Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

EBATESKEEPS COMING BACK!

Started by afvohra , May 22 2005 12:18 PM

  • This topic is locked This topic is locked

#1
afvohra
Posted 22 May 2005 - 12:18 PM

afvohra

    New Member

  • Member
  • Pip
  • 4 posts
hi i have a problem with ebates. I use ad aware professional and when i do a scan ebates is recognized and i remove it. Then 10 minutes later it shows up again when i rescan. Please help! i have a scan log from my most recent scan.


Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 22, 2005 9:41:49 AM
Using definitions file:SE1R46 17.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):1 total references
CoolWebSearch(TAC index:10):1 total references
Ebates MoneyMaker(TAC index:4):7 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show splash screen
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects


5-22-2005 9:41:49 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 592
ThreadCreationTime : 5-22-2005 3:00:01 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\D:\WINDOWS\system32\
ProcessID : 648
ThreadCreationTime : 5-22-2005 3:00:09 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\D:\WINDOWS\system32\
ProcessID : 672
ThreadCreationTime : 5-22-2005 3:00:10 PM
BasePriority : High


#:4 [services.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 5-22-2005 3:00:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 728
ThreadCreationTime : 5-22-2005 3:00:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 900
ThreadCreationTime : 5-22-2005 3:00:11 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1000
ThreadCreationTime : 5-22-2005 3:00:11 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1220
ThreadCreationTime : 5-22-2005 3:00:12 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1268
ThreadCreationTime : 5-22-2005 3:00:13 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 1372
ThreadCreationTime : 5-22-2005 3:00:13 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [wdfmgr.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1544
ThreadCreationTime : 5-22-2005 3:00:20 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:12 [explorer.exe]
FilePath : D:\WINDOWS\
ProcessID : 1948
ThreadCreationTime : 5-22-2005 3:00:24 PM
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:13 [jusched.exe]
FilePath : D:\Program Files\Java\jre1.5.0_02\bin\
ProcessID : 156
ThreadCreationTime : 5-22-2005 3:00:26 PM
BasePriority : Normal


#:14 [igfxtray.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 200
ThreadCreationTime : 5-22-2005 3:00:26 PM
BasePriority : Normal
FileVersion : 3,0,0,1757
ProductVersion : 7,0,0,1757
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxTray Module
InternalName : IGFXTRAY
LegalCopyright : Copyright 1999-2002, Intel Corporation
OriginalFilename : IGFXTRAY.EXE

#:15 [hkcmd.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 212
ThreadCreationTime : 5-22-2005 3:00:26 PM
BasePriority : Normal
FileVersion : 3,0,0,1757
ProductVersion : 7,0,0,1757
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2002, Intel Corporation
OriginalFilename : HKCMD.EXE

#:16 [ituneshelper.exe]
FilePath : D:\Program Files\iTunes\
ProcessID : 204
ThreadCreationTime : 5-22-2005 3:00:26 PM
BasePriority : Normal
FileVersion : 4.8.0.32
ProductVersion : 4.8.0.32
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:17 [ipodservice.exe]
FilePath : D:\Program Files\iPod\bin\
ProcessID : 412
ThreadCreationTime : 5-22-2005 3:00:29 PM
BasePriority : Normal
FileVersion : 4.8.0.32
ProductVersion : 4.8.0.32
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:18 [ad-watch.exe]
FilePath : C:\Program Files\lavasoft\Ad-Aware SE Professional\
ProcessID : 1888
ThreadCreationTime : 5-22-2005 3:06:24 PM
BasePriority : High
FileVersion : 3.1.2.17
ProductVersion : 3.2
ProductName : Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Watch System Protector
InternalName : Ad-Watch.exe
LegalCopyright : 1999-2004 Team Lavasoft
OriginalFilename : Ad-Watch.exe

#:19 [steamengine.exe]
FilePath : d:\program files\steam-down\
ProcessID : 588
ThreadCreationTime : 5-22-2005 4:00:56 PM
BasePriority : Normal


#:20 [xfire.exe]
FilePath : C:\Program Files\Xfire\
ProcessID : 912
ThreadCreationTime : 5-22-2005 4:01:33 PM
BasePriority : Normal
FileVersion : 12745
ProductVersion : 12745
ProductName : Xfire
CompanyName : Xfire Inc.
FileDescription : Xfire
InternalName : xfire
LegalCopyright : Copyright 2004 Xfire Inc.
OriginalFilename : xfire.exe
Comments : Xfire

#:21 [firefox.exe]
FilePath : C:\MOZILL~1\
ProcessID : 1896
ThreadCreationTime : 5-22-2005 4:23:55 PM
BasePriority : Normal


#:22 [ad-aware.exe]
FilePath : C:\Program Files\lavasoft\Ad-Aware SE Professional\
ProcessID : 1076
ThreadCreationTime : 5-22-2005 4:40:56 PM
BasePriority : Normal
FileVersion : 6.2.0.208
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1957994488-1708537768-1202660629-1003\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "AC"
Rootkey : HKEY_USERS
Object : S-1-5-21-1957994488-1708537768-1202660629-1003\software\lq
Value : AC

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CoolWebSearch Object Recognized!
Type : File
Data : BlackBox.class-2ca97015-60134559.class
Category : Malware
Comment :
Object : D:\Documents and Settings\Abdullah Faisal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\



Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 3


Scanning Hosts file......
Hosts file location:"D:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 3




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ebates MoneyMaker Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AT

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AC

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TM

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AD

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AM

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 9

10:01:33 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:19:44.603
Objects scanned:124221
Objects identified:9
Objects ignored:0
New critical objects:9


PLEASE HELP!
  • 0

Advertisements

#2
nixx
Posted 22 May 2005 - 12:21 PM

nixx

    Member

  • Member
  • PipPipPip
  • 187 posts
you mean the ebates is a popup that comes up on startup?
  • 0

#3
afvohra
Posted 22 May 2005 - 12:36 PM

afvohra

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
I have a pop up blocker from adaware called ad-watch, it blocks the popups from ebates, but my computer slows down every time it tries to block it.
  • 0

#4
Guest_Andy_veal_*
Posted 22 May 2005 - 03:35 PM

Guest_Andy_veal_*
  • Guest
Ad-Aware SE Plus and Professional license holders can get email support from here http://www.lavasoftu...stomer_support/

If you would like to be assisted here please reply.

Thanks
  • 0
Back to Lavasoft Support (Ad-aware) · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Lavasoft Support (Ad-aware)

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP