Adware - Please review scan - Should I delete all

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

mandy123

Thread Starter
Joined
Aug 15, 2003
Messages
204
I have just run Adware for the first time. (I REGULARLY RUN SPYBOT.) Should I just tell Adaware to remove all 53 items that it found? Thanks for your help!


Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Wednesday, October 08, 2003 8:29:40 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R217 08.09.2003
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry


10-8-2003 8:29:40 PM - Scan started. (Smart mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 10-8-2003 2:44:35 PM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 10-8-2003 2:44:37 PM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 10-8-2003 2:44:37 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 10/8/2003 11:30:55 PM
Last modified : 8/29/2002 11:00:00 AM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 10-8-2003 2:44:37 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 10/9/2003 12:04:15 AM
Last modified : 8/29/2002 11:00:00 AM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 10-8-2003 2:44:38 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 10/9/2003 12:03:47 AM
Last modified : 8/29/2002 11:00:00 AM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 10-8-2003 2:44:38 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 10/9/2003 12:03:47 AM
Last modified : 8/29/2002 11:00:00 AM

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 10-8-2003 2:44:39 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 10/9/2003 12:04:20 AM
Last modified : 8/29/2002 11:00:00 AM

#:8 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 10-8-2003 2:44:39 PM
BasePriority : Normal
FileSize : 309 KB
FileVersion : 1.03.4
ProductVersion : 1.03.4
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Event Manager
Created on : 11/13/2002 8:44:02 PM
Last accessed : 10/8/2003 11:52:26 PM
Last modified : 11/13/2002 8:44:02 PM

#:9 [nisum.exe]
FilePath : C:\Program Files\Norton Personal Firewall\
ThreadCreationTime : 10-8-2003 2:44:39 PM
BasePriority : Normal
FileSize : 137 KB
FileVersion : 6.02.2003
ProductVersion : 6.02.2003
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security NISUM
InternalName : NISUM
OriginalFilename : NISUM.exe
ProductName : Norton Internet Security
Created on : 8/18/2003 9:02:33 PM
Last accessed : 10/9/2003 12:29:40 AM
Last modified : 3/3/2003 5:06:36 PM

#:10 [ccpxysvc.exe]
FilePath : C:\Program Files\Norton Personal Firewall\
ThreadCreationTime : 10-8-2003 2:44:40 PM
BasePriority : Normal
FileSize : 33 KB
FileVersion : 6.02.2003
ProductVersion : 6.02.2003
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security Proxy Service
InternalName : ccPxySvc
OriginalFilename : ccPxySvc.exe
ProductName : Norton Internet Security
Created on : 8/18/2003 9:02:31 PM
Last accessed : 10/9/2003 12:03:34 AM
Last modified : 3/3/2003 5:05:18 PM

#:11 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 10-8-2003 2:44:40 PM
BasePriority : Normal
FileSize : 113 KB
FileVersion : 8.07.17
ProductVersion : 8.07.17
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 2/27/2002 5:29:26 PM
Last accessed : 10/9/2003 12:10:15 AM
Last modified : 2/27/2002 5:29:26 PM

#:12 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 10-8-2003 2:44:40 PM
BasePriority : Normal
FileSize : 60 KB
FileVersion : 6.13.10.2835
ProductVersion : 6.13.10.2835
Copyright : (c) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 28.35
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 28.35
Created on : 1/1/1980 6:00:00 AM
Last accessed : 10/9/2003 12:04:17 AM
Last modified : 3/11/2002 9:56:00 PM

#:13 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 10-8-2003 2:44:50 PM
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 10/9/2003 12:03:34 AM
Last modified : 8/29/2002 11:00:00 AM

#:14 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 10-8-2003 2:44:53 PM
BasePriority : Normal
FileSize : 53 KB
FileVersion : 1.08.01
ProductVersion : 1.08.01
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 8/15/2003 5:55:31 AM
Last accessed : 10/9/2003 12:14:45 AM
Last modified : 7/17/2003 2:05:14 PM

#:15 [navapw32.exe]
FilePath : C:\PROGRA~1\NORTON~1\
ThreadCreationTime : 10-8-2003 2:44:53 PM
BasePriority : Normal
FileSize : 73 KB
FileVersion : 8.07.17
ProductVersion : 8.07.17
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Agent
InternalName : NAVAPW32
OriginalFilename : NAVAPW32.EXE
ProductName : Norton AntiVirus
Created on : 2/27/2002 5:27:58 PM
Last accessed : 10/9/2003 12:29:40 AM
Last modified : 2/27/2002 5:27:58 PM

#:16 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 10-8-2003 2:44:54 PM
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 10/9/2003 12:04:19 AM
Last modified : 8/29/2002 11:00:00 AM

#:17 [webshotstray.exe]
FilePath : C:\PROGRA~1\Webshots\
ThreadCreationTime : 10-8-2003 7:37:27 PM
BasePriority : Normal
FileSize : 204 KB
FileVersion : 1.3.0.3826
ProductVersion : 1.3.0.3826
Copyright : Copyright (C) 1998
CompanyName : The Webshots Corporation
FileDescription : Webshots Desktop Tray Application
InternalName : WEBSHOTSTRAY
OriginalFilename : WEBSHOTSTRAY.EXE
ProductName : Webshots Tray Application
Created on : 9/16/2003 8:09:47 PM
Last accessed : 10/9/2003 12:29:40 AM
Last modified : 6/21/2002 7:55:56 PM

#:18 [popups~1.exe]
FilePath : C:\PROGRA~1\PANICW~1\POP-UP~1\
ThreadCreationTime : 10-9-2003 12:02:38 AM
BasePriority : Normal
FileSize : 496 KB
FileVersion : 1, 52, 0, 1004
ProductVersion : 1, 0, 0, 1
Copyright : Copyright (C) 2002-2003
CompanyName : Panicware, Inc.
FileDescription : Pop-Up Stopper Professional
InternalName : Pop-Up Stopper Professional
OriginalFilename : PopUpStopperPro.exe
ProductName : Pop-Up Stopper Professional

#:19 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 10-9-2003 12:28:32 AM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 10/9/2003 12:28:17 AM
Last accessed : 10/9/2003 12:28:17 AM
Last modified : 7/13/2003 2:00:20 AM

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{1C896551-8B92-4907-8C06-15DB2D1F874A}


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{2ABE804B-4D3A-41BF-A172-304627874B45}


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{94742E3F-D9A1-4780-9A87-2FFA43655DA2}


IGetNet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{947e6d5a-4b9f-4cf4-91b3-562ca8d03313}


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C}


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{F3155057-4C2C-4078-8576-50486693FD49}


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : EGDHTML.EGDialHTML


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : EGDHTML.EGDialHTML.1


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : EGDialObject.EGDial


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : EGDialObject.EGDial.1


ClearSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ie_clrsch.iehooks


ClearSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ie_clrsch.iehooks.1


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.BottomFrame


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.BottomFrame.1


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.LeftFrame


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.LeftFrame.1


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupBrowser


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupBrowser.1


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{2F668A6D-2EC7-4E3A-A485-819E210738D6}


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{901166A5-F137-4B27-BC4C-CA611DEBDCED}


ClearSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{A351D4B1-BF54-41F1-BEC0-8A1C4ECD72C7}


ClearSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\CLRSCH


StopPop Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Dhost


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\EGDHTML


istbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\IST


HotBar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{A80F2DB2-80A9-4834-8F5A-4AB70F4EF4C3}


Alexa Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}


Adultlinks Quickbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\QcBar


SecondThought Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\stc\client


Favoriteman Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{53F066F0-A4C0-4F46-83EB-2DFD03F938CF}


e-Group Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{83F0D6AA-CD15-46B5-AA4E-BDB506B4AE53}


IGetNet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{95b3af07-0e4f-4cdf-acfd-3d4efd9aec0b}


Favoriteman Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Windows
Value : Counter


Favoriteman Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Windows
Value : Server


Favoriteman Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Windows
Value : Object


istbar Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion
Value : disp


Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 36
Objects found so far: 36


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupWindow


ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupWindow.1


Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 2
Objects found so far: 38


¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\Documents and Settings\DSZ\Cookies\

Created on : 10/9/2003 12:23:55 AM
Last accessed : 10/9/2003 12:23:55 AM
Last modified : 10/9/2003 12:23:55 AM


¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

FreeScratchCards Object recognized!
Type : File
Data : 2ndsrch.dll
Object : C:\WINDOWS\System32\
FileSize : 66 KB
FileVersion : 8.0.7.1
ProductVersion : 8.0.7.1
InternalName : runpool.dll
OriginalFilename : runpool.dll
Created on : 7/29/2003 3:14:11 AM
Last accessed : 10/9/2003 12:02:45 AM
Last modified : 7/29/2003 3:14:26 AM



e-Group Object recognized!
Type : File
Data : egdial.dll
Object : C:\WINDOWS\System32\
FileSize : 11 KB
FileVersion : 1, 0, 0, 6
ProductVersion : 1, 0, 0, 6
Copyright : Copyright
CompanyName : E-Group
FileDescription : EGDial
InternalName : EGDial
OriginalFilename : EGDial.dll
ProductName : E-Group EGDial
Created on : 6/18/2003 11:32:48 PM
Last accessed : 10/9/2003 12:02:55 AM
Last modified : 6/18/2003 11:32:48 PM



Favoriteman Object recognized!
Type : File
Data : im64.dll
Object : C:\WINDOWS\System32\

Created on : 8/3/2003 7:12:27 PM
Last accessed : 10/9/2003 12:02:59 AM
Last modified : 8/22/2003 5:14:16 AM




Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

e-Group Object recognized!
Type : File
Data : egdhtml_1017.dll
Object : c:\windows\system32\
FileSize : 78 KB
FileVersion : 1, 0, 1, 7
ProductVersion : 1, 0, 1, 7
Copyright : Copyright 2003
FileDescription : EGDHTML Module
InternalName : EGDHTML
OriginalFilename : EGDHTML_1017.DLL
ProductName : EGDHTML Module
Created on : 7/17/2003 3:57:20 PM
Last accessed : 10/9/2003 12:02:55 AM
Last modified : 7/17/2003 3:57:20 PM



e-Group Object recognized!
Type : File
Data : egdhtml_1019.dll
Object : c:\windows\system32\
FileSize : 78 KB
FileVersion : 1, 0, 1, 9
ProductVersion : 1, 0, 1, 9
Copyright : Copyright 2003
FileDescription : EGDHTML Module
InternalName : EGDHTML
OriginalFilename : EGDHTML_1019.DLL
ProductName : EGDHTML Module
Created on : 8/6/2003 10:41:14 PM
Last accessed : 10/9/2003 12:02:55 AM
Last modified : 8/6/2003 10:41:14 PM



IGetNet Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\URLSearchHooks
Value : {CFBFAE00-17A6-11D0-99CB-00C04FD64497}


StopPop Object recognized!
Type : File
Data : hostprep.exe
Object : c:\windows\
FileSize : 32 KB
Created on : 5/15/2003 12:46:00 PM
Last accessed : 10/9/2003 12:05:03 AM
Last modified : 5/15/2003 12:46:00 PM



StopPop Object recognized!
Type : File
Data : payload.inf
Object : c:\windows\inf\
FileSize : 1 KB
Created on : 7/21/2003 2:07:18 PM
Last accessed : 10/9/2003 12:30:51 AM
Last modified : 7/21/2003 2:07:18 PM



istbar Object recognized!
Type : File
Data : tinybar.exe
Object : c:\windows\
FileSize : 7 KB
Created on : 6/5/2003 9:49:54 PM
Last accessed : 10/9/2003 12:05:04 AM
Last modified : 6/13/2003 2:41:51 AM



Adultlinks Quickbar Object recognized!
Type : Folder
Object : c:\documents and settings\dsz\application data\QcBar


Adultlinks Quickbar Object recognized!
Type : File
Data : linkicons
Object : c:\documents and settings\dsz\application data\qcbar\

Created on : 7/30/2003 1:49:51 AM
Last accessed : 10/9/2003 12:11:34 AM
Last modified : 7/30/2003 1:50:00 AM



SecondThought Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\stc


FreeScratchCards Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\FSC


FreeScratchCards Object recognized!
Type : File
Data : fsc.ini
Object : c:\windows\system32\

Created on : 3/31/2003 3:43:29 AM
Last accessed : 10/9/2003 12:30:51 AM
Last modified : 8/11/2003 10:04:47 PM



Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 11
Objects found so far: 53


8:30:51 PM Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:01:11:73
Objects scanned :35381
Objects identified :53
Objects ignored :0
New objects :53
 
Joined
Aug 10, 2003
Messages
401
A good rule of thumb with AdAware if you're not familiar with the entries is delete all the tracking cookies, this is never a problem. If anything other than this is still there and you're not sure then you can post your log at the http://www.lavasoftsupport.com forums. They will be able to spot any new items that needs their attention this way as well.
Hope this helps!
:D
 
Joined
Mar 10, 2003
Messages
59
The "Alexa" object is the "Whats Related Links" feature on your Internet Explorer toolbar. If you use it, don't delete it. You can add it to the Ignore list if you want to keep it.

Alexa technology does use a 'web crawler' (bot) that records the information found on webpages accessed when the 'Whats related feature' is being used in Internet Explorer.

When the 'Whats related feature' in IE is not being used, no information is sent to Alexa.

If you remove "Alexa", it will be reinstalled if you repair or reinstall IE.
 
Joined
Aug 30, 2003
Messages
17
But before you do anything, do as Top Banana says, and update your reference file. It's good practice to check for updates before each scan.
 
Joined
Apr 8, 2003
Messages
50
mandy123,

In regards to this entry in your log file:


QUOTE
StopPop Object recognized!
Type : File
Data : payload.inf
Object : c:\windows\inf\
FileSize : 1 KB
Created on : 7/21/2003 2:07:18 PM
Last accessed : 10/10/2003 5:16:06 AM
Last modified : 7/21/2003 2:07:18 PM




Could you please look in Add/Remove in your Control Panel, and see if there is an entry for "win32 BI Application" and let us know if it is there?

Could you then please submit the c:\windows\inf\payload.inf file for review.

Full instructions for submitting a file can be found at http://www.lavasoftsupport.com/index.php?showtopic=11156

If you have any problems with this, please ask. Thanks.
 

mandy123

Thread Starter
Joined
Aug 15, 2003
Messages
204
Win32 Application is there. What does it mean? I have deleted it previously, but it came back. I will submit the payload file later today or tomorrow.
 
Joined
Apr 8, 2003
Messages
50
G'day mandy123,

The Win32 Application had the host.dll transponder spyware installed.

Once you have submitted the c:\windows\inf\payload.inf file for review, I will get back to you about how to clean out the remnants of it all.

p.s. What operating system are you running..windows98, windows ME, windows XP, or windows 2000?

You can read about the Win 32 Application transponder variant :

HERE

and removal info is at the bottom of the page


Thanks
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top