Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Ad-Aware Log

Started by azsunbums , May 04 2005 10:03 PM

  • This topic is locked This topic is locked

#1
azsunbums
Posted 04 May 2005 - 10:03 PM

azsunbums

    New Member

  • Member
  • Pip
  • 7 posts
I had used Ad-Aware and Spybot before I came upon your site but I still have issues so I followed your instructions and the log follows:

{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fcharset0 Courier New;}{\f1\fnil Arial;}{\f2\fswiss\fcharset0 Arial;}}
{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs16\par
Ad-Aware SE Build 1.05\par
Logfile Created on:Wednesday, May 04, 2005 7:15:18 PM\par
Created with Ad-Aware SE Personal, free for private use.\par
Using definitions file:SE1R42 28.04.2005\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
References detected during the scan:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
BargainBuddy(TAC index:8):66 total references\par
begin2search(TAC index:3):5 total references\par
BookedSpace(TAC index:10):17 total references\par
DealHelper(TAC index:7):1 total references\par
Elitum.ElitebarBHO(TAC index:5):1 total references\par
ExactSearchBar(TAC index:5):10 total references\par
IBIS Toolbar(TAC index:5):7 total references\par
Prutect(TAC index:8):2 total references\par
Rads01.Quadrogram(TAC index:6):5 total references\par
SahAgent(TAC index:9):3 total references\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
Ad-Aware SE Settings\par
===========================\par
Set : Safe mode (always request confirmation)\par
Set : Scan active processes\par
Set : Scan registry\par
Set : Deep-scan registry\par
Set : Scan my IE Favorites for banned URLs\par
Set : Scan my Hosts file\par
\par
Extended Ad-Aware SE Settings\par
===========================\par
Set : Unload recognized processes & modules during scan\par
Set : Scan registry for all users instead of current user only\par
Set : During removal, unload Explorer and IE if necessary\par
Set : Let Windows remove files in use at next reboot\par
Set : Delete quarantined objects after restoring\par
Set : Include basic Ad-Aware settings in log file\par
Set : Include additional Ad-Aware settings in log file\par
Set : Include reference summary in log file\par
Set : Include alternate data stream details in log file\par
Set : Play sound at scan completion if scan locates critical objects\par
\par
\par
5-4-2005 7:15:18 PM - Scan started. (Full System Scan)\par
\par
Listing running processes\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
#:1 [smss.exe]\par
FilePath : \\SystemRoot\\System32\\\par
ProcessID : 188\par
ThreadCreationTime : 5-5-2005 2:14:06 AM\par
BasePriority : Normal\par
\par
\par
#:2 [csrss.exe]\par
FilePath : \\??\\C:\\WINDOWS\\system32\\\par
ProcessID : 236\par
ThreadCreationTime : 5-5-2005 2:14:16 AM\par
BasePriority : Normal\par
\par
\par
#:3 [winlogon.exe]\par
FilePath : \\??\\C:\\WINDOWS\\system32\\\par
ProcessID : 260\par
ThreadCreationTime : 5-5-2005 2:14:18 AM\par
BasePriority : High\par
\par
\par
#:4 [services.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 304\par
ThreadCreationTime : 5-5-2005 2:14:21 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Services and Controller app\par
InternalName : services.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : services.exe\par
\par
#:5 [lsass.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 316\par
ThreadCreationTime : 5-5-2005 2:14:22 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : LSA Shell (Export Version)\par
InternalName : lsass.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : lsass.exe\par
\par
#:6 [svchost.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 476\par
ThreadCreationTime : 5-5-2005 2:14:25 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Generic Host Process for Win32 Services\par
InternalName : svchost.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : svchost.exe\par
\par
#:7 [svchost.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 536\par
ThreadCreationTime : 5-5-2005 2:14:26 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Generic Host Process for Win32 Services\par
InternalName : svchost.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : svchost.exe\par
\par
#:8 [svchost.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 580\par
ThreadCreationTime : 5-5-2005 2:14:27 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Generic Host Process for Win32 Services\par
InternalName : svchost.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : svchost.exe\par
\par
#:9 [explorer.exe]\par
FilePath : C:\\WINDOWS\\\par
ProcessID : 808\par
ThreadCreationTime : 5-5-2005 2:14:38 AM\par
BasePriority : Normal\par
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 6.00.2900.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Windows Explorer\par
InternalName : explorer\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : EXPLORER.EXE\par
\par
#:10 [ad-aware.exe]\par
FilePath : C:\\Program Files\\Lavasoft\\Ad-Aware SE Personal\\\par
ProcessID : 904\par
ThreadCreationTime : 5-5-2005 2:14:50 AM\par
BasePriority : Normal\par
FileVersion : 6.2.0.206\par
ProductVersion : VI.Second Edition\par
ProductName : Lavasoft Ad-Aware SE\par
CompanyName : Lavasoft Sweden\par
FileDescription : Ad-Aware SE Core application\par
InternalName : Ad-Aware.exe\par
LegalCopyright : Copyright \'a9 Lavasoft Sweden\par
OriginalFilename : Ad-Aware.exe\par
Comments : All Rights Reserved\par
\par
Memory scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 0\par
Objects found so far: 0\par
\par
\par
Started registry scan\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : appid\\bookedspace.dll\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : appid\\bookedspace.dll\par
Value : AppID\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : appid\\\{0dc5cd7c-f653-4417-aa43-d457be3a9622\}\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : appid\\\{0dc5cd7c-f653-4417-aa43-d457be3a9622\}\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : bookedspace.extension\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : bookedspace.extension\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : bookedspace.extension.5\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : bookedspace.extension.5\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : clsid\\\{0019c3e2-dd48-4a6d-abcd-8d32436323d9\}\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : clsid\\\{0019c3e2-dd48-4a6d-abcd-8d32436323d9\}\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : clsid\\\{0019c3e2-dd48-4a6d-abcd-8d32436323d9\}\par
Value : AppID\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : interface\\\{05080e6b-a88a-4cfd-8c3d-9b2557670b6e\}\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : interface\\\{05080e6b-a88a-4cfd-8c3d-9b2557670b6e\}\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : typelib\\\{0dc5cd7c-f653-4417-aa43-d457be3a9622\}\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_LOCAL_MACHINE\par
Object : software\\bookedspace\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_LOCAL_MACHINE\par
Object : software\\microsoft\\windows\\currentversion\\explorer\\browser helper objects\\\{0019c3e2-dd48-4a6d-abcd-8d32436323d9\}\par
\par
Registry Scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 16\par
Objects found so far: 16\par
\par
\par
Started deep registry scan\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
Deep registry scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 0\par
Objects found so far: 16\par
\par
\par
Started Tracking Cookie scan\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
\par
Tracking cookie scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 0\par
Objects found so far: 16\par
\par
\par
\par
Deep scanning and examining files (C:)\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067296.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067301.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067304.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067307.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067310.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067331.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067352.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067353.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
IBIS Toolbar Object Recognized!\par
Type : File\par
Data : A0067361.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
\par
\par
\par
IBIS Toolbar Object Recognized!\par
Type : File\par
Data : A0067382.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067389.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067390.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067392.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067393.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067400.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067419.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP195\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067429.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP195\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067436.vxd\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067437.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067439.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
Rads01.Quadrogram Object Recognized!\par
Type : File\par
Data : A0067440.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 1\par
ProductVersion : 1, 0, 0, 1\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067441.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067443.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067444.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067481.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
\par
\par
\par
DealHelper Object Recognized!\par
Type : File\par
Data : A0067485.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 1\par
ProductVersion : 1, 0, 0, 1\par
ProductName : UnInstallKey Application\par
FileDescription : UnInstallKey MFC Application\par
InternalName : UnInstallKey\par
LegalCopyright : Copyright © 2003\par
OriginalFilename : UnInstallKey.EXE\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067490.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067491.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067493.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067494.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067501.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067599.VXD\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
Rads01.Quadrogram Object Recognized!\par
Type : File\par
Data : A0067601.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 1\par
ProductVersion : 1, 0, 0, 1\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067603.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067607.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067609.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067611.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067634.EXE\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067642.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067643.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
IBIS Toolbar Object Recognized!\par
Type : File\par
Data : A0067680.EXE\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071237.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071238.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071240.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0071241.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071248.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071256.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071265.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071337.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0071340.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071347.vxd\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071348.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071349.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
Internal
  • 0

Advertisements

#2
Rawe
Posted 05 May 2005 - 04:49 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hello there.
Your logfile is incomplete.
Please, post the whole scanlog in this topic.
This sometimes takes 2-3 posts to get it all here.
I'll take a look when completed your log.

- Rawe :tazz:
  • 0

#3
azsunbums
Posted 05 May 2005 - 04:58 AM

azsunbums

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Sorry about that. How's this?

{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fcharset0 Courier New;}{\f1\fnil Arial;}{\f2\fswiss\fcharset0 Arial;}}
{\*\generator Msftedit 5.41.15.1507;}\viewkind4\uc1\pard\f0\fs16\par
Ad-Aware SE Build 1.05\par
Logfile Created on:Wednesday, May 04, 2005 7:15:18 PM\par
Created with Ad-Aware SE Personal, free for private use.\par
Using definitions file:SE1R42 28.04.2005\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
References detected during the scan:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
BargainBuddy(TAC index:8):66 total references\par
begin2search(TAC index:3):5 total references\par
BookedSpace(TAC index:10):17 total references\par
DealHelper(TAC index:7):1 total references\par
Elitum.ElitebarBHO(TAC index:5):1 total references\par
ExactSearchBar(TAC index:5):10 total references\par
IBIS Toolbar(TAC index:5):7 total references\par
Prutect(TAC index:8):2 total references\par
Rads01.Quadrogram(TAC index:6):5 total references\par
SahAgent(TAC index:9):3 total references\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
Ad-Aware SE Settings\par
===========================\par
Set : Safe mode (always request confirmation)\par
Set : Scan active processes\par
Set : Scan registry\par
Set : Deep-scan registry\par
Set : Scan my IE Favorites for banned URLs\par
Set : Scan my Hosts file\par
\par
Extended Ad-Aware SE Settings\par
===========================\par
Set : Unload recognized processes & modules during scan\par
Set : Scan registry for all users instead of current user only\par
Set : During removal, unload Explorer and IE if necessary\par
Set : Let Windows remove files in use at next reboot\par
Set : Delete quarantined objects after restoring\par
Set : Include basic Ad-Aware settings in log file\par
Set : Include additional Ad-Aware settings in log file\par
Set : Include reference summary in log file\par
Set : Include alternate data stream details in log file\par
Set : Play sound at scan completion if scan locates critical objects\par
\par
\par
5-4-2005 7:15:18 PM - Scan started. (Full System Scan)\par
\par
Listing running processes\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
#:1 [smss.exe]\par
FilePath : \\SystemRoot\\System32\\\par
ProcessID : 188\par
ThreadCreationTime : 5-5-2005 2:14:06 AM\par
BasePriority : Normal\par
\par
\par
#:2 [csrss.exe]\par
FilePath : \\??\\C:\\WINDOWS\\system32\\\par
ProcessID : 236\par
ThreadCreationTime : 5-5-2005 2:14:16 AM\par
BasePriority : Normal\par
\par
\par
#:3 [winlogon.exe]\par
FilePath : \\??\\C:\\WINDOWS\\system32\\\par
ProcessID : 260\par
ThreadCreationTime : 5-5-2005 2:14:18 AM\par
BasePriority : High\par
\par
\par
#:4 [services.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 304\par
ThreadCreationTime : 5-5-2005 2:14:21 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Services and Controller app\par
InternalName : services.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : services.exe\par
\par
#:5 [lsass.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 316\par
ThreadCreationTime : 5-5-2005 2:14:22 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : LSA Shell (Export Version)\par
InternalName : lsass.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : lsass.exe\par
\par
#:6 [svchost.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 476\par
ThreadCreationTime : 5-5-2005 2:14:25 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Generic Host Process for Win32 Services\par
InternalName : svchost.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : svchost.exe\par
\par
#:7 [svchost.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 536\par
ThreadCreationTime : 5-5-2005 2:14:26 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Generic Host Process for Win32 Services\par
InternalName : svchost.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : svchost.exe\par
\par
#:8 [svchost.exe]\par
FilePath : C:\\WINDOWS\\system32\\\par
ProcessID : 580\par
ThreadCreationTime : 5-5-2005 2:14:27 AM\par
BasePriority : Normal\par
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 5.1.2600.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Generic Host Process for Win32 Services\par
InternalName : svchost.exe\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : svchost.exe\par
\par
#:9 [explorer.exe]\par
FilePath : C:\\WINDOWS\\\par
ProcessID : 808\par
ThreadCreationTime : 5-5-2005 2:14:38 AM\par
BasePriority : Normal\par
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)\par
ProductVersion : 6.00.2900.2180\par
ProductName : Microsoft\'ae Windows\'ae Operating System\par
CompanyName : Microsoft Corporation\par
FileDescription : Windows Explorer\par
InternalName : explorer\par
LegalCopyright : \'a9 Microsoft Corporation. All rights reserved.\par
OriginalFilename : EXPLORER.EXE\par
\par
#:10 [ad-aware.exe]\par
FilePath : C:\\Program Files\\Lavasoft\\Ad-Aware SE Personal\\\par
ProcessID : 904\par
ThreadCreationTime : 5-5-2005 2:14:50 AM\par
BasePriority : Normal\par
FileVersion : 6.2.0.206\par
ProductVersion : VI.Second Edition\par
ProductName : Lavasoft Ad-Aware SE\par
CompanyName : Lavasoft Sweden\par
FileDescription : Ad-Aware SE Core application\par
InternalName : Ad-Aware.exe\par
LegalCopyright : Copyright \'a9 Lavasoft Sweden\par
OriginalFilename : Ad-Aware.exe\par
Comments : All Rights Reserved\par
\par
Memory scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 0\par
Objects found so far: 0\par
\par
\par
Started registry scan\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : appid\\bookedspace.dll\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : appid\\bookedspace.dll\par
Value : AppID\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : appid\\\{0dc5cd7c-f653-4417-aa43-d457be3a9622\}\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : appid\\\{0dc5cd7c-f653-4417-aa43-d457be3a9622\}\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : bookedspace.extension\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : bookedspace.extension\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : bookedspace.extension.5\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : bookedspace.extension.5\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : clsid\\\{0019c3e2-dd48-4a6d-abcd-8d32436323d9\}\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : clsid\\\{0019c3e2-dd48-4a6d-abcd-8d32436323d9\}\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : clsid\\\{0019c3e2-dd48-4a6d-abcd-8d32436323d9\}\par
Value : AppID\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : interface\\\{05080e6b-a88a-4cfd-8c3d-9b2557670b6e\}\par
\par
BookedSpace Object Recognized!\par
Type : RegValue\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : interface\\\{05080e6b-a88a-4cfd-8c3d-9b2557670b6e\}\par
Value : \par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_CLASSES_ROOT\par
Object : typelib\\\{0dc5cd7c-f653-4417-aa43-d457be3a9622\}\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_LOCAL_MACHINE\par
Object : software\\bookedspace\par
\par
BookedSpace Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_LOCAL_MACHINE\par
Object : software\\microsoft\\windows\\currentversion\\explorer\\browser helper objects\\\{0019c3e2-dd48-4a6d-abcd-8d32436323d9\}\par
\par
Registry Scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 16\par
Objects found so far: 16\par
\par
\par
Started deep registry scan\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
Deep registry scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 0\par
Objects found so far: 16\par
\par
\par
Started Tracking Cookie scan\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
\par
Tracking cookie scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 0\par
Objects found so far: 16\par
\par
\par
\par
Deep scanning and examining files (C:)\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067296.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067301.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067304.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067307.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067310.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067331.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067352.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067353.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
IBIS Toolbar Object Recognized!\par
Type : File\par
Data : A0067361.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
\par
\par
\par
IBIS Toolbar Object Recognized!\par
Type : File\par
Data : A0067382.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067389.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067390.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067392.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067393.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067400.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP194\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067419.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP195\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067429.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP195\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067436.vxd\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067437.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067439.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
Rads01.Quadrogram Object Recognized!\par
Type : File\par
Data : A0067440.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 1\par
ProductVersion : 1, 0, 0, 1\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067441.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067443.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067444.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067481.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
\par
\par
\par
DealHelper Object Recognized!\par
Type : File\par
Data : A0067485.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 1\par
ProductVersion : 1, 0, 0, 1\par
ProductName : UnInstallKey Application\par
FileDescription : UnInstallKey MFC Application\par
InternalName : UnInstallKey\par
LegalCopyright : Copyright © 2003\par
OriginalFilename : UnInstallKey.EXE\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067490.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067491.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067493.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067494.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067501.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067599.VXD\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
Rads01.Quadrogram Object Recognized!\par
Type : File\par
Data : A0067601.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 1\par
ProductVersion : 1, 0, 0, 1\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067603.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067607.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067609.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067611.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 1, 0\par
ProductVersion : 1, 0, 1, 0\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0067634.EXE\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067642.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0067643.EXE\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
IBIS Toolbar Object Recognized!\par
Type : File\par
Data : A0067680.EXE\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP196\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071237.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071238.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071240.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0071241.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071248.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071256.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071265.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071337.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
ExactSearchBar Object Recognized!\par
Type : File\par
Data : A0071340.exe\par
Category : Data Miner\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 5\par
ProductVersion : 1, 0, 0, 5\par
ProductName : NAVISearch Module\par
CompanyName : eXact Advertising\par
FileDescription : NLS Module\par
InternalName : NLS\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071347.vxd\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071348.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071349.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP210\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004.
  • 0

#4
Rawe
Posted 05 May 2005 - 04:59 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Ad-aware has found object(s) on your computer

If you chose to clean your computer from what Ad-aware found, follow these instructions below…

Make sure that you are using the * SE1R42 28.04.2005 * definition file.


Open up Ad-Aware SE and click on the gear to access the Configuration menu. Make sure that this setting is applied.

Click on Tweak > Cleaning engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder);

Run CCleaner to help in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click Ok.

Note; the path above is of the default installation location for Ad-aware SE, if this is different, adjust it to the location that you have installed it to.

When the scan has completed, select next. In the Scanning Results window, select the "Scan Summary"- tab. Check the box next to any objects you wish to remove. Click next, Click Ok.

If problems are caused by deleting a family, just leave it.


Reboot your computer after removal, run a new "full system scan" and post the results as a reply. Don't open any programs or connect to the internet at this time.

Then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Also, keep in mind that when you are posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (Mru's) aren't considered as a threat. This option can be changed when choosing your scan type.

Remember to post your fresh scanlog in THIS topic.

- Rawe :tazz:
  • 0

#5
azsunbums
Posted 05 May 2005 - 05:01 AM

azsunbums

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
I think this is what is missing.

BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071678.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071679.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071680.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071681.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071682.vxd\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
FileVersion : 1, 0, 0, 2\par
ProductVersion : 1, 0, 0, 2\par
ProductName : Upload Module\par
CompanyName : eXact Advertising\par
FileDescription : Upload Module\par
InternalName : Upload Utility\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : exul.exe\par
\par
\par
Rads01.Quadrogram Object Recognized!\par
Type : File\par
Data : A0071683.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
FileVersion : 1, 0, 0, 1\par
ProductVersion : 1, 0, 0, 1\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071684.dll\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
FileVersion : 2, 0, 0, 19\par
ProductVersion : 2, 0, 0, 19\par
ProductName : nls.dll Module\par
CompanyName : eXact Advertising\par
FileDescription : nls.dll Module\par
InternalName : nls.dll\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : nls.dll\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071685.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adv\par
CompanyName : eXact Advertising\par
InternalName : adv\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adv.exe\par
\par
\par
BargainBuddy Object Recognized!\par
Type : File\par
Data : A0071686.exe\par
Category : Malware\par
Comment : \par
Object : C:\\System Volume Information\\_restore\{705ACE84-C49F-49F5-B490-6BDDE66EC4FE\}\\RP211\\\par
FileVersion : 1.00\par
ProductVersion : 1.00\par
ProductName : adx\par
CompanyName : eXact Advertising\par
InternalName : adx\par
LegalCopyright : Copyright \'a9 2003, 2004. eXact Advertising, LLC. All Rights Reserved.\par
OriginalFilename : adx.exe\par
\par
\par
Prutect Object Recognized!\par
Type : File\par
Data : pi1_51.exe\par
Category : Malware\par
Comment : \par
Object : C:\\WINDOWS\\system32\\Cache\\\par
\par
\par
\par
Disk Scan Result for C:\\\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 0\par
Objects found so far: 111\par
\par
\par
Performing conditional scans...\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
\par
BookedSpace Object Recognized!\par
Type : File\par
Data : bsx32.ini\par
Category : Malware\par
Comment : \par
Object : C:\\WINDOWS\\\par
\par
\par
\par
IBIS Toolbar Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Data Miner\par
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.\par
Rootkey : HKEY_LOCAL_MACHINE\par
Object : system\\currentcontrolset\\enum\\root\\legacy_tbpssvc\par
\par
IBIS Toolbar Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Data Miner\par
Comment : \par
Rootkey : HKEY_LOCAL_MACHINE\par
Object : system\\currentcontrolset\\enum\\root\\legacy_wintoolssvc\par
\par
begin2search Object Recognized!\par
Type : File\par
Data : msxml3.dll\par
Category : Data Miner\par
Comment : \par
Object : C:\\WINDOWS\\system32\\\par
\par
\par
\par
begin2search Object Recognized!\par
Type : File\par
Data : msxml3r.dll\par
Category : Data Miner\par
Comment : \par
Object : C:\\WINDOWS\\system32\\\par
FileVersion : 8.20.8730.1\par
ProductVersion : 8.20.8730.1\par
ProductName : Microsoft Data Access Components\par
CompanyName : Microsoft Corporation\par
FileDescription : XML Resources\par
InternalName : MSXML3R.dll\par
LegalCopyright : Copyright © Microsoft Corporation. 1981-2000\par
OriginalFilename : MSXML3R.dll\par
\par
\par
Prutect Object Recognized!\par
Type : Regkey\par
Data : \par
Category : Malware\par
Comment : \par
Rootkey : HKEY_LOCAL_MACHINE\par
Object : software\\microsoft\\downloadmanager\par
\par
Conditional scan result:\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
New critical objects: 6\par
Objects found so far: 117\par
\par
7:35:10 PM Scan Complete\par
\par
Summary Of This Scan\par
\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\'bb\par
Total scanning time:00:19:51.828\par
Objects scanned:199639\par
Objects identified:117\par
Objects ignored:0\par
New critical objects:117\par
\par
\f1\par
\f2\fs20\par
}
  • 0

#6
Rawe
Posted 05 May 2005 - 05:14 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Could you possibly follow the instructions at my last post?

- Rawe :tazz:
  • 0

#7
azsunbums
Posted 05 May 2005 - 05:24 AM

azsunbums

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Rawe,

Thanks for the quick reponse and your help. The logs I am posting are the result of having followed the board's instructions. I had already run Ad-Aware and Spybot before I found this site and found instructions on this board and followed them. I then re-booted and the scans I have posted are the resulting scan from following instructions which I got off the board from a post by Corrine. Do you want me to do it again? If so I will have to wait as it is not my computer that is the issue and I will be able to do it in about 5 hours. I realize my first scan didn't all paste but I think my 3:01 scan completes what was in missing.
  • 0

#8
Rawe
Posted 05 May 2005 - 05:37 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
All I want you to do, is to follow my removal instructions few posts above.
I can give the instructions to you again if you want.

- Rawe :tazz:
  • 0

#9
azsunbums
Posted 05 May 2005 - 02:01 PM

azsunbums

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Here is the next log after doing as you requested> Thanks again for your help.


Ad-Aware SE Build 1.05
Logfile Created on:Thursday, May 05, 2005 11:04:35 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BookedSpace(TAC index:10):18 total references
DyFuCA(TAC index:3):2 total references
Ebates MoneyMaker(TAC index:4):9 total references
Prutect(TAC index:8):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:59 %
Total physical memory:523756 kb
Available physical memory:308296 kb
Total page file size:1280320 kb
Available on page file:1080320 kb
Total virtual memory:2097024 kb
Available virtual memory:2047356 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


5-5-2005 11:04:35 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 476
ThreadCreationTime : 5-5-2005 6:02:50 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 540
ThreadCreationTime : 5-5-2005 6:02:53 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 564
ThreadCreationTime : 5-5-2005 6:02:54 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 608
ThreadCreationTime : 5-5-2005 6:02:54 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 620
ThreadCreationTime : 5-5-2005 6:02:54 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 780
ThreadCreationTime : 5-5-2005 6:02:55 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 828
ThreadCreationTime : 5-5-2005 6:02:55 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 896
ThreadCreationTime : 5-5-2005 6:02:55 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 988
ThreadCreationTime : 5-5-2005 6:02:55 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1024
ThreadCreationTime : 5-5-2005 6:02:55 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1188
ThreadCreationTime : 5-5-2005 6:02:56 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1508
ThreadCreationTime : 5-5-2005 6:03:02 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:13 [soundman.exe]
ModuleName : C:\WINDOWS\SOUNDMAN.EXE
Command Line : "C:\WINDOWS\SOUNDMAN.EXE"
ProcessID : 1608
ThreadCreationTime : 5-5-2005 6:03:04 PM
BasePriority : Normal
FileVersion : 5.0.21
ProductVersion : 5.0.21
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:14 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ProcessID : 1636
ThreadCreationTime : 5-5-2005 6:03:04 PM
BasePriority : Normal
FileVersion : 1.00.104
ProductVersion : 1.00.104
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:15 [ghoststarttrayapp.exe]
ModuleName : C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
Command Line : "C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe"
ProcessID : 1652
ThreadCreationTime : 5-5-2005 6:03:04 PM
BasePriority : Normal
FileVersion : 2003.775
ProductVersion : 2003.775
ProductName : Norton Ghost Start
CompanyName : Symantec Corporation
FileDescription : Norton Ghost Start
InternalName : GhostStartTrayApp
LegalCopyright : Copyright © 1998-2002 Symantec Corp. All rights reserved.
OriginalFilename : GhostStartTrayApp.exe

#:16 [hpgs2wnd.exe]
ModuleName : C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
Command Line : "C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe"
ProcessID : 1660
ThreadCreationTime : 5-5-2005 6:03:04 PM
BasePriority : Normal
FileVersion : 2,7,0,0\ 46
ProductVersion : 2,7,0,0\ 46
ProductName : Hewlett-Packard hpgs2wnd
CompanyName : Hewlett-Packard
FileDescription : hpgs2wnd
InternalName : hpgs2wnd
LegalCopyright : Copyright © 2002
OriginalFilename : hpgs2wnd.exe

#:17 [hpqcmon.exe]
ModuleName : C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
Command Line : "C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe"
ProcessID : 1668
ThreadCreationTime : 5-5-2005 6:03:04 PM
BasePriority : Normal
FileVersion : 2.0.0.133
ProductVersion : 2.0.0.133
ProductName : HpqCmon Application
FileDescription : HpqCmon MFC Application
InternalName : HpqCmon
LegalCopyright : Copyright © 2001
OriginalFilename : HpqCmon.EXE

#:18 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1728
ThreadCreationTime : 5-5-2005 6:03:05 PM
BasePriority : Normal
FileVersion : 1.00.37
ProductVersion : 1.00.37
ProductName : Event Manager
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:19 [directcd.exe]
ModuleName : C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
Command Line : "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
ProcessID : 1736
ThreadCreationTime : 5-5-2005 6:03:06 PM
BasePriority : Normal
FileVersion : 5.2.0.91
ProductVersion : 5.2.0.91
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001-2002, Roxio, Inc.
OriginalFilename : Directcd.exe

#:20 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1752
ThreadCreationTime : 5-5-2005 6:03:06 PM
BasePriority : Normal
FileVersion : 6.4
ProductVersion : QuickTime 6.4
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2003
OriginalFilename : QTTask.exe

#:21 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 1760
ThreadCreationTime : 5-5-2005 6:03:06 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:22 [sagent2.exe]
ModuleName : C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
Command Line : "C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe"
ProcessID : 1788
ThreadCreationTime : 5-5-2005 6:03:06 PM
BasePriority : Normal
FileVersion : 2, 1, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : EPSON Bidirectional Printer
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Printer Status Agent
InternalName : SAgent2
LegalCopyright : Copyright © SEIKO EPSON CORP. 2000-2001
OriginalFilename : SAgent2.exe

#:23 [winupdt.exe]
ModuleName : C:\WINDOWS\System32\winupdt.exe
Command Line : "C:\WINDOWS\System32\winupdt.exe"
ProcessID : 1800
ThreadCreationTime : 5-5-2005 6:03:06 PM
BasePriority : Normal


#:24 [rundll32.exe]
ModuleName : C:\WINDOWS\system32\RUNDLL32.exe
Command Line : "C:\WINDOWS\system32\RUNDLL32.exe" AUNPS2.DLL,_Run@16
ProcessID : 1820
ThreadCreationTime : 5-5-2005 6:03:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:25 [ghoststartservice.exe]
ModuleName : C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe
Command Line : "C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe"
ProcessID : 1836
ThreadCreationTime : 5-5-2005 6:03:06 PM
BasePriority : Normal
FileVersion : 2003.775
ProductVersion : 2003.775
ProductName : Norton Ghost Start Service
CompanyName : Symantec Corporation
FileDescription : Norton Ghost Start
InternalName : GhostStartService
LegalCopyright : Copyright © 1998-2002 Symantec Corp. All rights reserved.
OriginalFilename : GhostStartService.exe

#:26 [ivpzvp.exe]
ModuleName : C:\WINDOWS\system32\ivpzvp.exe
Command Line : "C:\WINDOWS\system32\ivpzvp.exe"
ProcessID : 1872
ThreadCreationTime : 5-5-2005 6:03:07 PM
BasePriority : Normal


#:27 [exp.exe]
ModuleName : C:\WINDOWS\System32\exp.exe
Command Line : "C:\WINDOWS\System32\exp.exe"
ProcessID : 1900
ThreadCreationTime : 5-5-2005 6:03:07 PM
BasePriority : Normal


#:28 [wintask.exe]
ModuleName : C:\WINDOWS\System32\wintask.exe
Command Line : "C:\WINDOWS\System32\wintask.exe"
ProcessID : 1908
ThreadCreationTime : 5-5-2005 6:03:07 PM
BasePriority : Normal


#:29 [pdnqku.exe]
ModuleName : C:\WINDOWS\pdnqku.exe
Command Line : "C:\WINDOWS\pdnqku.exe"
ProcessID : 1920
ThreadCreationTime : 5-5-2005 6:03:07 PM
BasePriority : Normal


#:30 [bman1.exe]
ModuleName : C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe
Command Line : "C:\Documents and Settings\All Users\Application Data\msw\BMan1.exe"
ProcessID : 1956
ThreadCreationTime : 5-5-2005 6:03:07 PM
BasePriority : Normal
FileVersion : 1.00
ProductVersion : 1.00
ProductName : BMan1
InternalName : BMan1
OriginalFilename : BMan1.exe

#:31 [navapsvc.exe]
ModuleName : C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
Command Line : "C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe"
ProcessID : 2040
ThreadCreationTime : 5-5-2005 6:03:07 PM
BasePriority : Normal
FileVersion : 9.00.1104
ProductVersion : 9.00.1104
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:32 [gsmedia3.exe]
ModuleName : C:\WINDOWS\System32\GSMedia3.exe
Command Line : "C:\WINDOWS\System32\GSMedia3.exe"
ProcessID : 224
ThreadCreationTime : 5-5-2005 6:03:07 PM
BasePriority : Normal
FileVersion : 1.00
ProductVersion : 1.00
ProductName : URLBrowser
CompanyName : Atix
InternalName : URLBrowser
OriginalFilename : URLBrowser.exe

#:33 [bman.exe]
ModuleName : C:\DOCUME~1\ALLUSE~1\APPLIC~1\msw\BMan.exe
Command Line : C:\DOCUME~1\ALLUSE~1\APPLIC~1\msw\BMan.exe
ProcessID : 416
ThreadCreationTime : 5-5-2005 6:03:08 PM
BasePriority : Normal
FileVersion : 1.07
ProductVersion : 1.07
ProductName : BMan
InternalName : BMan
OriginalFilename : BMan.exe

#:34 [vpqipb.exe]
ModuleName : c:\windows\system32\vpqipb.exe
Command Line : "c:\windows\system32\vpqipb.exe" kxgccb
ProcessID : 436
ThreadCreationTime : 5-5-2005 6:03:08 PM
BasePriority : Normal
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.

#:35 [hpgs2wnf.exe]
ModuleName : C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
Command Line : "C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe" -Embedding
ProcessID : 412
ThreadCreationTime : 5-5-2005 6:03:08 PM
BasePriority : Normal
FileVersion : 2, 7, 0, 46
ProductVersion : 2, 7, 0, 46
ProductName : hpgs2wnf Module
FileDescription : hpgs2wnf Module
InternalName : hpgs2wnf
LegalCopyright : Copyright 2002
OriginalFilename : hpgs2wnf.EXE

#:36 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 296
ThreadCreationTime : 5-5-2005 6:03:08 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:37 [nprotect.exe]
ModuleName : C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
Command Line : "C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE"
ProcessID : 2156
ThreadCreationTime : 5-5-2005 6:03:10 PM
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright © 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE

#:38 [nvsvc32.exe]
ModuleName : C:\WINDOWS\System32\nvsvc32.exe
Command Line : C:\WINDOWS\System32\nvsvc32.exe
ProcessID : 2212
ThreadCreationTime : 5-5-2005 6:03:10 PM
BasePriority : Normal
FileVersion : 6.14.01.4345
ProductVersion : 6.14.01.4345
ProductName : NVIDIA Driver Helper Service, Version 43.45
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 43.45
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:39 [nopdb.exe]
ModuleName : C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
Command Line : C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
ProcessID : 2356
ThreadCreationTime : 5-5-2005 6:03:11 PM
BasePriority : Normal
FileVersion : 7.00.0.24
ProductVersion : 7.00.0.24
ProductName : Norton Speed Disk
CompanyName : Symantec Corporation
FileDescription : NOPDB
InternalName : NOPDB
LegalCopyright : Copyright © 2002
OriginalFilename : NOPDB.dll

#:40 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 2408
ThreadCreationTime : 5-5-2005 6:03:11 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:41 [wuauclt.exe]
ModuleName : C:\WINDOWS\system32\wuauclt.exe
Command Line : "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[380]SUSDScbd4560625ece543914259d18561784d
ProcessID : 2608
ThreadCreationTime : 5-5-2005 6:03:12 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:42 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 3104
ThreadCreationTime : 5-5-2005 6:03:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:43 [wscntfy.exe]
ModuleName : C:\WINDOWS\system32\wscntfy.exe
Command Line : C:\WINDOWS\system32\wscntfy.exe
ProcessID : 3632
ThreadCreationTime : 5-5-2005 6:04:12 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wscntfy.exe

#:44 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
ProcessID : 3656
ThreadCreationTime : 5-5-2005 6:04:25 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\bookedspace.dll

BookedSpace Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\bookedspace.dll
Value : AppID

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{0dc5cd7c-f653-4417-aa43-d457be3a9622}

BookedSpace Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{0dc5cd7c-f653-4417-aa43-d457be3a9622}
Value :

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bookedspace.extension

BookedSpace Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bookedspace.extension
Value :

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bookedspace.extension.5

BookedSpace Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bookedspace.extension.5
Value :

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{0019c3e2-dd48-4a6d-abcd-8d32436323d9}

BookedSpace Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{0019c3e2-dd48-4a6d-abcd-8d32436323d9}
Value :

BookedSpace Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{0019c3e2-dd48-4a6d-abcd-8d32436323d9}
Value : AppID

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{05080e6b-a88a-4cfd-8c3d-9b2557670b6e}

BookedSpace Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{05080e6b-a88a-4cfd-8c3d-9b2557670b6e}
Value :

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{0dc5cd7c-f653-4417-aa43-d457be3a9622}

DyFuCA Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-839522115-362288127-725345543-1004\software\ist

DyFuCA Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-839522115-362288127-725345543-1004\software\ist
Value : Recover

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\bookedspace

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{0019c3e2-dd48-4a6d-abcd-8d32436323d9}

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "AC"
Rootkey : HKEY_USERS
Object : S-1-5-21-839522115-362288127-725345543-1004\software\lq
Value : AC

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 19
Objects found so far: 19


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Prutect Object Recognized!
Type : File
Data : A0072735.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{705ACE84-C49F-49F5-B490-6BDDE66EC4FE}\RP211\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 20


Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\new windows

BookedSpace Object Recognized!
Type : File
Data : bsx32.ini
Category : Malware
Comment :
Object : C:\WINDOWS\



Ebates MoneyMaker Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TM

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AT

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AC

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AD

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AM

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : U

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : I

Prutect Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\downloadmanager

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 31

11:19:33 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:14:58.609
Objects scanned:207038
Objects identified:31
Objects ignored:0
New critical objects:31
  • 0

#10
azsunbums
Posted 06 May 2005 - 02:45 PM

azsunbums

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Please don't forget me I still need your help. My new log is in the previous post and I am awaiitng follow-up instructions. Thanks again.
  • 0

#11
GR@PH;<'S
Posted 06 May 2005 - 03:52 PM

GR@PH;<'S

    Member

  • Member
  • PipPipPip
  • 135 posts
azsunbums,
Please can you try at least two if not more of these On-line scans
Panda
Symantec
McAfee
TrendMicro
Bit Defender
RAV
Kaspersky
CommandonDemand
Computer Associates
CyberTechHelp
PC Pitstop
Stinger
a2
or download and try
TrojanHunter (Note Trojan Scanner 30 day Trial)
Then once you have done please can you use the WebUpDate to get the latest Definition file
(SE1R43.06.05.2005) then please rescan with Ad-aware doing a "Full Scan" and post your logfile here by using the "Add-reply" feature
If needed here's how to post your Ad-aware Logfile :tazz:

Here’s how to copy your Ad-aware log
click my computer
click local C Drive
then Click Program Files
then Click Lavasoft
then click Ad-aware SE
and then Logs,
find the latest one that you have
(by date & time)
and open it right Click select all
copy and then paste the contents of it here.
(Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all)
I recommend that you use the WebUpDate just before you scan that way you will always be up to date.

GR@PH;<'S
  • 0
Back to Lavasoft Support (Ad-aware) · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Lavasoft Support (Ad-aware)

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP