Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Lost Desktop -- Ad-Aware Log file

Started by pete_152 , May 07 2005 03:27 AM

  • Please log in to reply

#1
pete_152
Posted 07 May 2005 - 03:27 AM

pete_152

    New Member

  • Member
  • Pip
  • 7 posts
I have recently lost my desktop background/wallpaper. In place of this is an advert for anti-spyware software with an hyperlink! There is also a yellow triangle with a "!" in it on the taskbar. I haven't a clue how to get rid of this. Any help appreciated. Here is my Ad-Aware log file. Thanks.

Ad-Aware SE Build 1.05
Logfile Created on:07 May 2005 10:06:18
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):11 total references
Tracking Cookie(TAC index:3):52 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

07-05-2005 10:02:24 Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


07-05-2005 10:02:47 Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:24 %
Total physical memory:130460 kb
Available physical memory:31108 kb
Total page file size:315116 kb
Available on page file:197732 kb
Total virtual memory:2097024 kb
Available virtual memory:2048008 kb
OS:Microsoft Windows XP Professional (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


07-05-2005 10:06:18 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 436
ThreadCreationTime : 07-05-2005 08:58:06
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 484
ThreadCreationTime : 07-05-2005 08:58:09
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 508
ThreadCreationTime : 07-05-2005 08:58:09
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 552
ThreadCreationTime : 07-05-2005 08:58:10
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 564
ThreadCreationTime : 07-05-2005 08:58:10
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 724
ThreadCreationTime : 07-05-2005 08:58:11
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 768
ThreadCreationTime : 07-05-2005 08:58:11
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 840
ThreadCreationTime : 07-05-2005 08:58:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 852
ThreadCreationTime : 07-05-2005 08:58:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1068
ThreadCreationTime : 07-05-2005 08:58:17
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [atievxx.exe]
ModuleName : C:\WINDOWS\System32\atievxx.exe
Command Line : C:\WINDOWS\System32\atievxx.exe
ProcessID : 1152
ThreadCreationTime : 07-05-2005 08:58:18
BasePriority : Normal
FileVersion : 5.1.2482.0 (Lab01_N(ericks).010524-2202)
ProductVersion : 5.1.2482.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : ATI Hotkey polling utility
InternalName : atievxx.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : atievxx.exe

#:12 [kpf4ss.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe"
ProcessID : 1180
ThreadCreationTime : 07-05-2005 08:58:18
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - Service
InternalName : kpf4ss
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4ss.EXE
Comments : Kerio Personal Firewall 4 - Service

#:13 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1288
ThreadCreationTime : 07-05-2005 08:58:19
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:14 [kpf4gui.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe" -g 10 -s
ProcessID : 1368
ThreadCreationTime : 07-05-2005 08:58:22
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - GUI
InternalName : kpf4gui
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4gui.EXE
Comments : Kerio Personal Firewall 4 - GUI

#:15 [kpf4gui.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe" -g 11
ProcessID : 1536
ThreadCreationTime : 07-05-2005 08:58:44
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - GUI
InternalName : kpf4gui
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4gui.EXE
Comments : Kerio Personal Firewall 4 - GUI

#:16 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1704
ThreadCreationTime : 07-05-2005 08:58:50
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:17 [point32.exe]
ModuleName : C:\Program Files\Microsoft IntelliPoint\point32.exe
Command Line : "C:\Program Files\Microsoft IntelliPoint\point32.exe"
ProcessID : 1924
ThreadCreationTime : 07-05-2005 08:59:21
BasePriority : Normal


#:18 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1956
ThreadCreationTime : 07-05-2005 08:59:23
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:19 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 1980
ThreadCreationTime : 07-05-2005 08:59:25
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:20 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Command Line : "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
ProcessID : 1768
ThreadCreationTime : 07-05-2005 09:00:03
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:21 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1000
ThreadCreationTime : 07-05-2005 09:01:48
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1844237615-1580436667-1202660629-1003\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@247realmedia[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 01-01-2011 01:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@atdmt[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 06-05-2010 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@doubleclick[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 07-05-2005 10:15:24
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 14



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@247realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@247realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@2o7[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@2o7[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@adtech[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@adtech[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@advertising[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@adviva[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@adviva[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@apmebf[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@apmebf[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@bfast[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@bfast[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@fastclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@fastclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@hitbox[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@linksynergy[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@linksynergy[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@mediaplex[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@overture[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@overture[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@please[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@please[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@qksrv[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@qksrv[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@questionmarket[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@questionmarket[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@serving-sys[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@serving-sys[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@valueclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@valueclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@xxxcounter[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@xxxcounter[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@247realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@247realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@2o7[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@2o7[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@advertising[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@centrport[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@centrport[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@estat[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@estat[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@fastclick[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@fastclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@gator[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@gator[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@maxserving[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@maxserving[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@mediaplex[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@qksrv[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@qksrv[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@tripod[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@valueclick[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@valueclick[2].txt

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 63


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 63




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 63

10:20:05 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:13:47.170
Objects scanned:117634
Objects identified:63
Objects ignored:0
New critical objects:63

Edited by pete_152, 07 May 2005 - 03:34 AM.

  • 0

Advertisements

#2
Rawe
Posted 07 May 2005 - 03:50 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Welcome!
Could you possibly update your Ad-aware with Webupdate- feature,
then rescan with "Full system scan", and post a fresh log.
I'll take a look.

- Rawe :tazz:
  • 0

#3
pete_152
Posted 07 May 2005 - 06:39 AM

pete_152

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Thanks. I had updated already, but i've done it again to make sure. I will post the update info in the post below. Meanwhile here is the latest log:


Ad-Aware SE Build 1.05
Logfile Created on:07 May 2005 13:06:51
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):11 total references
Tracking Cookie(TAC index:3):54 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

07-05-2005 10:02:24 Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


07-05-2005 10:02:47 Success
Update successfully downloaded and installed.

07-05-2005 12:46:01 Performing WebUpdate...

Installing Update...

07-05-2005 12:46:29 Failed
No updates installed.

07-05-2005 12:46:29 <RESTORE BCKP>
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

07-05-2005 12:46:36 <OK>

07-05-2005 12:46:48 Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


07-05-2005 12:47:09 Success
Update successfully downloaded and installed.

07-05-2005 12:47:24 Performing WebUpdate...

Installing Update...

07-05-2005 12:47:47 Failed
No updates installed.

07-05-2005 12:47:47 <RESTORE BCKP>
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

07-05-2005 12:47:53 <OK>


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:24 %
Total physical memory:130460 kb
Available physical memory:30752 kb
Total page file size:315116 kb
Available on page file:182328 kb
Total virtual memory:2097024 kb
Available virtual memory:2028708 kb
OS:Microsoft Windows XP Professional (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


07-05-2005 13:06:51 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 436
ThreadCreationTime : 07-05-2005 08:58:06
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 484
ThreadCreationTime : 07-05-2005 08:58:09
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 508
ThreadCreationTime : 07-05-2005 08:58:09
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 552
ThreadCreationTime : 07-05-2005 08:58:10
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 564
ThreadCreationTime : 07-05-2005 08:58:10
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 724
ThreadCreationTime : 07-05-2005 08:58:11
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 768
ThreadCreationTime : 07-05-2005 08:58:11
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 840
ThreadCreationTime : 07-05-2005 08:58:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 852
ThreadCreationTime : 07-05-2005 08:58:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1068
ThreadCreationTime : 07-05-2005 08:58:17
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [atievxx.exe]
ModuleName : C:\WINDOWS\System32\atievxx.exe
Command Line : C:\WINDOWS\System32\atievxx.exe
ProcessID : 1152
ThreadCreationTime : 07-05-2005 08:58:18
BasePriority : Normal
FileVersion : 5.1.2482.0 (Lab01_N(ericks).010524-2202)
ProductVersion : 5.1.2482.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : ATI Hotkey polling utility
InternalName : atievxx.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : atievxx.exe

#:12 [kpf4ss.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe"
ProcessID : 1180
ThreadCreationTime : 07-05-2005 08:58:18
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - Service
InternalName : kpf4ss
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4ss.EXE
Comments : Kerio Personal Firewall 4 - Service

#:13 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1288
ThreadCreationTime : 07-05-2005 08:58:19
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:14 [kpf4gui.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe" -g 10 -s
ProcessID : 1368
ThreadCreationTime : 07-05-2005 08:58:22
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - GUI
InternalName : kpf4gui
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4gui.EXE
Comments : Kerio Personal Firewall 4 - GUI

#:15 [kpf4gui.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe" -g 11
ProcessID : 1536
ThreadCreationTime : 07-05-2005 08:58:44
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - GUI
InternalName : kpf4gui
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4gui.EXE
Comments : Kerio Personal Firewall 4 - GUI

#:16 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1704
ThreadCreationTime : 07-05-2005 08:58:50
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:17 [point32.exe]
ModuleName : C:\Program Files\Microsoft IntelliPoint\point32.exe
Command Line : "C:\Program Files\Microsoft IntelliPoint\point32.exe"
ProcessID : 1924
ThreadCreationTime : 07-05-2005 08:59:21
BasePriority : Normal


#:18 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1956
ThreadCreationTime : 07-05-2005 08:59:23
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:19 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 1980
ThreadCreationTime : 07-05-2005 08:59:25
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:20 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Command Line : "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
ProcessID : 1768
ThreadCreationTime : 07-05-2005 09:00:03
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:21 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1000
ThreadCreationTime : 07-05-2005 09:01:48
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:22 [wuauclt.exe]
ModuleName : C:\WINDOWS\System32\wuauclt.exe
Command Line : "C:\WINDOWS\System32\wuauclt.exe"
ProcessID : 664
ThreadCreationTime : 07-05-2005 09:09:54
BasePriority : Normal
FileVersion : 5.4.2600.0 (XPClient.010817-1148)
ProductVersion : 5.4.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Update AutoUpdate Client
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1844237615-1580436667-1202660629-1003\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@247realmedia[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 01-01-2011 01:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Cookies\peter@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Cookies\peter@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Cookies\peter@cgi-bin[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@doubleclick[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Cookies\peter@doubleclick[2].txt

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 16


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@247realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@247realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@2o7[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@2o7[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@adtech[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@adtech[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@advertising[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@adviva[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@adviva[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@apmebf[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@apmebf[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@bfast[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@bfast[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@fastclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@fastclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@hitbox[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@linksynergy[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@linksynergy[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@mediaplex[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@overture[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@overture[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@please[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@please[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@qksrv[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@qksrv[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@questionmarket[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@questionmarket[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@serving-sys[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@serving-sys[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@valueclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@valueclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@xxxcounter[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@xxxcounter[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@247realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@247realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@2o7[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@2o7[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@advertising[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@centrport[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@centrport[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@estat[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@estat[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@fastclick[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@fastclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@gator[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@gator[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@maxserving[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@maxserving[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@mediaplex[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@qksrv[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@qksrv[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@tripod[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@valueclick[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@valueclick[2].txt

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 65


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 65




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 65

13:21:59 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:15:08.95
Objects scanned:117989
Objects identified:65
Objects ignored:0
New critical objects:65
  • 0

#4
Rawe
Posted 07 May 2005 - 06:41 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Sorry to say this, you have old definitions still.
Did you try manual installing?
Here's a link; http://www.lavasoft....pport/download/

- Rawe :tazz:
  • 0

#5
pete_152
Posted 07 May 2005 - 06:42 AM

pete_152

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
As mentioned above, here is the version info. This appears to be the latest definitions file, or am I doing something wrong?:

Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

07-05-2005 10:02:24 Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


07-05-2005 10:02:47 Success
Update successfully downloaded and installed.

07-05-2005 12:46:01 Performing WebUpdate...

Installing Update...

07-05-2005 12:46:29 Failed
No updates installed.

07-05-2005 12:46:29 <RESTORE BCKP>
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

07-05-2005 12:46:36 <OK>

07-05-2005 12:46:48 Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


07-05-2005 12:47:09 Success
Update successfully downloaded and installed.

07-05-2005 12:47:24 Performing WebUpdate...

Installing Update...

07-05-2005 12:47:47 Failed
No updates installed.

07-05-2005 12:47:47 <RESTORE BCKP>
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

07-05-2005 12:47:53 <OK>
  • 0

#6
pete_152
Posted 07 May 2005 - 07:15 AM

pete_152

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
OK the manual thing worked! Here it is again.


Ad-Aware SE Build 1.05
Logfile Created on:07 May 2005 13:55:06
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):11 total references
Tracking Cookie(TAC index:3):54 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654

07-05-2005 13:53:45 Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


07-05-2005 13:54:08 Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:37 %
Total physical memory:130460 kb
Available physical memory:47972 kb
Total page file size:315116 kb
Available on page file:202856 kb
Total virtual memory:2097024 kb
Available virtual memory:2048104 kb
OS:Microsoft Windows XP Professional (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


07-05-2005 13:55:07 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 436
ThreadCreationTime : 07-05-2005 08:58:06
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 484
ThreadCreationTime : 07-05-2005 08:58:09
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 508
ThreadCreationTime : 07-05-2005 08:58:09
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 552
ThreadCreationTime : 07-05-2005 08:58:10
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 564
ThreadCreationTime : 07-05-2005 08:58:10
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 724
ThreadCreationTime : 07-05-2005 08:58:11
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 768
ThreadCreationTime : 07-05-2005 08:58:11
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 840
ThreadCreationTime : 07-05-2005 08:58:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 852
ThreadCreationTime : 07-05-2005 08:58:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1068
ThreadCreationTime : 07-05-2005 08:58:17
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [atievxx.exe]
ModuleName : C:\WINDOWS\System32\atievxx.exe
Command Line : C:\WINDOWS\System32\atievxx.exe
ProcessID : 1152
ThreadCreationTime : 07-05-2005 08:58:18
BasePriority : Normal
FileVersion : 5.1.2482.0 (Lab01_N(ericks).010524-2202)
ProductVersion : 5.1.2482.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : ATI Hotkey polling utility
InternalName : atievxx.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : atievxx.exe

#:12 [kpf4ss.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe"
ProcessID : 1180
ThreadCreationTime : 07-05-2005 08:58:18
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - Service
InternalName : kpf4ss
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4ss.EXE
Comments : Kerio Personal Firewall 4 - Service

#:13 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1288
ThreadCreationTime : 07-05-2005 08:58:19
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:14 [kpf4gui.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe" -g 10 -s
ProcessID : 1368
ThreadCreationTime : 07-05-2005 08:58:22
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - GUI
InternalName : kpf4gui
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4gui.EXE
Comments : Kerio Personal Firewall 4 - GUI

#:15 [kpf4gui.exe]
ModuleName : C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
Command Line : "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe" -g 11
ProcessID : 1536
ThreadCreationTime : 07-05-2005 08:58:44
BasePriority : Normal
FileVersion : 4.1.3
ProductVersion : 4.1.3
ProductName : Kerio Personal Firewall 4
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall 4 - GUI
InternalName : kpf4gui
LegalCopyright : Copyright © 1997-2004 Kerio Technologies
OriginalFilename : kpf4gui.EXE
Comments : Kerio Personal Firewall 4 - GUI

#:16 [point32.exe]
ModuleName : C:\Program Files\Microsoft IntelliPoint\point32.exe
Command Line : "C:\Program Files\Microsoft IntelliPoint\point32.exe"
ProcessID : 1924
ThreadCreationTime : 07-05-2005 08:59:21
BasePriority : Normal


#:17 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1956
ThreadCreationTime : 07-05-2005 08:59:23
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:18 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 1980
ThreadCreationTime : 07-05-2005 08:59:25
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:19 [wuauclt.exe]
ModuleName : C:\WINDOWS\System32\wuauclt.exe
Command Line : "C:\WINDOWS\System32\wuauclt.exe"
ProcessID : 664
ThreadCreationTime : 07-05-2005 09:09:54
BasePriority : Normal
FileVersion : 5.4.2600.0 (XPClient.010817-1148)
ProductVersion : 5.4.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Update AutoUpdate Client
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:20 [explorer.exe]
ModuleName : C:\WINDOWS\explorer.exe
Command Line : C:\WINDOWS\explorer.exe
ProcessID : 320
ThreadCreationTime : 07-05-2005 12:34:44
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:21 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1932
ThreadCreationTime : 07-05-2005 12:53:19
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1844237615-1580436667-1202660629-1003\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@247realmedia[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 01-01-2011 01:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@atdmt[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 06-05-2010 01:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[2].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/cgi-bin
Expires : 28-02-2015 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/cgi-bin
Expires : 05-05-2015 12:51:06
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@doubleclick[2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 06-05-2008 12:50:58
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 16



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@247realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@247realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@2o7[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@2o7[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@adtech[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@adtech[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@advertising[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@adviva[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@adviva[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@apmebf[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@apmebf[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@bfast[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@bfast[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@fastclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@fastclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@hitbox[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@linksynergy[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@linksynergy[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@mediaplex[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@overture[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@overture[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@please[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@please[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@qksrv[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@qksrv[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@questionmarket[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@questionmarket[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@serving-sys[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@serving-sys[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\Documents and Settings\Gosia\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@valueclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@valueclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : gosia@xxxcounter[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Gosia\Cookies\gosia@xxxcounter[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@247realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@247realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@2o7[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@2o7[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@advertising[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@centrport[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@centrport[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@estat[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@estat[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@fastclick[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@fastclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@gator[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@gator[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@maxserving[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@maxserving[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@mediaplex[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@qksrv[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@qksrv[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@tripod[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : peter@valueclick[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Peter\Local Settings\Temp\Cookies\peter@valueclick[2].txt

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 65


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 65




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 65

14:09:05 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:13:58.145
Objects scanned:117974
Objects identified:65
Objects ignored:0
New critical objects:65
  • 0

#7
Rawe
Posted 07 May 2005 - 07:17 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Ad-aware has found object(s) on your computer

If you chose to clean your computer from what Ad-aware found, follow these instructions below…

Make sure that you are using the * SE1R43 06.05.2005 * definition file.


Open up Ad-Aware SE and click on the gear to access the Configuration menu. Make sure that this setting is applied.

Click on Tweak > Cleaning engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder);

Run CCleaner to help in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click Ok.

Note; the path above is of the default installation location for Ad-aware SE, if this is different, adjust it to the location that you have installed it to.

When the scan has completed, select next. In the Scanning Results window, select the "Scan Summary"- tab. Check the box next to any objects you wish to remove. Click next, Click Ok.

If problems are caused by deleting a family, just leave it.


Reboot your computer after removal, run a new "full system scan" and post the results as a reply. Don't open any programs or connect to the internet at this time.

Then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Also, keep in mind that when you are posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (Mru's) aren't considered as a threat. This option can be changed when choosing your scan type.

Remember to post your fresh scanlog in THIS topic.

- Rawe :tazz:
  • 0

#8
pete_152
Posted 07 May 2005 - 09:05 AM

pete_152

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
I've done what you said and it appears to have cleaned things up, but I still have the desktop advert there! Any suggestions? Here's the latest log:


Ad-Aware SE Build 1.05
Logfile Created on:07 May 2005 15:48:15
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:11 %
Total physical memory:130460 kb
Available physical memory:13316 kb
Total page file size:315116 kb
Available on page file:230456 kb
Total virtual memory:2097024 kb
Available virtual memory:2048512 kb
OS:Microsoft Windows XP Professional (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


07-05-2005 15:48:15 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 432
ThreadCreationTime : 07-05-2005 14:45:58
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 480
ThreadCreationTime : 07-05-2005 14:46:00
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 504
ThreadCreationTime : 07-05-2005 14:46:07
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 548
ThreadCreationTime : 07-05-2005 14:46:07
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 560
ThreadCreationTime : 07-05-2005 14:46:07
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 736
ThreadCreationTime : 07-05-2005 14:46:09
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 780
ThreadCreationTime : 07-05-2005 14:46:09
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 904
ThreadCreationTime : 07-05-2005 14:46:11
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 920
ThreadCreationTime : 07-05-2005 14:46:11
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1064
ThreadCreationTime : 07-05-2005 14:46:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [atievxx.exe]
ModuleName : C:\WINDOWS\System32\atievxx.exe
Command Line : C:\WINDOWS\System32\atievxx.exe
ProcessID : 1164
ThreadCreationTime : 07-05-2005 14:46:13
BasePriority : Normal
FileVersion : 5.1.2482.0 (Lab01_N(ericks).010524-2202)
ProductVersion : 5.1.2482.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : ATI Hotkey polling utility
InternalName : atievxx.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : atievxx.exe

#:12 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1272
ThreadCreationTime : 07-05-2005 14:46:14
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:13 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1728
ThreadCreationTime : 07-05-2005 14:46:34
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:14 [point32.exe]
ModuleName : C:\Program Files\Microsoft IntelliPoint\point32.exe
Command Line : "C:\Program Files\Microsoft IntelliPoint\point32.exe"
ProcessID : 1932
ThreadCreationTime : 07-05-2005 14:47:00
BasePriority : Normal


#:15 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 128
ThreadCreationTime : 07-05-2005 14:47:05
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:16 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 304
ThreadCreationTime : 07-05-2005 14:47:48
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 0


15:55:47 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:07:32.301
Objects scanned:82015
Objects identified:0
Objects ignored:0
New critical objects:0
  • 0

#9
Rawe
Posted 07 May 2005 - 09:21 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hello again..
Run these online virus scans;
- F-secure
- Trend Micro

After scanned, post the results here.

- Rawe :tazz:
  • 0

#10
pete_152
Posted 07 May 2005 - 01:24 PM

pete_152

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hello. both of these came up clear!
  • 0

#11
Rawe
Posted 07 May 2005 - 01:56 PM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hello again.
Do you still suffer problems?
If so, please install HiJackThis, and post an HiJackThis logfile to this topic.
This issue will be referred (moved) to Malware removal - section of these forums, and someone from Staff will give you further assistance.
We just have to wait for an staff member to move this.
Be patient.

- Rawe :tazz:
  • 0

#12
pete_152
Posted 07 May 2005 - 03:07 PM

pete_152

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
I do still have the same problem. Thanks very much for your help. Much appreciated. Here is the HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 22:01:46, on 07/05/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\atievxx.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.ntlworld.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

- C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {8272B062-BD4D-4EAD-A149-45B3CE3F5CDA} - (no

file)
O2 - BHO: (no name) - {8E13DDE1-E013-47ec-9C4C-27C2F78BDD26} -

C:\WINDOWS\System32\req.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {8272B062-BD4D-4EAD-A149-45B3CE3F5CDA} - (no

file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft

IntelliPoint\point32.exe"
O4 - HKLM\..\RunOnce: [Srv32 spool service]

C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search

& Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [Srv32 spool service]

C:\WINDOWS\System32\spoolsrv32.exe
O8 - Extra context menu item: &Google Search - res://c:\program

files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program

files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -

res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program

files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program

files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\MSMSGS.EXE
O16 - DPF: {10003000-1000-0000-1000-000000000000} -

ms-its:mhtml:file://C:\foo.mht!http://dl.ad-ware.cc...1BgZb8PnsTJAHXI

.chm::/on-line.exe
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX

Player) - http://www.cult3d.co...wnload/cult.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online

Scanner) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer

Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O20 - Winlogon Notify: req - C:\WINDOWS\System32\req.dll
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -

C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies -

C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP