First of all I'd like to say that everyone and anyone who invented spyware and adware can burn in a fiery death in the pits of ######. One day these programs will be illegal and you will pay.

Second, I have used Ad-aware and now I am using Spybot and these programs continue to bug my computer. For instance, I may run both programs, delete everything I find and then if I were to run them five minutes later, I would still have the same problems. Here is a short list of what my Spybot always finds:
Bargain Buddy, eZula HotText,Lycos.Sidesearch, TSCash. I usually find about 10 or 15 different things with like 100 entries each. My Ad-aware finds between 100 and 400 new objects everytime I run it. I think I just set a household record with 511 this morning. What should I do? Also what the ###### is a registry key and how can I erase or kill them? Thank you for your time.

Hi, Bigpoppa9

Welcome to the forums

It's pretty frustrating, we've all been there...

Let's start first with an Ad-aware log.

Please check that you have build 6.181 (bottom right of the Ad-aware start screen)

Then click the Globe icon to get the latest reference file.

Then please set up Ad-aware for a Full Custom Scan using the following instructions Full Scan Settings

When you click on the 'start' button, in the next window, select the 2nd option (Use Custom Scanning options) and make sure 'Activate In-depth scan (recommended) is ticked...green.

Run Ad-aware, and post the complete log file here...using the reply button.

How to Post Log File

Cheers, Totro

Well if ever you find out what a registry key is/does..and whether its safe to get rid of them,let me know. i have about 67 of them listed in my results.. currently searching the posts here to see if it has been answered anywhere,since my post was ignored. Good Luck.

ok i dont know how to link to other posts,so i 'm gonna copy and paste what i found on another post.


The registry is a bit like a database. It is the heart of Windows and maintains just about all the configuration information used in the running of Windows.

A registry key is the name of an item and a registry value is the value (text, number etc) contained within the key.

e.g. if you change your wallpaper the appropriate key will be updated with the location of your new wallpaper.

There is an overview of the registry at this URL: http://support.microsoft.com/default.aspx?...kb;EN-US;256986

You can edit the registry directly, but you should be 100% confident in what you are doing as it is possible to cause serious problems by making mistakes editing the registry.

Ad-aware is the safe way to remove any registry items it finds.

I've been having all the same problems now for a couple of months. It's so frustrating....also ran ad-aware yesterday, just as it was suggested and the things came back that are slowing down my computer. I ran it a second time....and it found another 512.

I'm also at the end of my rope.....needing to fix the problem, but not knowing what to do next.....I may not even get through this post since pop-ups and junk are returning right now.

I copied my log-file and will send it on...if that is what might help...or if there is another solution, I would like to know. Someone must know, as it seems to be a common problem.

Thank you.....

Hi, tiger01chris

If you do send us a log, please post it in your own thread - this is Bigpoppa9's thread.

Start your own by "New Topic" button NOT "Reply" to this thread.

Once you have got your own thread established - then you use the "Reply" button.

Once you have your own thread we can give you specific i.e. "personal" help - which may differ from that given to others.

Cheers, Totro

First of all I'd like to thank you guys for the quick and serious responses. Its nice to have other people in the world that are willing to lend their hand to help people in need. I appreciate it.

Here is the Log File:

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Friday, June 04, 2004 5:18:42 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R314 02.06.2004
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result


6-4-2004 5:18:42 PM - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 6-4-2004 3:47:34 AM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-4-2004 3:47:37 AM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-4-2004 3:47:37 AM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 8/18/2001 10:00:00 AM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-4-2004 3:47:37 AM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 8/18/2001 10:00:00 AM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-4-2004 3:47:38 AM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 8/18/2001 10:00:00 AM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-4-2004 3:47:39 AM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 8/18/2001 10:00:00 AM

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-4-2004 3:47:40 AM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 8/18/2001 10:00:00 AM

#:8 [cdac11ba.exe]
FilePath : C:\WINDOWS\System32\drivers\
ThreadCreationTime : 6-4-2004 3:47:48 AM
BasePriority : Normal
FileSize : 51 KB
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
Copyright : Copyright © 1998-2002 Macrovision Corp.
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
OriginalFilename : CDANTSRV.EXE
ProductName : SafeCast Windows NT
Created on : 4/15/2003 2:52:45 AM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 4/15/2003 2:52:45 AM

#:9 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-4-2004 3:47:48 AM
BasePriority : Normal
FileSize : 43 KB
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
Copyright : Copyright © Creative Technology Ltd., 1999. All rights reserved.
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
OriginalFilename : CTsvcCDA.EXE
ProductName : Creative Service for CDROM Access
Created on : 9/7/2002 2:17:39 AM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 12/13/1999 6:01:00 AM

#:10 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ThreadCreationTime : 6-4-2004 3:47:48 AM
BasePriority : Normal
FileSize : 264 KB
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
Copyright : Copyright © Microsoft Corp. 1997-2000
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft Development Environment
Created on : 2/23/2001 3:07:30 PM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 2/23/2001 3:07:30 PM

#:11 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-4-2004 3:47:48 AM
BasePriority : Normal
FileSize : 68 KB
FileVersion : 6.14.10.4403
ProductVersion : 6.14.10.4403
Copyright : © NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 44.03
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 44.03
Created on : 5/2/2003 7:19:00 PM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 5/2/2003 7:19:00 PM

#:12 [mspmspsv.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-4-2004 3:47:48 AM
BasePriority : Normal
FileSize : 52 KB
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
Copyright : Copyright © Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
OriginalFilename : MSPMSPSV.EXE
ProductName : Microsoft ® DRM
Created on : 6/26/2000 12:44:20 PM
Last accessed : 6/4/2004 9:18:42 PM
Last modified : 6/26/2000 12:44:20 PM

#:13 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-4-2004 3:53:54 AM
BasePriority : High


#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-4-2004 3:53:59 AM
BasePriority : Normal
FileSize : 977 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:11:59 PM
Last modified : 8/18/2001 10:00:00 AM

#:15 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\
ThreadCreationTime : 6-4-2004 3:54:37 AM
BasePriority : Normal
FileSize : 664 KB
FileVersion : 5.2.0.91
ProductVersion : 5.2.0.91
Copyright : Copyright © 2001-2002, Roxio, Inc.
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
OriginalFilename : Directcd.exe
ProductName : DirectCD
Created on : 4/10/2002 9:44:04 PM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 4/10/2002 9:44:04 PM

#:16 [damon.exe]
FilePath : C:\Program Files\Dell\Support\Alert\bin\
ThreadCreationTime : 6-4-2004 3:54:37 AM
BasePriority : Normal
FileSize : 264 KB
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 1
Copyright : Copyright © 2001
FileDescription : MessageApp MFC Application
InternalName : MessageApp
OriginalFilename : MessageApp.EXE
ProductName : MessageApp Application
Created on : 4/3/2002 11:06:18 PM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 7/11/2002 8:15:20 PM

#:17 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ThreadCreationTime : 6-4-2004 3:54:37 AM
BasePriority : Normal
FileSize : 76 KB
FileVersion : 6.4
ProductVersion : QuickTime 6.4
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
OriginalFilename : QTTask.exe
ProductName : QuickTime
Created on : 3/10/2004 10:42:20 PM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 3/10/2004 10:42:20 PM

#:18 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ThreadCreationTime : 6-4-2004 3:54:37 AM
BasePriority : Normal
FileSize : 140 KB
FileVersion : 7.50.3102
ProductVersion : 7.50.3102
Copyright : Copyright
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
OriginalFilename : mm_tray.exe
ProductName : MUSICMATCH JUKEBOX
Created on : 9/7/2002 2:22:35 AM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 3/28/2003 9:20:38 PM

#:19 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-4-2004 3:54:38 AM
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 8/18/2001 10:00:00 AM

#:20 [robotaskbaricon.exe]
FilePath : C:\Program Files\Siber Systems\AI RoboForm\
ThreadCreationTime : 6-4-2004 3:54:38 AM
BasePriority : Normal
FileSize : 40 KB
FileVersion : 5-6-7
ProductVersion : 5-6-7
Copyright : Copyright © 1999-2004
CompanyName : Siber Systems
FileDescription : RoboForm TaskBar Icon
InternalName : RoboTaskBarIcon
OriginalFilename : RoboTaskBarIcon.exe
ProductName : Siber Systems AI RoboForm
Created on : 5/23/2004 10:22:50 PM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 5/23/2004 10:22:50 PM

#:21 [dlg.exe]
FilePath : C:\Program Files\Digital Line Detect\
ThreadCreationTime : 6-4-2004 3:54:38 AM
BasePriority : Normal
FileSize : 44 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : BVRP Software
FileDescription : Digital Line Detection
InternalName : TestLine
OriginalFilename : TestLine.exe
ProductName : BVRP Software TestLine
Created on : 9/7/2002 2:16:26 AM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 3/27/2002 7:35:00 AM

#:22 [pts.exe]
FilePath : C:\Program Files\Kodak\KODAK Picture Transfer Software\
ThreadCreationTime : 6-4-2004 3:54:38 AM
BasePriority : Normal
FileSize : 720 KB
FileVersion : 2.1.0007
ProductVersion : 2.1.0007
Copyright : Copyright © 2001, Eastman Kodak Company
CompanyName : Eastman Kodak Company
FileDescription : Picture Transfer Software Executable
InternalName : Picture Transfer Software
OriginalFilename : pts.EXE
ProductName : Picture Transfer Software
Created on : 6/14/2003 5:28:45 PM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 10/18/2001 11:21:40 AM

#:23 [wkcalrem.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ThreadCreationTime : 6-4-2004 3:54:38 AM
BasePriority : Normal
FileSize : 24 KB
FileVersion : 6.00.1828.1
ProductVersion : 6.00.1828.1
Copyright : Copyright
CompanyName : Microsoft
FileDescription : Microsoft
InternalName : WkCalRem
OriginalFilename : WKCALREM.EXE
ProductName : Microsoft
Created on : 8/8/2000 8:00:00 PM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 8/8/2000 8:00:00 PM

#:24 [aim.exe]
FilePath : C:\Program Files\AIM95\
ThreadCreationTime : 6-4-2004 5:15:55 AM
BasePriority : Normal
FileSize : 60 KB
FileVersion : 5.5.3595
ProductVersion : 5.5.3595
Copyright : Copyright
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
OriginalFilename : AIM.EXE
ProductName : AOL Instant Messenger
Created on : 8/13/2003 5:48:11 PM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 4/27/2004 10:18:34 PM

#:25 [spybotsd.exe]
FilePath : C:\Program Files\Spybot - Search & Destroy\
ThreadCreationTime : 6-4-2004 12:27:44 PM
BasePriority : Normal
FileSize : 3855 KB
FileVersion : 1, 3, 0, 12
ProductVersion : 1, 3, 0, 12
CompanyName : Safer Networking Limited
FileDescription : Spybot - Search & Destroy
InternalName : SpyBotSD
OriginalFilename : SpyBotSD.exe
ProductName : SpyBot-S&D
Created on : 5/12/2004 5:03:00 AM
Last accessed : 6/4/2004 9:11:44 PM
Last modified : 5/12/2004 5:03:00 AM

#:26 [devldr32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-4-2004 12:34:19 PM
BasePriority : Normal
FileSize : 25 KB
FileVersion : 1, 0, 0, 22
ProductVersion : 1, 0, 0, 22
Copyright : Copyright
CompanyName : Creative Technology Ltd.
FileDescription : DevLdr32
InternalName : DevLdr
OriginalFilename : DevLdr32.exe
ProductName : Creative Ring3 NT Inteface
Created on : 1/1/1980 5:00:00 AM
Last accessed : 6/4/2004 9:18:43 PM
Last modified : 8/31/2001 6:44:30 PM

#:27 [regedit.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-4-2004 9:12:11 PM
BasePriority : Normal
FileSize : 131 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Registry Editor
InternalName : REGEDIT
OriginalFilename : REGEDIT.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:11:59 PM
Last modified : 8/18/2001 10:00:00 AM

#:28 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 6-4-2004 9:13:29 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/4/2004 9:13:29 PM
Last modified : 8/18/2001 10:00:00 AM

#:29 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 6-4-2004 9:14:35 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 7/11/2003 3:05:04 PM
Last accessed : 6/4/2004 9:14:37 PM
Last modified : 7/13/2003 1:00:20 AM

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Marketscore(Netsetter) Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Netsetter


Win32.Small.Trojan Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : msmc


Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 2
Objects found so far: 2


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 2


Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : joshua@questionmarket[1].txt
Object : C:\Documents and Settings\Joshua\Cookies\

Created on : 6/4/2004 8:16:49 PM
Last accessed : 6/4/2004 9:13:31 PM
Last modified : 6/4/2004 9:13:31 PM



Lycos Sidesearch Object recognized!
Type : File
Data : sidesearch1400.dll
Object : C:\Program Files\Lycos\Sidesearch\
FileSize : 188 KB
FileVersion : 1.4.0.0
ProductVersion : 1.4.0.0
Copyright : Copyright
CompanyName : Lycos, Inc.
FileDescription : Lycos Sidesearch Client
InternalName : Lycos Sidesearch Client
OriginalFilename : sidesearch.dll
ProductName : Lycos Sidesearch Client
Created on : 4/23/2004 2:10:34 PM
Last accessed : 6/4/2004 9:22:38 PM
Last modified : 4/23/2004 2:10:34 PM



DealHelper Object recognized!
Type : File
Data : a0043262.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 68 KB
FileVersion : 2004.05.05.1036A
ProductVersion : 1.0.0.35
Copyright : Copyright 2004
CompanyName : DealHelper.com Inc.
FileDescription : TIN Setup - Professional
ProductName : DealHelper
Created on : 6/4/2004 12:11:23 PM
Last accessed : 6/4/2004 9:24:46 PM
Last modified : 6/4/2004 12:11:21 PM



DealHelper Object recognized!
Type : File
Data : a0043264.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 16 KB
FileVersion : 254
ProductVersion : 254
Copyright : Copyright
CompanyName : Tarma Software Research Pty Ltd
FileDescription : Tarma Installer extension DLL
InternalName : _SETUP
OriginalFilename : _SETUP.DLL
ProductName : Tarma Installer
Created on : 6/4/2004 12:11:24 PM
Last accessed : 6/4/2004 9:24:46 PM
Last modified : 5/3/2004 3:05:09 PM



DealHelper Object recognized!
Type : File
Data : a0043265.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 68 KB
FileVersion : 2004.05.05.1036A
ProductVersion : 1.0.0.9
Copyright : Copyright 2004
CompanyName : TimeSync
FileDescription : TIN Setup - Professional
ProductName : TimeSync
Created on : 6/4/2004 12:11:36 PM
Last accessed : 6/4/2004 9:24:46 PM
Last modified : 6/4/2004 12:11:35 PM



DealHelper Object recognized!
Type : File
Data : a0043267.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 8 KB
FileVersion : 254
ProductVersion : 254
Copyright : Copyright
CompanyName : Tarma Software Research Pty Ltd
FileDescription : Tarma Installer extension DLL
InternalName : _SETUP
OriginalFilename : _SETUP.DLL
ProductName : Tarma Installer
Created on : 6/4/2004 12:11:36 PM
Last accessed : 6/4/2004 9:24:46 PM
Last modified : 5/3/2004 8:21:23 PM



WebHancer Object recognized!
Type : File
Data : a0043269.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 168 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Customer Companion
InternalName : whAgent
OriginalFilename : whAgent.exe
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 1/29/2004 2:30:22 PM



WebHancer Object recognized!
Type : File
Data : a0043272.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 40 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Winsock2 SPI
InternalName : webhdll
OriginalFilename : webhdll.dll
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 1/29/2004 2:29:51 PM



WebHancer Object recognized!
Type : File
Data : a0043273.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 168 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Customer Companion
InternalName : whAgent
OriginalFilename : whAgent.exe
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 1/29/2004 2:30:22 PM



WebHancer Object recognized!
Type : File
Data : a0043276.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 104 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer IE Helper Module
InternalName : WhIeHelper
OriginalFilename : whiehlpr.dll
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 1/29/2004 2:29:49 PM



WebHancer Object recognized!
Type : File
Data : a0043277.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 32 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Installer
InternalName : whInstaller
OriginalFilename : whInstaller.exe
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 1/29/2004 2:30:24 PM



WebHancer Object recognized!
Type : File
Data : a0043279.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 140 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Survey Companion
InternalName : whSurvey
OriginalFilename : whSurvey.exe
ProductName : webHancer Survey Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 1/29/2004 2:30:23 PM



ClearSearch Object recognized!
Type : File
Data : a0043285.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 28 KB
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
Copyright : Copyright © 2003
FileDescription : Clear Search Uninstaller
InternalName : Clear Search Uninstaller
OriginalFilename : ClrSchUninstall.EXE
ProductName : Clear Search Uninstaller
Created on : 4/22/2004 4:22:44 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 4/22/2004 4:22:44 PM



DealHelper Object recognized!
Type : File
Data : a0043286.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 92 KB
FileVersion : 1, 0, 0, 6
ProductVersion : 1, 0, 0, 6
Copyright : Copyright 2004
FileDescription : dhbrwsr Module
InternalName : dhbrwsr
OriginalFilename : dhbrwsr.EXE
ProductName : dhbrwsr Module
Created on : 6/4/2004 12:11:23 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 5/21/2004 12:24:35 AM



Roings Object recognized!
Type : File
Data : a0043288.ocx
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 72 KB
FileVersion : 1.00
ProductVersion : 1.00
CompanyName : df
InternalName : roing18
OriginalFilename : roing18.ocx
ProductName : DemoCtla
Created on : 6/4/2004 12:11:44 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 6/4/2004 12:11:48 PM



WebHancer Object recognized!
Type : File
Data : a0043289.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 140 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Survey Companion
InternalName : whSurvey
OriginalFilename : whSurvey.exe
ProductName : webHancer Survey Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 1/29/2004 2:30:23 PM



PeopleOnPage Object recognized!
Type : File
Data : a0043290.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 72 KB
Created on : 5/17/2004 4:57:18 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 5/17/2004 4:57:18 PM



WhenU Object recognized!
Type : File
Data : a0043291.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 387 KB
FileVersion : 2, 5, 4, 1
ProductVersion : 2, 5, 4, 1
Copyright : Copyright 2000
CompanyName : WhenU.com, Inc.
FileDescription : Save! Setup
InternalName : SaveInstCsSm
OriginalFilename : SaveInstCsSm.exe
ProductName : Save! Setup
Created on : 12/10/2003 7:02:50 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 12/10/2003 7:02:50 PM



Lop Object recognized!
Type : File
Data : a0043292.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 6 KB
Created on : 8/11/2003 10:00:07 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 8/11/2003 10:00:07 PM



Lop Object recognized!
Type : File
Data : a0043293.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 6 KB
Created on : 8/26/2003 9:45:19 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 8/26/2003 9:45:23 PM



Lop Object recognized!
Type : File
Data : a0043294.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 6 KB
Created on : 7/7/2003 4:00:06 AM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 7/7/2003 4:00:06 AM



Lop Object recognized!
Type : File
Data : a0043295.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 6 KB
Created on : 8/22/2003 11:41:09 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 8/22/2003 11:41:18 PM



180Solutions Object recognized!
Type : File
Data : a0043296.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 40 KB
Created on : 5/31/2003 12:20:17 AM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 5/31/2003 12:20:17 AM



Lop Object recognized!
Type : File
Data : a0043297.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 6 KB
Created on : 8/12/2003 10:37:52 PM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 8/12/2003 10:37:59 PM



Lop Object recognized!
Type : File
Data : a0043298.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 129 KB
Created on : 7/7/2003 4:00:29 AM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 10/18/2003 4:33:33 AM



Lop Object recognized!
Type : File
Data : a0043299.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 6 KB
Created on : 8/21/2003 2:59:10 AM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 8/21/2003 2:59:16 AM



Lop Object recognized!
Type : File
Data : a0043300.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 6 KB
Created on : 8/3/2003 4:24:35 AM
Last accessed : 6/4/2004 9:24:47 PM
Last modified : 8/3/2003 4:24:35 AM



BargainBuddy Object recognized!
Type : File
Data : a0043301.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 48 KB
FileVersion : 1.00.0003
ProductVersion : 1.00.0003
Copyright : Copyright
CompanyName : Exact Advertising
InternalName : cb
OriginalFilename : cb.exe
ProductName : CashBack Program
Created on : 6/4/2004 12:12:25 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 4/8/2004 8:04:52 PM



eUniverse Object recognized!
Type : File
Data : a0043302.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 44 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2003
FileDescription : BHO Module
InternalName : BHO
OriginalFilename : BHO.DLL
ProductName : BHO Module
Created on : 12/23/2003 9:57:12 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 12/23/2003 9:57:12 PM



ClearSearch Object recognized!
Type : File
Data : a0043303.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 52 KB
FileVersion : 1, 0, 0, 4
ProductVersion : 1, 0, 0, 4
Copyright : Copyright
CompanyName : Clear Search
FileDescription : CSss
InternalName : CSss
OriginalFilename : CSss.dll
ProductName : CSss
Created on : 6/3/2004 7:13:55 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 6/4/2004 12:09:13 PM



ClearSearch Object recognized!
Type : File
Data : a0043304.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 79 KB
FileVersion : 1, 4, 0, 4
ProductVersion : 1, 4, 0, 4
Copyright : Copyright
CompanyName : Clear Search
FileDescription : Loader
InternalName : Loader
OriginalFilename : Loader.exe
ProductName : Loader
Created on : 6/3/2004 7:13:29 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 6/4/2004 12:08:08 PM



VX2.BetterInternet Object recognized!
Type : File
Data : a0043305.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 245 KB
Created on : 6/3/2004 10:49:49 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 6/3/2004 10:51:11 PM



BlazeFind Object recognized!
Type : File
Data : a0043306.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 213 KB
Created on : 4/3/2004 3:52:48 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 4/3/2004 3:52:48 PM



BookedSpace Object recognized!
Type : File
Data : a0043307.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 428 KB
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
Copyright : TODO: © <Company name>. All rights reserved.
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : BookedSpace.dll
OriginalFilename : BookedSpace.dll
ProductName : TODO: <Product name>
Created on : 3/16/2004 11:57:19 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 3/16/2004 11:57:19 PM



DealHelper Object recognized!
Type : File
Data : a0043308.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 100 KB
FileVersion : 1, 0, 0, 21
ProductVersion : 1, 0, 0, 21
Copyright : Copyright 2004
FileDescription : dealhlpr Module
InternalName : dealhlpr
OriginalFilename : dealhlpr.DLL
ProductName : dealhlpr Module
Created on : 6/3/2004 12:48:18 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 5/21/2004 12:24:42 AM



DealHelper Object recognized!
Type : File
Data : a0043309.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 104 KB
FileVersion : 1, 0, 0, 13
ProductVersion : 1, 0, 0, 13
Copyright : Copyright 2004
FileDescription : DHP Module
InternalName : DHP
OriginalFilename : DHP.DLL
ProductName : DHP Module
Created on : 6/3/2004 12:48:18 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 5/21/2004 12:24:24 AM



DealHelper Object recognized!
Type : File
Data : a0043310.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 176 KB
FileVersion : 1, 0, 0, 15
ProductVersion : 1, 0, 0, 15
Copyright : Copyright 2004
FileDescription : dhsvr Module
InternalName : dhsvr
OriginalFilename : dhsvr.EXE
ProductName : dhsvr Module
Created on : 6/3/2004 12:48:18 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 5/21/2004 1:00:41 AM



VX2.BetterInternet Object recognized!
Type : File
Data : a0043311.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 32 KB
Created on : 6/4/2004 1:12:50 AM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 5/4/2004 8:43:44 PM



Roings Object recognized!
Type : File
Data : a0043312.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 44 KB
FileVersion : 1.00
ProductVersion : 1.00
CompanyName : df
InternalName : unstall
OriginalFilename : unstall.exe
ProductName : Project1
Created on : 6/3/2004 12:48:42 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 6/4/2004 12:11:51 PM



WebHancer Object recognized!
Type : File
Data : a0043314.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP436\
FileSize : 32 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Installer
InternalName : whInstaller
OriginalFilename : whInstaller.exe
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:48 PM
Last modified : 1/29/2004 2:30:24 PM



BargainBuddy Object recognized!
Type : File
Data : a0043327.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP437\
FileSize : 68 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2001
FileDescription : apuc Module
InternalName : apuc
OriginalFilename : apuc.DLL
ProductName : apuc Module
Created on : 6/4/2004 12:08:11 PM
Last accessed : 6/4/2004 9:24:49 PM
Last modified : 8/13/2002 6:27:44 AM



BargainBuddy Object recognized!
Type : File
Data : a0043329.exe
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP437\
FileSize : 248 KB
Created on : 6/4/2004 12:08:11 PM
Last accessed : 6/4/2004 9:24:49 PM
Last modified : 10/7/2002 2:13:38 AM



EzuLa Object recognized!
Type : File
Data : a0043330.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP437\
FileSize : 48 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2000
Created on : 6/4/2004 12:12:16 PM
Last accessed : 6/4/2004 9:24:49 PM
Last modified : 10/27/2003 10:53:32 PM



WebHancer Object recognized!
Type : File
Data : a0043334.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP437\
FileSize : 104 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer IE Helper Module
InternalName : WhIeHelper
OriginalFilename : whiehlpr.dll
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:49 PM
Last modified : 1/29/2004 2:29:49 PM



WebHancer Object recognized!
Type : File
Data : a0043335.dll
Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP437\
FileSize : 40 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Winsock2 SPI
InternalName : webhdll
OriginalFilename : webhdll.dll
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:24:49 PM
Last modified : 1/29/2004 2:29:51 PM



WinFavorites Object recognized!
Type : File
Data : bridge.dll
Object : C:\WINDOWS\SYSTEM32\
FileSize : 68 KB
FileVersion : 1, 0, 0, 117
ProductVersion : 1, 0, 0, 117
Copyright : Copyright 2003
FileDescription : bridge Module
InternalName : bridge
OriginalFilename : bridge.DLL
ProductName : bridge Module
Created on : 6/4/2004 5:28:50 AM
Last accessed : 6/4/2004 9:25:39 PM
Last modified : 6/4/2004 5:28:50 AM



VX2.BetterInternet Object recognized!
Type : File
Data : polall1t.exe
Object : C:\WINDOWS\
FileSize : 37 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : callinghome.biz
CompanyName : callinghome.biz
FileDescription : Installation utility for www.callinghome.biz
InternalName : Calling Home
OriginalFilename : Caller.exe
ProductName : Calling Home
Created on : 6/4/2004 1:12:50 AM
Last accessed : 6/4/2004 9:26:16 PM
Last modified : 5/21/2004 11:01:00 PM



WebHancer Object recognized!
Type : File
Data : webhdll.dll_tobedeleted
Object : C:\WINDOWS\
FileSize : 40 KB
FileVersion : 3.3.0
ProductVersion : 3.3.0
Copyright : Copyright
CompanyName : webHancer Corporation
FileDescription : webHancer Winsock2 SPI
InternalName : webhdll
OriginalFilename : webhdll.dll
ProductName : webHancer Customer Companion
Created on : 6/3/2004 12:48:55 PM
Last accessed : 6/4/2004 9:26:16 PM
Last modified : 1/29/2004 2:29:51 PM



WebHancer Object recognized!
Type : File
Data : whcc-motor.exe
Object : C:\WINDOWS\
FileSize : 209 KB
Created on : 6/3/2004 12:48:49 PM
Last accessed : 6/4/2004 9:26:17 PM
Last modified : 6/4/2004 12:12:10 PM



Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 51


Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Win32.Small.Trojan Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\AppDat


Lycos Sidesearch Object recognized!
Type : Folder
Object : c:\program files\lycos\Sidesearch


DealHelper Object recognized!
Type : Folder
Object : c:\program files\DealHelper.com Inc


DealHelper Object recognized!
Type : Folder
Object : c:\program files\TimeSync


DealHelper Object recognized!
Type : File
Data : dealhelper
Object : c:\program files\dealhelper.com inc\

Created on : 6/4/2004 12:11:23 PM
Last accessed : 6/4/2004 9:22:14 PM
Last modified : 6/4/2004 12:26:26 PM



Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 5
Objects found so far: 56


5:27:16 PM Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:08:33:594
Objects scanned :165039
Objects identified :56
Objects ignored :0
New objects :56

G'day Bigpoppa9,

The vast majority of those items are in your System Restore folder......No outside program can access this folder to clear it, you must do so manually.

Please follow the instuctions below to clear system restore:

Windows XP:

1. Click Start, and then right-click My Computer.
2. Click Properties.
3. Click the System Restore tab.
4. Check Turn off System Restore.
5. Click Apply, and then click OK.
6. Restart the computer.
7. Repeat steps 1 through 6, except in step 4, uncheck Turn Off System Restore.

Important

Then after you do this, please create a new restore point:
Got to Start>All Programs>Accessories>System Tools>System Restore. On the next page that comes up you will have three choices, choose Create Restore Point. Then click next type in a description "after cleanup" or something like that. Then choose "Create" then close.

Once that has been done, can you please run a new Custom scan, and post the fresh log file. We can then see what we are still trying to deal with.

Many Thanks.

Thanks cannymum, followed your directions and here's the newest log file:

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Sunday, June 06, 2004 1:38:03 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R314 02.06.2004
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result


6-6-2004 1:38:03 PM - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 6-6-2004 5:27:34 PM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-6-2004 5:27:37 PM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-6-2004 5:27:37 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 8/18/2001 10:00:00 AM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-6-2004 5:27:37 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 8/18/2001 10:00:00 AM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-6-2004 5:27:38 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 8/18/2001 10:00:00 AM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-6-2004 5:27:38 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 8/18/2001 10:00:00 AM

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-6-2004 5:27:40 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 8/18/2001 10:00:00 AM

#:8 [cdac11ba.exe]
FilePath : C:\WINDOWS\System32\drivers\
ThreadCreationTime : 6-6-2004 5:27:48 PM
BasePriority : Normal
FileSize : 51 KB
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
Copyright : Copyright © 1998-2002 Macrovision Corp.
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
OriginalFilename : CDANTSRV.EXE
ProductName : SafeCast Windows NT
Created on : 4/15/2003 2:52:45 AM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 4/15/2003 2:52:45 AM

#:9 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-6-2004 5:27:48 PM
BasePriority : Normal
FileSize : 43 KB
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
Copyright : Copyright © Creative Technology Ltd., 1999. All rights reserved.
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
OriginalFilename : CTsvcCDA.EXE
ProductName : Creative Service for CDROM Access
Created on : 9/7/2002 2:17:39 AM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 12/13/1999 6:01:00 AM

#:10 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ThreadCreationTime : 6-6-2004 5:27:48 PM
BasePriority : Normal
FileSize : 264 KB
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
Copyright : Copyright © Microsoft Corp. 1997-2000
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft Development Environment
Created on : 2/23/2001 3:07:30 PM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 2/23/2001 3:07:30 PM

#:11 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-6-2004 5:27:48 PM
BasePriority : Normal
FileSize : 68 KB
FileVersion : 6.14.10.4403
ProductVersion : 6.14.10.4403
Copyright : © NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 44.03
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 44.03
Created on : 5/2/2003 7:19:00 PM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 5/2/2003 7:19:00 PM

#:12 [wtoolss.exe]
FilePath : C:\Program Files\Common files\WinTools\
ThreadCreationTime : 6-6-2004 5:27:48 PM
BasePriority : Normal
FileSize : 132 KB
Created on : 6/6/2004 4:44:19 AM
Last accessed : 6/6/2004 5:35:40 PM
Last modified : 6/2/2004 4:46:36 PM

#:13 [mspmspsv.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-6-2004 5:27:51 PM
BasePriority : Normal
FileSize : 52 KB
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
Copyright : Copyright © Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
OriginalFilename : MSPMSPSV.EXE
ProductName : Microsoft ® DRM
Created on : 6/26/2000 12:44:20 PM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 6/26/2000 12:44:20 PM

#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-6-2004 5:35:35 PM
BasePriority : Normal
FileSize : 977 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:35:38 PM
Last modified : 8/18/2001 10:00:00 AM

#:15 [devldr32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 25 KB
FileVersion : 1, 0, 0, 22
ProductVersion : 1, 0, 0, 22
Copyright : Copyright
CompanyName : Creative Technology Ltd.
FileDescription : DevLdr32
InternalName : DevLdr
OriginalFilename : DevLdr32.exe
ProductName : Creative Ring3 NT Inteface
Created on : 1/1/1980 5:00:00 AM
Last accessed : 6/6/2004 5:05:20 PM
Last modified : 8/31/2001 6:44:30 PM

#:16 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 664 KB
FileVersion : 5.2.0.91
ProductVersion : 5.2.0.91
Copyright : Copyright © 2001-2002, Roxio, Inc.
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
OriginalFilename : Directcd.exe
ProductName : DirectCD
Created on : 4/10/2002 9:44:04 PM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 4/10/2002 9:44:04 PM

#:17 [damon.exe]
FilePath : C:\Program Files\Dell\Support\Alert\bin\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 264 KB
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 1
Copyright : Copyright © 2001
FileDescription : MessageApp MFC Application
InternalName : MessageApp
OriginalFilename : MessageApp.EXE
ProductName : MessageApp Application
Created on : 4/3/2002 11:06:18 PM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 7/11/2002 8:15:20 PM

#:18 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 76 KB
FileVersion : 6.4
ProductVersion : QuickTime 6.4
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
OriginalFilename : QTTask.exe
ProductName : QuickTime
Created on : 3/10/2004 10:42:20 PM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 3/10/2004 10:42:20 PM

#:19 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 140 KB
FileVersion : 7.50.3102
ProductVersion : 7.50.3102
Copyright : Copyright
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
OriginalFilename : mm_tray.exe
ProductName : MUSICMATCH JUKEBOX
Created on : 9/7/2002 2:22:35 AM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 3/28/2003 9:20:38 PM

#:20 [uriebgpnu.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 32 KB
FileVersion : 1.00
ProductVersion : 1.00
CompanyName : e
InternalName : 6-4
OriginalFilename : 6-4.exe
ProductName : Project1
Created on : 6/4/2004 12:12:12 PM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 6/4/2004 12:12:13 PM

#:21 [sysupd.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 150 KB
Created on : 6/3/2004 9:07:54 PM
Last accessed : 6/6/2004 5:35:36 PM
Last modified : 6/3/2004 9:07:59 PM

#:22 [u0q.exe]
FilePath : C:\windows\temp\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 228 KB
Created on : 6/4/2004 12:11:38 AM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 6/4/2004 12:11:38 AM

#:23 [wtoolsa.exe]
FilePath : C:\Program Files\Common files\WinTools\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 419 KB
Created on : 6/6/2004 4:44:13 AM
Last accessed : 6/6/2004 5:35:39 PM
Last modified : 6/2/2004 4:46:36 PM

#:24 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:35:35 PM
Last modified : 8/18/2001 10:00:00 AM

#:25 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 8/18/2001 10:00:00 AM

#:26 [robotaskbaricon.exe]
FilePath : C:\Program Files\Siber Systems\AI RoboForm\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 40 KB
FileVersion : 5-6-7
ProductVersion : 5-6-7
Copyright : Copyright © 1999-2004
CompanyName : Siber Systems
FileDescription : RoboForm TaskBar Icon
InternalName : RoboTaskBarIcon
OriginalFilename : RoboTaskBarIcon.exe
ProductName : Siber Systems AI RoboForm
Created on : 5/23/2004 10:22:50 PM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 5/23/2004 10:22:50 PM

#:27 [dlg.exe]
FilePath : C:\Program Files\Digital Line Detect\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 44 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : BVRP Software
FileDescription : Digital Line Detection
InternalName : TestLine
OriginalFilename : TestLine.exe
ProductName : BVRP Software TestLine
Created on : 9/7/2002 2:16:26 AM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 3/27/2002 7:35:00 AM

#:28 [wkcalrem.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ThreadCreationTime : 6-6-2004 5:35:36 PM
BasePriority : Normal
FileSize : 24 KB
FileVersion : 6.00.1828.1
ProductVersion : 6.00.1828.1
Copyright : Copyright
CompanyName : Microsoft
FileDescription : Microsoft
InternalName : WkCalRem
OriginalFilename : WKCALREM.EXE
ProductName : Microsoft
Created on : 8/8/2000 8:00:00 PM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 8/8/2000 8:00:00 PM

#:29 [wsup.exe]
FilePath : C:\Program Files\Common files\WinTools\
ThreadCreationTime : 6-6-2004 5:35:40 PM
BasePriority : Normal
FileSize : 419 KB
Created on : 6/6/2004 4:44:15 AM
Last accessed : 6/6/2004 5:35:40 PM
Last modified : 6/2/2004 4:46:36 PM

#:30 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 6-6-2004 5:36:14 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 5:36:14 PM
Last modified : 8/18/2001 10:00:00 AM

#:31 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 6-6-2004 5:37:57 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 7/11/2003 3:05:04 PM
Last accessed : 6/6/2004 5:37:57 PM
Last modified : 7/13/2003 1:00:20 AM

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Marketscore(Netsetter) Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Netsetter


Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 1


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

SecondThought Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : stcinstaller


SecondThought Object recognized!
Type : File
Data : id53.exe
Object : c:\installer\
FileSize : 94 KB
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
Copyright : TODO: © <Company name>. All rights reserved.
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : spawner.exe
OriginalFilename : spawner.exe
ProductName : TODO: <Product name>
Created on : 6/6/2004 4:58:48 PM
Last accessed : 6/6/2004 5:27:34 PM
Last modified : 6/6/2004 4:58:52 PM



Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 3


Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : joshua@advertising[1].txt
Object : C:\Documents and Settings\Joshua\Cookies\

Created on : 6/6/2004 6:10:30 AM
Last accessed : 6/6/2004 5:39:29 PM
Last modified : 6/6/2004 7:19:11 AM



Tracking Cookie Object recognized!
Type : File
Data : joshua@atdmt[2].txt
Object : C:\Documents and Settings\Joshua\Cookies\

Created on : 6/6/2004 6:59:15 AM
Last accessed : 6/6/2004 5:39:29 PM
Last modified : 6/6/2004 6:59:15 AM



Tracking Cookie Object recognized!
Type : File
Data : joshua@gator[1].txt
Object : C:\Documents and Settings\Joshua\Cookies\

Created on : 6/6/2004 8:21:14 AM
Last accessed : 6/6/2004 5:39:29 PM
Last modified : 6/6/2004 8:21:14 AM



Tracking Cookie Object recognized!
Type : File
Data : joshua@revenue[2].txt
Object : C:\Documents and Settings\Joshua\Cookies\

Created on : 6/6/2004 8:21:14 AM
Last accessed : 6/6/2004 5:39:30 PM
Last modified : 6/6/2004 8:21:14 AM



Tracking Cookie Object recognized!
Type : File
Data : joshua@z1.adserver[1].txt
Object : C:\Documents and Settings\Joshua\Cookies\

Created on : 6/6/2004 7:19:10 AM
Last accessed : 6/6/2004 5:39:30 PM
Last modified : 6/6/2004 7:19:11 AM



SecondThought Object recognized!
Type : File
Data : id53[1].exe
Object : C:\Documents and Settings\Joshua\Local Settings\Temporary Internet Files\Content.IE5\WHINWDE3\
FileSize : 94 KB
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
Copyright : TODO: © <Company name>. All rights reserved.
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : spawner.exe
OriginalFilename : spawner.exe
ProductName : TODO: <Product name>
Created on : 6/6/2004 4:58:50 PM
Last accessed : 6/6/2004 4:58:52 PM
Last modified : 6/6/2004 4:58:52 PM



BargainBuddy Object recognized!
Type : File
Data : apuc.dll
Object : C:\Program Files\Bargain Buddy\bin\
FileSize : 68 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2001
FileDescription : apuc Module
InternalName : apuc
OriginalFilename : apuc.DLL
ProductName : apuc Module
Created on : 6/6/2004 5:02:49 PM
Last accessed : 6/6/2004 5:02:49 PM
Last modified : 8/13/2002 6:27:44 AM



BargainBuddy Object recognized!
Type : File
Data : bargains.exe
Object : C:\Program Files\Bargain Buddy\bin\
FileSize : 248 KB
Created on : 6/6/2004 5:02:49 PM
Last accessed : 6/6/2004 5:02:49 PM
Last modified : 10/7/2002 2:13:38 AM



BargainBuddy Object recognized!
Type : File
Data : uninst.exe
Object : C:\Program Files\Bargain Buddy\
FileSize : 35 KB
Created on : 6/6/2004 5:02:49 PM
Last accessed : 6/6/2004 5:02:49 PM
Last modified : 6/6/2004 5:02:49 PM



ClearSearch Object recognized!
Type : File
Data : csssinst.dll
Object : C:\Program Files\Lycos\IEagent\
FileSize : 52 KB
FileVersion : 1, 0, 0, 4
ProductVersion : 1, 0, 0, 4
Copyright : Copyright
CompanyName : Clear Search
FileDescription : CSss
InternalName : CSss
OriginalFilename : CSss.dll
ProductName : CSss
Created on : 6/6/2004 4:59:07 PM
Last accessed : 6/6/2004 4:59:07 PM
Last modified : 6/6/2004 4:59:07 PM



ClearSearch Object recognized!
Type : File
Data : loader.exe
Object : C:\Program Files\Lycos\IEagent\
FileSize : 79 KB
FileVersion : 1, 4, 0, 4
ProductVersion : 1, 4, 0, 4
Copyright : Copyright
CompanyName : Clear Search
FileDescription : Loader
InternalName : Loader
OriginalFilename : Loader.exe
ProductName : Loader
Created on : 6/6/2004 4:59:02 PM
Last accessed : 6/6/2004 4:59:02 PM
Last modified : 6/6/2004 4:58:50 PM



ClearSearch Object recognized!
Type : File
Data : clrschuninstall_78_86.exe
Object : C:\Program Files\Lycos\Sidesearch\
FileSize : 28 KB
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
Copyright : Copyright © 2003
FileDescription : Clear Search Uninstaller
InternalName : Clear Search Uninstaller
OriginalFilename : ClrSchUninstall.EXE
ProductName : Clear Search Uninstaller
Created on : 4/22/2004 4:22:44 PM
Last accessed : 6/6/2004 5:41:48 PM
Last modified : 4/22/2004 4:22:44 PM



Lycos Sidesearch Object recognized!
Type : File
Data : sidesearch1400.dll
Object : C:\Program Files\Lycos\Sidesearch\
FileSize : 188 KB
FileVersion : 1.4.0.0
ProductVersion : 1.4.0.0
Copyright : Copyright
CompanyName : Lycos, Inc.
FileDescription : Lycos Sidesearch Client
InternalName : Lycos Sidesearch Client
OriginalFilename : sidesearch.dll
ProductName : Lycos Sidesearch Client
Created on : 4/23/2004 2:10:34 PM
Last accessed : 6/6/2004 4:57:42 PM
Last modified : 4/23/2004 2:10:34 PM



VX2.BetterInternet Object recognized!
Type : File
Data : 0021-bdl94126.exe
Object : C:\WINDOWS\SYSTEM32\
FileSize : 245 KB
Created on : 6/6/2004 4:58:18 PM
Last accessed : 6/6/2004 4:58:47 PM
Last modified : 6/6/2004 4:58:47 PM



WinFavorites Object recognized!
Type : File
Data : a.exe
Object : C:\WINDOWS\SYSTEM32\
FileSize : 14 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
OriginalFilename : a.exe
Created on : 6/6/2004 7:19:29 AM
Last accessed : 6/6/2004 5:43:38 PM
Last modified : 6/6/2004 7:19:29 AM



WinFavorites Object recognized!
Type : File
Data : bridge.dll
Object : C:\WINDOWS\SYSTEM32\
FileSize : 68 KB
FileVersion : 1, 0, 0, 117
ProductVersion : 1, 0, 0, 117
Copyright : Copyright 2003
FileDescription : bridge Module
InternalName : bridge
OriginalFilename : bridge.DLL
ProductName : bridge Module
Created on : 6/6/2004 7:19:29 AM
Last accessed : 6/6/2004 4:57:43 PM
Last modified : 6/6/2004 7:19:29 AM



ClearSearch Object recognized!
Type : File
Data : cs4p028.exe
Object : C:\WINDOWS\SYSTEM32\
FileSize : 79 KB
FileVersion : 1, 4, 0, 4
ProductVersion : 1, 4, 0, 4
Copyright : Copyright
CompanyName : Clear Search
FileDescription : Loader
InternalName : Loader
OriginalFilename : Loader.exe
ProductName : Loader
Created on : 6/6/2004 4:58:25 PM
Last accessed : 6/6/2004 4:58:50 PM
Last modified : 6/6/2004 4:58:50 PM



WinFavorites Object recognized!
Type : File
Data : jao.dll
Object : C:\WINDOWS\SYSTEM32\
FileSize : 48 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2004
FileDescription : jao Module
InternalName : jao
OriginalFilename : jao.DLL
ProductName : jao Module
Created on : 6/6/2004 7:19:29 AM
Last accessed : 6/6/2004 5:06:35 PM
Last modified : 6/6/2004 7:19:29 AM



BookedSpace Object recognized!
Type : File
Data : bxxs5.dll
Object : C:\WINDOWS\
FileSize : 428 KB
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
Copyright : TODO: © <Company name>. All rights reserved.
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : BookedSpace.dll
OriginalFilename : BookedSpace.dll
ProductName : TODO: <Product name>
Created on : 3/16/2004 11:57:19 PM
Last accessed : 6/6/2004 4:58:27 PM
Last modified : 3/16/2004 11:57:19 PM



Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 22


Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

BargainBuddy Object recognized!
Type : Folder
Object : c:\program files\Bargain Buddy


BargainBuddy Object recognized!
Type : Folder
Object : c:\program files\bargain buddy\bin


BargainBuddy Object recognized!
Type : File
Data : ad.dat
Object : c:\program files\bargain buddy\
FileSize : 885 KB
Created on : 6/6/2004 5:02:50 PM
Last accessed : 6/6/2004 5:03:18 PM
Last modified : 6/6/2004 5:03:18 PM



BargainBuddy Object recognized!
Type : File
Data : bbchk.exe
Object : c:\program files\bargain buddy\
FileSize : 12 KB
FileVersion : 5.101.1663.1
ProductVersion : 5.101.1663.1
Copyright : Copyright © Microsoft Corp. 1981-1997
CompanyName : Microsoft Corporation
FileDescription : ECM ChkTrust
InternalName : CHKTRUST.EXE
OriginalFilename : CHKTRUST.EXE
ProductName : Microsoft® Windows NT® Operating System
Created on : 1/28/2002 3:24:42 PM
Last accessed : 6/6/2004 5:03:31 PM
Last modified : 1/28/2002 3:24:42 PM



BargainBuddy Object recognized!
Type : File
Data : bbi8024.exe
Object : c:\program files\bargain buddy\
FileSize : 225 KB
Created on : 6/6/2004 5:03:22 PM
Last accessed : 6/6/2004 5:03:30 PM
Last modified : 6/6/2004 5:03:30 PM



BargainBuddy Object recognized!
Type : File
Data : bin
Object : c:\program files\bargain buddy\

Created on : 6/6/2004 5:02:49 PM
Last accessed : 6/6/2004 5:02:49 PM
Last modified : 6/6/2004 5:02:49 PM



BargainBuddy Object recognized!
Type : File
Data : bin2
Object : c:\program files\bargain buddy\

Created on : 6/6/2004 5:02:49 PM
Last accessed : 6/6/2004 5:02:49 PM
Last modified : 6/6/2004 5:02:49 PM



BargainBuddy Object recognized!
Type : File
Data : ub.dat
Object : c:\program files\bargain buddy\
FileSize : 15 KB
Created on : 6/6/2004 5:02:50 PM
Last accessed : 6/6/2004 5:03:32 PM
Last modified : 6/6/2004 5:03:32 PM



ClearSearch Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\URLSearchHooks
Value : {CFBFAE00-17A6-11D0-99CB-00C04FD64497}


Lycos Sidesearch Object recognized!
Type : Folder
Object : c:\program files\lycos\Sidesearch


Lycos Sidesearch Object recognized!
Type : File
Data : offline.htm
Object : c:\program files\lycos\sidesearch\
FileSize : 1 KB
Created on : 3/22/2004 6:36:27 PM
Last accessed : 6/6/2004 5:45:01 PM
Last modified : 3/22/2004 6:36:27 PM



Lycos Sidesearch Object recognized!
Type : File
Data : results-lycos-logo.gif
Object : c:\program files\lycos\sidesearch\

Created on : 3/22/2004 6:36:27 PM
Last accessed : 6/6/2004 5:45:01 PM
Last modified : 3/22/2004 6:36:27 PM



Lycos Sidesearch Object recognized!
Type : File
Data : temp
Object : c:\program files\lycos\sidesearch\

Created on : 6/6/2004 6:17:47 AM
Last accessed : 6/6/2004 5:41:48 PM
Last modified : 6/6/2004 6:17:47 AM



Lycos Sidesearch Object recognized!
Type : File
Data : uninst.exe
Object : c:\program files\lycos\sidesearch\
FileSize : 39 KB
Created on : 6/6/2004 6:17:47 AM
Last accessed : 6/6/2004 5:45:01 PM
Last modified : 6/6/2004 6:17:47 AM



Lycos Sidesearch Object recognized!
Type : File
Data : lycos sidesearch.lnk
Object : c:\documents and settings\joshua\start menu\programs\
FileSize : 1 KB
Created on : 6/6/2004 6:17:47 AM
Last accessed : 6/6/2004 5:07:41 PM
Last modified : 6/6/2004 6:17:47 AM



WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4FDBDBAD-FEFE-4C4C-9CC1-1181052AFB12}


WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{B88A3AF1-4F1B-4400-8FFB-3FCB108CE115}


WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge


BookedSpace Object recognized!
Type : File
Data : bsx32.ini
Object : c:\windows\
FileSize : 1 KB
Created on : 6/6/2004 4:58:29 PM
Last accessed : 6/6/2004 5:03:43 PM
Last modified : 6/6/2004 5:03:43 PM



Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 19
Objects found so far: 41


1:45:09 PM Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:07:06:0
Objects scanned :158168
Objects identified :41
Objects ignored :0
New objects :41

Hi Bigboppa9

Thank you for posting your log, we need to try doing this in stages...

Can you re-boot (shutdown and startup) and without doing anything else start Ad-Aware.

To clean up your machine, please make sure that you have these options checked:

Under Ad-aware 6 > Configurations (The gear wheel) > Tweaks > Scanning Engine: "Unload recognized processes during scanning."

Under Ad-aware 6 > Configurations > Tweaks > Cleaning Engine: "Let Windows remove files in use after reboot."

Please leave "Automatically try to unregister objects prior to deletion" - UNCHECKED

Also, please check to see if you have the option "quarantine all objects prior to removal" checked: Open Ad-aware > General Options, there is an option "Automatically Quarantine objects prior to removal".

When you click on the 'start' button, in the next window, select the 2nd option (Use Custom Scanning options) and make sure 'Activate In-depth scan (recommended) is ticked green.

Run Ad-aware 6, and when it finishes, go to the results window by clicking Next.

On this run you will remove VX2.BetterInternet only!!!!
Highlight one of the entries that are from VX2.BetterInternet.
Right click and choose the option to mark all of the entries of that group.
Remove them.
ReBoot...

Run Ad-Aware again, scan.

On this run you will remove everything else!!!!
Highlight one of the entries that are from everything else.
Right click and choose the option to mark all of the entries.
Remove them.
ReBoot...

Run Ad-Aware again, and post the log.

Thank you for your patience,

Sigma

Sigma, followed your directions and here's what I got:

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Sunday, June 06, 2004 8:33:22 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R314 02.06.2004
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result


6-6-2004 8:33:22 PM - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 6-7-2004 12:26:00 AM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-7-2004 12:26:02 AM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-7-2004 12:26:02 AM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 8/18/2001 10:00:00 AM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-7-2004 12:26:02 AM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 8/18/2001 10:00:00 AM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-7-2004 12:26:03 AM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 8/18/2001 10:00:00 AM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-7-2004 12:26:03 AM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 8/18/2001 10:00:00 AM

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-7-2004 12:26:04 AM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 8/18/2001 10:00:00 AM

#:8 [cdac11ba.exe]
FilePath : C:\WINDOWS\System32\drivers\
ThreadCreationTime : 6-7-2004 12:26:12 AM
BasePriority : Normal
FileSize : 51 KB
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
Copyright : Copyright © 1998-2002 Macrovision Corp.
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
OriginalFilename : CDANTSRV.EXE
ProductName : SafeCast Windows NT
Created on : 4/15/2003 2:52:45 AM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 4/15/2003 2:52:45 AM

#:9 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-7-2004 12:26:12 AM
BasePriority : Normal
FileSize : 43 KB
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
Copyright : Copyright © Creative Technology Ltd., 1999. All rights reserved.
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
OriginalFilename : CTsvcCDA.EXE
ProductName : Creative Service for CDROM Access
Created on : 9/7/2002 2:17:39 AM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 12/13/1999 6:01:00 AM

#:10 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
ThreadCreationTime : 6-7-2004 12:26:12 AM
BasePriority : Normal
FileSize : 264 KB
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
Copyright : Copyright © Microsoft Corp. 1997-2000
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft Development Environment
Created on : 2/23/2001 3:07:30 PM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 2/23/2001 3:07:30 PM

#:11 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-7-2004 12:26:13 AM
BasePriority : Normal
FileSize : 68 KB
FileVersion : 6.14.10.4403
ProductVersion : 6.14.10.4403
Copyright : © NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 44.03
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 44.03
Created on : 5/2/2003 7:19:00 PM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 5/2/2003 7:19:00 PM

#:12 [wtoolss.exe]
FilePath : C:\Program Files\Common files\WinTools\
ThreadCreationTime : 6-7-2004 12:26:13 AM
BasePriority : Normal
FileSize : 132 KB
Created on : 6/6/2004 4:44:19 AM
Last accessed : 6/7/2004 12:32:43 AM
Last modified : 6/2/2004 4:46:36 PM

#:13 [mspmspsv.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-7-2004 12:26:13 AM
BasePriority : Normal
FileSize : 52 KB
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
Copyright : Copyright © Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
OriginalFilename : MSPMSPSV.EXE
ProductName : Microsoft ® DRM
Created on : 6/26/2000 12:44:20 PM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 6/26/2000 12:44:20 PM

#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-7-2004 12:32:36 AM
BasePriority : Normal
FileSize : 977 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/7/2004 12:32:36 AM
Last modified : 8/18/2001 10:00:00 AM

#:15 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\
ThreadCreationTime : 6-7-2004 12:32:37 AM
BasePriority : Normal
FileSize : 664 KB
FileVersion : 5.2.0.91
ProductVersion : 5.2.0.91
Copyright : Copyright © 2001-2002, Roxio, Inc.
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
OriginalFilename : Directcd.exe
ProductName : DirectCD
Created on : 4/10/2002 9:44:04 PM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 4/10/2002 9:44:04 PM

#:16 [devldr32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-7-2004 12:32:37 AM
BasePriority : Normal
FileSize : 25 KB
FileVersion : 1, 0, 0, 22
ProductVersion : 1, 0, 0, 22
Copyright : Copyright
CompanyName : Creative Technology Ltd.
FileDescription : DevLdr32
InternalName : DevLdr
OriginalFilename : DevLdr32.exe
ProductName : Creative Ring3 NT Inteface
Created on : 1/1/1980 5:00:00 AM
Last accessed : 6/6/2004 11:55:51 PM
Last modified : 8/31/2001 6:44:30 PM

#:17 [wkssb.exe]
FilePath : C:\Program Files\Microsoft Works\
ThreadCreationTime : 6-7-2004 12:32:37 AM
BasePriority : Normal
FileSize : 304 KB
FileVersion : 6.00.1902.0
ProductVersion : 6.00.1902.0
Copyright : Copyright
CompanyName : Microsoft
FileDescription : Microsoft
InternalName : WKSPF
OriginalFilename : WksSb.exe
ProductName : Microsoft
Created on : 8/8/2000 8:00:00 PM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 8/8/2000 8:00:00 PM

#:18 [damon.exe]
FilePath : C:\Program Files\Dell\Support\Alert\bin\
ThreadCreationTime : 6-7-2004 12:32:37 AM
BasePriority : Normal
FileSize : 264 KB
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 1
Copyright : Copyright © 2001
FileDescription : MessageApp MFC Application
InternalName : MessageApp
OriginalFilename : MessageApp.EXE
ProductName : MessageApp Application
Created on : 4/3/2002 11:06:18 PM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 7/11/2002 8:15:20 PM

#:19 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ThreadCreationTime : 6-7-2004 12:32:38 AM
BasePriority : Normal
FileSize : 76 KB
FileVersion : 6.4
ProductVersion : QuickTime 6.4
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
OriginalFilename : QTTask.exe
ProductName : QuickTime
Created on : 3/10/2004 10:42:20 PM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 3/10/2004 10:42:20 PM

#:20 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ThreadCreationTime : 6-7-2004 12:32:38 AM
BasePriority : Normal
FileSize : 140 KB
FileVersion : 7.50.3102
ProductVersion : 7.50.3102
Copyright : Copyright
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
OriginalFilename : mm_tray.exe
ProductName : MUSICMATCH JUKEBOX
Created on : 9/7/2002 2:22:35 AM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 3/28/2003 9:20:38 PM

#:21 [uriebgpnu.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-7-2004 12:32:38 AM
BasePriority : Normal
FileSize : 32 KB
FileVersion : 1.00
ProductVersion : 1.00
CompanyName : e
InternalName : 6-4
OriginalFilename : 6-4.exe
ProductName : Project1
Created on : 6/4/2004 12:12:12 PM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 6/4/2004 12:12:13 PM

#:22 [sysupd.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-7-2004 12:32:38 AM
BasePriority : Normal
FileSize : 150 KB
Created on : 6/3/2004 9:07:54 PM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 6/3/2004 9:07:59 PM

#:23 [u0q.exe]
FilePath : C:\windows\temp\
ThreadCreationTime : 6-7-2004 12:32:38 AM
BasePriority : Normal
FileSize : 228 KB
Created on : 6/4/2004 12:11:38 AM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 6/4/2004 12:11:38 AM

#:24 [wtoolsa.exe]
FilePath : C:\Program Files\Common files\WinTools\
ThreadCreationTime : 6-7-2004 12:32:38 AM
BasePriority : Normal
FileSize : 419 KB
Created on : 6/6/2004 4:44:13 AM
Last accessed : 6/7/2004 12:32:43 AM
Last modified : 6/2/2004 4:46:36 PM

#:25 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-7-2004 12:32:38 AM
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 8/18/2001 10:00:00 AM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 8/18/2001 10:00:00 AM

#:26 [robotaskbaricon.exe]
FilePath : C:\Program Files\Siber Systems\AI RoboForm\
ThreadCreationTime : 6-7-2004 12:32:39 AM
BasePriority : Normal
FileSize : 40 KB
FileVersion : 5-6-7
ProductVersion : 5-6-7
Copyright : Copyright © 1999-2004
CompanyName : Siber Systems
FileDescription : RoboForm TaskBar Icon
InternalName : RoboTaskBarIcon
OriginalFilename : RoboTaskBarIcon.exe
ProductName : Siber Systems AI RoboForm
Created on : 5/23/2004 10:22:50 PM
Last accessed : 6/7/2004 12:06:58 AM
Last modified : 5/23/2004 10:22:50 PM

#:27 [dlg.exe]
FilePath : C:\Program Files\Digital Line Detect\
ThreadCreationTime : 6-7-2004 12:32:39 AM
BasePriority : Normal
FileSize : 44 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : BVRP Software
FileDescription : Digital Line Detection
InternalName : TestLine
OriginalFilename : TestLine.exe
ProductName : BVRP Software TestLine
Created on : 9/7/2002 2:16:26 AM
Last accessed : 6/7/2004 12:26:00 AM
Last modified : 3/27/2002 7:35:00 AM

#:28 [wsup.exe]
FilePath : C:\Program Files\Common files\WinTools\
ThreadCreationTime : 6-7-2004 12:32:43 AM
BasePriority : Normal
FileSize : 419 KB
Created on : 6/6/2004 4:44:15 AM
Last accessed : 6/7/2004 12:32:43 AM
Last modified : 6/2/2004 4:46:36 PM

#:29 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 6-7-2004 12:33:05 AM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 7/11/2003 3:05:04 PM
Last accessed : 6/7/2004 12:33:05 AM
Last modified : 7/13/2003 1:00:20 AM

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Marketscore(Netsetter) Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Netsetter


Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 1


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 1


Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : joshua@gator[1].txt
Object : C:\Documents and Settings\Joshua\Cookies\

Created on : 6/7/2004 12:33:44 AM
Last accessed : 6/7/2004 12:33:44 AM
Last modified : 6/7/2004 12:33:44 AM



Tracking Cookie Object recognized!
Type : File
Data : joshua@revenue[2].txt
Object : C:\Documents and Settings\Joshua\Cookies\

Created on : 6/7/2004 12:33:44 AM
Last accessed : 6/7/2004 12:33:44 AM
Last modified : 6/7/2004 12:33:44 AM



Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 3


Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 3


8:40:02 PM Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:06:39:297
Objects scanned :138428
Objects identified :3
Objects ignored :0
New objects :3

Hi Bigboppa9,

It looks like it is gone. The tracking cookies are always safe to delete.

You may like to have a look at these links:

Safe IE settings
http://www.lavasoftsupport.com/index.php?showtopic=14537

Cookie blocker
CookieWall Download

Just in case anything comes back, please come back to the forum...

Sigma

Thanks a lot everyone but I have one more question for sigma. I downloaded cookie blocker but how do I tell whether or not I should block the cookies I have? Also, what would happen if I blocked one that is important or that I need?

Thanks

One more question... Ive done all this stuff and now my computer is super slow. I mean when I send someone an Instant Message, after i hit send, it takes like 5 seconds to send. Its kind of annoying. Ive CTRL-ALT DEL'd and my system speed is only at like 5%. Any idea what the prob is or how to solve it? Thanks bros..

Hi Bigboppa9,

With regard to cookies, I only allow cookies from sites I 'trust' or want to deal with. I dont accept them from sites I may hit that I dont know anything about. I run Ad-Aware each time a new referencefile is issued.

Regarding performance, there may be something else...
Can you run an on-line virus scan, here's a list to choose from to see if there is anything there. Preferably not one from your own AV supplier.

Panda - http://www.pandasoftware.com/activescan/co...n_principal.htm
Symantec - http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym
McAfee - http://us.mcafee.com/root/mfs/default.asp
TrendMicro - http://housecall.trendmicro.com/housecall/start_corp.asp
Bit Defender - http://www.bitdefender.com/scan/licence.php
RAV - http://www.ravantivirus.com/scan/
Kaspersky - http://www.kaspersky.com/scanforvirus.html
CommandonDemand - http://www.commandondemand.com/eval/index.cfm
Computer Associates - http://www3.ca.com/threatinfo/virusinfo/
CyberTechHelp - http://www.cybertechhelp.com/html/misc/av.php
PC Pitstop - http://www.pcpitstop.com/antivirus/default.asp

Please post back to let us know how you get on...

Sigma

This post has been edited by sigma on Jun 8 2004, 10:43 PM

I agree, all this ad-ware/spyware is getting way out of hand. I am having a similar problem trying to get rid of Roings. Can anyone help?