• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/


  • Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About bob-the-builder

  • Rank
  1. Ad-Aware won't update

    Hi Cecilia, Answering your points in turn, because Ad-Aware didn't find any tracking cookies in Firefox, I checked the settings and discovered that it was in fact set to accept third-party cookies. I had certainly turned off this option a long time ago and am puzzled as to how it became reversed. I clicked the "Show Cookies" button and found hundreds of cookies, which I have now deleted (took quite a while). I have also set the option not to accept third-party cookies. So I still think it odd that Ad-Aware didn't find any tracking cookies. During installation, I did indeed opt not to install the Ad-Aware toolbar. What I was trying to explain was that after the installation had completed, and the Home page (or Console) opened, under "Safe Browsing" (which was set to ON) I selected OFF, but it continued to run as explained in post #15. I ran the previous version on demand by disabling its start-up in the registry and disabling the service. However, version 10 won't play ball. I disabled the start-up entries and disabled both services, but one of the services would re-enable itself every now and then, so I renamed the executables to prevent this. Then it began to sulk and make life difficult - if I right-clicked any file or folder in Explorer, the window would freeze and a message box appeared "Windows installer. Preparing to install ...". Prior to 'disabling' Ad-Aware, I was considering uninstalling it because it was slowing my computer at start up with SBAMSvc.exe taking around 98% CPU time, resulting in it taking longer than normal for my computer to get to a state where it was usable. This is the very reason I stopped running the likes of Norton; AVG and Avast. OK, maybe my computer is old (7 years) but it does what I need. As it is not possible to run Ad-Aware as an "on demand" utility, and as SBAMSvc.exe extends start up time, I decided to remove it. I restored the file names; re-enabled the services; restored the registry start-up settings; and uninstalled the product (or so I thought). On reboot however, it tried to reinstall itself with the message: "Please wait while Windows configures Ad-Aware Antivirus" ... and goes around in an endless loop trying to do so! Eventually, when I finally managed to get it totally removed, I found that it hadn't uninstalled the Safer Browsing product - it was still running. It seems this product has to be uninstalled separately, even though the single Ad-Aware installer installed it - I'd have thought it should have equally uninstalled the complete product. I also found that it didn't remove the "Ad-Aware update (weekly)" scheduled task. After rebooting, I once more got a Lavasoft balloon (Lavasoft Ad-Aware reports that it is turned off)! I have removed this in a similar way to the instructions at post #10 above and the entire product seems to have finally gone. So sadly, as I have said, I've had to uninstall the product. Hopefully, in the not too distant future, an on-demand product might become available. Thanks for your assistance. Regards, Bob
  2. Ad-Aware won't update

    Hi Cecilia, Yes, it installed OK and I did a full scan. It uncovered a few Internet Explorer tracking cookies (which I seldom use) but surprisingly, nothing at all in Firefox (which I use extensively). Does it not check Firefox cookies? When I installed it, I turned off "Safe Browsing" but noticed that on boot up, the system still loads adawarebp.exe, and if I type a non-existent URL in Firefox, it opens an "Ad-Aware Safe Browsing" page, even though the Ad-Aware home page shows it as being "Off". Something not quite right there - seems Ad-Aware is telling lies! I had to disable Safe Browsing by editing its entry in the registry "Run" key. Ideally, I want to run Ad-Aware "on demand", not in resident mode. This seems to entail further editing of the registry to prevent AdAwareLauncher.exe from running; exiting the program; stopping the Ad-Aware Service and changing its startup to "Manual"; and disabling the two entries in "Scheduled Tasks". Is there not a simpler way to just run it on demand? Regards, Bob
  3. Ad-Aware won't update

    Hi Cecilia, I stopped the lbd.sys service and deleted it without a problem, and I've also deleted the driver file. Emsisoft anti-malware was uninstalled shortly after running DDS and the driver is no longer loaded. Java was set to automatically update but for some reason it had given up doing so. I've now installed version 7. Thanks for all your help - you're invaluable! Regards, Bob
  4. Ad-Aware won't update

    Hi Cecilia, Yes, I had previously run RootkitRevealer (but it didn't reveal any problem). I was unable to locate Lbd.sys in Device Manager, I did however come across 'Lavasoft Helper Driver' (which I uninstalled) and subsequently deduced from lbd.inf that it was in fact 'Lavasoft Kernexplorer'. Following your instructions to run wbemtest, I can confirm that the Ad-Watch Live balloon no longer appears on boot up. sc query lbd.sys shows that it is a service, and that it is running. Stopping the service (sc stop lbd.sys) didn't seem to cause any problem, so presumably it is safe to remove the service by stopping it, then issuing the command sc delete lbd.sys? If you agree with this action, presumably Ad-Aware will then have been completely removed and that the current version should install without a problem? Regards, Bob
  5. Ad-Aware won't update

    Hi again, Yes, I do have WinPatrol installed but use it mainly to keep an eye on what is being installed, or changed, behind the scenes. Having said that, I recently installed the Emsisoft Anti-Malware package to test it before recommending it to friend who 'thought' had an infection. However, it attempted to install a start up program and a service, both of which I blocked through WinPatrol. I'm not aware of any infection and run the following (plus others) from time to time, in rotation: Ad-Aware; Spybot; MBAM; HouseCall on-line scanner; Eset on-line scanner. I also have McAfee Site Advisor installed in my browser. In addition, I have the comprehensive 'HOSTS' file from www.mvps.org installed. In Explorer, the file OOYEWEY.exe details show as: Description: Rootkit detection utility; Company: Sysinternals, www.sysinternals.com, File version: I uploaded the file to VirusTotal as suggested, which resulted in the message: "File already analysed. The file was already analysed by VirusTotal on 2012-06-15 20:00:53. Detection ratio: 0/42". There is an option to 'View last analysis' (https://www.virustotal.com/file/49e4f477ef22a069993ddb7cb6035232c714062cd76ec0ab6bde2be76f1cd636/analysis/), although oddly, it gives the file name as gduojocir.exe, and makes no reference to ooyewey.exe. I have now cleared the 'Temp' folder. The file kernexplorer.sys (dir c:\kernexplorer.exe /s) no longer exist on my system. The folder c:\program files\lavasoft does exist but there are no files in it, nor are there any files in its sub-folder (ad-aware). According to the DriverView utility, Lbd.sys is loaded. Is there a recommended way to uninstall it? Regards, Bob
  6. Ad-Aware won't update

    Hi Cecilia, As requested, contents of DDS.txt as follows. Regards, Bob . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31 Run by rsg1 at 23:16:12 on 2012-06-27 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2047.787 [GMT 1:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\Program Files\Intel\WiFi\bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\system32\crypserv.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\WINDOWS\system32\gatewayipmon_svc.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\lxedcoms.exe C:\WINDOWS\system32\lxeecoms.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\2SE\The Owl\theowl_be.exe C:\Program Files\Intel\WiFi\bin\WLKeeper.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Creative\Sound Blaster\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark S600 Series\lxedmon.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe C:\Program Files\Browny02\Brother\BrStMonW.exe C:\WINDOWS\PixArt\PAP7501\PACTray.exe C:\WINDOWS\PixArt\PAP7501\GUCI_AVS.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\windows\system32\taskmgr.exe C:\Program Files\Browny02\BrYNSvc.exe C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe C:\Program Files\MyTomTom 3\MyTomTomSA.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Squeezebox\SqueezeTray.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\PROGRA~1\SQUEEZ~1\server\SQUEEZ~3.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe c:\PROGRA~1\mcafee\SITEAD~1\saui.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uStart Page = about:blank mURLSearchHooks: H - No File BHO: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Advertising Cookie Opt-out: {8e425eb4-adbd-4816-b1e8-49bb9decf034} - BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No File TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File TB: {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No File TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [taskmanager] c:\windows\system32\taskmgr.exe uRun: [NetMeter] _c:\program files\netmeter\NetMeter.exe uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe uRun: [ShutdownTray] c:\program files\shutdowntray\ShutdownTray.exe /start uRun: [MyTomTomSA.exe] "c:\program files\mytomtom 3\MyTomTomSA.exe" uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun mRun: [Apoint] c:\program files\apoint\Apoint.exe mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe" mRun: [RealTray] _c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe" mRun: [WP.exe] _c:\progra~1\johnhi~1\wp.exe mRun: [CTSysVol] c:\program files\creative\sound blaster\surround mixer\CTSysVol.exe /r mRun: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor mRun: [CloneCDTray] "c:\program files\slysoft\clonecd\CloneCDTray.exe" /s mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide mRun: [lxeemon.exe] "c:\program files\lexmark pro700 series\lxeemon.exe" mRun: [lxedmon.exe] "c:\program files\lexmark s600 series\lxedmon.exe" mRun: [_EzPrint] "_c:\program files\lexmark pro700 series\ezprint.exe" mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe" mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray mRun: [Garmin Lifetime Updater] c:\program files\garmin\lifetime updater\GarminLifetime.exe /StartMinimized mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN mRun: [GUCI_AVS] c:\windows\pixart\pap7501\GUCI_AVS.exe mRun: [PACTray] c:\windows\pixart\pap7501\PACTray.exe mRun: [PAP7501_Monitor] c:\windows\pixart\pap7501\GUCI_AVS.exe mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [RunNarrator] Narrator.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\squeezebox\SqueezeTray.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {E665E4DE-5889-429D-A9D5-5D8E7E326DA2} IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll Trusted Zone: aol.com\my.screenname Trusted Zone: hotmail.com Trusted Zone: live.com Trusted Zone: msn.com Trusted Zone: passport.com DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/ DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - hxxp://www.creative.com/su/ocx/15030/CTSUEng.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} - hxxp://www.partsarena.net/gas/catalogs/ideal/Plugins/GFXVIEW.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex- DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134603192382 DPF: {84A31672-371A-4CBF-8785-DCE55CDC7370} - hxxp:// DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://driveragent.com/files/driveragent.cab DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,5952/mcfscan.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/su/ocx/15033/CTPID.cab DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100 TCP: DhcpNameServer = TCP: Interfaces\{3DEAD8E7-22C0-49C0-BC44-7CB74756F8B2} : DhcpNameServer = TCP: Interfaces\{5AFC6144-0B48-4431-9CDD-580F6A74CABC} : DhcpNameServer = Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: LMIinit - LMIinit.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: DVDIdleShell Class: {93994de8-8239-4655-b1d1-5f4e91300429} - c:\program files\dvd region+css free\DVDShell.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\rsg1\application data\mozilla\firefox\profiles\pchx7im5.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.startup.homepage - about:blank FF - prefs.js: keyword.URL - hxxp://www.google.com/search?&q= FF - prefs.js: network.proxy.type - 0 FF - component: c:\documents and settings\rsg1\application data\mozilla\firefox\profiles\pchx7im5.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll FF - plugin: c:\documents and settings\rsg1\application data\mozilla\firefox\profiles\pchx7im5.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll . ============= SERVICES / DRIVERS =============== . R0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [2008-9-2 39472] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-2-4 64288] R0 PQV2i;PQV2i;c:\windows\system32\drivers\PQV2i.sys [2003-9-12 132899] R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-6-24 17904] R1 PQIMount;PQIMount;c:\windows\system32\drivers\PQIMount.sys [2003-9-12 46810] R1 TSKNF900.SYS;TSKNF900.SYS;c:\windows\system32\drivers\Tsknf900.sys [2011-7-25 17672] R1 TSKNFA00.SYS;TSKNFA00.SYS;c:\windows\system32\drivers\Tsknfa00.sys [2012-6-1 18560] R2 BjsPort;Canon BJ Scanner Port Driver;c:\windows\system32\drivers\BjsPort.sys [2005-12-16 14656] R2 GatewayIPMonitor;Gateway IP Monitor;c:\windows\system32\gatewayipmon_svc.exe [2008-6-2 299008] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-22 374152] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-8-3 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-11-12 47640] R2 lxed_device;lxed_device;c:\windows\system32\lxedcoms.exe -service --> c:\windows\system32\lxedcoms.exe -service [?] R2 lxee_device;lxee_device;c:\windows\system32\lxeecoms.exe -service --> c:\windows\system32\lxeecoms.exe -service [?] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-12-5 87552] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-7-16 35088] R2 theowl_be;The Owl;c:\program files\2se\the owl\theowl_be.exe [2011-12-15 564736] R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2012-1-20 245760] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\rsg1\locals~1\temp\sas_selfextract\sasdifsv.sys --> c:\docume~1\rsg1\locals~1\temp\sas_selfextract\SASDIFSV.SYS [?] S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\rsg1\locals~1\temp\sas_selfextract\saskutil.sys --> c:\docume~1\rsg1\locals~1\temp\sas_selfextract\SASKUTIL.SYS [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 lxedCATSCustConnectService;lxedCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxedserv.exe [2010-4-13 193192] S2 lxeeCATSCustConnectService;lxeeCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeeserv.exe [2010-4-8 193192] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-4 250056] S3 ADPUSBLD;Adaptec USB2-Xchange Firmware Installer;c:\windows\system32\drivers\Adpusbld.sys [2005-12-16 27472] S3 ADPUSBMS;Adaptec USB2-Xchange Mass Storage Driver;c:\windows\system32\drivers\Adpusbst.sys [2005-12-16 18458] S3 ASUSU1;ASUS Xonar U3 Audio Interface;c:\windows\system32\drivers\cm112.sys --> c:\windows\system32\drivers\cm112.sys [?] S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336] S3 epcfw2k;SCM Parallel Port CF Driver;c:\windows\system32\drivers\epcfw2k.sys [2007-1-16 144896] S3 eplsw2k;SCM Parallel Port LS-120 Driver;c:\windows\system32\drivers\eplsw2k.sys [2000-5-24 142567] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-10-11 13224] S3 GUCI_AVS;Generic USB Controller Interface (AVS);c:\windows\system32\drivers\GUCI_AVS.sys [2012-4-4 544000] S3 hcw66xxx;WinTV HVR-900H;c:\windows\system32\drivers\hcw66xxx.sys [2010-9-22 673664] S3 hcw99rc;Hauppauge Nova-DT IR Driver;c:\windows\system32\drivers\hcw99rc.sys --> c:\windows\system32\drivers\hcw99rc.sys [?] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?] S3 ModemProtection;ModemProtection;c:\windows\system32\ModemProtection.sys [2005-5-15 13157] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-11 113120] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-3-30 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-3-30 8576] S3 PCD5SRVC{FBEA8B78-1B22F121-05040000};PCD5SRVC{FBEA8B78-1B22F121-05040000} - PCDR Kernel Mode Service Helper Driver;\??\c:\progra~1\dellsu~2\hwdiag\bin\pcd5srvc.pkms --> c:\progra~1\dellsu~2\hwdiag\bin\PCD5SRVC.pkms [?] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-10-11 90536] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-10-11 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-10-11 122152] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-10-11 115496] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-10-11 25768] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-10-11 111912] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-10-11 117672] S3 sbusb;Sound Blaster USB Audio Driver;c:\windows\system32\drivers\sbusb.sys [2008-1-1 1462272] S3 silabser;CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [2012-3-19 58496] S3 SNXPCARD;Sunix PCI Multi I/O Card Driver;c:\windows\system32\drivers\snxpcard.sys [2005-12-16 20864] S3 SNXPPALX;Sunix PCI Parallel Port Driver;c:\windows\system32\drivers\snxppalx.sys [2005-12-16 75264] S3 UPnPService;UPnPService;c:\program files\common files\magix shared\upnpservice\UPnPService.exe [2007-11-15 544768] S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\vx6000xp.sys --> c:\windows\system32\drivers\VX6000Xp.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2011-6-6 11520] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-11 14336] S3 XET1001Sp50;XET1001Sp50 NDIS Protocol Driver;c:\windows\system32\drivers\XET1001Sp50.sys [2009-8-24 35256] S4 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2012-6-24 3069752] S4 LMIRfsClientNP;LMIRfsClientNP; [x] S4 OOYEWEY;OOYEWEY;c:\docume~1\rsg1\locals~1\temp\OOYEWEY.exe [2012-5-12 523136] S4 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088] S4 TimeServ;Time Service; [x] . =============== Created Last 30 ================ . 2012-06-26 22:47:11 -------- d-----w- c:\documents and settings\rsg1\dwhelper 2012-06-25 23:08:15 -------- d-----w- c:\program files\VS Revo Group 2012-06-24 22:26:22 -------- d-----w- c:\program files\WinPcap 2012-06-24 22:26:03 -------- d-----w- c:\program files\VSO 2012-06-23 15:08:44 -------- d-----w- c:\documents and settings\rsg1\application data\Ad-Aware Antivirus 2012-06-21 17:40:33 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-06 20:36:34 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll 2012-06-06 20:36:34 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll 2012-06-01 12:54:40 18560 ----a-w- c:\windows\system32\drivers\Tsknfa00.sys 2012-05-29 09:28:26 -------- d-----w- c:\windows\system32\wbem\repository\FS 2012-05-29 09:28:26 -------- d-----w- c:\windows\system32\wbem\Repository 2012-05-28 23:58:48 -------- d-----w- c:\program files\Emsisoft Anti-Malware . ==================== Find3M ==================== . 2012-06-21 21:32:46 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-21 21:32:46 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 14:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 14:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 14:18:58 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 14:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-29 14:47:40 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-05-29 14:47:40 52096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll 2012-05-29 14:47:39 87424 ----a-w- c:\windows\system32\LMIinit.dll 2012-05-29 14:47:39 30592 ----a-w- c:\windows\system32\LMIport.dll 2012-05-24 09:46:56 83360 ----a-w- c:\windows\system32\LMIRfsClientNP(2).dll 2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec 2012-05-07 23:18:22 4140192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-04 14:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2006-08-14 22:36:44 207 -csh--r- c:\windows\msdsry.dll . ============= FINISH: 23:17:53.62 ===============
  7. Ad-Aware won't update

    Hi Cecilia, Well, sadly, Ad-Aware seems very reluctant to vacate my computer. I ran Revo in the Hunter mode as suggested, but it took a couple of attempts, and even then it failed to remove the entry from MMC Services. Initially, it responded that the applications uninstaller had failed. It then scanned the registry and found 410 items, which I deleted. The program's window then cleared and wouldn't proceed any further - the only options were "Back" and "Cancel" - "Next" was greyed out. There was no disk activity although when I did a random check of some of the items that had been in the list, they had been removed from the registry. However, a check in Explorer showed c:\program files\Lavasoft was still intact and the Lavasoft Ad-Aware service was still running. I clicked the "Back" button and started the process again, whereupon it found another 25 registry items (which I also deleted), then it found the Lavasoft folder and a myriad of files in the "All Users" folder - 2338 files in total. I deleted the lot and rebooted. The files had all gone but the service was still listed under Services of Microsoft's Management Console (although without the executable it obviously couldn't run). I dragged the Hunter mode icon over the service, but it wasn't smart enough to understand that I wanted to remove the service - it wanted to uninstall, or remove, mmc.exe!! I had to remove the service entry from the command line. At last, I though, it's gone ... but following another reboot, it appears Ad-Aware is still hanging by its fingertips! When I boot, I get a message "Your computer might be at risk. Lavasoft Ad-Watch Live! Anti-Virus is turned off. Click this balloon to fix the problem". So why am I getting this message, when Ad-Aware is supposedly uninstalled? Regards. Bob
  8. Ad-Aware won't update

    Hi, thanks for your reply. No, I don't have any other AV program running and Ad-Watch was already turned off. Following your response, I downloaded and installed the Revo Uninstaller however, neither it, nor Control Panel/Add or remove programs, lists Ad-Aware (either under Ad-Aware or Lavasoft). The only uninstall option is on the Start Menu (Start/Programs/Lavasoft/Ad-Aware/Uninstall Ad-Aware). I'm running XP SP3. Appreciate you further advice. Regards, Bob
  9. Ad-Aware won't update

    I run Ad-Aware (v 9.0.7) and it informs "A new version of Ad-Aware is available", I click "Update Now" and my browser opens. Under "Ad-Aware Free Antivirus +", I click the "Downoad" button and then another "Download" button and am redirected to Cnet. I click their "Download Now" button, and Adaware_Installer.exe is downloaded. I run the installer, select English, accept the end user agreement, click "Next", untick the options to install the safe browsing module and the option to change my homepage, then click "Next". Downloading and installation takes place, and after a short time it says installation was successful. I click "Finish" and it tells me that I must restart my computer. I reboot, run Ad-Aware and it tells me a newer version of Adaware is available .... and goes around in this endless loop. I've even uninstalled Ad-Aware and gone through the whole process again, but it still shows as version 9.0.7 and continues to tell me a new version is available. Where am I going wrong?