1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Adware - Please review scan - Should I delete all

Discussion in 'All Other Software' started by mandy123, Oct 8, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. mandy123

    mandy123 Thread Starter

    Joined:
    Aug 15, 2003
    Messages:
    204
    I have just run Adware for the first time. (I REGULARLY RUN SPYBOT.) Should I just tell Adaware to remove all 53 items that it found? Thanks for your help!


    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :Wednesday, October 08, 2003 8:29:40 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R217 08.09.2003
    ______________________________________________________

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry


    10-8-2003 8:29:40 PM - Scan started. (Smart mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ThreadCreationTime : 10-8-2003 2:44:35 PM
    BasePriority : Normal


    #:2 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ThreadCreationTime : 10-8-2003 2:44:37 PM
    BasePriority : High


    #:3 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 10-8-2003 2:44:37 PM
    BasePriority : Normal
    FileSize : 99 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    OriginalFilename : services.exe
    ProductName : Microsoft
    Created on : 8/29/2002 11:00:00 AM
    Last accessed : 10/8/2003 11:30:55 PM
    Last modified : 8/29/2002 11:00:00 AM

    #:4 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 10-8-2003 2:44:37 PM
    BasePriority : Normal
    FileSize : 11 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    OriginalFilename : lsass.exe
    ProductName : Microsoft
    Created on : 8/29/2002 11:00:00 AM
    Last accessed : 10/9/2003 12:04:15 AM
    Last modified : 8/29/2002 11:00:00 AM

    #:5 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 10-8-2003 2:44:38 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 8/29/2002 11:00:00 AM
    Last accessed : 10/9/2003 12:03:47 AM
    Last modified : 8/29/2002 11:00:00 AM

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 10-8-2003 2:44:38 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 8/29/2002 11:00:00 AM
    Last accessed : 10/9/2003 12:03:47 AM
    Last modified : 8/29/2002 11:00:00 AM

    #:7 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 10-8-2003 2:44:39 PM
    BasePriority : Normal
    FileSize : 50 KB
    FileVersion : 5.1.2600.0 (XPClient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    OriginalFilename : spoolsv.exe
    ProductName : Microsoft
    Created on : 8/29/2002 11:00:00 AM
    Last accessed : 10/9/2003 12:04:20 AM
    Last modified : 8/29/2002 11:00:00 AM

    #:8 [ccevtmgr.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 10-8-2003 2:44:39 PM
    BasePriority : Normal
    FileSize : 309 KB
    FileVersion : 1.03.4
    ProductVersion : 1.03.4
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Event Manager Service
    InternalName : ccEvtMgr
    OriginalFilename : ccEvtMgr.exe
    ProductName : Event Manager
    Created on : 11/13/2002 8:44:02 PM
    Last accessed : 10/8/2003 11:52:26 PM
    Last modified : 11/13/2002 8:44:02 PM

    #:9 [nisum.exe]
    FilePath : C:\Program Files\Norton Personal Firewall\
    ThreadCreationTime : 10-8-2003 2:44:39 PM
    BasePriority : Normal
    FileSize : 137 KB
    FileVersion : 6.02.2003
    ProductVersion : 6.02.2003
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton Internet Security NISUM
    InternalName : NISUM
    OriginalFilename : NISUM.exe
    ProductName : Norton Internet Security
    Created on : 8/18/2003 9:02:33 PM
    Last accessed : 10/9/2003 12:29:40 AM
    Last modified : 3/3/2003 5:06:36 PM

    #:10 [ccpxysvc.exe]
    FilePath : C:\Program Files\Norton Personal Firewall\
    ThreadCreationTime : 10-8-2003 2:44:40 PM
    BasePriority : Normal
    FileSize : 33 KB
    FileVersion : 6.02.2003
    ProductVersion : 6.02.2003
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton Internet Security Proxy Service
    InternalName : ccPxySvc
    OriginalFilename : ccPxySvc.exe
    ProductName : Norton Internet Security
    Created on : 8/18/2003 9:02:31 PM
    Last accessed : 10/9/2003 12:03:34 AM
    Last modified : 3/3/2003 5:05:18 PM

    #:11 [navapsvc.exe]
    FilePath : C:\Program Files\Norton AntiVirus\
    ThreadCreationTime : 10-8-2003 2:44:40 PM
    BasePriority : Normal
    FileSize : 113 KB
    FileVersion : 8.07.17
    ProductVersion : 8.07.17
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton AntiVirus Auto-Protect Service
    InternalName : NAVAPSVC
    OriginalFilename : NAVAPSVC.EXE
    ProductName : Norton AntiVirus
    Created on : 2/27/2002 5:29:26 PM
    Last accessed : 10/9/2003 12:10:15 AM
    Last modified : 2/27/2002 5:29:26 PM

    #:12 [nvsvc32.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 10-8-2003 2:44:40 PM
    BasePriority : Normal
    FileSize : 60 KB
    FileVersion : 6.13.10.2835
    ProductVersion : 6.13.10.2835
    Copyright : (c) NVIDIA Corporation. All rights reserved.
    CompanyName : NVIDIA Corporation
    FileDescription : NVIDIA Driver Helper Service, Version 28.35
    InternalName : NVSVC
    OriginalFilename : nvsvc32.exe
    ProductName : NVIDIA Driver Helper Service, Version 28.35
    Created on : 1/1/1980 6:00:00 AM
    Last accessed : 10/9/2003 12:04:17 AM
    Last modified : 3/11/2002 9:56:00 PM

    #:13 [explorer.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 10-8-2003 2:44:50 PM
    BasePriority : Normal
    FileSize : 980 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft
    Created on : 8/29/2002 11:00:00 AM
    Last accessed : 10/9/2003 12:03:34 AM
    Last modified : 8/29/2002 11:00:00 AM

    #:14 [ccapp.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 10-8-2003 2:44:53 PM
    BasePriority : Normal
    FileSize : 53 KB
    FileVersion : 1.08.01
    ProductVersion : 1.08.01
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Common Client CC App
    InternalName : ccApp
    OriginalFilename : ccApp.exe
    ProductName : Common Client
    Created on : 8/15/2003 5:55:31 AM
    Last accessed : 10/9/2003 12:14:45 AM
    Last modified : 7/17/2003 2:05:14 PM

    #:15 [navapw32.exe]
    FilePath : C:\PROGRA~1\NORTON~1\
    ThreadCreationTime : 10-8-2003 2:44:53 PM
    BasePriority : Normal
    FileSize : 73 KB
    FileVersion : 8.07.17
    ProductVersion : 8.07.17
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton AntiVirus Agent
    InternalName : NAVAPW32
    OriginalFilename : NAVAPW32.EXE
    ProductName : Norton AntiVirus
    Created on : 2/27/2002 5:27:58 PM
    Last accessed : 10/9/2003 12:29:40 AM
    Last modified : 2/27/2002 5:27:58 PM

    #:16 [rundll32.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 10-8-2003 2:44:54 PM
    BasePriority : Normal
    FileSize : 31 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Run a DLL as an App
    InternalName : rundll
    OriginalFilename : RUNDLL.EXE
    ProductName : Microsoft
    Created on : 8/29/2002 11:00:00 AM
    Last accessed : 10/9/2003 12:04:19 AM
    Last modified : 8/29/2002 11:00:00 AM

    #:17 [webshotstray.exe]
    FilePath : C:\PROGRA~1\Webshots\
    ThreadCreationTime : 10-8-2003 7:37:27 PM
    BasePriority : Normal
    FileSize : 204 KB
    FileVersion : 1.3.0.3826
    ProductVersion : 1.3.0.3826
    Copyright : Copyright (C) 1998
    CompanyName : The Webshots Corporation
    FileDescription : Webshots Desktop Tray Application
    InternalName : WEBSHOTSTRAY
    OriginalFilename : WEBSHOTSTRAY.EXE
    ProductName : Webshots Tray Application
    Created on : 9/16/2003 8:09:47 PM
    Last accessed : 10/9/2003 12:29:40 AM
    Last modified : 6/21/2002 7:55:56 PM

    #:18 [popups~1.exe]
    FilePath : C:\PROGRA~1\PANICW~1\POP-UP~1\
    ThreadCreationTime : 10-9-2003 12:02:38 AM
    BasePriority : Normal
    FileSize : 496 KB
    FileVersion : 1, 52, 0, 1004
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright (C) 2002-2003
    CompanyName : Panicware, Inc.
    FileDescription : Pop-Up Stopper Professional
    InternalName : Pop-Up Stopper Professional
    OriginalFilename : PopUpStopperPro.exe
    ProductName : Pop-Up Stopper Professional

    #:19 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
    ThreadCreationTime : 10-9-2003 12:28:32 AM
    BasePriority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 10/9/2003 12:28:17 AM
    Last accessed : 10/9/2003 12:28:17 AM
    Last modified : 7/13/2003 2:00:20 AM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : CLSID\{1C896551-8B92-4907-8C06-15DB2D1F874A}


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : CLSID\{2ABE804B-4D3A-41BF-A172-304627874B45}


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : CLSID\{94742E3F-D9A1-4780-9A87-2FFA43655DA2}


    IGetNet Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : CLSID\{947e6d5a-4b9f-4cf4-91b3-562ca8d03313}


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C}


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : CLSID\{F3155057-4C2C-4078-8576-50486693FD49}


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : EGDHTML.EGDialHTML


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : EGDHTML.EGDialHTML.1


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : EGDialObject.EGDial


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : EGDialObject.EGDial.1


    ClearSearch Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : ie_clrsch.iehooks


    ClearSearch Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : ie_clrsch.iehooks.1


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : IMIToolbar.BottomFrame


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : IMIToolbar.BottomFrame.1


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : IMIToolbar.LeftFrame


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : IMIToolbar.LeftFrame.1


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : IMIToolbar.PopupBrowser


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : IMIToolbar.PopupBrowser.1


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : Interface\{2F668A6D-2EC7-4E3A-A485-819E210738D6}


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : Interface\{901166A5-F137-4B27-BC4C-CA611DEBDCED}


    ClearSearch Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : Interface\{A351D4B1-BF54-41F1-BEC0-8A1C4ECD72C7}


    ClearSearch Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\CLRSCH


    StopPop Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : Software\Dhost


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : Software\EGDHTML


    istbar Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : Software\IST


    HotBar Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{A80F2DB2-80A9-4834-8F5A-4AB70F4EF4C3}


    Alexa Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}


    Adultlinks Quickbar Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : Software\QcBar


    SecondThought Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : software\stc\client


    Favoriteman Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : TypeLib\{53F066F0-A4C0-4F46-83EB-2DFD03F938CF}


    e-Group Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : TypeLib\{83F0D6AA-CD15-46B5-AA4E-BDB506B4AE53}


    IGetNet Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : TYPELIB\{95b3af07-0e4f-4cdf-acfd-3d4efd9aec0b}


    Favoriteman Object recognized!
    Type : RegValue
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : Software\Microsoft\Windows
    Value : Counter


    Favoriteman Object recognized!
    Type : RegValue
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : Software\Microsoft\Windows
    Value : Server


    Favoriteman Object recognized!
    Type : RegValue
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : Software\Microsoft\Windows
    Value : Object


    istbar Object recognized!
    Type : RegValue
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\Microsoft\Windows\CurrentVersion
    Value : disp


    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 36
    Objects found so far: 36


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : IMIToolbar.PopupWindow


    ImIServer IEPlugin Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : IMIToolbar.PopupWindow.1


    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 2
    Objects found so far: 38


    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\Documents and Settings\DSZ\Cookies\

    Created on : 10/9/2003 12:23:55 AM
    Last accessed : 10/9/2003 12:23:55 AM
    Last modified : 10/9/2003 12:23:55 AM


    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    FreeScratchCards Object recognized!
    Type : File
    Data : 2ndsrch.dll
    Object : C:\WINDOWS\System32\
    FileSize : 66 KB
    FileVersion : 8.0.7.1
    ProductVersion : 8.0.7.1
    InternalName : runpool.dll
    OriginalFilename : runpool.dll
    Created on : 7/29/2003 3:14:11 AM
    Last accessed : 10/9/2003 12:02:45 AM
    Last modified : 7/29/2003 3:14:26 AM



    e-Group Object recognized!
    Type : File
    Data : egdial.dll
    Object : C:\WINDOWS\System32\
    FileSize : 11 KB
    FileVersion : 1, 0, 0, 6
    ProductVersion : 1, 0, 0, 6
    Copyright : Copyright
    CompanyName : E-Group
    FileDescription : EGDial
    InternalName : EGDial
    OriginalFilename : EGDial.dll
    ProductName : E-Group EGDial
    Created on : 6/18/2003 11:32:48 PM
    Last accessed : 10/9/2003 12:02:55 AM
    Last modified : 6/18/2003 11:32:48 PM



    Favoriteman Object recognized!
    Type : File
    Data : im64.dll
    Object : C:\WINDOWS\System32\

    Created on : 8/3/2003 7:12:27 PM
    Last accessed : 10/9/2003 12:02:59 AM
    Last modified : 8/22/2003 5:14:16 AM




    Performing conditional scans..
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    e-Group Object recognized!
    Type : File
    Data : egdhtml_1017.dll
    Object : c:\windows\system32\
    FileSize : 78 KB
    FileVersion : 1, 0, 1, 7
    ProductVersion : 1, 0, 1, 7
    Copyright : Copyright 2003
    FileDescription : EGDHTML Module
    InternalName : EGDHTML
    OriginalFilename : EGDHTML_1017.DLL
    ProductName : EGDHTML Module
    Created on : 7/17/2003 3:57:20 PM
    Last accessed : 10/9/2003 12:02:55 AM
    Last modified : 7/17/2003 3:57:20 PM



    e-Group Object recognized!
    Type : File
    Data : egdhtml_1019.dll
    Object : c:\windows\system32\
    FileSize : 78 KB
    FileVersion : 1, 0, 1, 9
    ProductVersion : 1, 0, 1, 9
    Copyright : Copyright 2003
    FileDescription : EGDHTML Module
    InternalName : EGDHTML
    OriginalFilename : EGDHTML_1019.DLL
    ProductName : EGDHTML Module
    Created on : 8/6/2003 10:41:14 PM
    Last accessed : 10/9/2003 12:02:55 AM
    Last modified : 8/6/2003 10:41:14 PM



    IGetNet Object recognized!
    Type : RegValue
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : Software\Microsoft\Internet Explorer\URLSearchHooks
    Value : {CFBFAE00-17A6-11D0-99CB-00C04FD64497}


    StopPop Object recognized!
    Type : File
    Data : hostprep.exe
    Object : c:\windows\
    FileSize : 32 KB
    Created on : 5/15/2003 12:46:00 PM
    Last accessed : 10/9/2003 12:05:03 AM
    Last modified : 5/15/2003 12:46:00 PM



    StopPop Object recognized!
    Type : File
    Data : payload.inf
    Object : c:\windows\inf\
    FileSize : 1 KB
    Created on : 7/21/2003 2:07:18 PM
    Last accessed : 10/9/2003 12:30:51 AM
    Last modified : 7/21/2003 2:07:18 PM



    istbar Object recognized!
    Type : File
    Data : tinybar.exe
    Object : c:\windows\
    FileSize : 7 KB
    Created on : 6/5/2003 9:49:54 PM
    Last accessed : 10/9/2003 12:05:04 AM
    Last modified : 6/13/2003 2:41:51 AM



    Adultlinks Quickbar Object recognized!
    Type : Folder
    Object : c:\documents and settings\dsz\application data\QcBar


    Adultlinks Quickbar Object recognized!
    Type : File
    Data : linkicons
    Object : c:\documents and settings\dsz\application data\qcbar\

    Created on : 7/30/2003 1:49:51 AM
    Last accessed : 10/9/2003 12:11:34 AM
    Last modified : 7/30/2003 1:50:00 AM



    SecondThought Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : software\stc


    FreeScratchCards Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CURRENT_USER
    Object : Software\FSC


    FreeScratchCards Object recognized!
    Type : File
    Data : fsc.ini
    Object : c:\windows\system32\

    Created on : 3/31/2003 3:43:29 AM
    Last accessed : 10/9/2003 12:30:51 AM
    Last modified : 8/11/2003 10:04:47 PM



    Conditional scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 11
    Objects found so far: 53


    8:30:51 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:01:11:73
    Objects scanned :35381
    Objects identified :53
    Objects ignored :0
    New objects :53
     
  2. Top Banana

    Top Banana

    Joined:
    Nov 10, 2002
    Messages:
    1,344
    Using reference-file :01R217 08.09.2003

    Update the reference file, run a "Full Scan" and remove all.

    www.lavahelp.com
     
  3. mandy123

    mandy123 Thread Starter

    Joined:
    Aug 15, 2003
    Messages:
    204
    Thanks. Just to clarify: you are saying delete ALL 53 items?
     
  4. Top Banana

    Top Banana

    Joined:
    Nov 10, 2002
    Messages:
    1,344
  5. Topkat

    Topkat

    Joined:
    Aug 10, 2003
    Messages:
    401
    A good rule of thumb with AdAware if you're not familiar with the entries is delete all the tracking cookies, this is never a problem. If anything other than this is still there and you're not sure then you can post your log at the http://www.lavasoftsupport.com forums. They will be able to spot any new items that needs their attention this way as well.
    Hope this helps!
    :D
     
  6. mamabear

    mamabear

    Joined:
    Mar 10, 2003
    Messages:
    59
    The "Alexa" object is the "Whats Related Links" feature on your Internet Explorer toolbar. If you use it, don't delete it. You can add it to the Ignore list if you want to keep it.

    Alexa technology does use a 'web crawler' (bot) that records the information found on webpages accessed when the 'Whats related feature' is being used in Internet Explorer.

    When the 'Whats related feature' in IE is not being used, no information is sent to Alexa.

    If you remove "Alexa", it will be reinstalled if you repair or reinstall IE.
     
  7. TheRealKiwi

    TheRealKiwi

    Joined:
    Aug 30, 2003
    Messages:
    17
    But before you do anything, do as Top Banana says, and update your reference file. It's good practice to check for updates before each scan.
     
  8. cannymum

    cannymum

    Joined:
    Apr 8, 2003
    Messages:
    50
    mandy123,

    In regards to this entry in your log file:


    QUOTE
    StopPop Object recognized!
    Type : File
    Data : payload.inf
    Object : c:\windows\inf\
    FileSize : 1 KB
    Created on : 7/21/2003 2:07:18 PM
    Last accessed : 10/10/2003 5:16:06 AM
    Last modified : 7/21/2003 2:07:18 PM




    Could you please look in Add/Remove in your Control Panel, and see if there is an entry for "win32 BI Application" and let us know if it is there?

    Could you then please submit the c:\windows\inf\payload.inf file for review.

    Full instructions for submitting a file can be found at http://www.lavasoftsupport.com/index.php?showtopic=11156

    If you have any problems with this, please ask. Thanks.
     
  9. mandy123

    mandy123 Thread Starter

    Joined:
    Aug 15, 2003
    Messages:
    204
    Win32 Application is there. What does it mean? I have deleted it previously, but it came back. I will submit the payload file later today or tomorrow.
     
  10. cannymum

    cannymum

    Joined:
    Apr 8, 2003
    Messages:
    50
    G'day mandy123,

    The Win32 Application had the host.dll transponder spyware installed.

    Once you have submitted the c:\windows\inf\payload.inf file for review, I will get back to you about how to clean out the remnants of it all.

    p.s. What operating system are you running..windows98, windows ME, windows XP, or windows 2000?

    You can read about the Win 32 Application transponder variant :

    HERE

    and removal info is at the bottom of the page


    Thanks
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/170596

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice