pop-up ads (adaware)

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

ztucker

Thread Starter
Joined
Mar 28, 2003
Messages
28
My computers had some problems with pop-ups for a little while, and I downloaded adaware to attempt to fix them. I think the problem is that two registry keys continuously are showing up on the scan and it's not letting me fix them.

Here is my adware scan. I put the two files in bold:

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Friday, April 23, 2004 1:42:29 AM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R217 08.09.2003
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry


4-23-04 1:42:29 AM - Scan started. (Smart mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293902479
Threads : 4
Priority : High
FileSize : 460 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1991-1999
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 1/1/01
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/24/99 2:22:00 AM

#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294939671
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 1/1/01
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/24/99 2:22:00 AM

#:3 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294935527
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1993-1998
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 1/1/01
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/24/99 2:22:00 AM

#:4 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294945723
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 1/1/01
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/24/99 2:22:00 AM

#:5 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294858791
Threads : 28
Priority : Normal
FileSize : 176 KB
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
Copyright : Copyright (C) Microsoft Corp. 1981-1997
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 4/24/99 2:22:00 AM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/24/99 2:22:00 AM

#:6 [spool32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294764707
Threads : 2
Priority : Normal
FileSize : 44 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1994 - 1998
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
OriginalFilename : spool32.exe
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 1/1/01
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/24/99 2:22:00 AM

#:7 [ddhelp.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294684343
Threads : 2
Priority : Realtime
FileSize : 32 KB
FileVersion : 4.09.00.0900
ProductVersion : 4.09.00.0900
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
OriginalFilename : DDHelp.exe
ProductName : Microsoft
Created on : 4/7/03 3:12:14 AM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 12/12/02 4:14:32 AM

#:8 [pstores.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294647927
Threads : 3
Priority : Normal
FileSize : 79 KB
FileVersion : 5.00.1877.3
ProductVersion : 5.00.1877.3
Copyright : Copyright (C) Microsoft Corp. 1981-1998
CompanyName : Microsoft Corporation
FileDescription : Protected storage server
InternalName : Protected storage server
OriginalFilename : Protected storage server
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 1/1/01
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/24/99 2:22:00 AM

#:9 [ad-aware.exe]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4294630395
Threads : 2
Priority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 4/20/04 1:44:34 AM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 7/13/03 2:00:20 AM

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{DDFFA75A-E81D-4454-89FC-B9FD0631E726}


VX2.BetterInternet Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{DDFFA75A-E81D-4454-89FC-B9FD0631E726}\InprocServer32


Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 2
Objects found so far: 2


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 2


¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/23/04 5:19:50 AM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/23/04 5:19:52 AM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:21:34 PM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/22/04 10:21:36 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:39:02 PM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/22/04 10:39:04 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/23/04 5:37:32 AM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/23/04 5:37:34 AM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 11:48:43 PM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/22/04 11:48:44 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:16:32 PM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/22/04 10:16:34 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:19:13 PM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/22/04 10:19:14 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:34:37 PM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/22/04 10:34:38 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:21:34 PM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/22/04 10:21:36 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/23/04 3:23:18 AM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/23/04 3:23:20 AM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/23/04 5:20:05 AM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/23/04 5:20:06 AM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/23/04 5:20:55 AM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/23/04 5:20:56 AM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:39:03 PM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/22/04 10:39:04 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 11:05:11 PM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/22/04 11:05:12 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:40:58 PM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/22/04 10:41:00 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 10:41:05 PM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/22/04 10:41:06 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/22/04 11:52:44 PM
Last accessed : 4/22/04 4:00:00 AM
Last modified : 4/22/04 11:52:46 PM



Tracking Cookie Object recognized!
Type : File
Data : [email protected][2].txt
Object : C:\WINDOWS\Cookies\

Created on : 4/23/04 5:39:32 AM
Last accessed : 4/23/04 4:00:00 AM
Last modified : 4/23/04 5:39:34 AM


¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 20


1:45:51 AM Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:03:19:440
Objects scanned :30332
Objects identified :20
Objects ignored :0
New objects :20
 

ztucker

Thread Starter
Joined
Mar 28, 2003
Messages
28
I just ran spybot, and one of the registry keys was all that showed up.

It was called "Look2me".
 
Joined
Feb 16, 2002
Messages
540
Spybot will find and delete VX2,

Or you can use 'regedit' and do it yourself,

Start / run / regedit,
click on 'edit' then 'find'

copy and paste you keys, one at a time --->
DDFFA75A-E81D-4454-89FC-B9FD0631E726
DDFFA75A-E81D-4454-89FC-B9FD0631E726

when found, right click and delete
 
Joined
Apr 29, 2004
Messages
3
Win32sl
According to other forums win32sl is a spyware running in the background under registry values.

to fix - goto www.captainpca.ca - recommended downloads - startup manageer (startupCPL) - install and access trough control panel. This little app will tell you everything added to startup in windows and registry. You have to kill Win32sl service running in the background in order to successfully remove it - Run Adaware again (make sure to update adaware 1st).

pop-ups (Win2K/WinXP)
If you are part of network DO NOT do this, but if not goto control panel - administrative tools - services - messenger - right click stop - properties - startup - disable. If you are a home user there is no reason this service should be turned on because there there will be no network administrator prompting desktop instructions. Spyware orgs use this windows component to solicite unwanted popup addss the &$#@!

good luck - hope this helps
 

ztucker

Thread Starter
Joined
Mar 28, 2003
Messages
28
I've tried to get to that page a few times, and it keeps telling me that the page can't be displayed. I tried it from my roomates computer this morning, and it didn't work there either.

I did a google search and found startup manager on a few sites. I wasn't sure if I should just pick one and download it, or if there was another site that you recommended.

Thanks for all of your help.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top