• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
randomguy1127

res:// hijack, need help, heres log

2 posts in this topic

ok, ive had the res:// random problem for a while now and ive run ad aware but the topic about removing says to post the log, so heres my log, someone PLEASE help me, this thing is killing me!

 

Lavasoft Ad-aware Personal Build 6.181

Logfile created on :Saturday, July 10, 2004 1:53:26 AM

Created with Ad-aware Personal, free for private use.

Using reference-file :01R331 08.07.2004

______________________________________________________

 

Reffile status:

=========================

Reference file loaded:

Reference Number : 01R331 08.07.2004

Internal build : 263

File location : C:\PROGRA~1\Lavasoft\AD-AWA~1\reflist.ref

Total size : 1300142 Bytes

Signature data size : 1279388 Bytes

Reference data size : 20690 Bytes

Signatures total : 28395

Target categories : 10

Target families : 519

 

Memory + processor status:

==========================

Number of processors : 1

Processor architecture : Intel Pentium III

Memory available:58 %

Total physical memory:490992 kb

Available physical memory:284436 kb

Total page file size:756520 kb

Available on page file:643488 kb

Total virtual memory:2097024 kb

Available virtual memory:2056804 kb

OS:

 

Ad-aware Settings

=========================

Set : Activate in-depth scan (Recommended)

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan within archives

Set : Scan my Hosts file

 

Extended Ad-aware Settings

=========================

Set : Unload recognized processes during scanning

Set : Include basic Ad-aware settings in logfile

Set : Include additional Ad-aware settings in logfile

Set : Automatically try to unregister objects prior to deletion

Set : Let windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Always back up reference file, before updating

Set : Play sound if scan produced a result

 

 

7-10-2004 1:53:26 AM - Scan started. (Custom mode)

 

Listing running processes

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32\

ThreadCreationTime : 7-10-2004 5:52:00 AM

BasePriority : Normal

 

 

#:2 [winlogon.exe]

FilePath : \??\C:\WINDOWS\System32\

ThreadCreationTime : 7-10-2004 5:52:03 AM

BasePriority : High

 

 

#:3 [services.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 7-10-2004 5:52:03 AM

BasePriority : Normal

FileSize : 99 KB

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Services and Controller app

InternalName : services.exe

OriginalFilename : services.exe

ProductName : Microsoft

Created on : 3/31/2003 12:00:00 PM

Last accessed : 7/10/2004 5:45:13 AM

Last modified : 3/31/2003 12:00:00 PM

 

#:4 [lsass.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 7-10-2004 5:52:03 AM

BasePriority : Normal

FileSize : 11 KB

FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)

ProductVersion : 5.1.2600.1106

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

OriginalFilename : lsass.exe

ProductName : Microsoft

Created on : 3/31/2003 12:00:00 PM

Last accessed : 7/10/2004 5:45:13 AM

Last modified : 3/31/2003 12:00:00 PM

 

#:5 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 7-10-2004 5:52:04 AM

BasePriority : Normal

FileSize : 12 KB

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

OriginalFilename : svchost.exe

ProductName : Microsoft

Created on : 3/31/2003 12:00:00 PM

Last accessed : 7/10/2004 5:45:14 AM

Last modified : 3/31/2003 12:00:00 PM

 

#:6 [svchost.exe]

FilePath : C:\WINDOWS\System32\

ThreadCreationTime : 7-10-2004 5:52:04 AM

BasePriority : Normal

FileSize : 12 KB

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

OriginalFilename : svchost.exe

ProductName : Microsoft

Created on : 3/31/2003 12:00:00 PM

Last accessed : 7/10/2004 5:45:14 AM

Last modified : 3/31/2003 12:00:00 PM

 

#:7 [spoolsv.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 7-10-2004 5:52:06 AM

BasePriority : Normal

FileSize : 50 KB

FileVersion : 5.1.2600.0 (XPClient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

OriginalFilename : spoolsv.exe

ProductName : Microsoft

Created on : 3/31/2003 12:00:00 PM

Last accessed : 7/10/2004 5:45:14 AM

Last modified : 3/31/2003 12:00:00 PM

 

#:8 [ccevtmgr.exe]

FilePath : C:\Program Files\Common Files\Symantec Shared\

ThreadCreationTime : 7-10-2004 5:52:06 AM

BasePriority : Normal

FileSize : 309 KB

FileVersion : 1.03.4

ProductVersion : 1.03.4

Copyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.

CompanyName : Symantec Corporation

FileDescription : Event Manager Service

InternalName : ccEvtMgr

OriginalFilename : ccEvtMgr.exe

ProductName : Event Manager

Created on : 1/1/2002 5:43:57 AM

Last accessed : 7/10/2004 5:45:14 AM

Last modified : 7/17/2003 4:16:38 PM

 

#:9 [explorer.exe]

FilePath : C:\WINDOWS\

ThreadCreationTime : 7-10-2004 5:52:07 AM

BasePriority : Normal

FileSize : 980 KB

FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)

ProductVersion : 6.00.2800.1106

CompanyName : Microsoft Corporation

FileDescription : Windows Explorer

InternalName : explorer

OriginalFilename : EXPLORER.EXE

ProductName : Microsoft

Created on : 3/31/2003 12:00:00 PM

Last accessed : 7/10/2004 5:43:19 AM

Last modified : 3/31/2003 12:00:00 PM

 

#:10 [acsd.exe]

FilePath : C:\PROGRA~1\COMMON~1\AOL\ACS\

ThreadCreationTime : 7-10-2004 5:52:14 AM

BasePriority : Normal

FileSize : 1356 KB

FileVersion : 1,0,22,1

ProductVersion : 1,0,22,1

Copyright : Copyright

CompanyName : America Online, Inc.

FileDescription : AOL Connectivity Service

InternalName : acsd

OriginalFilename : acsd.exe

ProductName : AOL Connectivity Service

Created on : 5/3/2004 9:20:58 PM

Last accessed : 7/10/2004 5:45:14 AM

Last modified : 9/16/2003 8:55:36 PM

 

#:11 [navapsvc.exe]

FilePath : C:\Program Files\Norton AntiVirus\

ThreadCreationTime : 7-10-2004 5:52:14 AM

BasePriority : Normal

FileSize : 113 KB

FileVersion : 9.05.1015

ProductVersion : 9.05.1015

Copyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.

CompanyName : Symantec Corporation

FileDescription : Norton AntiVirus Auto-Protect Service

InternalName : NAVAPSVC

OriginalFilename : NAVAPSVC.EXE

ProductName : Norton AntiVirus

Created on : 1/1/2002 5:43:50 AM

Last accessed : 7/10/2004 5:45:14 AM

Last modified : 11/15/2002 12:41:26 AM

 

#:12 [srvany.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 7-10-2004 5:52:14 AM

BasePriority : Normal

FileSize : 7 KB

Created on : 9/15/2002 3:20:27 PM

Last accessed : 7/10/2004 5:45:14 AM

Last modified : 5/3/2002 8:29:56 AM

 

#:13 [resetservice.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 7-10-2004 5:52:17 AM

BasePriority : Normal

FileSize : 5 KB

Created on : 9/15/2002 3:20:27 PM

Last accessed : 7/10/2004 5:45:14 AM

Last modified : 9/11/2002 4:36:32 AM

 

#:14 [wanmpsvc.exe]

FilePath : C:\WINDOWS\

ThreadCreationTime : 7-10-2004 5:52:17 AM

BasePriority : Normal

FileSize : 64 KB

FileVersion : 9, 0, 0, 0

ProductVersion : 9, 0, 0, 0

Copyright : Copyright

CompanyName : America Online, Inc.

FileDescription : Wan Miniport (ATW) Service

InternalName : WanMPSvc

OriginalFilename : WanMPSvc.exe

ProductName : America Online

Created on : 5/3/2004 9:21:06 PM

Last accessed : 7/10/2004 5:43:32 AM

Last modified : 8/27/2003 2:27:44 PM

 

#:15 [ieij.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 7-10-2004 5:52:24 AM

BasePriority : Normal

FileSize : 26 KB

Created on : 6/11/2004 12:05:55 PM

Last accessed : 7/10/2004 5:52:00 AM

Last modified : 6/11/2004 12:05:55 PM

 

#:16 [mixer.exe]

FilePath : C:\WINDOWS\

ThreadCreationTime : 7-10-2004 5:52:24 AM

BasePriority : Normal

FileSize : 1400 KB

FileVersion : 1.51

ProductVersion : 1.51

Copyright : Copyright © 1997-2002

CompanyName : C-Media Electronic Inc. (www.cmedia.com.tw)

FileDescription : Mixer

InternalName : Mixer

OriginalFilename : Mixer.EXE

ProductName : Mixer

Created on : 7/2/2004 12:03:52 AM

Last accessed : 7/10/2004 5:52:00 AM

Last modified : 4/29/2002 9:23:52 AM

 

#:17 [aim.exe]

FilePath : C:\Program Files\AIM\

ThreadCreationTime : 7-10-2004 5:52:24 AM

BasePriority : Normal

FileSize : 60 KB

FileVersion : 5.5.3595

ProductVersion : 5.5.3595

Copyright : Copyright

CompanyName : America Online, Inc.

FileDescription : AOL Instant Messenger

InternalName : AIM

OriginalFilename : AIM.EXE

ProductName : AOL Instant Messenger

Created on : 3/25/2004 1:29:01 AM

Last accessed : 7/10/2004 5:52:27 AM

Last modified : 4/27/2004 10:18:34 PM

 

#:18 [ad-aware.exe]

FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\

ThreadCreationTime : 7-10-2004 5:53:19 AM

BasePriority : Normal

FileSize : 668 KB

FileVersion : 6.0.1.181

ProductVersion : 6.0.0.0

Copyright : Copyright

CompanyName : Lavasoft Sweden

FileDescription : Ad-aware 6 core application

InternalName : Ad-aware.exe

OriginalFilename : Ad-aware.exe

ProductName : Lavasoft Ad-aware Plus

Created on : 7/10/2004 5:15:43 AM

Last accessed : 7/10/2004 5:20:07 AM

Last modified : 7/13/2003 1:00:20 AM

 

Memory scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 0

 

 

Started registry scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Registry scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 0

 

 

Started deep registry scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Deep registry scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 0

 

 

Deep scanning and examining files (C:)

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

CoolWebSearch Object recognized!

Type : File

Data : netae32.exe

Category : Malware

Comment :

Object : C:\WINDOWS\system32\

FileSize : 9 KB

Created on : 7/7/2004 11:28:37 AM

Last accessed : 7/10/2004 5:55:47 AM

Last modified : 7/7/2004 11:28:37 AM

 

 

 

CoolWebSearch Object recognized!

Type : File

Data : addhi.dll

Category : Malware

Comment :

Object : C:\WINDOWS\

FileSize : 89 KB

Created on : 6/16/2004 8:43:14 PM

Last accessed : 7/10/2004 5:55:46 AM

Last modified : 6/16/2004 8:43:14 PM

 

 

 

CoolWebSearch Object recognized!

Type : File

Data : pjbnk.dll

Category : Malware

Comment :

Object : C:\WINDOWS\

FileSize : 69 KB

Created on : 6/24/2004 8:05:09 PM

Last accessed : 7/10/2004 5:59:53 AM

Last modified : 6/24/2004 8:05:09 PM

 

 

 

CoolWebSearch Object recognized!

Type : File

Data : sjfgpq.dat

Category : Malware

Comment :

Object : C:\WINDOWS\

FileSize : 89 KB

Created on : 5/25/2004 6:53:19 PM

Last accessed : 7/10/2004 5:59:54 AM

Last modified : 5/25/2004 6:53:19 PM

 

 

 

Disk scan result for C:\

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 4

 

 

Performing conditional scans..

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

CoolWebSearch Object recognized!

Type : RegKey

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HSA

 

 

CoolWebSearch Object recognized!

Type : RegKey

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SE

 

 

CoolWebSearch Object recognized!

Type : RegKey

Data :

Category : Malware

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SW

 

 

Conditional scan result:

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 3

Objects found so far: 7

 

 

1:59:56 AM Scan complete

 

Summary of this scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Total scanning time :00:06:29:297

Objects scanned :77124

Objects identified :7

Objects ignored :0

New objects :7

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0