« previous next »
Pages: [1]   Go Down

Author Topic: adaware SE plus  (Read 2642 times)

0 Members and 1 Guest are viewing this topic.

Offline mcmso

  • Newbie
  • *
  • Posts: 4
adaware SE plus
« on: December 20, 2005, 04:40:52 PM »
I need help with my Adaware SE Plus. everytime I run a scan on my computer Adaware finds a critical and then my computer shuts down, and restarts. I have other anti spyware installed and none of them have any problems. The others are Noadware, and winpatrol. Can someone help me figure this out plz....

michael
Logged

Offline mitch

  • Hero Member
  • *****
  • Posts: 729
Re: adaware SE plus
« Reply #1 on: December 20, 2005, 05:33:46 PM »
if you are doing a manual scan.......
the other programs can affect aaw ,and aaw can affect the other programs

it is like running two anti-virus programs, and two firewalls
they don't play nice ;-D

so try a manual scan with your other programs disabled !!!
i have seen problems with a/v to, so just shut down all, be offline and try a scan and let us know what happens
if it works, you can find out which one doesn't want to play nice
Logged

Offline GR@PH;<'S

  • Administrator
  • Hero Member
  • *****
  • Posts: 15651
    • http://www.taktmobiles.co.uk
Re: adaware SE plus
« Reply #2 on: December 20, 2005, 08:13:00 PM »
mcmso,
Apart forom trrying the things that mitch has said can you please make sure that you are using  Ad-aware SE Build 106 plus with the latest  Definition file (SE1R82.19.12.2005)
if you are not using Ad-aware SE Build 106 plus then I recommend that you get a fresh download of it then after installing it update it
(Note you will need the details that were sent to you when getting your fresh download of Ad-aware  SE Build 106 plus

GR@PH;<'S   :breakkie:
Logged
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least.

Offline mcmso

  • Newbie
  • *
  • Posts: 4
Re: adaware SE plus
« Reply #3 on: December 20, 2005, 10:16:46 PM »
I shut the others down and made sure i have the latest definitions: It worked once and now it freezes on me. I know there is a post about the freezing so i will try and read those. Any comments still welcome and thanks for the help.

Michael
Logged

Offline GR@PH;<'S

  • Administrator
  • Hero Member
  • *****
  • Posts: 15651
    • http://www.taktmobiles.co.uk
Re: adaware SE plus
« Reply #4 on: December 20, 2005, 10:19:48 PM »
mcmso,
Once you have tried that then if needed post your Adaware log file here

GR@PH;<'S   :breakkie:
Logged
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least.

Offline mcmso

  • Newbie
  • *
  • Posts: 4
Re: adaware SE plus
« Reply #5 on: December 22, 2005, 12:10:42 PM »
still freezes on me, here is my log file


Ad-Aware SE Build 1.06r1
Logfile Created on:Thursday, December 22, 2005 8:03:20 AM
Using definitions file:SE1R82 19.12.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Deactivate Ad-Watch during Ad-Aware scans
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Reanalyze results after scanning before displaying results lists
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show splash screen
Set : Show detail tooltips in results lists
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects


12-22-2005 8:03:20 AM - Scan started. (Full System Scan)

 MRU List Object Recognized!
    Location:          : C:\Documents and Settings\Owner\recent
    Description        : list of recently opened documents


 MRU List Object Recognized!
    Location:          : S-1-5-21-220523388-1580436667-682003330-1003\software\microsoft\direct3d\mostrecentapplication
    Description        : most recent application to use microsoft direct3d


 MRU List Object Recognized!
    Location:          : software\microsoft\direct3d\mostrecentapplication
    Description        : most recent application to use microsoft direct3d


 MRU List Object Recognized!
    Location:          : S-1-5-21-220523388-1580436667-682003330-1003\software\microsoft\direct3d\mostrecentapplication
    Description        : most recent application to use microsoft direct X


 MRU List Object Recognized!
    Location:          : software\microsoft\direct3d\mostrecentapplication
    Description        : most recent application to use microsoft direct X


 MRU List Object Recognized!
    Location:          : software\microsoft\directdraw\mostrecentapplication
    Description        : most recent application to use microsoft directdraw


 MRU List Object Recognized!
    Location:          : S-1-5-21-220523388-1580436667-682003330-1003\software\microsoft\directinput\mostrecentapplication
    Description        : most recent application to use microsoft directinput


 MRU List Object Recognized!
    Location:          : S-1-5-21-220523388-1580436667-682003330-1003\software\microsoft\directinput\mostrecentapplication
    Description        : most recent application to use microsoft directinput


 MRU List Object Recognized!
    Location:          : S-1-5-21-220523388-1580436667-682003330-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
    Description        : list of recent programs opened


 MRU List Object Recognized!
    Location:          : S-1-5-21-220523388-1580436667-682003330-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
    Description        : list of recently saved files, stored according to file extension


 MRU List Object Recognized!
    Location:          : S-1-5-21-220523388-1580436667-682003330-1003\software\microsoft\windows\currentversion\explorer\recentdocs
    Description        : list of recent documents opened


 MRU List Object Recognized!
    Location:          : S-1-5-21-220523388-1580436667-682003330-1003\software\microsoft\windows media\wmsdk\general
    Description        : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
    FilePath           : \SystemRoot\System32\
    ProcessID          : 664
    ThreadCreationTime : 12-21-2005 10:21:35 PM
    BasePriority       : Normal


#:2 [csrss.exe]
    FilePath           : \??\C:\WINDOWS\system32\
    ProcessID          : 720
    ThreadCreationTime : 12-21-2005 10:21:38 PM
    BasePriority       : Normal


#:3 [winlogon.exe]
    FilePath           : \??\C:\WINDOWS\system32\
    ProcessID          : 744
    ThreadCreationTime : 12-21-2005 10:21:39 PM
    BasePriority       : High


#:4 [services.exe]
    FilePath           : C:\WINDOWS\system32\
    ProcessID          : 792
    ThreadCreationTime : 12-21-2005 10:21:40 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Services and Controller app
    InternalName       : services.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : services.exe

#:5 [lsass.exe]
    FilePath           : C:\WINDOWS\system32\
    ProcessID          : 804
    ThreadCreationTime : 12-21-2005 10:21:40 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion     : 5.1.2600.1106
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : LSA Shell (Export Version)
    InternalName       : lsass.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : lsass.exe

#:6 [svchost.exe]
    FilePath           : C:\WINDOWS\system32\
    ProcessID          : 956
    ThreadCreationTime : 12-21-2005 10:21:41 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : svchost.exe

#:7 [svchost.exe]
    FilePath           : C:\WINDOWS\system32\
    ProcessID          : 1124
    ThreadCreationTime : 12-21-2005 10:23:03 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : svchost.exe

#:8 [svchost.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 1220
    ThreadCreationTime : 12-21-2005 10:23:04 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : svchost.exe

#:9 [svchost.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 1392
    ThreadCreationTime : 12-21-2005 10:23:05 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : svchost.exe

#:10 [svchost.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 1424
    ThreadCreationTime : 12-21-2005 10:23:05 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : svchost.exe

#:11 [spoolsv.exe]
    FilePath           : C:\WINDOWS\system32\
    ProcessID          : 1544
    ThreadCreationTime : 12-21-2005 10:23:06 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (XPClient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Spooler SubSystem App
    InternalName       : spoolsv.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : spoolsv.exe

#:12 [explorer.exe]
    FilePath           : C:\WINDOWS\
    ProcessID          : 1828
    ThreadCreationTime : 12-21-2005 10:23:16 PM
    BasePriority       : Normal
    FileVersion        : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion     : 6.00.2800.1106
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Windows Explorer
    InternalName       : explorer
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : EXPLORER.EXE

#:13 [point32.exe]
    FilePath           : C:\Program Files\Microsoft Hardware\Mouse\
    ProcessID          : 1892
    ThreadCreationTime : 12-21-2005 10:23:17 PM
    BasePriority       : Normal


#:14 [acmonitor_x83.exe]
    FilePath           : C:\PROGRA~1\LEXMAR~1\
    ProcessID          : 2024
    ThreadCreationTime : 12-21-2005 10:23:17 PM
    BasePriority       : Normal
    FileVersion        : 1, 0, 0, 1
    ProductVersion     : 1, 0, 0, 1
    ProductName        : Jetsoft Development Company ACMonitor
    CompanyName        : Jetsoft Development Company
    FileDescription    : ACMonitor
    InternalName       : ACMonitor
    LegalCopyright     : Copyright © 2000
    OriginalFilename   : ACMonitor.exe
    Comments           : By: Alan S Hong

#:15 [rundll32.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 332
    ThreadCreationTime : 12-21-2005 10:23:19 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Run a DLL as an App
    InternalName       : rundll
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : RUNDLL.EXE

#:16 [ctsysvol.exe]
    FilePath           : C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\
    ProcessID          : 452
    ThreadCreationTime : 12-21-2005 10:23:19 PM
    BasePriority       : Normal
    FileVersion        : 1.3.8.0
    ProductVersion     : 1.0.0.0
    ProductName        : Creative Volume Control
    CompanyName        : Creative Technology Ltd
    FileDescription    : CTSysVol.exe
    LegalCopyright     : Copyright (c) Creative Technology Ltd., 2002-2003. All rights reserved.
    OriginalFilename   : CTSysVol.exe

#:17 [ctdvddet.exe]
    FilePath           : C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\
    ProcessID          : 460
    ThreadCreationTime : 12-21-2005 10:23:19 PM
    BasePriority       : Normal
    FileVersion        : 1.0.3.0
    ProductVersion     : 1.0.3.0
    ProductName        : CTDVDDET
    CompanyName        : Creative Technology Ltd
    FileDescription    : CTDVDDET
    InternalName       : CTDVDDET
    LegalCopyright     : Copyright (c) Creative Technology Ltd., 2002-2003. All rights reserved.
    OriginalFilename   : CTDVDDET.EXE

#:18 [cthelper.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 472
    ThreadCreationTime : 12-21-2005 10:23:19 PM
    BasePriority       : Normal
    FileVersion        : 1, 0, 1, 0
    ProductVersion     : 1, 0, 1, 0
    ProductName        : CtHelper Application
    CompanyName        : Creative Technology Ltd
    FileDescription    : CtHelper MFC Application
    InternalName       : CtHelper
    LegalCopyright     : Copyright (C) 2002-03
    OriginalFilename   : CtHelper.EXE

#:19 [bdswitch.exe]
    FilePath           : C:\progra~1\softwin\bitdef~1\
    ProcessID          : 572
    ThreadCreationTime : 12-21-2005 10:23:21 PM
    BasePriority       : Normal


#:20 [bdnagent.exe]
    FilePath           : C:\progra~1\softwin\bitdef~1\
    ProcessID          : 608
    ThreadCreationTime : 12-21-2005 10:23:22 PM
    BasePriority       : Normal
    FileVersion        : 1, 0, 0, 1
    ProductVersion     : 0, 0, 0, 0
    ProductName        : BitDefender News Agent
    CompanyName        : SOFTWIN S.R.L
    FileDescription    : BitDefender News Agent
    InternalName       : News Agent
    LegalCopyright     : © 2005 SOFTWIN S.R.L.
    OriginalFilename   : BDNewsAgent.exe

#:21 [rcman.exe]
    FilePath           : C:\Program Files\Creative\MediaSource\RemoteControl\
    ProcessID          : 768
    ThreadCreationTime : 12-21-2005 10:23:28 PM
    BasePriority       : Normal
    FileVersion        : 2.0.0.3
    ProductVersion     : 2.0.0.0
    ProductName        : Creative MediaSource 2 Remote Control System
    CompanyName        : Creative Technology Ltd
    FileDescription    : Remote Control Manager
    InternalName       : RcMan
    LegalCopyright     : Copyright (c) Creative Technology Ltd.,2003. All rights reserved.
    OriginalFilename   : RcMan.EXE

#:22 [ad-watch.exe]
    FilePath           : C:\PROGRA~1\Lavasoft\AD-AWA~2\
    ProcessID          : 876
    ThreadCreationTime : 12-21-2005 10:23:29 PM
    BasePriority       : High
    FileVersion        : 3.1.2.17
    ProductVersion     : 3.2
    ProductName        : Ad-Aware SE
    CompanyName        : Lavasoft Sweden
    FileDescription    : Ad-Watch System Protector
    InternalName       : Ad-Watch.exe
    LegalCopyright     : 1999-2004 Team Lavasoft
    OriginalFilename   : Ad-Watch.exe

#:23 [alg.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 1292
    ThreadCreationTime : 12-21-2005 10:24:13 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion     : 5.1.2600.1106
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Application Layer Gateway Service
    InternalName       : ALG.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : ALG.exe

#:24 [ctsvccda.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 1308
    ThreadCreationTime : 12-21-2005 10:24:14 PM
    BasePriority       : Normal
    FileVersion        : 1.0.1.0
    ProductVersion     : 1.0.0.0
    ProductName        : Creative Service for CDROM Access
    CompanyName        : Creative Technology Ltd
    FileDescription    : Creative Service for CDROM Access
    InternalName       : CTsvcCDAEXE
    LegalCopyright     : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
    OriginalFilename   : CTsvcCDA.EXE

#:25 [nvsvc32.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 1368
    ThreadCreationTime : 12-21-2005 10:24:14 PM
    BasePriority       : Normal
    FileVersion        : 6.14.10.7801
    ProductVersion     : 6.14.10.7801
    ProductName        : NVIDIA Driver Helper Service, Version 78.01
    CompanyName        : NVIDIA Corporation
    FileDescription    : NVIDIA Driver Helper Service, Version 78.01
    InternalName       : NVSVC
    LegalCopyright     : (C) NVIDIA Corporation. All rights reserved.
    OriginalFilename   : nvsvc32.exe

#:26 [svchost.exe]
    FilePath           : C:\WINDOWS\System32\
    ProcessID          : 1632
    ThreadCreationTime : 12-21-2005 10:24:14 PM
    BasePriority       : Normal
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    ProductName        : Microsoft® Windows® Operating System
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    LegalCopyright     : © Microsoft Corporation. All rights reserved.
    OriginalFilename   : svchost.exe

#:27 [xcommsvr.exe]
    FilePath           : C:\Program Files\Common Files\Softwin\BitDefender Communicator\
    ProcessID          : 1960
    ThreadCreationTime : 12-21-2005 10:24:18 PM
    BasePriority       : Normal
    FileVersion        : 1, 8, 9, 0
    ProductVersion     : 1, 8, 9, 0
    ProductName        : Softwin BitDefender Communicator Server
    CompanyName        : Softwin
    FileDescription    : BitDefender Communicator Server
    InternalName       : XCOMMSVR
    LegalCopyright     : Copyright © 2003-2004 Softwin
    OriginalFilename   : xcommsvr.exe
    Comments           : Manages communication between BitDefender components

#:28 [wzqkpick.exe]
    FilePath           : C:\PROGRA~1\WINZIP\
    ProcessID          : 2400
    ThreadCreationTime : 12-21-2005 10:54:47 PM
    BasePriority       : Normal
    FileVersion        : 1.0 (32-bit)
    ProductVersion     : 10.0  (6595)
    ProductName        : WinZip
    CompanyName        : WinZip Computing LP
    FileDescription    : WinZip Executable
    InternalName       : WZQKPICK.EXE
    LegalCopyright     : Copyright (c) WinZip International LLC 1991-2005 - All Rights Reserved
    LegalTrademarks    : WinZip is a registered trademark of WinZip International LLC
    OriginalFilename   : WZQKPICK.EXE
    Comments           : StringFileInfo: U.S. English

#:29 [l2wind.exe]
    FilePath           : C:\Program Files\Lineage II\System\
    ProcessID          : 3152
    ThreadCreationTime : 12-21-2005 11:02:45 PM
    BasePriority       : Normal


#:30 [livesrv.exe]
    FilePath           : C:\Program Files\Common Files\Softwin\BitDefender Update Service\
    ProcessID          : 3044
    ThreadCreationTime : 12-22-2005 11:35:32 AM
    BasePriority       : Normal
    FileVersion        : 9, 0, 0, 0
    ProductVersion     : 9, 0, 0, 0
    ProductName        : BitDefender 9
    CompanyName        : SOFTWIN S.R.L.
    FileDescription    : BitDefender Security Service
    InternalName       : LiveSrv
    LegalCopyright     : © 2005 SOFTWIN S.R.L.
    OriginalFilename   : livesrv.exe

#:31 [bdss.exe]
    FilePath           : C:\Program Files\Common Files\Softwin\BitDefender Scan Server\
    ProcessID          : 560
    ThreadCreationTime : 12-22-2005 11:35:35 AM
    BasePriority       : Normal


#:32 [vsserv.exe]
    FilePath           : C:\Program Files\Softwin\BitDefender9\
    ProcessID          : 2200
    ThreadCreationTime : 12-22-2005 11:35:39 AM
    BasePriority       : Normal
    FileVersion        : 9, 0, 0, 9
    ProductVersion     : 9, 0, 0, 9
    ProductName        : BitDefender 9
    CompanyName        : SOFTWIN S.R.L.
    FileDescription    : BitDefender Security Service
    InternalName       : VSServ
    LegalCopyright     : © 2005 SOFTWIN S.R.L.
    OriginalFilename   : vsserv.exe

#:33 [ad-aware.exe]
    FilePath           : C:\Program Files\Lavasoft\Ad-Aware SE Plus\
    ProcessID          : 3900
    ThreadCreationTime : 12-22-2005 1:02:53 PM
    BasePriority       : Normal
    FileVersion        : 6.2.0.237
    ProductVersion     : SE 106
    ProductName        : Lavasoft Ad-Aware SE
    CompanyName        : Lavasoft Sweden
    FileDescription    : Ad-Aware SE Core application
    InternalName       : Ad-Aware.exe
    LegalCopyright     : Copyright © Lavasoft AB Sweden
    OriginalFilename   : Ad-Aware.exe
    Comments           : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 12


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 Malware.Psguard Object Recognized!
    Type               : Regkey
    Data               :
    TAC Rating         : 7
    Category           : Malware
    Comment            :
    Rootkey            : HKEY_LOCAL_MACHINE
    Object             : software\psguard.com

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 13


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
<STOP>

Logged

Offline GR@PH;<'S

  • Administrator
  • Hero Member
  • *****
  • Posts: 15651
    • http://www.taktmobiles.co.uk
Re: adaware SE plus
« Reply #6 on: December 22, 2005, 01:27:20 PM »
mcmso,
 I recommed that you try doing a thorough Disk Defrag and follow it with  Check or Scan Disk depending upon your version of Windows.
Now it may take a few scans to complete, but it should work for you. Reboot after each scan
 please can you clear out your cache folder ie: temporary internet folder also
please can you make sure that you still have “Ticks by these :
"Unload recognized processes during scanning",
"Let Windows remove files in use after reboot."
to do this Open Ad-aware SE
Click “settings” (the Gear)
then Click “Tweaks“,
then click “Scanning Engine”
Tick ."Unload recognized processes during scanning"
 Then Click “Cleaning Engine”
 And Tick
"Let Windows remove files in use after reboot."
then Click “proceed”.
now use the WebUpDate
(to make sure you are upto date) if you want to clean your PC then scan by doing a
"Full Scan" then and once the scan has finished
Highlite one items that there seems to be a bunch of.
Right click and choose the command to highlite all of those entries.
Then remove them.
 then  Reboot (ie: Re-start your PC)
(Do this with all of the items  with multiple objects then When you are reduced to just the others items with one or a few, remove them. )
Then re-scan  doing a  "Full Scan" and  then post your logfile here by using the Add-Reply Feature .
GR@PH;<'S   :breakkie:
Logged
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 11536
  • "Stronger than the past, united in our goal."
    • Security Garden
Re: adaware SE plus
« Reply #7 on: December 22, 2005, 10:28:57 PM »
Hi, mcmso.  There was enough of a logfile to show up the problem.  That psguard is part of the W32.Sinnaka.A@mm.  I've been dealing with it daily at another site. 

Follow these instructions carefully.  You may want to print them so you don't miss a step. 

First, please right click on the Ad-Watch icon in your system tray and make sure that "Automatic" is turned OFF.  Since you will be scanning in safe mode, there is no need to disable the real time monitors.  However, please accept any prompts for changes to the registry after you restart in normal mode. 

A.  Download and/or update the following programs.  Install them but do NOT run them yet.


B.  Enter the Windows Control Panel and double-click on Add/Remove Programs. When the installed programs list appears, double-click on any of the following entries that appear, and allow them to uninstall ... no worries if you don't see some/all of them:

Security IGuard
Virtual Maid
Search Maid
PSGuard

Then exit the Add/Remove Programs screen and the Control Panel.

C.  Instructions for using CCleaner
  • Before first use, check under Options > Advanced > UNcheck "Only delete files in Windows Temp folder older than 48 hours".
  • A pop up box will appear advising this process will permanently delete files from your system.
  • To protect logon cookies that you wish to retain, under Options > Cookies.  Select and using the arrow move those cookies to the "Cookies to keep" column.
  • Then select the items you wish to clean up:
In the Windows Tab:

Clean all entries in the "Internet Explorer" section.
Clean all the entries in the "Windows Explorer" section.
Clean all entries in the "System" section.
Clean all entries in the "Advanced" section.
Clean any others that you choose.

In the Applications Tab:

Clean all in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section.
Clean any others that you choose.

  • Click the "Run Cleaner" button and it will scan and clean your system.
  • Click exit.


D.  Next, please reboot your computer in SafeMode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  • Instead of Windows loading as normal, a menu should appear
  • Select the first option, to run Windows in Safe Mode.


E. Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.  Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

F.  Open Ad-Aware and do a full scan.  Before scanning, UNcheck "Search for negligible risk entries".  Remove all it finds.

G.  Shutdown/Restart in SafeMode as instructed above.  Run Ewido:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop.
Now close ewido security suite.

H.  Next go to Control Panel click Display > Desktop > Customize Desktop > Website > Uncheck "Security Info" if present.

I. Reboot back into Windows and click the Panda ActiveScan shortcut.
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on Local Disks to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
    Post the contents of the Panda scan report, along with a new Ad-Aware SE Log run in Normal Mode (without MRU's, please), the contents of smitfiles.txt and the Ewido Log by using Add Reply.

    Let us know if any problems persist.
Logged
,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 11536
  • "Stronger than the past, united in our goal."
    • Security Garden
Re: adaware SE plus
« Reply #8 on: December 23, 2005, 12:09:46 PM »
Note:  An alternate download site has been added for the smitRem© fix.  If you cannot get it from the link above, please use this site:  smitRem.exe.

Thank you.
Logged
,  

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline mcmso

  • Newbie
  • *
  • Posts: 4
Re: adaware SE plus
« Reply #9 on: January 10, 2006, 12:43:24 PM »
I finally got around to fixing my computer and every thing worked out great. Thanks so much for all your help. Its always great when you have the right people who know what there doing to help you. If i can ever help in anyway I hope to return the favor one day...

Thanks again,

Michael

 :gwave:
Logged

Offline GR@PH;<'S

  • Administrator
  • Hero Member
  • *****
  • Posts: 15651
    • http://www.taktmobiles.co.uk
Re: adaware SE plus
« Reply #10 on: January 10, 2006, 01:58:37 PM »
mcmso,
Glad to here that you have got your PC sorted out  :gwave:
Now Do not forget where we are and ofcause feel free to join in if you want 
(we not bite well most of us dont  :hysterical:)

GR@PH;<'S   :breakkie:
Logged
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least.
Pages: [1]   Go Up
« previous next »