Dear Lavasoft,
I downloaded the anniversary edition of Ad-Aware less than a week ago and noticed this log popping up in my C drive titled aaw7boot.log. It kept on mentioning boot cleaner. I did research through this forum and I think it was Casey Boy who mentioned that it was Ad-Aware trying to take care of something during the booting of the computer and might be malware. So I found another post reply by Blade81 who posted a link to Malwarebytes to take care of Malware. I then did the scan from Malwarebytes and sure enough I had 9 infections. One of the columns showed the vendor and 7 of the infections stated Adware.Minibug and Adware.MyWebSearch as the vendor. Even 1 of the locations of malware was under the Adware program file. Here is the log:
Malwarebytes' Anti-Malware 1.41
Database version: 2798
Windows 6.0.6001 Service Pack 1
9/15/2009 6:52:28 PM
mbam-log-2009-09-15 (18-52-28).txt
Scan type: Full Scan (C:\|D:\|T:\|)
Objects scanned: 257876
Time elapsed: 2 hour(s), 51 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a3ed5288-f558-4f6e-8d5c-740cb6f89029} (Rogue.Multiple) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Program Files\Waves\DiamondUninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
-------------------------------------------------------------------------------------------------------------------------------------------
I am just wondering if there is an explanation for Adware infecting my system and if I am going to have to worry about Adware loading more stuff during its live watch or when I perform a scan. Could someone please let me know what happened here?
Thank you,
Libby V
Full Version: Found Malware in Ad-Aware?
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive General Support Issues
aaw7boot.log is not malware - the boot cleaner deletes certain malware during reboot which cannot be deleted with Windows running.
Malwarebytes found various Adware, but not Ad-Aware (note the spelling difference).
Lavasoft Ad-Aware is a safe program, don't worry. If you need help with adware/malware, read the instructions in my signature about posting a log in the HijackThis forum. Copy/paste or link to this thread to describe the problem, and somebody there can help you with malware removal.
Malwarebytes found various Adware, but not Ad-Aware (note the spelling difference).
Lavasoft Ad-Aware is a safe program, don't worry. If you need help with adware/malware, read the instructions in my signature about posting a log in the HijackThis forum. Copy/paste or link to this thread to describe the problem, and somebody there can help you with malware removal.
Thank you for replying back to me. I know that the aaw7boot.log wasn't malware but that it was detecting malware that it was trying to take care of during start up. That log is what made me find a anti-malware program so it's a good thing I saw it pop up. Lavasoft really helped me out on that one. I see what you mean, that Adware and Ad-Aware are not the same and the program file that I thought was in Ad-Aware was actually American Weather Service or something... who knows how they got their own program file into my computer. Anyways, thanks for clearing that up! 
Should I still do all the HijackThis steps even though Malwarebytes says it cleared things up? Or does doing the HijackThis log make sure that everything is cleared up?
Should I still do all the HijackThis steps even though Malwarebytes says it cleared things up? Or does doing the HijackThis log make sure that everything is cleared up?
QUOTE(Libby V @ Sep 16 2009, 01:49 PM) 
Should I still do all the HijackThis steps even though Malwarebytes says it cleared things up? Or does doing the HijackThis log make sure that everything is cleared up?
You're OK if MBAM cleaned successfully. The HijackThis help forum is for infections which can't be deleted by protection programs, so the malware keeps reappearing even after being detected and cleaned.
Note: sometimes items in quarantine are detected as malware, so either ignore those detections or delete the quarantined items once your system is running OK (i.e. the quarantined item is not a false positive).
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.