joey5o4

Members
  • Content Count

    1
  • Joined

  • Last visited

Community Reputation

0 Neutral

About joey5o4

  • Rank
    Newbie
  1. hi everyone, there seems to be a problem. my ad-aware se scanner detects and deletes the registry key "Adware Agent" but it seems to keep coming back and being redetected everytime i scan i TAGAin.is there anything i can do to permenately remove it? not sure if you need it but this is my logfile Ad-Aware SE Build 1.06r1 Logfile Created on:Wednesday, December 12, 2007 3:40:57 PM Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R208 10.12.2007 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Adware.Agent(TAC index:5):1 total references MRU List(TAC index:0):6 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Search for low-risk threats Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 12-12-2007 3:40:57 PM - Scan started. (Full System Scan) MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [taskeng.exe] FilePath : C:\Windows\system32\ ProcessID : 3104 ThreadCreationTime : 12-12-2007 9:13:43 AM BasePriority : Normal FileVersion : 6.0.6000.16386 (vista_rtm.061101-2205) ProductVersion : 6.0.6000.16386 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Task Scheduler Engine InternalName : TaskEng LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : taskeng.exe.mui #:2 [dwm.exe] FilePath : C:\Windows\system32\ ProcessID : 1280 ThreadCreationTime : 12-12-2007 9:13:43 AM BasePriority : High FileVersion : 6.0.6000.16386 (vista_rtm.061101-2205) ProductVersion : 6.0.6000.16386 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Desktop Window Manager InternalName : dwm.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : dwm.exe.mui #:3 [explorer.exe] FilePath : C:\Windows\ ProcessID : 3308 ThreadCreationTime : 12-12-2007 9:13:43 AM BasePriority : Normal FileVersion : 6.0.6000.16386 (vista_rtm.061101-2205) ProductVersion : 6.0.6000.16386 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE.MUI #:4 [msascui.exe] FilePath : C:\Program Files\Windows Defender\ ProcessID : 2272 ThreadCreationTime : 12-12-2007 9:13:49 AM BasePriority : Normal FileVersion : 1.1.1505.0 ProductVersion : 1.1.1505.0 ProductName : Windows Defender CompanyName : Microsoft Corporation FileDescription : Windows Defender User Interface InternalName : MSASCUI LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : MSASCUI.exe #:5 [tscfplatformcomsvr.exe] FilePath : C:\Program Files\Trend Micro\TrendSecure\ ProcessID : 3304 ThreadCreationTime : 12-12-2007 9:13:50 AM BasePriority : Normal FileVersion : 1.0.0.1205 ProductVersion : 1.0 ProductName : TrendSecure Common Platform CompanyName : Trend Micro Inc. FileDescription : TSCFPlatformCOMSvr InternalName : TSCFPlatformCOMSvr.exe LegalCopyright : Copyright © 2007 Trend Micro Incorporated. All rights reserved. OriginalFilename : TSCFPlatformCOMSvr.exe #:6 [rundll32.exe] FilePath : C:\Windows\System32\ ProcessID : 3748 ThreadCreationTime : 12-12-2007 9:13:50 AM BasePriority : Normal FileVersion : 6.0.6000.16386 (vista_rtm.061101-2205) ProductVersion : 6.0.6000.16386 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows host process (Rundll32) InternalName : rundll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : RUNDLL32.EXE.MUI #:7 [rundll32.exe] FilePath : C:\Windows\System32\ ProcessID : 3768 ThreadCreationTime : 12-12-2007 9:13:51 AM BasePriority : Normal FileVersion : 6.0.6000.16386 (vista_rtm.061101-2205) ProductVersion : 6.0.6000.16386 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows host process (Rundll32) InternalName : rundll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : RUNDLL32.EXE.MUI #:8 [vprotray.exe] FilePath : C:\Program Files\Norton Ghost\Agent\ ProcessID : 3592 ThreadCreationTime : 12-12-2007 9:13:51 AM BasePriority : Normal FileVersion : 12.0.0.20352 ProductVersion : 12.0 ProductName : Norton Ghost CompanyName : Symantec Corporation FileDescription : Tray Application InternalName : VProTray LegalCopyright : Copyright © 1994-2007 Symantec Corporation. All rights reserved. OriginalFilename : VProTray.exe #:9 [lxddmon.exe] FilePath : C:\Program Files\Lexmark 2500 Series\ ProcessID : 3604 ThreadCreationTime : 12-12-2007 9:13:51 AM BasePriority : Normal FileVersion : 0.1.25.0 FileDescription : Device Monitor #:10 [lxddamon.exe] FilePath : C:\Program Files\Lexmark 2500 Series\ ProcessID : 3004 ThreadCreationTime : 12-12-2007 9:13:51 AM BasePriority : Normal #:11 [pdvdserv.exe] FilePath : C:\Program Files\CyberLink\PowerDVD\ ProcessID : 3744 ThreadCreationTime : 12-12-2007 9:14:04 AM BasePriority : Normal FileVersion : 7.00.2406 ProductVersion : 7.00.2406 ProductName : PowerDVD CompanyName : Cyberlink Corp. FileDescription : PowerDVD RC Service InternalName : PowerDVD RC Service LegalCopyright : Copyright © CyberLink Corp. 1997-2006 OriginalFilename : PDVDSERV.EXE #:12 [roxwatchtray10.exe] FilePath : C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ ProcessID : 4076 ThreadCreationTime : 12-12-2007 9:14:09 AM BasePriority : Normal FileVersion : 10.0.1.15 ProductVersion : 10.0.1.15 ProductName : CommonSDK CompanyName : Sonic Solutions FileDescription : RoxMMTrayApp Module LegalCopyright : Copyright © 1994-2005 Sonic Solutions OriginalFilename : RoxMMTrayApp.exe #:13 [dmxlauncher.exe] FilePath : C:\Program Files\Roxio\CinePlayer\ ProcessID : 1040 ThreadCreationTime : 12-12-2007 9:14:10 AM BasePriority : Normal #:14 [googledesktop.exe] FilePath : C:\Program Files\Google\Google Desktop Search\ ProcessID : 3764 ThreadCreationTime : 12-12-2007 9:14:10 AM BasePriority : Normal FileVersion : 5.5.709.30344 ProductVersion : 5.5.709.30344 ProductName : Google Desktop CompanyName : Google FileDescription : Google Desktop InternalName : Google Desktop LegalCopyright : Copyright © 2003-07 Google. All Rights Reserved. #:15 [groovemonitor.exe] FilePath : C:\Program Files\Microsoft Office\Office12\ ProcessID : 2264 ThreadCreationTime : 12-12-2007 9:14:10 AM BasePriority : Normal #:16 [jusched.exe] FilePath : C:\Program Files\Java\jre1.6.0_03\bin\ ProcessID : 4044 ThreadCreationTime : 12-12-2007 9:14:11 AM BasePriority : Normal #:17 [ufseagnt.exe] FilePath : C:\Program Files\Trend Micro\Internet Security\ ProcessID : 896 ThreadCreationTime : 12-12-2007 9:14:11 AM BasePriority : Normal FileVersion : 16.0.0.1412 ProductVersion : 16.0.0 ProductName : Trend Micro Internet Security CompanyName : Trend Micro Inc. FileDescription : Trend Micro Server Agent InternalName : UfSeAgnt LegalCopyright : Copyright © 1995-2008 Trend Micro Incorporated. All rights reserved. LegalTrademarks : Copyright © Trend Micro Incorporated. OriginalFilename : UfSeAgnt.exe #:18 [rthdvcpl.exe] FilePath : C:\Windows\ ProcessID : 1100 ThreadCreationTime : 12-12-2007 9:14:19 AM BasePriority : Normal FileVersion : 1, 0, 0, 106 ProductVersion : 1, 0, 0, 106 ProductName : HD Audio Control Panel CompanyName : Realtek Semiconductor FileDescription : HD Audio Control Panel InternalName : RtHDVCpl.exe LegalCopyright : 2006 © Realtek Semiconductor. All rights reserved. OriginalFilename : RtHDVCpl.exe #:19 [sidebar.exe] FilePath : C:\Program Files\Windows Sidebar\ ProcessID : 4108 ThreadCreationTime : 12-12-2007 9:14:20 AM BasePriority : Normal FileVersion : 6.0.6000.16386 (vista_rtm.061101-2205) ProductVersion : 1.0.6000.16386 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Sidebar InternalName : Windows Sidebar LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : sidebar.EXE.MUI #:20 [searchprotection.exe] FilePath : C:\Program Files\Yahoo!\Search Protection\ ProcessID : 4136 ThreadCreationTime : 12-12-2007 9:14:21 AM BasePriority : Normal FileVersion : 2007, 6, 8, 1 ProductVersion : 1, 2, 0, 0 ProductName : Search Protection CompanyName : Yahoo! Inc. FileDescription : Yahoo! Application InternalName : Y! SP LegalCopyright : Yahoo! Copyright © 2006-2007 OriginalFilename : ysp.exe Comments : Search Protection #:21 [nmbgmonitor.exe] FilePath : C:\Program Files\Common Files\Nero\Lib\ ProcessID : 4144 ThreadCreationTime : 12-12-2007 9:14:21 AM BasePriority : Normal #:22 [flmain.exe] FilePath : C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\ ProcessID : 4172 ThreadCreationTime : 12-12-2007 9:14:22 AM BasePriority : Normal FileVersion : 3.0.0.1199 ProductVersion : 3.0 ProductName : TrendSecure Remote File Lock CompanyName : Trend Micro Inc. FileDescription : Trend Micro TrendSecure InternalName : FLMain.exe LegalCopyright : Copyright © 2007 Trend Micro Incorporated. All rights reserved. LegalTrademarks : TrendSecure is a registered trademark of Trend Micro Incorporated. OriginalFilename : FLMain.exe #:23 [tmas_oemon.exe] FilePath : C:\Program Files\Trend Micro\Internet Security\TMAS_OE\ ProcessID : 4180 ThreadCreationTime : 12-12-2007 9:14:22 AM BasePriority : Normal FileVersion : 5.0.0.1128 ProductVersion : 5.0 ProductName : Trend Micro Anti-Spam CompanyName : Trend Micro Inc. FileDescription : Trend Micro Anti-Spam Toolbar InternalName : TMAS_OEMon LegalCopyright : Copyright © 2004-2007 Trend Micro Incorporated. All rights reserved. OriginalFilename : TMAS_OEMon.EXE #:24 [googleupdater.exe] FilePath : C:\Program Files\Google\Google Updater\ ProcessID : 4188 ThreadCreationTime : 12-12-2007 9:14:22 AM BasePriority : Normal FileVersion : 2.2.969.23408.beta ProductVersion : 2.2.969.23408.beta ProductName : Google Updater CompanyName : Google FileDescription : Google Updater InternalName : Google Updater LegalCopyright : ©2005-2006 Google. All Rights Reserved. OriginalFilename : GoogleUpdater.exe Comments : Google Updater #:25 [onenotem.exe] FilePath : C:\Program Files\Microsoft Office\Office12\ ProcessID : 4416 ThreadCreationTime : 12-12-2007 9:14:25 AM BasePriority : Normal #:26 [stripsaver2.exe] FilePath : C:\Program Files\StripSaver2\ ProcessID : 4444 ThreadCreationTime : 12-12-2007 9:14:25 AM BasePriority : Normal #:27 [vghd.exe] FilePath : C:\Program Files\vghd\ ProcessID : 4452 ThreadCreationTime : 12-12-2007 9:14:26 AM BasePriority : Normal #:28 [virtuagirl2.exe] FilePath : C:\Program Files\Vg\ ProcessID : 4460 ThreadCreationTime : 12-12-2007 9:14:26 AM BasePriority : Normal #:29 [virtuagirl_downloader.exe] FilePath : C:\Program Files\vghd\ ProcessID : 4784 ThreadCreationTime : 12-12-2007 9:14:36 AM BasePriority : Normal #:30 [nmindexstoresvr.exe] FilePath : C:\Program Files\Common Files\Nero\Lib\ ProcessID : 4944 ThreadCreationTime : 12-12-2007 9:14:38 AM BasePriority : Normal #:31 [tscfcommander.exe] FilePath : C:\Program Files\Trend Micro\TrendSecure\ ProcessID : 6096 ThreadCreationTime : 12-12-2007 9:15:24 AM BasePriority : Normal FileVersion : 1.0.0.1205 ProductVersion : 1.0 ProductName : TrendSecure Common Platform CompanyName : Trend Micro Inc. FileDescription : TSCFCommander InternalName : TSCFCommander LegalCopyright : Copyright © 2007 Trend Micro Incorporated. All rights reserved. OriginalFilename : TSCFCommander.exe #:32 [googledesktop.exe] FilePath : C:\Program Files\Google\Google Desktop Search\ ProcessID : 6116 ThreadCreationTime : 12-12-2007 9:15:27 AM BasePriority : Normal FileVersion : 5.5.709.30344 ProductVersion : 5.5.709.30344 ProductName : Google Desktop CompanyName : Google FileDescription : Google Desktop InternalName : Google Desktop LegalCopyright : Copyright © 2003-07 Google. All Rights Reserved. #:33 [cpshelprunner10.exe] FilePath : C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ ProcessID : 1436 ThreadCreationTime : 12-12-2007 9:15:36 AM BasePriority : Normal FileVersion : 10.0.1.15 ProductVersion : 10.0.1.15 ProductName : CommonSDK CompanyName : Sonic Solutions FileDescription : ROXHelpRunner Module LegalCopyright : Copyright © 1994-2005 Sonic Solutions LegalTrademarks : Roxio PhotoSuite, the PhotoSuite logo and the Roxio logo are registered trademarks or trademarks of Roxio Inc. #:34 [ymsgr_tray.exe] FilePath : C:\Program Files\Yahoo!\Messenger\ ProcessID : 4728 ThreadCreationTime : 12-12-2007 9:15:36 AM BasePriority : Normal FileVersion : 8,1,0,0 ProductVersion : 8,1,0,0 ProductName : Yahoo! Messenger CompanyName : Yahoo! Inc. FileDescription : Yahoo! Messenger Tray LegalCopyright : © 1998-2007 Yahoo! Inc. All rights reserved. #:35 [hschkproxyexe.exe] FilePath : C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\Dependent\ ProcessID : 5924 ThreadCreationTime : 12-12-2007 2:01:50 PM BasePriority : Normal FileVersion : 1.0.0.1231 ProductVersion : 1.0 ProductName : TrendSecure Transaction Guard Plus CompanyName : Trend Micro Inc. FileDescription : Trend Micro TrendSecure InternalName : HSChkPro LegalCopyright : Copyright © 2007 Trend Micro Incorporated. All rights reserved. LegalTrademarks : TrendSecure is a registered trademark of Trend Micro Incorporated. OriginalFilename : HSChkPro.exe #:36 [service.exe] FilePath : C:\Windows\System32\ ProcessID : 5416 ThreadCreationTime : 12-12-2007 9:14:52 PM BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : M i r a r ErrorDnsTest CompanyName : M i r a r FileDescription : ErrorDnsTest LegalCopyright : Copyright ? 2007 #:37 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 672 ThreadCreationTime : 12-12-2007 9:34:50 PM BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved #:38 [ieuser.exe] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 3316 ThreadCreationTime : 12-12-2007 9:35:37 PM BasePriority : Normal FileVersion : 6.0.6000.16386 (vista_rtm.061101-2205) ProductVersion : 6.0.6000.16386 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : ieuser.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ieuser.exe.mui #:39 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 2504 ThreadCreationTime : 12-12-2007 9:35:37 PM BasePriority : Normal FileVersion : 7.00.6000.16386 (vista_rtm.061101-2205) ProductVersion : 7.00.6000.16386 ProductName : Windows® Internet Explorer CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : IEXPLORE.EXE.MUI Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 6 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Adware.Agent Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Adware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{be2ed590-ca49-46b5-8cce-244fb2e0d1aa} Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 7 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 7 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 7 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» <STOP> Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 7 Deep scanning and examining files (I:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for I:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 7 3:49:30 PM Scan stopped by user Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:08:33.415 Objects scanned:176494 Objects identified:1 Objects ignored:0 New critical objects:1