Aller au contenu principal

Trying to help my fatherinlaw with his POS laptop

Commentaires

7 commentaires

  • Support

    Please click "add reply" then look for "File Attachments" click browse, find the file and then press the "attach" button... then "add reply" again...

     

    Alternativly copy and paste the contents of the text file into the reply box, however im guessing its going to be a big log.

     

    Feel free to reply if you get stuck.

     

    Thanks Chris Fry

    www.lavasoft.de

    0
  • Customer

    Ad-Aware SE Build 1.06r1

    Logfile Created on:Wednesday, April 26, 2006 1:14:00 AM

    Created with Ad-Aware SE Personal, free for private use.

    Using definitions file:SE1R104 21.04.2006

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

    References detected during the scan:

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    ABetterInternet.Nail(TAC index:5):1 total references

    MRU List(TAC index:0):6 total references

    Tracking Cookie(TAC index:3):6 total references

    Windows(TAC index:3):1 total references

    VX2(TAC index:10):17 total references

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

    Definition File:

    =========================

    Definitions File Loaded:

    Reference Number : SE1R104 21.04.2006

    Internal build : 123

    File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref

    File size : 618561 Bytes

    Total size : 2031217 Bytes

    Signature data size : 1993928 Bytes

    Reference data size : 36777 Bytes

    Signatures total : 56111

    CSI Fingerprints total : 2346

    CSI data size : 75346 Bytes

    Target categories : 15

    Target families : 877

     

     

    Memory + processor status:

    ==========================

    Number of processors : 1

    Processor architecture : Intel Pentium III

    Memory available:24 %

    Total physical memory:260076 kb

    Available physical memory:62404 kb

    Total page file size:2734244 kb

    Available on page file:2544480 kb

    Total virtual memory:2097024 kb

    Available virtual memory:2044156 kb

    OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

     

    Ad-Aware SE Settings

    ===========================

    Set : Search for negligible risk entries

    Set : Search for low-risk threats

    Set : Safe mode (always request confirmation)

    Set : Scan active processes

    Set : Scan registry

    Set : Deep-scan registry

    Set : Scan my IE Favorites for banned URLs

    Set : Scan within archives

    Set : Scan my Hosts file

     

    Extended Ad-Aware SE Settings

    ===========================

    Set : Unload recognized processes & modules during scan

    Set : Scan registry for all users instead of current user only

    Set : Always try to unload modules before deletion

    Set : During removal, unload Explorer and IE if necessary

    Set : Let Windows remove files in use at next reboot

    Set : Delete quarantined objects after restoring

    Set : Include basic Ad-Aware settings in log file

    Set : Include additional Ad-Aware settings in log file

    Set : Include reference summary in log file

    Set : Include alternate data stream details in log file

    Set : Play sound at scan completion if scan locates critical objects

     

     

    4-26-2006 1:14:00 AM - Scan started. (Full System Scan)

     

    MRU List Object Recognized!

    Location: : C:\Documents and Settings\Gary Christian\recent

    Description : list of recently opened documents

     

     

    MRU List Object Recognized!

    Location: : software\microsoft\directdraw\mostrecentapplication

    Description : most recent application to use microsoft directdraw

     

     

    MRU List Object Recognized!

    Location: : S-1-5-21-847386435-2346120412-1781031486-1005\software\microsoft\microsoft management console\recent file list

    Description : list of recent snap-ins used in the microsoft management console

     

     

    MRU List Object Recognized!

    Location: : S-1-5-21-847386435-2346120412-1781031486-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

    Description : list of recent programs opened

     

     

    MRU List Object Recognized!

    Location: : S-1-5-21-847386435-2346120412-1781031486-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

    Description : list of recently saved files, stored according to file extension

     

     

    MRU List Object Recognized!

    Location: : S-1-5-21-847386435-2346120412-1781031486-1005\software\microsoft\windows\currentversion\explorer\recentdocs

    Description : list of recent documents opened

     

     

    Listing running processes

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

    #:1 [smss.exe]

    FilePath : \SystemRoot\System32\

    ProcessID : 768

    ThreadCreationTime : 4-26-2006 3:18:07 AM

    BasePriority : Normal

     

     

    #:2 [csrss.exe]

    FilePath : \??\C:\WINDOWS\system32\

    ProcessID : 852

    ThreadCreationTime : 4-26-2006 3:18:10 AM

    BasePriority : Normal

     

     

    #:3 [winlogon.exe]

    FilePath : \??\C:\WINDOWS\system32\

    ProcessID : 876

    ThreadCreationTime : 4-26-2006 3:18:11 AM

    BasePriority : High

     

     

    #:4 [services.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 920

    ThreadCreationTime : 4-26-2006 3:18:11 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Services and Controller app

    InternalName : services.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : services.exe

     

    #:5 [lsass.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 932

    ThreadCreationTime : 4-26-2006 3:18:11 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : LSA Shell (Export Version)

    InternalName : lsass.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : lsass.exe

     

    #:6 [svchost.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 1084

    ThreadCreationTime : 4-26-2006 3:18:12 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe

     

    #:7 [svchost.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 1144

    ThreadCreationTime : 4-26-2006 3:18:12 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe

     

    #:8 [svchost.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 1392

    ThreadCreationTime : 4-26-2006 3:18:12 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe

     

    #:9 [svchost.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 1444

    ThreadCreationTime : 4-26-2006 3:18:13 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe

     

    #:10 [svchost.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 1636

    ThreadCreationTime : 4-26-2006 3:18:13 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe

     

    #:11 [spoolsv.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 168

    ThreadCreationTime : 4-26-2006 3:18:15 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Spooler SubSystem App

    InternalName : spoolsv.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : spoolsv.exe

     

    #:12 [explorer.exe]

    FilePath : C:\WINDOWS\

    ProcessID : 204

    ThreadCreationTime : 4-26-2006 3:18:15 AM

    BasePriority : Normal

    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 6.00.2900.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Windows Explorer

    InternalName : explorer

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : EXPLORER.EXE

     

    #:13 [atlhu32.exe]

    FilePath : C:\WINDOWS\system32\

    ProcessID : 276

    ThreadCreationTime : 4-26-2006 3:18:15 AM

    BasePriority : Normal

     

     

    #:14 [scsiaccess.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 396

    ThreadCreationTime : 4-26-2006 3:18:16 AM

    BasePriority : Normal

     

     

    #:15 [winkmi.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 608

    ThreadCreationTime : 4-26-2006 3:18:17 AM

    BasePriority : Normal

     

     

    #:16 [winkvsy.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 668

    ThreadCreationTime : 4-26-2006 3:18:17 AM

    BasePriority : Normal

     

     

    #:17 [igfxtray.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 520

    ThreadCreationTime : 4-26-2006 3:18:36 AM

    BasePriority : Normal

    FileVersion : 3,0,0,1132

    ProductVersion : 7,0,0,1132

    ProductName : Intel® Common User Interface

    CompanyName : Intel Corporation

    FileDescription : igfxTray Module

    InternalName : IGFXTRAY

    LegalCopyright : Copyright 1999-2001, Intel Corporation

    OriginalFilename : IGFXTRAY.EXE

     

    #:18 [apoint.exe]

    FilePath : C:\Program Files\Apoint\

    ProcessID : 528

    ThreadCreationTime : 4-26-2006 3:18:36 AM

    BasePriority : Normal

    FileVersion : 5.5.5.109

    ProductVersion : 5.5.5.109

    ProductName : Alps Pointing-device Driver

    CompanyName : Alps Electric Co., Ltd.

    FileDescription : Alps Pointing-device Driver

    InternalName : Alps Pointing-device Driver

    LegalCopyright : Copyright © 1999-2001 Alps Electric Co., Ltd.

    OriginalFilename : Apoint.exe

     

    #:19 [hkserv.exe]

    FilePath : C:\Program Files\Sony\HotKey Utility\

    ProcessID : 472

    ThreadCreationTime : 4-26-2006 3:18:36 AM

    BasePriority : Normal

     

     

    #:20 [qttask.exe]

    FilePath : C:\Program Files\QuickTime\

    ProcessID : 1044

    ThreadCreationTime : 4-26-2006 3:18:38 AM

    BasePriority : Normal

    FileVersion : 6.5

    ProductVersion : QuickTime 6.5

    ProductName : QuickTime

    CompanyName : Apple Computer, Inc.

    InternalName : QuickTime Task

    LegalCopyright : © Apple Computer, Inc. 2001-2004

    OriginalFilename : QTTask.exe

     

    #:21 [alg.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 1624

    ThreadCreationTime : 4-26-2006 3:18:41 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Application Layer Gateway Service

    InternalName : ALG.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : ALG.exe

     

    #:22 [pcfmgr.exe]

    FilePath : C:\Program Files\PowerPanel\Program\

    ProcessID : 504

    ThreadCreationTime : 4-26-2006 3:18:42 AM

    BasePriority : Normal

    FileVersion : 4.1.0.4

    ProductVersion : 4.1.0-S007

    ProductName : PowerPanel 3.0

    CompanyName : Phoenix Technologies Ltd.

    FileDescription : PCF Manager Local Server

    InternalName : PCFMgr

    LegalCopyright : Copyright © 1998, Phoenix Technologies Ltd.

    LegalTrademarks : PowerPanel 3.0

    OriginalFilename : PCFMgr.exe

     

    #:23 [apntex.exe]

    FilePath : C:\Program Files\Apoint\

    ProcessID : 2096

    ThreadCreationTime : 4-26-2006 3:18:44 AM

    BasePriority : Normal

    FileVersion : 5.0.1.13

    ProductVersion : 5.0.1.13

    ProductName : Alps Pointing-device Driver for Windows NT/2000

    CompanyName : Alps Electric Co., Ltd.

    FileDescription : Alps Pointing-device Driver for Windows NT/2000

    InternalName : Alps Pointing-device Driver for Windows NT/2000

    LegalCopyright : Copyright © 1998-2001 Alps Electric Co., Ltd.

    OriginalFilename : ApntEx.exe

     

    #:24 [pcfmgricq.exe]

    FilePath : C:\Program Files\PowerPanel\Program\

    ProcessID : 2148

    ThreadCreationTime : 4-26-2006 3:18:46 AM

    BasePriority : Normal

    FileVersion : 4.1.0.4

    ProductVersion : 4.1.0-S007

    ProductName : PowerPanel 3.0

    CompanyName : Phoenix Technologies Ltd.

    FileDescription : PCF Manager Local Server

    InternalName : PCFMgr

    LegalCopyright : Copyright © 1998, Phoenix Technologies Ltd.

    LegalTrademarks : PowerPanel 3.0

    OriginalFilename : PCFMgr.exe

    0
  • Customer

    #:25 [svchost.exe]

    FilePath : C:\WINDOWS\System32\

    ProcessID : 3560

    ThreadCreationTime : 4-26-2006 3:59:35 AM

    BasePriority : Normal

    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 5.1.2600.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Generic Host Process for Win32 Services

    InternalName : svchost.exe

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : svchost.exe

     

    #:26 [iexplore.exe]

    FilePath : C:\Program Files\Internet Explorer\

    ProcessID : 3660

    ThreadCreationTime : 4-26-2006 8:06:59 AM

    BasePriority : Normal

    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

    ProductVersion : 6.00.2900.2180

    ProductName : Microsoft® Windows® Operating System

    CompanyName : Microsoft Corporation

    FileDescription : Internet Explorer

    InternalName : iexplore

    LegalCopyright : © Microsoft Corporation. All rights reserved.

    OriginalFilename : IEXPLORE.EXE

     

    #:27 [ad-aware.exe]

    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\

    ProcessID : 344

    ThreadCreationTime : 4-26-2006 8:13:46 AM

    BasePriority : Normal

    FileVersion : 6.2.0.236

    ProductVersion : SE 106

    ProductName : Lavasoft Ad-Aware SE

    CompanyName : Lavasoft Sweden

    FileDescription : Ad-Aware SE Core application

    InternalName : Ad-Aware.exe

    LegalCopyright : Copyright © Lavasoft AB Sweden

    OriginalFilename : Ad-Aware.exe

    Comments : All Rights Reserved

     

    Memory scan result:

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    New critical objects: 0

    Objects found so far: 6

     

     

    Started registry scan

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

    VX2 Object Recognized!

    Type : Regkey

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUAc7C0u4t57D

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUI3d5OfSDist

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUI3d5OfSInst

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUs3t5icky1S

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUs3t5icky2S

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUC3u5rrentSMode

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUC3n5tFyl

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUAdC0u4t524h

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUL3a5stSSChckin

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUC1o3d5eOfSFinalAd

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUT3i5m7eOfSFinalAd

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUBd2y5i23

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUBd2y646

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUBd2yV3r

     

    VX2 Object Recognized!

    Type : RegValue

    Data :

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_USERS

    Object : S-1-5-21-847386435-2346120412-1781031486-1005\software\aurora

    Value : AUAdC0u4t57D

     

    ABetterInternet.Nail Object Recognized!

    Type : RegData

    Data : explorer.exe c:\windows\nail.exe

    TAC Rating : 5

    Category : Malware

    Comment :

    Rootkey : HKEY_LOCAL_MACHINE

    Object : software\microsoft\windows nt\currentversion\winlogon

    Value : Shell

    Data : explorer.exe c:\windows\nail.exe

     

    Windows Object Recognized!

    Type : RegData

    Data : explorer.exe c:\windows\nail.exe

    TAC Rating : 3

    Category : Vulnerability

    Comment :

    Rootkey : HKEY_LOCAL_MACHINE

    Object : software\microsoft\windows nt\currentversion\winlogon

    Value : Shell

    Data : explorer.exe c:\windows\nail.exe

     

    Registry Scan result:

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    New critical objects: 18

    Objects found so far: 24

     

     

    Started deep registry scan

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

    Deep registry scan result:

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    New critical objects: 0

    Objects found so far: 24

     

     

    Started Tracking Cookie scan

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

     

    Tracking Cookie Object Recognized!

    Type : IECache Entry

    Data : gary christian@doubleclick[1].txt

    TAC Rating : 3

    Category : Data Miner

    Comment : Hits:3

    Value : Cookie:gary christian@doubleclick.net/

    Expires : 4-24-2009 9:10:22 PM

    LastSync : Hits:3

    UseCount : 0

    Hits : 3

     

    Tracking Cookie Object Recognized!

    Type : IECache Entry

    Data : gary christian@atdmt[1].txt

    TAC Rating : 3

    Category : Data Miner

    Comment : Hits:1

    Value : Cookie:gary christian@atdmt.com/

    Expires : 4-24-2011 5:00:00 PM

    LastSync : Hits:1

    UseCount : 0

    Hits : 1

     

    Tracking Cookie Object Recognized!

    Type : IECache Entry

    Data : gary christian@2o7[2].txt

    TAC Rating : 3

    Category : Data Miner

    Comment : Hits:2

    Value : Cookie:gary christian@2o7.net/

    Expires : 4-25-2011 1:07:58 AM

    LastSync : Hits:2

    UseCount : 0

    Hits : 2

     

    Tracking Cookie Object Recognized!

    Type : IECache Entry

    Data : gary christian@questionmarket[1].txt

    TAC Rating : 3

    Category : Data Miner

    Comment : Hits:1

    Value : Cookie:gary christian@questionmarket.com/

    Expires : 6-16-2007 1:10:14 PM

    LastSync : Hits:1

    UseCount : 0

    Hits : 1

     

    Tracking Cookie Object Recognized!

    Type : IECache Entry

    Data : gary christian@findwhat[1].txt

    TAC Rating : 3

    Category : Data Miner

    Comment : Hits:1

    Value : Cookie:gary christian@findwhat.com/

    Expires : 12-31-2019 5:00:02 PM

    LastSync : Hits:1

    UseCount : 0

    Hits : 1

     

    Tracking Cookie Object Recognized!

    Type : IECache Entry

    Data : gary christian@advertising[2].txt

    TAC Rating : 3

    Category : Data Miner

    Comment : Hits:3

    Value : Cookie:gary christian@advertising.com/

    Expires : 4-24-2011 9:27:30 PM

    LastSync : Hits:3

    UseCount : 0

    Hits : 3

     

    Tracking cookie scan result:

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    New critical objects: 6

    Objects found so far: 30

     

     

     

    Deep scanning and examining files (C:)

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

    Disk Scan Result for C:\

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    New critical objects: 0

    Objects found so far: 30

     

     

    Deep scanning and examining files (D:)

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

    Disk Scan Result for D:\

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    New critical objects: 0

    Objects found so far: 30

     

     

    Performing conditional scans...

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

     

    VX2 Object Recognized!

    Type : RegData

    Data : explorer.exe c:\windows\nail.exe

    TAC Rating : 10

    Category : Malware

    Comment :

    Rootkey : HKEY_LOCAL_MACHINE

    Object : software\microsoft\windows nt\currentversion\winlogon

    Value : Shell

    Data : explorer.exe c:\windows\nail.exe

     

    Conditional scan result:

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    New critical objects: 1

    Objects found so far: 31

     

    1:30:21 AM Scan Complete

     

    Summary Of This Scan

    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Total scanning time:00:16:21.171

    Objects scanned:118740

    Objects identified:25

    Objects ignored:0

    New critical objects:25

    0
  • Support

    Hello Rich

     

    To remove this infection, you should download the "VX2 Cleaner"

     

    http://www.lavasoft.com/software/addons/vx2cleaner.shtml

     

    Please try with this first, and let us know how you get on...

    0
  • Customer

    Hello Rich

     

    To remove this infection, you should download the "VX2 Cleaner"

     

    http://www.lavasoft.com/software/addons/vx2cleaner.shtml

     

    Please try with this first, and let us know how you get on...


    Didn't work for me Steve. I get "system cleam" with the same problem. Does AdaWare have any better remover? I'm using SE 1.06.

    0
  • Customer

    Scitnor,

    it would be best if you start a topic of your our posting a log file from a "Full Scan"

     

    GRAFX

    0
  • Customer

    Rich,

    Please can you try at least two if not more of these On-line scans

    Panda

    Symantec

    McAfee

    TrendMicro

    Bit Defender

    RAV

    Kaspersky

    CommandonDemand

    Computer Associates

    CyberTechHelp

    PC Pitstop

    Stinger

    a2

    or download and try

    TrojanHunter (Note Trojan Scanner 30 day Trial)

    Reboot (ie: Re-start your PC)

    Now this is going to take a few scan please follow these instructions carefully, and in the order given

    Can you please go and download a plug-in (i.e.: vx2cleaner.exe) that will assist you in the cleanup of your PC. (if you have not already have done so)

    After you have downloaded and installed the VX2 Plug-in as described there,

    DO NOT RUN IT YET

    please can you clear out your cache folder ie: temporary internet folder.

    There are some free programs that you can use that will do that for you if needed like

    CCleaner

    (Note in CCleaner: go to >options > advanced > Uncheck "Only delete files in Windows Temp folders older than 48 hours"). but see CCleaner Set up

    Then open Ad-Aware SE use the WebUpDate to ensure that you have the latest Definitions File

    ie: (SE1R107 09.05.2006) then close Ad-Aware SE.

    Now please save and close any open programs and disconnect from the internet.

    (For broadband/cable users, it is recommended that you disconnect the cable connection)

    Then

    Please Reboot (i.e.: Re-start your PC)

    Then open Ad-Aware SE but nothing else.

     

    Please can you un-tick this option if you have it ticked

    "Include negligible objects information".

     

    To do this Open Ad-aware SE

    Click “settings� (the Gear)

    then Click “Tweaks“,

    then click Scanning engine,

    then un-tick "Include negligible objects information".

    And then click the proceed button.

    Now please scan doing a "Full Scan".

    When the scan has finished select Next. In the Scanning Results window select the "Scan Summary" tab. tick the box next to a "target family’" you wish to remove. Click next, Click OK.

    then rescan and do the same thing till you have removed all the "target family's"

    Then please run the VX2 cleaner by Selecting the VX2 Cleaner plug-in and click “Run Plug-in� Select “Clean System�

    Then please Reboot (i.e.: Re-start your PC)

    Then after your PC has restarted please open Ad-Aware SE, but nothing else and

    scan doing a "Full Scan". then and once the scan has finished mark and remove items then Reboot (i.e.: Re-start your PC)

    Then re-scan doing a "Full Scan" and then post your log file here by using the Add-Reply Feature

     

    GRAFX

    0

Vous devez vous connecter pour laisser un commentaire.