Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hijack This -


  • This topic is locked This topic is locked

#1
madhans77

madhans77

    New Member

  • Member
  • Pip
  • 8 posts
Hi Everyone!

I am Madhan. This is my first attempt in this page. I have downloaded Hijack this and pasted below a copy of the log. Can someone guide me as to what I can delete.

Ur assistance pls??

Edit : Removed HJT log

Edited by don77, 17 June 2005 - 03:10 PM.

  • 0

Advertisements


#2
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Hello and Welcome

Ad-aware SE build 1.06r1 is the most current version,

Please could you make sure you have the latest version, if not please download the latest version of Ad-aware SE
Download site list

Just make sure you uninstall any old version of Ad-Aware before installing SE.
After installing SE, then update your definition file * SE1R50 13.06.2005 *.

In order to assist you, we need to see the log from an Ad-Aware SE 1.06r1 full system scan.

Important Note! Before performing a scan, be sure that you have the most recent definitions file by using WebUpdate. (Click on the Globe icon, Click connect, Click OK, Click Finish.) At this current point * SE1R50 13.06.2005 * is the most recent definition file.

Ad-Aware SE comes preconfigured with default options so we need you to make only one change. Please deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Select "Perform Full System Scan" and press "Next". When the scan has completed, click "Show Logfile".

Please copy/paste the complete log file here using the reply button. Don't quarantine or remove anything at this time, just post a complete logfile. This sometimes takes 2-3 posts to get it all posted. You will know you are at the end when you see the "Summary of this scan" information has been posted.

When you have posted your log here, Team Lavasoft can advise on what to do next.

Please post back if you have any questions or other problems.


Good luck

Andy
  • 0

#3
madhans77

madhans77

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hi Andy,

Thanks for ur reply. Pls see below log. When I try to update the definitions, its says there is an error retreiving. Therefore this is log that I have. LEt me know if this is ok.

Logfile removed: Incorrect Logfile type posted

Edited by Andy_veal, 18 June 2005 - 09:14 AM.

  • 0

#4
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Could you try going into your folder of were Ad-aware is installed.

Default:
C:\Program Files\Lavasoft\Ad-Aware SE Personal

Could you change the defs.ref to defs.old.ref

Please then open Ad-aware, and try to update your definition file!

:tazz:

Also if successful please select a full system scan and post your latest logfile here again.

Thanks!
  • 0

#5
madhans77

madhans77

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hi Andy,

Sorry for the late reply.

This is my log:

Logfile removed: Incorrect Logfile type posted

Edited by Andy_veal, 27 June 2005 - 03:54 PM.

  • 0

#6
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
In order to assist you, we need to see the log from an Ad-Aware SE 1.06r1 full system scan.

Important Note! Before performing a scan, be sure that you have the most recent definitions file by using WebUpdate. (Click on the Globe icon, Click connect, Click OK, Click Finish.) At this current point * SE1R51 21.06.2005 * is the most recent definition file.

Ad-Aware SE comes preconfigured with default options so we need you to make only one change. Please deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Select "Perform Full System Scan" and press "Next". When the scan has completed, click "Show Logfile".

Please copy/paste the complete log file here using the reply button. Don't quarantine or remove anything at this time, just post a complete logfile. This sometimes takes 2-3 posts to get it all posted. You will know you are at the end when you see the "Summary of this scan" information has been posted.

When you have posted your log here, Team Lavasoft can advise on what to do next.

Please post back if you have any questions or other problems.


Good luck

Andy
  • 0

#7
madhans77

madhans77

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Is this ok?
Le tme know

Madhan

Ad-Aware SE Build 1.06r1
Logfile Created on:Tuesday, June 28, 2005 10:24:16 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R51 21.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):9 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


6-28-2005 10:24:16 PM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 316
ThreadCreationTime : 6-28-2005 2:40:21 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 400
ThreadCreationTime : 6-28-2005 2:42:02 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 424
ThreadCreationTime : 6-28-2005 2:42:04 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 468
ThreadCreationTime : 6-28-2005 2:42:07 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 488
ThreadCreationTime : 6-28-2005 2:42:07 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 660
ThreadCreationTime : 6-28-2005 2:42:12 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 684
ThreadCreationTime : 6-28-2005 2:42:12 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 912
ThreadCreationTime : 6-28-2005 2:42:14 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 936
ThreadCreationTime : 6-28-2005 2:42:14 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1084
ThreadCreationTime : 6-28-2005 2:42:18 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1192
ThreadCreationTime : 6-28-2005 2:42:19 AM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:12 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1216
ThreadCreationTime : 6-28-2005 2:42:20 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:13 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1416
ThreadCreationTime : 6-28-2005 2:42:22 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:14 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ProcessID : 1564
ThreadCreationTime : 6-28-2005 2:42:23 AM
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright © Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:15 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1628
ThreadCreationTime : 6-28-2005 2:42:24 AM
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:16 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1732
ThreadCreationTime : 6-28-2005 2:42:28 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:17 [smagent.exe]
FilePath : C:\Program Files\Analog Devices\SoundMAX\
ProcessID : 1768
ThreadCreationTime : 6-28-2005 2:42:31 AM
BasePriority : Normal
FileVersion : 3, 2, 5, 0
ProductVersion : 3, 2, 5, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe

#:18 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1792
ThreadCreationTime : 6-28-2005 2:42:32 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:19 [spdstrm.exe]
FilePath : C:\Program Files\Efficient Networks\SpeedStream DSL\
ProcessID : 1832
ThreadCreationTime : 6-28-2005 2:42:34 AM
BasePriority : Normal
FileVersion : 3.4.0.86
ProductVersion : 3.4.0.86
ProductName : Efficient Networks, Inc. taskbar
CompanyName : Efficient Networks, Inc.
FileDescription : taskbar
InternalName : taskbar
LegalCopyright : Copyright © 2000
OriginalFilename : taskbar.exe

#:20 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 1860
ThreadCreationTime : 6-28-2005 2:42:36 AM
BasePriority : Normal
FileVersion : 1, 8, 48, 79
ProductVersion : 1, 8, 48, 79
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:21 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1908
ThreadCreationTime : 6-28-2005 2:42:38 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:22 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 2028
ThreadCreationTime : 6-28-2005 2:42:41 AM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:23 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 144
ThreadCreationTime : 6-28-2005 2:42:42 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:24 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 364
ThreadCreationTime : 6-28-2005 2:42:48 AM
BasePriority : Normal
FileVersion : 4.7.2010
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:25 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZONELABS\
ProcessID : 332
ThreadCreationTime : 6-28-2005 2:42:49 AM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:26 [keyman.exe]
FilePath : D:\My Documents\
ProcessID : 2988
ThreadCreationTime : 6-28-2005 4:49:06 AM
BasePriority : Normal
FileVersion : 6.0.161.4
ProductVersion : 6.0.161.4
ProductName : Tavultesoft Keyman
CompanyName : Tavultesoft
FileDescription : Tavultesoft Keyman
InternalName : KEYMAN
LegalCopyright : © 2001 Tavultesoft
OriginalFilename : KEYMAN.EXE

#:27 [zlclient.exe]
FilePath : D:\Program Files\Zone Alarm\ZoneAlarm\
ProcessID : 3392
ThreadCreationTime : 6-28-2005 5:38:57 PM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:28 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 2080
ThreadCreationTime : 6-28-2005 5:39:16 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:29 [ad-aware.exe]
FilePath : D:\Program Files\Adware\Ad-Aware SE Personal\
ProcessID : 3640
ThreadCreationTime : 6-28-2005 6:23:40 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:madhan@2o7.net/
Expires : 6-26-2010 11:29:14 PM
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@z1.adserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:madhan@z1.adserver.com/
Expires : 6-27-2006 9:49:08 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@maxserving[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:madhan@maxserving.com/
Expires : 6-26-2015 6:56:54 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:madhan@casalemedia.com/
Expires : 6-18-2006 6:04:08 PM
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@bravenet[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:madhan@bravenet.com/
Expires : 6-25-2015 9:35:26 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:18
Value : Cookie:madhan@real.com/
Expires : 6-20-2035 9:57:08 PM
LastSync : Hits:18
UseCount : 0
Hits : 18

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@trafficmp[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:308
Value : Cookie:madhan@trafficmp.com/
Expires : 6-27-2006 9:07:40 PM
LastSync : Hits:308
UseCount : 0
Hits : 308

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:madhan@tribalfusion.com/
Expires : 1-1-2038 4:00:00 AM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:61
Value : Cookie:madhan@as-eu.falkag.net/
Expires : 6-28-2006 10:19:42 PM
LastSync : Hits:61
UseCount : 0
Hits : 61

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 9
Objects found so far: 9



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9

Disk Scan Result for C:\WINDOWS\System32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9

Disk Scan Result for C:\DOCUME~1\Madhan\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 9



MRU List Object Recognized!
Location: : C:\Documents and Settings\Madhan\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Madhan\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 24

10:25:44 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:28.156
Objects scanned:65660
Objects identified:9
Objects ignored:0
New critical objects:9
  • 0

#8
madhans77

madhans77

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Sorry, but you have posted a smart mode scan again.

Please view the image and follow my instructions with the image as a example,

Hope this helps!


:tazz:

Attached Thumbnails

  • Scan_Mode.JPG

Edited by Andy_veal, 28 June 2005 - 04:01 PM.

  • 0

#9
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
Please see my above post.

I have edited your post with the instructions. :tazz:
  • 0

#10
madhans77

madhans77

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hi andy,

Is this ok?

d-Aware SE Build 1.06r1
Logfile Created on:Friday, July 01, 2005 9:24:04 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R52 30.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):17 total references
Tracking Cookie(TAC index:3):14 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


7-1-2005 9:24:04 AM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Madhan\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Madhan\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1454471165-1275210071-1417001333-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 316
ThreadCreationTime : 7-1-2005 3:04:17 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 380
ThreadCreationTime : 7-1-2005 3:04:21 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 404
ThreadCreationTime : 7-1-2005 3:04:21 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 448
ThreadCreationTime : 7-1-2005 3:04:22 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 460
ThreadCreationTime : 7-1-2005 3:04:22 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 620
ThreadCreationTime : 7-1-2005 3:04:23 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 644
ThreadCreationTime : 7-1-2005 3:04:23 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 716
ThreadCreationTime : 7-1-2005 3:04:24 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 776
ThreadCreationTime : 7-1-2005 3:04:24 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 912
ThreadCreationTime : 7-1-2005 3:04:25 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 976
ThreadCreationTime : 7-1-2005 3:04:26 AM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:12 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1000
ThreadCreationTime : 7-1-2005 3:04:26 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:13 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1196
ThreadCreationTime : 7-1-2005 3:04:27 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:14 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ProcessID : 1344
ThreadCreationTime : 7-1-2005 3:04:27 AM
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright © Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:15 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1460
ThreadCreationTime : 7-1-2005 3:04:27 AM
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:16 [smagent.exe]
FilePath : C:\Program Files\Analog Devices\SoundMAX\
ProcessID : 1700
ThreadCreationTime : 7-1-2005 3:04:28 AM
BasePriority : Normal
FileVersion : 3, 2, 5, 0
ProductVersion : 3, 2, 5, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe

#:17 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1732
ThreadCreationTime : 7-1-2005 3:04:28 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:18 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 1744
ThreadCreationTime : 7-1-2005 3:04:28 AM
BasePriority : Normal
FileVersion : 1, 8, 48, 79
ProductVersion : 1, 8, 48, 79
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:19 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1800
ThreadCreationTime : 7-1-2005 3:04:29 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:20 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZONELABS\
ProcessID : 1852
ThreadCreationTime : 7-1-2005 3:04:29 AM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:21 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1860
ThreadCreationTime : 7-1-2005 3:04:30 AM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:22 [spdstrm.exe]
FilePath : C:\Program Files\Efficient Networks\SpeedStream DSL\
ProcessID : 1960
ThreadCreationTime : 7-1-2005 3:04:30 AM
BasePriority : Normal
FileVersion : 3.4.0.86
ProductVersion : 3.4.0.86
ProductName : Efficient Networks, Inc. taskbar
CompanyName : Efficient Networks, Inc.
FileDescription : taskbar
InternalName : taskbar
LegalCopyright : Copyright © 2000
OriginalFilename : taskbar.exe

#:23 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 1992
ThreadCreationTime : 7-1-2005 3:04:31 AM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:24 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2000
ThreadCreationTime : 7-1-2005 3:04:31 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:25 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 2016
ThreadCreationTime : 7-1-2005 3:04:31 AM
BasePriority : Normal
FileVersion : 4.7.2010
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2003
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:26 [zlclient.exe]
FilePath : D:\Program Files\Zone Alarm\ZoneAlarm\
ProcessID : 3532
ThreadCreationTime : 7-1-2005 5:11:07 AM
BasePriority : Normal
FileVersion : 5.5.094.000
ProductVersion : 5.5.094.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:27 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3988
ThreadCreationTime : 7-1-2005 5:11:44 AM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:28 [ad-aware.exe]
FilePath : D:\Program Files\Adware\Ad-Aware SE Personal\
ProcessID : 3612
ThreadCreationTime : 7-1-2005 5:23:15 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:madhan@ads.pointroll.com/
Expires : 1-1-2010 4:00:00 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@as-us.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:madhan@as-us.falkag.net/
Expires : 7-28-2005 10:30:48 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@maxserving[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:madhan@maxserving.com/
Expires : 6-27-2015 10:14:26 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:112
Value : Cookie:madhan@casalemedia.com/
Expires : 6-20-2006 5:41:58 PM
LastSync : Hits:112
UseCount : 0
Hits : 112

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@real[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:madhan@real.com/
Expires : 8-29-2005 12:19:06 PM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@centrport[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:madhan@centrport.net/
Expires : 1-1-2030 4:00:00 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@edge.ru4[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:madhan@edge.ru4.com/
Expires : 6-23-2035 12:19:12 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:23
Value : Cookie:madhan@trafficmp.com/
Expires : 6-28-2006 11:44:44 PM
LastSync : Hits:23
UseCount : 0
Hits : 23

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:madhan@questionmarket.com/
Expires : 8-21-2006 1:02:56 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@zadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:madhan@zadserver.com/
Expires : 6-30-2005 10:09:14 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:madhan@tribalfusion.com/
Expires : 1-1-2038 4:00:00 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:madhan@realmedia.com/
Expires : 1-1-2021 4:00:00 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@as-eu.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:82
Value : Cookie:madhan@as-eu.falkag.net/
Expires : 6-30-2006 7:04:08 PM
LastSync : Hits:82
UseCount : 0
Hits : 82

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : madhan@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:madhan@bluestreak.com/
Expires : 6-28-2015 5:22:12 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 14
Objects found so far: 31



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 31


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 31


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 31




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 31

9:30:45 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:06:41.610
Objects scanned:102809
Objects identified:14
Objects ignored:0
New critical objects:14
  • 0

#11
Guest_Andy_veal_*

Guest_Andy_veal_*
  • Guest
It certainly is correct :tazz: Thank you for your assistance

If you chose to clean your computer from what Ad-aware found please follow these instructions below…

Please make sure that you are using the * SE1R52 30.06.2005 * definition file.


Please launch Ad-Aware SE and click on the gear to access the Configuration Menu. Please make sure that this setting is applied.

Click on Tweak > Cleaning Engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Please then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder):

Please run CCleaner to assist in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Please run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown in bold below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click OK.

Please note that the path above is of the default installion location for Ad-aware SE, if this is different, please adjust it to the location that you have installed it to.

When the scan has completed, select Next. In the Scanning Results window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove. Click next, Click OK.

If problems are caused by deleting a family, please leave it.

Please shutdown/restart your computer after removal, run a new full scan and post the results as a reply. Do not launch any programs or connect to the internet at this time.

Please then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Please remember when posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Please post back here

Good luck

Andy
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP