Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Comet Systems & SureBar [RESOLVED]

Started by Ihatebugs , Jun 04 2005 10:49 AM

  • This topic is locked This topic is locked

#31
Metallica
Posted 11 June 2005 - 10:09 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
OK. Try this for me.

Save the part in bold below into notepad and save it as browserclean.reg

REGEDIT4

[-HKEY_CLASSES_ROOT\CLSID\{270b845c-712c-4773-bee0-ae2d2001cd0f}]

[-HKEY_CLASSES_ROOT\CLSID\{fe6bc4ef-5676-484b-88ae-883323913256}]

[HKEY_CURRENT_USERS\software\microsoft\internet explorer\toolbar\Webbrowser]
"{270b845c-712c-4773-bee0-ae2d2001cd0f}"=-

[HKEY_CURRENT_USERS\software\microsoft\internet explorer\toolbar\Webbrowser]
"{fe6bc4ef-5676-484b-88ae-883323913256}"=-

[HKEY_USERS\S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\internet explorer\toolbar\Webbrowser]
"{270b845c-712c-4773-bee0-ae2d2001cd0f}"=-

[HKEY_USERS\S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\internet explorer\toolbar\Webbrowser]
"{fe6bc4ef-5676-484b-88ae-883323913256}"=-

Doubleclick that file and confirm you want to merge it with the registry.

Let me know if that gets it out of the AdAware results.

Regards,
  • 0

Advertisements

#32
Ihatebugs
Posted 11 June 2005 - 10:54 AM

Ihatebugs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I merged the file into Registry. Still there... Reinstalls immediately upon deletion. AdWatch flashes red and says it detected a registry modification. Computer is slow...

Ad-Aware SE Build 1.06r1
Logfile Created on:Saturday, June 11, 2005 12:43:30 PM
Using definitions file:SE1R49 31.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CometSystems(TAC index:8):1 total references
MRU List(TAC index:0):9 total references
SureBar(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show splash screen
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects


6/11/2005 12:43:31 PM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 400
ThreadCreationTime : 6/11/2005 4:39:13 PM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 472
ThreadCreationTime : 6/11/2005 4:39:16 PM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 516
ThreadCreationTime : 6/11/2005 4:39:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 528
ThreadCreationTime : 6/11/2005 4:39:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 680
ThreadCreationTime : 6/11/2005 4:39:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 804
ThreadCreationTime : 6/11/2005 4:39:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1164
ThreadCreationTime : 6/11/2005 4:39:19 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1248
ThreadCreationTime : 6/11/2005 4:39:19 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:9 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1372
ThreadCreationTime : 6/11/2005 4:39:20 PM
BasePriority : Normal
FileVersion : 3.0.0.4020
ProductVersion : 7.0.0.4020
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE

#:10 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\
ProcessID : 1392
ThreadCreationTime : 6/11/2005 4:39:20 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001,2002, Roxio, Inc.
OriginalFilename : Directcd.exe

#:11 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 1416
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 7.10.4053
ProductVersion : 7.10.4053
ProductName : MUSICMATCH JUKEBOX
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © MUSICMATCH 1998-2001
LegalTrademarks :
OriginalFilename : mm_tray.exe

#:12 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ProcessID : 1452
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 5, 1, 0, 2
ProductVersion : 5, 1, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
LegalCopyright : Copyright © 2005 McAfee, Inc.
OriginalFilename : mcagent.exe

#:13 [cfd.exe]
FilePath : C:\Program Files\BroadJump\Client Foundation\
ProcessID : 1484
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal


#:14 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 1504
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
ProductName : RealOne Player (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:15 [mcvsshld.exe]
FilePath : C:\PROGRA~1\mcafee.com\vso\
ProcessID : 1528
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 9, 1, 0, 6
ProductVersion : 9, 1, 0, 0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc.
FileDescription : McAfee VirusScan ActiveShield Resource
InternalName : msvcshld
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : mcvsshld.exe
Comments : McAfee VirusScan ActiveShield Resource

#:16 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 1536
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:17 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~2\
ProcessID : 1548
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 6.2.0.237
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:18 [mcvsescn.exe]
FilePath : c:\progra~1\mcafee.com\vso\
ProcessID : 1552
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 9, 1, 0, 4
ProductVersion : 9, 1, 0, 0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc.
FileDescription : McAfee VirusScan E-mail Scan Module
InternalName : mcvsescn
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : mcvsescn.EXE
Comments : McAfee VirusScan E-mail Scan Module

#:19 [support.exe]
FilePath : C:\Program Files\Common Files\Dell\EUSW\
ProcessID : 1564
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 2, 1, 1, 0
ProductVersion : 1, 0, 0, 1
ProductName : Dell Support
CompanyName : Dell
FileDescription : Support
InternalName : Support
LegalCopyright : Copyright © 2002
OriginalFilename : Support.exe

#:20 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1584
ThreadCreationTime : 6/11/2005 4:39:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:21 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 1600
ThreadCreationTime : 6/11/2005 4:39:22 PM
BasePriority : Normal
FileVersion : 5.0.0381
ProductVersion : Version 5.0
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:22 [ad-watch.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Plus\
ProcessID : 1608
ThreadCreationTime : 6/11/2005 4:39:22 PM
BasePriority : High
FileVersion : 3.1.2.17
ProductVersion : 3.2
ProductName : Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Watch System Protector
InternalName : Ad-Watch.exe
LegalCopyright : 1999-2004 Team Lavasoft
OriginalFilename : Ad-Watch.exe

#:23 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 1652
ThreadCreationTime : 6/11/2005 4:39:22 PM
BasePriority : Normal
FileVersion : 5.35.0.035
ProductVersion : 005.035.000.035
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)

#:24 [notifyalert.exe]
FilePath : C:\Program Files\Dell\Support\Alert\bin\
ProcessID : 1676
ThreadCreationTime : 6/11/2005 4:39:22 PM
BasePriority : Normal


#:25 [residence.exe]
FilePath : C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\
ProcessID : 1684
ThreadCreationTime : 6/11/2005 4:39:22 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Residence ?????????
CompanyName : Sony Corporation.
FileDescription : Residence
InternalName : Residence
LegalCopyright : Copyright 2003 Sony Corporation.
OriginalFilename : Residence.EXE

#:26 [spysub.exe]
FilePath : C:\Program Files\InterMute\SpySubtract\
ProcessID : 1692
ThreadCreationTime : 6/11/2005 4:39:22 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 29
ProductVersion : 3.0
ProductName : SpySubtract
CompanyName : InterMute, Inc.
FileDescription : SpySubtract Program EXE
InternalName : SpySub.exe
LegalCopyright : Copyright © 2005 InterMute, Inc. All rights reserved.
OriginalFilename : SpySub.exe

#:27 [ewidoctrl.exe]
FilePath : C:\Program Files\ewido\security suite\
ProcessID : 1956
ThreadCreationTime : 6/11/2005 4:39:27 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe

#:28 [ewidoguard.exe]
FilePath : C:\Program Files\ewido\security suite\
ProcessID : 2012
ThreadCreationTime : 6/11/2005 4:39:28 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : guard
CompanyName : ewido networks
FileDescription : guard
InternalName : guard
LegalCopyright : Copyright © 2004
OriginalFilename : guard.exe

#:29 [mcvsftsn.exe]
FilePath : c:\progra~1\mcafee.com\vso\
ProcessID : 168
ThreadCreationTime : 6/11/2005 4:39:29 PM
BasePriority : Normal
FileVersion : 9, 1, 0, 4
ProductVersion : 9, 1, 0, 0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc.
FileDescription : McAfee VirusScan Instant Messenger Scan Module
InternalName : mcvsftsn
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : mcvsftsn.EXE
Comments : McAfee VirusScan Instant Messenger Scan Module

#:30 [mcvsrte.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ProcessID : 432
ThreadCreationTime : 6/11/2005 4:39:34 PM
BasePriority : Normal
FileVersion : 9, 1, 0, 8
ProductVersion : 9, 1, 0, 0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc
FileDescription : McAfee VirusScan Real-time Engine
InternalName : mcvsrte
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : mcvsrte.exe
Comments : McAfee VirusScan Real-time Engine

#:31 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ProcessID : 584
ThreadCreationTime : 6/11/2005 4:39:35 PM
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright © Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:32 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 892
ThreadCreationTime : 6/11/2005 4:39:38 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:33 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 1320
ThreadCreationTime : 6/11/2005 4:39:42 PM
BasePriority : Normal
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe

#:34 [mcshield.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ProcessID : 3124
ThreadCreationTime : 6/11/2005 4:40:35 PM
BasePriority : High


#:35 [hpzipm12.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3144
ThreadCreationTime : 6/11/2005 4:40:36 PM
BasePriority : Normal
FileVersion : 7, 0, 0, 0
ProductVersion : 7, 0, 0, 0
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe

#:36 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3188
ThreadCreationTime : 6/11/2005 4:40:37 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

SureBar Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\internet explorer\toolbar\Webbrowser
Value : {270b845c-712c-4773-bee0-ae2d2001cd0f}

CometSystems Object Recognized!
Type : RegValue
Data :
TAC Rating : 8
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\internet explorer\toolbar\Webbrowser
Value : {fe6bc4ef-5676-484b-88ae-883323913256}


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

Disk Scan Result for C:\DOCUME~1\jerry\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 2



MRU List Object Recognized!
Location: : C:\Documents and Settings\jerry\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\jerry\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-2874319935-1525189617-952832453-1007\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

12:49:12 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:41.531
Objects scanned:71240
Objects identified:2
Objects ignored:0
New critical objects:2
  • 0

#33
Metallica
Posted 11 June 2005 - 11:37 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
I found the guilty party.

What did the warning by AdWatch say exactly?

If YOU do not allow the changes to be made, I can try till I'm blue in the face right?

Regards,
  • 0

#34
Ihatebugs
Posted 11 June 2005 - 11:55 AM

Ihatebugs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
6/11/2005 1:21:26PM - Registry Modification Detected
ROOT: HKEY_CURRENT_USER
Key: Software\Microsoft\Internet Explorer\Toolbar\Webbrowser
Value: {FE6BC4EF-5676-484B-88AE-883323913256}
Data: 1
New Data:

and

6/11/2005 1:21:26PM - Registry Modification Detected
ROOT: HKEY_CURRENT_USER
Key: Software\Microsoft\Internet Explorer\Toolbar\Webbrowser
Value: {270B845C-712C-4773-BEE0-AE2D2001CD0F}
Data: 1
New Data:
  • 0

#35
Metallica
Posted 11 June 2005 - 12:11 PM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
In the old data field are the keys we want to get rid off.

In the new data field there is nothing.

So my conclusion would be that you used AdWatch to block the changes we wanted to make.

Regards,
  • 0

#36
Ihatebugs
Posted 11 June 2005 - 01:08 PM

Ihatebugs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I apologize if I was inadvertently circumventing your fixes.

I turned off AdWatch and then ran AdAware which found and removed SureBar & Comet Systems. I then ran it again and it was clean.

I then ran SpyBot which found BlazeFind.SearchEnhancer.ISTbar. I deleted it and ran it again and it was clean.

I then rebooted and AdWatch came on, blocked your fixes and there they were again. So I repeated the above steps and I'm clean.

I take it I need to permanently disable AdWatch in order for your fixes to stay fixed?
  • 0

#37
Metallica
Posted 11 June 2005 - 02:23 PM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Sometimes it has to be uninstalled for it to clear it's settings.

To disable AdWatch:

Open AdAware SE.
Go to AdWatch User Interface.
Go to Tools and Preferences.
At the bottom of the screen you will see 2 options Active and Automatic.
Active: This will turn Ad-Watch On\Off without closing it.
Automatic: Suspicious activity will be blocked automatically.

After my experiences (you were not the first and probably not the last) I advise no-one to use the Automatic setting.

I'm certainly glad to hear you finally got those out of your system.

Please do have a look at my site about removing and preventing spyware.

Regards,
  • 0

#38
Ihatebugs
Posted 11 June 2005 - 02:44 PM

Ihatebugs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Thanks very much for all your help getting rid of those problems! Couldn't have done it without you. Glad this site exists to help us non-geeks out there get out of whatever problem we seem to have gotten into. I will read your site to make sure I'm more protected in the future.

:tazz:
  • 0

#39
Metallica
Posted 12 June 2005 - 02:51 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Thank you. :tazz:

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. ;)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP