WINDOWS\SYSTEM32\



CoolWebSearch Object Recognized!
Type : File
Data : EXPLOIT[1].CHM
Category : Malware
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\4XUFK9YF\



Tracking Cookie Object Recognized!
Type : IECache Entry
Data : doug sweetser@sextracker[1].txt
Category : Data Miner
Comment :
Value : c:\WINDOWS\Cookies\doug sweetser@sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
  • 0

Advertisements

#2
Rawe
Posted 04 May 2005 - 01:09 PM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Welcome!

Ad-aware has found object(s) on your computer

If you chose to clean your computer from what Ad-aware found, follow these instructions below…

Make sure that you are using the * SE1R42 28.04.2005 * definition file.


Open up Ad-Aware SE and click on the gear to access the Configuration menu. Make sure that this setting is applied.

Click on Tweak > Cleaning engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder);

Run CCleaner to help in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click Ok.

Note; the path above is of the default installation location for Ad-aware SE, if this is different, adjust it to the location that you have installed it to.

When the scan has completed, select next. In the Scanning Results window, select the "Scan Summary"- tab. Check the box next to CoolWebSearch ONLY. Click next, Click Ok.

If problems are caused by deleting a family, just leave it.


Reboot your computer after removal, run a new "full system scan" and post the results as a reply. Don't open any programs or connect to the internet at this time.

Then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Also, keep in mind that when you are posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (Mru's) aren't considered as a threat. This option can be changed when choosing your scan type.

Remember to post your fresh scanlog in THIS topic.

- Rawe :tazz:
  • 0
Back to Lavasoft Support (Ad-aware) · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Lavasoft Support (Ad-aware)

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP