Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

[Referred] My Ad-Aware Log

Started by Daryn , Apr 23 2005 11:34 PM

  • This topic is locked This topic is locked

#16
Guest_Andy_veal_*
Posted 24 April 2005 - 03:10 PM

Guest_Andy_veal_*
  • Guest
Hello and Welcome

Ad-aware has found objects on your computer

If you chose to clean your computer from what Ad-aware found please follow these instructions below…

Please make sure that you are using the * SE1R40 20.04.2005 * definition file.


Please launch Ad-Aware SE and click on the gear to access the Configuration Menu. Please make sure that this setting is applied.

Click on Tweak > Cleaning Engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Please then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder):

Please run CCleaner to assist in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Please run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown in bold below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click OK.

Please note that the path above is of the default installion location for Ad-aware SE, if this is different, please adjust it to the location that you have installed it to.

When the scan has completed, select Next. In the Scanning Results window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove. Click next, Click OK.

If problems are caused by deleting a family, please leave it.

Please only choose VX2 first

Please shutdown/restart your computer after removal, run a new full scan and post the results as a reply. Do not launch any programs or connect to the internet at this time.

Please then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Please remember when posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Please post back here

Good luck

Andy
  • 0

Advertisements

#17
Daryn
Posted 24 April 2005 - 05:02 PM

Daryn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I did exactly what you asked and here is the scoop:

Some cookies did not delete from my Temp Internet Files

My latest scan on Ad-Aware did not show anything, yet I still have popups, although much less of them.

Thanks for your help, and I'll be waiting for your next instructions!
  • 0

#18
Guest_Andy_veal_*
Posted 24 April 2005 - 05:06 PM

Guest_Andy_veal_*
  • Guest
Please could you post your latest logfile here :tazz:
  • 0

#19
Daryn
Posted 24 April 2005 - 05:08 PM

Daryn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
There was nothing to post I'm afraid... it said there were no infections.

Shall I unplug my internet connection and try to run it again?
  • 0

#20
Daryn
Posted 25 April 2005 - 10:01 AM

Daryn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Well, my pop ups got worse, so I ran it again just now with my internet unplugged. It seems almost everything is back :tazz:


Ad-Aware SE Build 1.05
Logfile Created on:Monday, April 25, 2005 11:48:45 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R40 20.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
EzuLa(TAC index:6):349 total references
Other(TAC index:5):8 total references
PeopleOnPage(TAC index:9):17 total references
PromulGate(TAC index:5):11 total references
Tracking Cookie(TAC index:3):25 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R40 20.04.2005
Internal build : 47
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 461235 Bytes
Total size : 1395231 Bytes
Signature data size : 1364710 Bytes
Reference data size : 30009 Bytes
Signatures total : 38921
Fingerprints total : 813
Fingerprints size : 29073 Bytes
Target categories : 15
Target families : 650


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:68 %
Total physical memory:1047784 kb
Available physical memory:708768 kb
Total page file size:2521688 kb
Available on page file:2286848 kb
Total virtual memory:2097024 kb
Available virtual memory:2043692 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


4-25-2005 11:48:45 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 1148
ThreadCreationTime : 4-25-2005 3:14:00 PM
BasePriority : Normal


#:2 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\System32\winlogon.exe
Command Line : n/a
ProcessID : 1308
ThreadCreationTime : 4-25-2005 3:14:09 PM
BasePriority : High


#:3 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : n/a
ProcessID : 1352
ThreadCreationTime : 4-25-2005 3:14:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:4 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : n/a
ProcessID : 1364
ThreadCreationTime : 4-25-2005 3:14:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:5 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : n/a
ProcessID : 1532
ThreadCreationTime : 4-25-2005 3:14:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 1760
ThreadCreationTime : 4-25-2005 3:14:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : n/a
ProcessID : 544
ThreadCreationTime : 4-25-2005 3:14:11 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:8 [rundll32.exe]
ModuleName : C:\WINDOWS\System32\rundll32.exe
Command Line : rundll32.exe "C:\WINDOWS\system32\ndrsko.dll",DllGetVersion
ProcessID : 804
ThreadCreationTime : 4-25-2005 3:14:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

EzuLa Object Recognized!
Type : Process
Data : CHPON.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Web Offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

Warning! EzuLa Object found in memory(C:\PROGRA~1\Web Offer\CHPON.dll)

Warning! EzuLa Object found in memory(C:\PROGRA~1\ezula\CHCON.dll)

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"C:\WINDOWS\System32\rundll32.exe"Process terminated successfully

#:9 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1264
ThreadCreationTime : 4-25-2005 3:14:16 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

EzuLa Object Recognized!
Type : Process
Data : CHPON.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Web Offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

Warning! EzuLa Object found in memory(C:\PROGRA~1\Web Offer\CHPON.dll)

Warning! EzuLa Object found in memory(C:\PROGRA~1\ezula\CHCON.dll)

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000


#:10 [desktop.exe]
ModuleName : C:\WINDOWS\isrvs\desktop.exe
Command Line : "C:\WINDOWS\isrvs\desktop.exe"
ProcessID : 1716
ThreadCreationTime : 4-25-2005 3:14:18 PM
BasePriority : Normal
FileVersion : 1.1.0.20
ProductVersion : 1.0.0.0
FileDescription : Desktop Search

EzuLa Object Recognized!
Type : Process
Data : CHPON.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Web Offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

Warning! EzuLa Object found in memory(C:\PROGRA~1\Web Offer\CHPON.dll)

Warning! EzuLa Object found in memory(C:\PROGRA~1\ezula\CHCON.dll)

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"C:\WINDOWS\isrvs\desktop.exe"Process terminated successfully

#:11 [nsvsvc.exe]
ModuleName : C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
Command Line : "C:\WINDOWS\System32\nsvsvc\nsvsvc.exe"
ProcessID : 1732
ThreadCreationTime : 4-25-2005 3:14:19 PM
BasePriority : Normal
FileVersion : 2.17.0000
ProductVersion : 2, 1, 7, 0

#:12 [picsvr.exe]
ModuleName : C:\WINDOWS\System32\picsvr\picsvr.exe
Command Line : "C:\WINDOWS\System32\picsvr\picsvr.exe"
ProcessID : 1740
ThreadCreationTime : 4-25-2005 3:14:19 PM
BasePriority : Normal


#:13 [autoupdate.exe]
ModuleName : C:\Program Files\AutoUpdate\AutoUpdate.exe
Command Line : "C:\Program Files\AutoUpdate\AutoUpdate.exe"
ProcessID : 1812
ThreadCreationTime : 4-25-2005 3:14:20 PM
BasePriority : Normal

Warning! PeopleOnPage Object found in memory(C:\Program Files\AutoUpdate\AutoUpdate.exe)

PeopleOnPage Object Recognized!
Type : Process
Data : AutoUpdate.exe
Category : Data Miner
Comment :
Object : C:\Program Files\AutoUpdate\


"C:\Program Files\AutoUpdate\AutoUpdate.exe"Process terminated successfully
"C:\Program Files\AutoUpdate\AutoUpdate.exe"Process terminated successfully

#:14 [basfipm.exe]
ModuleName : C:\WINDOWS\System32\basfipm.exe
Command Line : n/a
ProcessID : 1856
ThreadCreationTime : 4-25-2005 3:14:20 PM
BasePriority : Normal
FileVersion : 6.0.3
ProductVersion : 6.0.3
ProductName : Broadcom ASF IP monitoring service
CompanyName : Broadcom Corp.
FileDescription : Broadcom ASF IP monitoring service
InternalName : BAsfIpM
LegalCopyright : Copyright© 2003 Broadcom Corporation, All Rights Reserved
OriginalFilename : BAsfIpM.EXE

#:15 [cvpnd.exe]
ModuleName : C:\Program Files\GW\GBUSSNet Client 2.0\cvpnd.exe
Command Line : n/a
ProcessID : 1908
ThreadCreationTime : 4-25-2005 3:14:21 PM
BasePriority : Normal
FileVersion : 4.0.2 (D)
ProductVersion : 4.0.2 (D)
ProductName : Cisco Systems VPN Client
CompanyName : Cisco Systems, Inc.
FileDescription : Cisco Systems VPN Client
InternalName : cvpnd
LegalCopyright : Copyright © 1998-2003 Cisco Systems, Inc.
OriginalFilename : CVPND.EXE

#:16 [infeapi.exe]
ModuleName : C:\WINDOWS\System32\infeapi.exe
Command Line : "C:\WINDOWS\System32\infeapi.exe"
ProcessID : 1916
ThreadCreationTime : 4-25-2005 3:14:21 PM
BasePriority : Normal


#:17 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 1928
ThreadCreationTime : 4-25-2005 3:14:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:18 [aim.exe]
ModuleName : C:\Program Files\AIM95\aim.exe
Command Line : "C:\Program Files\AIM95\aim.exe" -cnetwait.odl
ProcessID : 1960
ThreadCreationTime : 4-25-2005 3:14:22 PM
BasePriority : Normal
FileVersion : 5.9.3690
ProductVersion : 5.9.3690
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE

EzuLa Object Recognized!
Type : Process
Data : CHPON.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Web Offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

Warning! EzuLa Object found in memory(C:\PROGRA~1\Web Offer\CHPON.dll)

Warning! EzuLa Object found in memory(C:\PROGRA~1\ezula\CHCON.dll)

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000


#:19 [edictr.exe]
ModuleName : c:\windows\system32\edictr.exe
Command Line : "c:\windows\system32\edictr.exe" pniqzr
ProcessID : 1964
ThreadCreationTime : 4-25-2005 3:14:22 PM
BasePriority : Normal
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.

EzuLa Object Recognized!
Type : Process
Data : CHPON.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Web Offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

Warning! EzuLa Object found in memory(C:\PROGRA~1\Web Offer\CHPON.dll)

Warning! EzuLa Object found in memory(C:\PROGRA~1\ezula\CHCON.dll)

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"c:\windows\system32\edictr.exe"Process terminated successfully

#:20 [mmod.exe]
ModuleName : C:\PROGRA~1\ezula\mmod.exe
Command Line : "C:\PROGRA~1\ezula\mmod.exe"
ProcessID : 2028
ThreadCreationTime : 4-25-2005 3:14:22 PM
BasePriority : Normal
FileVersion : 3, 0, 70, 11
ProductVersion : 1, 0, 0, 1
ProductName : mmod Module
CompanyName : BundlewareWO
FileDescription : mmod Module
InternalName : mmod
LegalCopyright : Copyright 2000
OriginalFilename : mmod.EXE
Warning! EzuLa Object found in memory(C:\PROGRA~1\ezula\CHCON.dll)

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000


EzuLa Object Recognized!
Type : Process
Data : CHPON.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Web Offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

Warning! EzuLa Object found in memory(C:\PROGRA~1\Web Offer\CHPON.dll)

"C:\PROGRA~1\ezula\mmod.exe"Process terminated successfully

#:21 [defwatch.exe]
ModuleName : C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
Command Line : n/a
ProcessID : 2008
ThreadCreationTime : 4-25-2005 3:14:22 PM
BasePriority : Normal
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec Corporation
OriginalFilename : DefWatch.exe

#:22 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Command Line : n/a
ProcessID : 264
ThreadCreationTime : 4-25-2005 3:14:23 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:23 [wo.exe]
ModuleName : C:\PROGRA~1\Web Offer\wo.exe
Command Line : "C:\PROGRA~1\Web Offer\wo.exe"
ProcessID : 276
ThreadCreationTime : 4-25-2005 3:14:23 PM
BasePriority : Normal
FileVersion : 3, 0, 80, 0
ProductVersion : 1, 0, 0, 1
ProductName : wo Module
CompanyName : BundlewareWO
FileDescription : wo Module
InternalName : wo
LegalCopyright : Copyright 2000
OriginalFilename : wo.EXE

EzuLa Object Recognized!
Type : Process
Data : sepng.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\WEBOFF~1\
FileVersion : 3, 0, 80, 0
ProductVersion : 1, 0, 0, 1
ProductName : sepng Module
CompanyName : BundlewareWO
FileDescription : sepng Module
InternalName : sepng
LegalCopyright : Copyright 2000
OriginalFilename : sepng.DLL

Warning! EzuLa Object found in memory(C:\PROGRA~1\WEBOFF~1\sepng.dll)

Warning! EzuLa Object found in memory(C:\PROGRA~1\ezula\CHCON.dll)

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000


EzuLa Object Recognized!
Type : Process
Data : CHPON.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Web Offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

Warning! EzuLa Object found in memory(C:\PROGRA~1\Web Offer\CHPON.dll)

"C:\PROGRA~1\Web Offer\wo.exe"Process terminated successfully

#:24 [rtvscan.exe]
ModuleName : C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
Command Line : n/a
ProcessID : 604
ThreadCreationTime : 4-25-2005 3:14:26 PM
BasePriority : Normal
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2003

#:25 [nvsvc32.exe]
ModuleName : C:\WINDOWS\System32\nvsvc32.exe
Command Line : n/a
ProcessID : 752
ThreadCreationTime : 4-25-2005 3:14:27 PM
BasePriority : Normal
FileVersion : 6.14.10.4586
ProductVersion : 6.14.10.4586
ProductName : NVIDIA Driver Helper Service, Version 45.86
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 45.86
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:26 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 888
ThreadCreationTime : 4-25-2005 3:14:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:27 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe"
ProcessID : 2460
ThreadCreationTime : 4-25-2005 3:21:03 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

EzuLa Object Recognized!
Type : Process
Data : CHPON.dll
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Web Offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

Warning! EzuLa Object found in memory(C:\PROGRA~1\Web Offer\CHPON.dll)

"C:\Program Files\QuickTime\qttask.exe"Process terminated successfully

#:28 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1096
ThreadCreationTime : 4-25-2005 3:48:27 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 17


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{8a044396-5da2-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{58359011-bf36-11d3-99a2-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulasearchpipe.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulasearchpipe.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulasearchpipe

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulasearchpipe
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.searchhelper.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.searchhelper.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.searchhelper

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.searchhelper
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.resulthelper.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.resulthelper.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.resulthelper

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.resulthelper
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.popupdisplay.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.popupdisplay.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.popupdisplay

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.popupdisplay
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulasearch.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulasearch.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulasearch

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulasearch
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulahash.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulahash.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulahash

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulahash
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulacode.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulacode.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulacode

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulacode
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.toolbarband.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.toolbarband.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.toolbarband

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.toolbarband
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.plugprot.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.plugprot.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.plugprot

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.plugprot
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ieobject.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ieobject.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ieobject

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ieobject
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ezulactrlhost.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ezulactrlhost.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ezulactrlhost

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ezulactrlhost
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{d290d6e7-bf9d-42f0-9c1b-3bc8ae769b57}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{d290d6e7-bf9d-42f0-9c1b-3bc8ae769b57}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c4fee4a7-4b8b-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c4fee4a7-4b8b-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{58359010-bf36-11d3-99a2-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{58359010-bf36-11d3-99a2-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{55910916-8b4e-4c1e-9253-cce296ea71eb}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{55910916-8b4e-4c1e-9253-cce296ea71eb}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3d7247e8-5db8-11d4-8a72-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3d7247e8-5db8-11d4-8a72-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2babd334-5c3f-11d4-b184-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2babd334-5c3f-11d4-b184-0050dab79376}
Value :

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2babd334-5c3f-11d4-b184-0050dab79376}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.trayiconm.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.trayiconm.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.trayiconm

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.trayiconm
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}
Value :

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{9cfa26c0-81da-4c9d-a501-f144a4a000fa}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulapopsearchpipe.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulapopsearchpipe.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulapopsearchpipe

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulapopsearchpipe
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e7a05400-4cfa-4df3-a643-e40f86e8e3d7}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e7a05400-4cfa-4df3-a643-e40f86e8e3d7}
Value :

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e7a05400-4cfa-4df3-a643-e40f86e8e3d7}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{50b4d2b3-723f-41b3-aec4-0bd66f0f45ff}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{50b4d2b3-723f-41b3-aec4-0bd66f0f45ff}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a166c1b0-5cdb-447a-894a-4b9fd7149d51}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a166c1b0-5cdb-447a-894a-4b9fd7149d51}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulabootexe.installctrl.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulabootexe.installctrl.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulabootexe.installctrl

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulabootexe.installctrl
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c0335197-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{788c6f6e-c2ea-4a63-9c38-ce7d8f43bce4}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{788c6f6e-c2ea-4a63-9c38-ce7d8f43bce4}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f75521b8-76f1-4a4d-84b1-9e642e9c51d0}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f75521b8-76f1-4a4d-84b1-9e642e9c51d0}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{370f6327-41c4-4fa6-a2df-1ba57ee0fbb9}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{25630b50-53c6-4e66-a945-9d7b6b2171ff}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{25630b50-53c6-4e66-a945-9d7b6b2171ff}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{78bcf936-45b0-40a7-9391-dcc03420db35}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{78bcf936-45b0-40a7-9391-dcc03420db35}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9cfa26c0-81da-4c9d-a501-f144a4a000fa}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9cfa26c0-81da-4c9d-a501-f144a4a000fa}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{9cfa26c1-81da-4c9d-a501-f144a4a000fa}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{370f6353-41c4-4fa6-a2df-1ba57ee0fbb9}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{370f6353-41c4-4fa6-a2df-1ba57ee0fbb9}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{78bcf937-45b0-40a7-9391-dcc03420db35}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{78bcf937-45b0-40a7-9391-dcc03420db35}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{370f6354-41c4-4fa6-a2df-1ba57ee0fbb9}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment
  • 0

#21
Daryn
Posted 25 April 2005 - 10:05 AM

Daryn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{370f6354-41c4-4fa6-a2df-1ba57ee0fbb9}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{955cbf48-4313-4b1f-872b-254b7822ccf2}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{955cbf48-4313-4b1f-872b-254b7822ccf2}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{25630b47-53c6-4e66-a945-9d7b6b2171ff}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{25630b47-53c6-4e66-a945-9d7b6b2171ff}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{241667a3-ec83-4885-84dd-c2daafc1c5ea}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{241667a3-ec83-4885-84dd-c2daafc1c5ea}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{370f6327-41c4-4fa6-a2df-1ba57ee0fbb9}\1.0

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{370f6327-41c4-4fa6-a2df-1ba57ee0fbb9}\1.0
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{9cfa26c2-81da-4c9d-a501-f144a4a000fa}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{9cfa26c2-81da-4c9d-a501-f144a4a000fa}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{788c6f6f-c2ea-4a63-9c38-ce7d8f43bce4}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{788c6f6f-c2ea-4a63-9c38-ce7d8f43bce4}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : Hook

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : STRUP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : TPV

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : EP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : PP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : NP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : ZP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : WP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : HP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\ezula
Value : BP

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\web offer

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\web offer
Value : Hook

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\web offer
Value : PPV

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\web offer
Value : PIT

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ezula

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ezula
Value :

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ezula
Value : DisplayName

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ezula
Value : UninstallString

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{c0335197-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{8a044396-5da2-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{58359011-bf36-11d3-99a2-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{083fa8f4-84f4-11d4-8a77-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{ef0372de-f552-11d3-8528-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{ef0372de-f552-11d3-8528-0050dab79376}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{ef0372dc-f552-11d3-8528-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{ef0372dc-f552-11d3-8528-0050dab79376}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{c03351a3-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{c03351a3-6755-11d4-8a73-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{8a0443a2-5da2-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{8a0443a2-5da2-11d4-b185-0050dab79376}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{7edc96e1-5dd3-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{7edc96e1-5dd3-11d4-b185-0050dab79376}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{58359012-bf36-11d3-99a2-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{58359012-bf36-11d3-99a2-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{4fd8645f-9b3e-46c1-9727-9837842a84ab}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{4fd8645f-9b3e-46c1-9727-9837842a84ab}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{19dfb2ca-9b27-11d4-b192-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{19dfb2ca-9b27-11d4-b192-0050dab79376}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{1823bc4b-a253-4767-9cfc-9aca62a6b136}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{1823bc4b-a253-4767-9cfc-9aca62a6b136}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{07f0a544-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{07f0a544-47ba-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{07f0a542-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{07f0a542-47ba-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulamain.trayiconm.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulamain.trayiconm.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulamain.trayiconm

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulamain.trayiconm
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulamain.ezulasearchpipe.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulamain.ezulasearchpipe.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulamain.ezulasearchpipe

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulamain.ezulasearchpipe
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.searchhelper.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.searchhelper.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.searchhelper

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.searchhelper
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.resulthelper.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.resulthelper.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.resulthelper

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.resulthelper
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.popupdisplay.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.popupdisplay.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.popupdisplay

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.popupdisplay
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulasearch.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulasearch.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulasearch

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulasearch
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulahash.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulahash.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulahash

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulahash
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulacode.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulacode.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulacode

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulafsearcheng.ezulacode
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulabootexe.installctrl.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulabootexe.installctrl.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulabootexe.installctrl

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulabootexe.installctrl
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.toolbarband.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.toolbarband.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.toolbarband

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.toolbarband
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.plugprot.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.plugprot.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.plugprot

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.plugprot
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.ieobject.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.ieobject.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.ieobject

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.ieobject
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.ezulactrlhost.1

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.ezulactrlhost.1
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.ezulactrlhost

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\ezulaagent.ezulactrlhost
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{d290d6e7-bf9d-42f0-9c1b-3bc8ae769b57}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{d290d6e7-bf9d-42f0-9c1b-3bc8ae769b57}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{c4fee4a7-4b8b-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{c4fee4a7-4b8b-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}
Value :

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{58359010-bf36-11d3-99a2-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{58359010-bf36-11d3-99a2-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{55910916-8b4e-4c1e-9253-cce296ea71eb}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{55910916-8b4e-4c1e-9253-cce296ea71eb}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{3d7247e8-5db8-11d4-8a72-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{3d7247e8-5db8-11d4-8a72-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2babd334-5c3f-11d4-b184-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2babd334-5c3f-11d4-b184-0050dab79376}
Value :

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2babd334-5c3f-11d4-b184-0050dab79376}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{c0335198-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{c0335198-6755-11d4-8a73-0050da2ee1be}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{8a044397-5da2-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{8a044397-5da2-11d4-b185-0050dab79376}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\ezulamain.exe

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\ezulamain.exe
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\ezulabootexe.exe

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\ezulabootexe.exe
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\explorer bars\{50b4d2b3-723f-41b3-aec4-0bd66f0f45ff}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\explorer bars\{50b4d2b3-723f-41b3-aec4-0bd66f0f45ff}
Value : BarSize

PeopleOnPage Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\apropos

PeopleOnPage Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\envolo

PeopleOnPage Object Recognized!
Type : Regkey
Data : e_uninstall.log
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\autoupdate

PeopleOnPage Object Recognized!
Type : RegValue
Data : e_uninstall.log
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\autoupdate
Value : UninstallString

PromulGate Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{a8bd9566-9895-4fa3-918d-a51d4cd15865}

PromulGate Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{a8bd9566-9895-4fa3-918d-a51d4cd15865}
Value :

PromulGate Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{2a7db8d1-43be-4ad3-a81e-9bb8c9d00073}

PromulGate Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{d0070620-1e72-42e7-a14c-3a255ad31839}

PromulGate Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{d0070620-1e72-42e7-a14c-3a255ad31839}
Value :

PromulGate Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\vccpgdataaccess.pgdataaccessctrl.1

PromulGate Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\vccpgdataaccess.pgdataaccessctrl.1
Value :

PromulGate Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{41700749-a109-4254-af13-be54011e8783}

PromulGate Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{41700749-a109-4254-af13-be54011e8783}
Value :

PromulGate Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{2bb15d36-43be-4743-a3a0-3308f4b1a610}

PromulGate Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{2bb15d36-43be-4743-a3a0-3308f4b1a610}
Value :

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : Hook

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : STRUP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : TPV

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : EP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : PP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : NP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : ZP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : WP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : HP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\ezula
Value : BP

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "ezmmod"
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\software\microsoft\windows\currentversion\run
Value : ezmmod

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "ezmmod"
Rootkey : HKEY_USERS
Object : S-1-5-21-3112206496-2994604276-3448640103-1006\\software\microsoft\windows\currentversion\run
Value : ezmmod

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 300
Objects found so far: 317


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

PeopleOnPage Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "AutoUpdater"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : AutoUpdater

PeopleOnPage Object Recognized!
Type : File
Data : autoupdate.exe
Category : Data Miner
Comment :
Object : c:\program files\autoupdate\



Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 319


  • 0

#22
GR@PH;<'S
Posted 25 April 2005 - 10:06 AM

GR@PH;<'S

    Member

  • Member
  • PipPipPip
  • 135 posts
Daryn,

Shall I unplug my internet connection and try to run it again

you do not need to unplug from your internet connection ;)
we need you to do another "Full Scan" and then post your Logfile here by using the "Add-reply" feature (Even if your log is or looks clean)
If needed here how to post your Ad-aware Logfile ;)
As Logs are stored in :
C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.
An easy way to get there is to
click Start,
click Run
And type in and press ENTER: %appdata%
then click Lavasoft
then Ad-Aware
and then Logs.
scroll down to find the latest one that you have
(by date & time)
and open it right Click select all
copy and then paste the contents of it here.
(Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all)
I recommend that you use the WebUpDate just before you scan that way you will always be up to date.

(note The Application Data is a hidden folder, so you will need to show hidden files and folders
and for Windows 98*admin users your logs are stored in
C:\WINDOWS\All Users\Application Data\ ) by default

GR@PH;<'S :tazz:
  • 0

#23
Daryn
Posted 25 April 2005 - 10:06 AM

Daryn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@centrport[1].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:d$@centrport.net/
Expires : 12-31-2029 8:00:00 PM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@questionmarket[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:d$@questionmarket.com/
Expires : 6-16-2006 3:42:24 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@advertising[1].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:d$@advertising.com/
Expires : 4-24-2010 11:39:16 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@twci.coremetrics[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:d$@twci.coremetrics.com/
Expires : 4-24-2020 12:20:10 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@doubleclick[1].txt
Category : Data Miner
Comment : Hits:12
Value : Cookie:d$@doubleclick.net/
Expires : 4-23-2008 7:11:10 PM
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@realmedia[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:d$@realmedia.com/
Expires : 12-31-2010 8:00:00 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@hitbox[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:d$@hitbox.com/
Expires : 4-25-2006 11:37:54 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@fastclick[2].txt
Category : Data Miner
Comment : Hits:18
Value : Cookie:d$@fastclick.net/
Expires : 4-14-2007 6:57:08 PM
LastSync : Hits:18
UseCount : 0
Hits : 18

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@atdmt[2].txt
Category : Data Miner
Comment : Hits:17
Value : Cookie:d$@atdmt.com/
Expires : 4-22-2010 8:00:00 PM
LastSync : Hits:17
UseCount : 0
Hits : 17

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@casalemedia[1].txt
Category : Data Miner
Comment : Hits:19
Value : Cookie:d$@casalemedia.com/
Expires : 4-15-2006 7:55:02 PM
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:d$@tribalfusion.com/
Expires : 12-31-2037 8:00:00 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@revenue[2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:d$@revenue.net/
Expires : 6-10-2022 1:05:42 AM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@valueclick[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:d$@valueclick.com/
Expires : 4-19-2030 11:43:22 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@ads.pointroll[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:d$@ads.pointroll.com/
Expires : 12-31-2009 8:00:00 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@ehg-dig.hitbox[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:d$@ehg-dig.hitbox.com/
Expires : 4-25-2006 11:37:54 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@z1.adserver[1].txt
Category : Data Miner
Comment : Hits:12
Value : Cookie:d$@z1.adserver.com/
Expires : 4-25-2006 11:22:32 AM
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@servedby.advertising[2].txt
Category : Data Miner
Comment : Hits:78
Value : Cookie:d$@servedby.advertising.com/
Expires : 5-25-2005 11:46:48 AM
LastSync : Hits:78
UseCount : 0
Hits : 78

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@trafficmp[1].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:d$@trafficmp.com/
Expires : 4-25-2006 11:30:02 AM
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@overture[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:d$@overture.com/
Expires : 4-23-2015 11:31:32 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@edge.ru4[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:d$@edge.ru4.com/
Expires : 4-18-2035 12:20:12 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@tripod[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:d$@tripod.com/
Expires : 4-24-2006 9:21:50 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@ads.addynamix[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:d$@ads.addynamix.com/
Expires : 4-26-2005 11:42:42 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@zedo[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:d$@zedo.com/
Expires : 4-23-2015 11:22:42 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@2o7[2].txt
Category : Data Miner
Comment : Hits:35
Value : Cookie:d$@2o7.net/
Expires : 4-24-2010 11:15:16 AM
LastSync : Hits:35
UseCount : 0
Hits : 35

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@mediaplex[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:d$@mediaplex.com/
Expires : 6-21-2009 8:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 25
Objects found so far: 344



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

PeopleOnPage Object Recognized!
Type : File
Data : auto_update_install.exe
Category : Data Miner
Comment :
Object : C:\Documents and Settings\D$\Local Settings\Temp\AutoUpdate0\



EzuLa Object Recognized!
Type : File
Data : CHCON.dll
Category : Data Miner
Comment :
Object : C:\Program Files\eZula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 346


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
15 entries scanned.
New critical objects:0
Objects found so far: 346




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\web offer

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\web offer
Value : Hook

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\web offer
Value : PPV

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\web offer
Value : PIT

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\explorer bars\{a166c1b0-5cdb-447a-894a-4b9fd7149d51}

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\explorer bars\{a166c1b0-5cdb-447a-894a-4b9fd7149d51}
Value : BarSize

EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\downloadmanager

EzuLa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\run
Value : ezwo

EzuLa Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Documents and Settings\D$\Start Menu\Programs\TopText iLookup

EzuLa Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\eZula

EzuLa Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\Web Offer

EzuLa Object Recognized!
Type : File
Data : eZinstall.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\



EzuLa Object Recognized!
Type : File
Data : UNWISE.EXE
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : wndbannn.src
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : version.vrn
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : upgrade.vrn
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : seng.dll
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\
FileVersion : 3, 0, 70, 11
ProductVersion : 1, 0, 0, 1
ProductName : seng Module
CompanyName : BundlewareWO
FileDescription : seng Module
InternalName : seng
LegalCopyright : Copyright 2000
OriginalFilename : seng.DLL


EzuLa Object Recognized!
Type : File
Data : search.src
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : rwds.rst
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : param.ez
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : mmod.exe
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\
FileVersion : 3, 0, 70, 11
ProductVersion : 1, 0, 0, 1
ProductName : mmod Module
CompanyName : BundlewareWO
FileDescription : mmod Module
InternalName : mmod
LegalCopyright : Copyright 2000
OriginalFilename : mmod.EXE


EzuLa Object Recognized!
Type : File
Data : legend.lgn
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : genun.ez
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : eabh.dll
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\
FileVersion : 3, 0, 70, 11
ProductVersion : 2, 0, 0, 1
ProductName : eabh Module
CompanyName : BundlewareWO
FileDescription : eabh Module
InternalName : eabh
LegalCopyright : Copyright 1999
OriginalFilename : eabh.DLL


EzuLa Object Recognized!
Type : File
Data : basis.rst
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : basis.pu
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : basis.kwd
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : basis.dst
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : INSTALL.LOG
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : ids.tmp
Category : Data Miner
Comment :
Object : C:\Program Files\ezula\



EzuLa Object Recognized!
Type : File
Data : UNWISE.EXE
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : apev.exe
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Web Offer Module
FileDescription : Web Offer Module
InternalName : APEV
LegalCopyright : Copyright 2004
OriginalFilename : APEV.EXE


EzuLa Object Recognized!
Type : File
Data : wo.exe
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\
FileVersion : 3, 0, 80, 0
ProductVersion : 1, 0, 0, 1
ProductName : wo Module
CompanyName : BundlewareWO
FileDescription : wo Module
InternalName : wo
LegalCopyright : Copyright 2000
OriginalFilename : wo.EXE


EzuLa Object Recognized!
Type : File
Data : wndbannnp.src
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : basisp.dst
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : basisp.kwd
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : basisp.pu
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : basisp.rst
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : CHPON.dll
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000


EzuLa Object Recognized!
Type : File
Data : eapbh.dll
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\
FileVersion : 3, 0, 80, 0
ProductVersion : 2, 0, 0, 1
ProductName : eapbh Module
CompanyName : BundlewareWO
FileDescription : eapbh Module
InternalName : eapbh
LegalCopyright : Copyright 1999
OriginalFilename : eapbh.DLL


EzuLa Object Recognized!
Type : File
Data : gendis.ez
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : paramp.ez
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : rwdsp.rst
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : sepng.dll
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\
FileVersion : 3, 0, 80, 0
ProductVersion : 1, 0, 0, 1
ProductName : sepng Module
CompanyName : BundlewareWO
FileDescription : sepng Module
InternalName : sepng
LegalCopyright : Copyright 2000
OriginalFilename : sepng.DLL


EzuLa Object Recognized!
Type : File
Data : upgradep.vrn
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : versionp.vrn
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



EzuLa Object Recognized!
Type : File
Data : INSTALL.LOG
Category : Data Miner
Comment :
Object : C:\Program Files\web offer\



PeopleOnPage Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\autoloader

PeopleOnPage Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\AutoUpdate

PeopleOnPage Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\DOCUME~1\D$\LOCALS~1\Temp\AutoUpdate0

PeopleOnPage Object Recognized!
Type : File
Data : libexpat.dll
Category : Data Miner
Comment :
Object : C:\Program Files\autoupdate\



PeopleOnPage Object Recognized!
Type : File
Data : auto_update_uninstall.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\



PeopleOnPage Object Recognized!
Type : File
Data : auto_update_uninstall.log
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\



PeopleOnPage Object Recognized!
Type : File
Data : auf0.exe
Category : Data Miner
Comment :
Object : C:\DOCUME~1\D$\LOCALS~1\Temp\



PeopleOnPage Object Recognized!
Type : File
Data : auto_update_install.exe
Category : Data Miner
Comment :
Object : C:\DOCUME~1\D$\LOCALS~1\Temp\autoupdate0\



PeopleOnPage Object Recognized!
Type : File
Data : setup.inf
Category : Data Miner
Comment :
Object : C:\DOCUME~1\D$\LOCALS~1\Temp\autoupdate0\



Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 64
Objects found so far: 410

11:56:52 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:06.840
Objects scanned:112711
Objects identified:394
Objects ignored:0
New critical objects:394
  • 0

#24
Guest_Andy_veal_*
Posted 25 April 2005 - 11:39 AM

Guest_Andy_veal_*
  • Guest
Hello and Welcome

Ad-aware has found objects on your computer

If you chose to clean your computer from what Ad-aware found please follow these instructions below…

Please make sure that you are using the * SE1R40 20.04.2005 * definition file.


Please launch Ad-Aware SE and click on the gear to access the Configuration Menu. Please make sure that this setting is applied.

Click on Tweak > Cleaning Engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Please then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder):

Please run CCleaner to assist in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Please run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown in bold below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click OK.

Please note that the path above is of the default installion location for Ad-aware SE, if this is different, please adjust it to the location that you have installed it to.

When the scan has completed, select Next. In the Scanning Results window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove. Click next, Click OK.

If problems are caused by deleting a family, please leave it.

Please shutdown/restart your computer after removal, run a new full scan and post the results as a reply. Do not launch any programs or connect to the internet at this time.

Please then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Please remember when posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (MRU's) are not considered to be a threat. This option can be changed when choosing your scan type.

Please post back here

Good luck

Andy
  • 0

#25
Daryn
Posted 25 April 2005 - 12:33 PM

Daryn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Okay, so I did what you said again, and now I just got a message when I reconnected my internet that says: An exception occurred while trying to run "C:\WINDOWS\system32\FGIFS.DLL",DllGetVersion"

An Aurora pop ups are still occuring. So here is the log:


Ad-Aware SE Build 1.05
Logfile Created on:Monday, April 25, 2005 2:18:07 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R40 20.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R40 20.04.2005
Internal build : 47
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 461235 Bytes
Total size : 1395231 Bytes
Signature data size : 1364710 Bytes
Reference data size : 30009 Bytes
Signatures total : 38921
Fingerprints total : 813
Fingerprints size : 29073 Bytes
Target categories : 15
Target families : 650


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:74 %
Total physical memory:1047784 kb
Available physical memory:768868 kb
Total page file size:2523488 kb
Available on page file:2357308 kb
Total virtual memory:2097024 kb
Available virtual memory:2046548 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


4-25-2005 2:18:07 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 1152
ThreadCreationTime : 4-25-2005 6:16:36 PM
BasePriority : Normal


#:2 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\System32\winlogon.exe
Command Line : n/a
ProcessID : 1308
ThreadCreationTime : 4-25-2005 6:16:42 PM
BasePriority : High


#:3 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : n/a
ProcessID : 1356
ThreadCreationTime : 4-25-2005 6:16:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:4 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : n/a
ProcessID : 1368
ThreadCreationTime : 4-25-2005 6:16:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:5 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : n/a
ProcessID : 1524
ThreadCreationTime : 4-25-2005 6:16:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 1596
ThreadCreationTime : 4-25-2005 6:16:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : n/a
ProcessID : 240
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:8 [basfipm.exe]
ModuleName : C:\WINDOWS\System32\basfipm.exe
Command Line : n/a
ProcessID : 328
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 6.0.3
ProductVersion : 6.0.3
ProductName : Broadcom ASF IP monitoring service
CompanyName : Broadcom Corp.
FileDescription : Broadcom ASF IP monitoring service
InternalName : BAsfIpM
LegalCopyright : Copyright© 2003 Broadcom Corporation, All Rights Reserved
OriginalFilename : BAsfIpM.EXE

#:9 [cvpnd.exe]
ModuleName : C:\Program Files\GW\GBUSSNet Client 2.0\cvpnd.exe
Command Line : n/a
ProcessID : 344
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 4.0.2 (D)
ProductVersion : 4.0.2 (D)
ProductName : Cisco Systems VPN Client
CompanyName : Cisco Systems, Inc.
FileDescription : Cisco Systems VPN Client
InternalName : cvpnd
LegalCopyright : Copyright © 1998-2003 Cisco Systems, Inc.
OriginalFilename : CVPND.EXE

#:10 [defwatch.exe]
ModuleName : C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
Command Line : n/a
ProcessID : 360
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec Corporation
OriginalFilename : DefWatch.exe

#:11 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Command Line : n/a
ProcessID : 412
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:12 [rtvscan.exe]
ModuleName : C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
Command Line : n/a
ProcessID : 472
ThreadCreationTime : 4-25-2005 6:16:47 PM
BasePriority : Normal
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2003

#:13 [nvsvc32.exe]
ModuleName : C:\WINDOWS\System32\nvsvc32.exe
Command Line : n/a
ProcessID : 512
ThreadCreationTime : 4-25-2005 6:16:48 PM
BasePriority : Normal
FileVersion : 6.14.10.4586
ProductVersion : 6.14.10.4586
ProductName : NVIDIA Driver Helper Service, Version 45.86
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 45.86
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:14 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 592
ThreadCreationTime : 4-25-2005 6:16:48 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:15 [rundll32.exe]
ModuleName : C:\WINDOWS\System32\rundll32.exe
Command Line : rundll32.exe "C:\WINDOWS\system32\FGIFS.DLL",DllGetVersion
ProcessID : 1908
ThreadCreationTime : 4-25-2005 6:17:02 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:16 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1052
ThreadCreationTime : 4-25-2005 6:17:05 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:17 [desktop.exe]
ModuleName : C:\WINDOWS\isrvs\desktop.exe
Command Line : "C:\WINDOWS\isrvs\desktop.exe"
ProcessID : 992
ThreadCreationTime : 4-25-2005 6:17:12 PM
BasePriority : Normal
FileVersion : 1.1.0.20
ProductVersion : 1.0.0.0
FileDescription : Desktop Search

#:18 [nsvsvc.exe]
ModuleName : C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
Command Line : "C:\WINDOWS\System32\nsvsvc\nsvsvc.exe"
ProcessID : 1536
ThreadCreationTime : 4-25-2005 6:17:15 PM
BasePriority : Normal
FileVersion : 2.17.0000
ProductVersion : 2, 1, 7, 0

#:19 [picsvr.exe]
ModuleName : C:\WINDOWS\System32\picsvr\picsvr.exe
Command Line : "C:\WINDOWS\System32\picsvr\picsvr.exe"
ProcessID : 1896
ThreadCreationTime : 4-25-2005 6:17:16 PM
BasePriority : Normal


#:20 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1748
ThreadCreationTime : 4-25-2005 6:17:16 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:21 [infeapi.exe]
ModuleName : C:\WINDOWS\System32\infeapi.exe
Command Line : "C:\WINDOWS\System32\infeapi.exe"
ProcessID : 2008
ThreadCreationTime : 4-25-2005 6:17:17 PM
BasePriority : Normal


#:22 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 2052
ThreadCreationTime : 4-25-2005 6:17:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:23 [zznxlwj.exe]
ModuleName : c:\windows\system32\zznxlwj.exe
Command Line : "c:\windows\system32\zznxlwj.exe" sucfcfq
ProcessID : 2080
ThreadCreationTime : 4-25-2005 6:17:17 PM
BasePriority : Normal
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.

#:24 [aim.exe]
ModuleName : C:\Program Files\AIM95\aim.exe
Command Line : "C:\Program Files\AIM95\aim.exe" -cnetwait.odl
ProcessID : 2096
ThreadCreationTime : 4-25-2005 6:17:17 PM
BasePriority : Normal
FileVersion : 5.9.3690
ProductVersion : 5.9.3690
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE

#:25 [wuauclt.exe]
ModuleName : C:\WINDOWS\System32\wuauclt.exe
Command Line : n/a
ProcessID : 2292
ThreadCreationTime : 4-25-2005 6:17:40 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:26 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 2380
ThreadCreationTime : 4-25-2005 6:17:51 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
16 entries scanned.
New critical objects:0
Objects found so far: 0


2:25:34 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:07:26.442
Objects scanned:110819
Objects identified:0
Objects ignored:0
New critical objects:0
  • 0

Advertisements

#26
Rawe
Posted 26 April 2005 - 04:52 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
16 entries scanned.


If your system is running a program which changes the hosts file or you have added listings to the hosts file then, there is no need to check further. Otherwise, download the "Host file viewer" by Option^Explicit. It is a 65K program which will allow you to find/view/open/read/edit/restore to default settings your host file. Instructions are on the display screen of the program. Select the option to restore to default settings.
http://members.acces...sFileReader.zip

- Rawe :tazz:
  • 0

#27
Guest_Corrine_*
Posted 26 April 2005 - 05:31 AM

Guest_Corrine_*
  • Guest
Spot on, Rawe! :tazz:
  • 0

#28
Daryn
Posted 26 April 2005 - 08:07 AM

Daryn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
This is what I got when I said restore default:

# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 www.igetnet.com
127.0.0.1 code.ignphrases.com
127.0.0.1 clear-search.com
127.0.0.1 r1.clrsch.com
127.0.0.1 sds.clrsch.com
127.0.0.1 status.clrsch.com
127.0.0.1 www.clrsch.com
127.0.0.1 clr-sch.com
127.0.0.1 sds-qckads.com
127.0.0.1 status.qckads.com
127.0.0.1 status.qckads.com

I don't know if that means anything. But it's weird because I am still getting Aurora pop ups. And I have this stupid search bar in the bottom right of my taskbar. Any ideas why?

Edited by Daryn, 26 April 2005 - 08:11 AM.

  • 0

#29
Guest_Andy_veal_*
Posted 26 April 2005 - 09:41 AM

Guest_Andy_veal_*
  • Guest

Instructions are on the display screen of the program. Select the option to restore to default settings.


Did you change that setting to your Host file?

You could post a new full system scan logfile, :tazz:

Please remember the latest update
  • 0

#30
Daryn
Posted 26 April 2005 - 01:00 PM

Daryn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I believe I did it right, I pressed Default Settings and then Save. Here is my new (unclean) log.


Ad-Aware SE Build 1.05
Logfile Created on:Tuesday, April 26, 2005 2:47:53 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R41 25.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adintelligence.AproposToolbar(TAC index:5):9 total references
Tracking Cookie(TAC index:3):28 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R40 20.04.2005
Internal build : 47
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 461235 Bytes
Total size : 1395231 Bytes
Signature data size : 1364710 Bytes
Reference data size : 30009 Bytes
Signatures total : 38921
Fingerprints total : 813
Fingerprints size : 29073 Bytes
Target categories : 15
Target families : 650

4-26-2005 2:47:46 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R41 25.04.2005
Internal build : 48
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 462131 Bytes
Total size : 1397647 Bytes
Signature data size : 1367126 Bytes
Reference data size : 30009 Bytes
Signatures total : 39003
Fingerprints total : 816
Fingerprints size : 28835 Bytes
Target categories : 15
Target families : 650


4-26-2005 2:47:50 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:58 %
Total physical memory:1047784 kb
Available physical memory:600692 kb
Total page file size:2523488 kb
Available on page file:2253940 kb
Total virtual memory:2097024 kb
Available virtual memory:2046140 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


4-26-2005 2:47:53 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 1152
ThreadCreationTime : 4-25-2005 6:16:36 PM
BasePriority : Normal


#:2 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\System32\winlogon.exe
Command Line : n/a
ProcessID : 1308
ThreadCreationTime : 4-25-2005 6:16:42 PM
BasePriority : High


#:3 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : n/a
ProcessID : 1356
ThreadCreationTime : 4-25-2005 6:16:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:4 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : n/a
ProcessID : 1368
ThreadCreationTime : 4-25-2005 6:16:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:5 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : n/a
ProcessID : 1524
ThreadCreationTime : 4-25-2005 6:16:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 1596
ThreadCreationTime : 4-25-2005 6:16:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : n/a
ProcessID : 240
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:8 [basfipm.exe]
ModuleName : C:\WINDOWS\System32\basfipm.exe
Command Line : n/a
ProcessID : 328
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 6.0.3
ProductVersion : 6.0.3
ProductName : Broadcom ASF IP monitoring service
CompanyName : Broadcom Corp.
FileDescription : Broadcom ASF IP monitoring service
InternalName : BAsfIpM
LegalCopyright : Copyright© 2003 Broadcom Corporation, All Rights Reserved
OriginalFilename : BAsfIpM.EXE

#:9 [cvpnd.exe]
ModuleName : C:\Program Files\GW\GBUSSNet Client 2.0\cvpnd.exe
Command Line : n/a
ProcessID : 344
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 4.0.2 (D)
ProductVersion : 4.0.2 (D)
ProductName : Cisco Systems VPN Client
CompanyName : Cisco Systems, Inc.
FileDescription : Cisco Systems VPN Client
InternalName : cvpnd
LegalCopyright : Copyright © 1998-2003 Cisco Systems, Inc.
OriginalFilename : CVPND.EXE

#:10 [defwatch.exe]
ModuleName : C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
Command Line : n/a
ProcessID : 360
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec Corporation
OriginalFilename : DefWatch.exe

#:11 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Command Line : n/a
ProcessID : 412
ThreadCreationTime : 4-25-2005 6:16:46 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:12 [rtvscan.exe]
ModuleName : C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
Command Line : n/a
ProcessID : 472
ThreadCreationTime : 4-25-2005 6:16:47 PM
BasePriority : Normal
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2003

#:13 [nvsvc32.exe]
ModuleName : C:\WINDOWS\System32\nvsvc32.exe
Command Line : n/a
ProcessID : 512
ThreadCreationTime : 4-25-2005 6:16:48 PM
BasePriority : Normal
FileVersion : 6.14.10.4586
ProductVersion : 6.14.10.4586
ProductName : NVIDIA Driver Helper Service, Version 45.86
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 45.86
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:14 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : n/a
ProcessID : 592
ThreadCreationTime : 4-25-2005 6:16:48 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:15 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1052
ThreadCreationTime : 4-25-2005 6:17:05 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:16 [desktop.exe]
ModuleName : C:\WINDOWS\isrvs\desktop.exe
Command Line : "C:\WINDOWS\isrvs\desktop.exe"
ProcessID : 992
ThreadCreationTime : 4-25-2005 6:17:12 PM
BasePriority : Normal
FileVersion : 1.1.0.20
ProductVersion : 1.0.0.0
FileDescription : Desktop Search

#:17 [nsvsvc.exe]
ModuleName : C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
Command Line : "C:\WINDOWS\System32\nsvsvc\nsvsvc.exe"
ProcessID : 1536
ThreadCreationTime : 4-25-2005 6:17:15 PM
BasePriority : Normal
FileVersion : 2.17.0000
ProductVersion : 2, 1, 7, 0

#:18 [picsvr.exe]
ModuleName : C:\WINDOWS\System32\picsvr\picsvr.exe
Command Line : "C:\WINDOWS\System32\picsvr\picsvr.exe"
ProcessID : 1896
ThreadCreationTime : 4-25-2005 6:17:16 PM
BasePriority : Normal


#:19 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1748
ThreadCreationTime : 4-25-2005 6:17:16 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:20 [infeapi.exe]
ModuleName : C:\WINDOWS\System32\infeapi.exe
Command Line : "C:\WINDOWS\System32\infeapi.exe"
ProcessID : 2008
ThreadCreationTime : 4-25-2005 6:17:17 PM
BasePriority : Normal

Warning! Adintelligence.AproposToolbar Object found in memory(C:\WINDOWS\System32\infeapi.exe)

Adintelligence.AproposToolbar Object Recognized!
Type : Process
Data : infeapi.exe
Category : Misc
Comment :
Object : C:\WINDOWS\System32\


"C:\WINDOWS\System32\infeapi.exe"Process terminated successfully
"C:\WINDOWS\System32\infeapi.exe"Process terminated successfully

#:21 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 2052
ThreadCreationTime : 4-25-2005 6:17:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:22 [zznxlwj.exe]
ModuleName : c:\windows\system32\zznxlwj.exe
Command Line : "c:\windows\system32\zznxlwj.exe" sucfcfq
ProcessID : 2080
ThreadCreationTime : 4-25-2005 6:17:17 PM
BasePriority : Normal
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.

#:23 [aim.exe]
ModuleName : C:\Program Files\AIM95\aim.exe
Command Line : "C:\Program Files\AIM95\aim.exe" -cnetwait.odl
ProcessID : 2096
ThreadCreationTime : 4-25-2005 6:17:17 PM
BasePriority : Normal
FileVersion : 5.9.3690
ProductVersion : 5.9.3690
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE

#:24 [rundll32.exe]
ModuleName : C:\WINDOWS\System32\rundll32.exe
Command Line : rundll32.exe "C:\WINDOWS\system32\guard.tmp",DllGetVersion
ProcessID : 948
ThreadCreationTime : 4-25-2005 6:33:02 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:25 [itunes.exe]
ModuleName : C:\Program Files\iTunes\iTunes.exe
Command Line : "C:\Program Files\iTunes\iTunes.exe"
ProcessID : 3996
ThreadCreationTime : 4-25-2005 9:29:46 PM
BasePriority : Normal
FileVersion : 4.7.1.30
ProductVersion : 4.7.1.30
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunes
InternalName : iTunes
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunes.exe

#:26 [ipodservice.exe]
ModuleName : C:\Program Files\iPod\bin\iPodService.exe
Command Line : n/a
ProcessID : 3852
ThreadCreationTime : 4-25-2005 9:29:54 PM
BasePriority : Normal
FileVersion : 4.7.1.30
ProductVersion : 4.7.1.30
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:27 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 2944
ThreadCreationTime : 4-26-2005 6:47:29 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b5ab638f-d76c-415b-a8f2-f3ceac502212}

Adintelligence.AproposToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b5ab638f-d76c-415b-a8f2-f3ceac502212}
Value :

Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{bc333116-6ea1-40a1-9d07-ecb192db8cea}

Adintelligence.AproposToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{bc333116-6ea1-40a1-9d07-ecb192db8cea}
Value :

Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{bc333116-6ea1-40a1-9d07-ecb192db8cea}

Adintelligence.AproposToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{bc333116-6ea1-40a1-9d07-ecb192db8cea}
Value :

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 7


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adintelligence.AproposToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment : "Y353RXd7g"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : Y353RXd7g

Adintelligence.AproposToolbar Object Recognized!
Type : File
Data : infeapi.exe
Category : Misc
Comment :
Object : c:\windows\system32\



Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 9


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@centrport[1].txt
Category : Data Miner
Comment : Hits:12
Value : Cookie:d$@centrport.net/
Expires : 12-31-2029 8:00:00 PM
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@questionmarket[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:d$@questionmarket.com/
Expires : 6-17-2006 1:51:22 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@weborama[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:d$@weborama.fr/
Expires : 4-24-2010 8:37:48 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@advertising[2].txt
Category : Data Miner
Comment : Hits:26
Value : Cookie:d$@advertising.com/
Expires : 4-25-2010 12:39:58 AM
LastSync : Hits:26
UseCount : 0
Hits : 26

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@doubleclick[1].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:d$@doubleclick.net/
Expires : 4-24-2008 7:46:26 PM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@tickle[2].txt
Category : Data Miner
Comment : Hits:14
Value : Cookie:d$@tickle.com/
Expires : 4-26-2007 2:45:06 PM
LastSync : Hits:14
UseCount : 0
Hits : 14

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@maxserving[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:d$@maxserving.com/
Expires : 4-24-2015 12:39:18 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@fastclick[1].txt
Category : Data Miner
Comment : Hits:15
Value : Cookie:d$@fastclick.net/
Expires : 4-15-2007 2:34:22 PM
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@as-us.falkag[1].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:d$@as-us.falkag.net/
Expires : 4-25-2006 8:43:10 PM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@atdmt[2].txt
Category : Data Miner
Comment : Hits:17
Value : Cookie:d$@atdmt.com/
Expires : 4-23-2010 8:00:00 PM
LastSync : Hits:17
UseCount : 0
Hits : 17

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@casalemedia[2].txt
Category : Data Miner
Comment : Hits:56
Value : Cookie:d$@casalemedia.com/
Expires : 4-16-2006 8:37:02 PM
LastSync : Hits:56
UseCount : 0
Hits : 56

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@tribalfusion[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:d$@tribalfusion.com/
Expires : 12-31-2037 8:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@targetnet[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:d$@targetnet.com/
Expires : 5-17-2033 11:33:20 PM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@valueclick[1].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:d$@valueclick.com/
Expires : 4-19-2030 7:36:14 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@revenue[1].txt
Category : Data Miner
Comment : Hits:14
Value : Cookie:d$@revenue.net/
Expires : 6-10-2022 1:05:42 AM
LastSync : Hits:14
UseCount : 0
Hits : 14

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@ads.pointroll[2].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:d$@ads.pointroll.com/
Expires : 12-31-2009 8:00:00 PM
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@servedby.advertising[2].txt
Category : Data Miner
Comment : Hits:234
Value : Cookie:d$@servedby.advertising.com/
Expires : 5-26-2005 1:23:44 AM
LastSync : Hits:234
UseCount : 0
Hits : 234

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@z1.adserver[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:d$@z1.adserver.com/
Expires : 4-26-2006 12:36:14 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@statcounter[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:d$@statcounter.com/
Expires : 4-25-2010 9:52:02 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@trafficmp[1].txt
Category : Data Miner
Comment : Hits:44
Value : Cookie:d$@trafficmp.com/
Expires : 4-25-2006 11:40:14 PM
LastSync : Hits:44
UseCount : 0
Hits : 44

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@www.clickedyclick[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:d$@www.clickedyclick.com/
Expires : 4-23-2015 6:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@edge.ru4[1].txt
Category : Data Miner
Comment : Hits:16
Value : Cookie:d$@edge.ru4.com/
Expires : 4-18-2035 11:43:14 PM
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@statse.webtrendslive[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:d$@statse.webtrendslive.com/
Expires : 4-24-2015 12:40:08 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@ads.addynamix[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:d$@ads.addynamix.com/
Expires : 4-26-2005 11:43:12 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@pacificpoker[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:d$@pacificpoker.com/
Expires : 12-18-2006 5:00:36 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@2o7[2].txt
Category : Data Miner
Comment : Hits:392
Value : Cookie:d$@2o7.net/
Expires : 4-25-2010 12:39:18 AM
LastSync : Hits:392
UseCount : 0
Hits : 392

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@clickagents[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:d$@clickagents.com/
Expires : 4-20-2030 12:13:04 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : d$@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:d$@mediaplex.com/
Expires : 6-21-2009 8:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 28
Objects found so far: 37



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
11 entries scanned.
New critical objects:0
Objects found so far: 37




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37

2:54:28 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:06:35.729
Objects scanned:113182
Objects identified:37
Objects ignored:0
New critical objects:37
  • 0
Back to Lavasoft Support (Ad-aware) · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Lavasoft Support (Ad-aware)

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP