I installed SpywareBlaster Release 2.6.0 some time ago & updated it recently. I note that it has Ezula in its list of spyware it is supposed to keep out. But every time I run Adaware, it shows I have been infected with Ezula. Any ideas ?
It depends on what it was that Ad-Aware identified as "Ezula". Would you please post the contents of an Ad-Aware log?
Herewith Adaware log : Scan initialized on 9/7/03 2:14:33 PM. (AAW release 5.62, referencefile 087-22.09.2001) ================================================= Started memory scan ==================== Running processes: #:1 Name: C:\WINDOWS\SYSTEM\KERNEL32.DLL ---------------------------- Threads:4 ProcID:4293859219 ParentProcID:2121774659 BasePriority:High #:2 Name: C:\WINDOWS\SYSTEM\MSGSRV32.EXE ---------------------------- Threads:1 ProcID:4294927223 ParentProcID:4293859219 BasePriority:Normal #:3 Name: C:\WINDOWS\SYSTEM\MPREXE.EXE ---------------------------- Threads:1 ProcID:4294923495 ParentProcID:4294927223 BasePriority:Normal #:4 Name: C:\WINDOWS\SYSTEM\mmtask.tsk ---------------------------- Threads:1 ProcID:4294918575 ParentProcID:4294927223 BasePriority:Normal #:5 Name: C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL 1.0\OUTPOST.EXE ---------------------------- Threads:2 ProcID:4294881247 ParentProcID:4294923495 BasePriority:Normal #:6 Name: C:\WINDOWS\SYSTEM\MSTASK.EXE ---------------------------- Threads:2 ProcID:4294892875 ParentProcID:4294923495 BasePriority:Normal #:7 Name: C:\WINDOWS\EXPLORER.EXE ---------------------------- Threads:7 ProcID:4294865879 ParentProcID:4294927223 BasePriority:Normal #:8 Name: C:\WINDOWS\TASKMON.EXE ---------------------------- Threads:1 ProcID:4294772071 ParentProcID:4294865879 BasePriority:Normal #:9 Name: C:\WINDOWS\SYSTEM\SYSTRAY.EXE ---------------------------- Threads:2 ProcID:4294773255 ParentProcID:4294865879 BasePriority:Normal #:10 Name: C:\PROGRAM FILES\ASUS\PROBE\ASUSPROB.EXE ---------------------------- Threads:2 ProcID:4294773827 ParentProcID:4294865879 BasePriority:Normal #:11 Name: C:\PROGRAM FILES\WINAMP\WINAMPA.EXE ---------------------------- Threads:1 ProcID:4294741043 ParentProcID:4294865879 BasePriority:Normal #:12 Name: C:\PROGRAM FILES\TOPMOXIE\JAVARUN.EXE ---------------------------- Threads:5 ProcID:4294768699 ParentProcID:4294865879 BasePriority:Normal #:13 Name: C:\WINDOWS\SYSTEM\NVATRAY.EXE ---------------------------- Threads:1 ProcID:4294718311 ParentProcID:4294865879 BasePriority:Normal #:14 Name: C:\WINDOWS\ptsnoop.exe ---------------------------- Threads:1 ProcID:4294715943 ParentProcID:4294865879 BasePriority:Normal #:15 Name: C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE ---------------------------- Threads:6 ProcID:4294729763 ParentProcID:4294865879 BasePriority:Normal #:16 Name: C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE ---------------------------- Threads:1 ProcID:4294734611 ParentProcID:4294865879 BasePriority:Normal #:17 Name: C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE ---------------------------- Threads:6 ProcID:4294652851 ParentProcID:4294865879 BasePriority:Normal #:18 Name: C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE ---------------------------- Threads:1 ProcID:4294622271 ParentProcID:4294865879 BasePriority:Normal #:19 Name: C:\PROGRAM FILES\EZSTUB.EXE ---------------------------- Threads:2 ProcID:4294618111 ParentProcID:4294865879 BasePriority:Normal #:20 Name: C:\WINDOWS\SYSTEM\WMIEXE.EXE ---------------------------- Threads:3 ProcID:4294624323 ParentProcID:4294773255 BasePriority:Normal #:21 Name: C:\WINDOWS\SYSTEM\PSTORES.EXE ---------------------------- Threads:5 ProcID:4294510963 ParentProcID:4294548275 BasePriority:Normal #:22 Name: C:\WINDOWS\SYSTEM\RNAAPP.EXE ---------------------------- Threads:3 ProcID:4293358251 ParentProcID:4293336635 BasePriority:Normal #:23 Name: C:\WINDOWS\SYSTEM\TAPISRV.EXE ---------------------------- Threads:5 ProcID:4293349627 ParentProcID:4293358251 BasePriority:Normal #:24 Name: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE ---------------------------- Threads:8 ProcID:4293094147 ParentProcID:4294548275 BasePriority:Normal #:25 Name: C:\PROGRAM FILES\LAVASOFT AD-AWARE\AD-AWARE.EXE ---------------------------- Threads:1 ProcID:4293038755 ParentProcID:4294865879 BasePriority:Normal Memory scan result: Total modules found:25 Suspicious modules found:0 Started registry scan ====================== EzuLa key:HKEY_USERS\.default\software\ezula\ EzuLa key:HKEY_CURRENT_USER\software\ezula\ Started extended registry scan =============================== Registry scan result: Suspicious keys found :2 Started folder scan ==================== Warning, no disk in drive (A) Now processing drive (C), 1 remaining. Finished processing Drive(C), 1113 folders total. Now processing drive (D), 0 remaining. Finished processing Drive(D), 1545 folders total. Folder scan result: Folders processed:2658 Suspicious folders found:0 Started file scan ================== File scan result: Suspicious files found:0 Scanning finished ================== Suspicious modules found:0 Suspicious keys found :2 Suspicious folders found:0 Suspicious files found:0 ========================= Spyware components ignored:0 Total spyware components found:2
I have found out that the problem was that Adaware version 5 which I was using does not get rid of Ezula properly, even though it reports that it has done so. Every time I was restarting Windows Ezula was being re-installed. I have now downloaded Adaware version 6 which has solved the problem.