Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Plz help. I never get HJT to work.

Started by Guest_DeputyMoniker_* , May 10 2006 04:19 PM

  • This topic is locked This topic is locked
28 replies to this topic

#16 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 16 May 2006 - 08:01 PM

DeputyMoniker,

Cool!! Good luck getting into the classroom, if you make it send me a PM and if I can help you in anyway I would be more than happy to. There are a dozen or more malware tech forums, we all work hand in hand, you will find the people in the Malware Removal community a fine bunch of folks. There are people that work the logs, and another bunch behind the scenes writting all the fixes. I have made many friends here in the past few years. Most of the posters are so grateful that we cleaned them up, I have been invited by a poster to stop by and stay over if I ever get to Spain :D and about 20 other invites here and there.

I got out of the Navy in 1960, I was aboard the USS Columbus CA -74 . I am most likely older than you but this was before computers, not even air conditioning in the crews quarters. :rofl: I was a Radarman 3rd class.

Later,

Ken

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

    Advertisements

Register to Remove

#17 Guest_DeputyMoniker_*

Guest_DeputyMoniker_*
  • Guests

Posted 17 May 2006 - 07:54 AM

I served with a lot of guys who used to use punch tape machines. I guess they used strips of punch tape instead of floppy discs. Man, that must have been terrible having to sleep without air conditioning. I served on the USS Blueridge out of Yokosuka Japan. We spent time around Australia so it could get pretty hot. MOST of the time our a/c was working...not always though. Working wihtout a/c sure makes the day hard.

I dont know if youre still monitoring this thread but Im noticing my comp running a little funny. Pretty slow and Im getting a couple pop-ups. They look like normal pop-ups though, I just havent ever had them while using Firefox. Im going to go ahead and post a new HJT log.

Logfile of HijackThis v1.99.1
Scan saved at 8:45:06 AM, on 5/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\a-squared\a2guard.exe
C:\Program Files\Metacafe\MetacafeAgent.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\SurfControl\CyberPatrol\cpserver.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\cnmsm38.exe
C:\HIJACKTHIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sharpsystems.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sharpsystems.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ddgdfg:1
O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CyberPatrolNew] "C:\Program Files\SurfControl\CyberPatrol\CPHQ.exe" /m
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe"
O4 - Startup: MetaCafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: WampServer.lnk = C:\Program_Files\wamp\wampserver.exe
O4 - Global Startup: MetaCafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sharpsystems.com/
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: wampapache - Unknown owner - C:\Program_Files\wamp\apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\Program_Files\wamp\mysql\bin\mysqld-nt.exe

#18 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 17 May 2006 - 08:58 AM

DeputyMoniker,

Your log looks ok, I dont see anything bad on it. Have you tried removing that proxyserver and see if it makes a difference.

There are a couple of programs you can run and it may show us if something is hidden,

Lets run Blacklight first.


Download and Save Blacklight to your desktop:
F-Secure Blacklight

Double-click blbeta.exe then accept the agreement, click > scan then > next

You'll see a list of all items found. There will also be a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers).

Copy and paste this log in your next reply. Don't choose the rename option yet! I want to see the log first, because legitimate items can also be present there, such as "wbemtest.exe"

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#19 Guest_DeputyMoniker_*

Guest_DeputyMoniker_*
  • Guests

Posted 17 May 2006 - 01:02 PM

I scanned with F-secure Blacklight. 0 items found.

#20 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 17 May 2006 - 03:36 PM

DeputyMoniker,

Blacklight is good for picking up things that might be hidden, if it didnt show anything we can move on to SpySweeper.

This a free trial and an excellent program but somewhat of a resouce hog, so when your done you can uninstall it. It is good for picking up a possible root kit infection that does not show up on HJT.

Download the trial version of Spy Sweeper from Here

Scroll to the bottom of the page and be sure to download and install the Free 4.5 Trial and not t the free online scan.

Install it using the Standard Install option. (You will be asked for your e-mail address, it is safe to give it. If you receive alerts from your firewall, allow all activities for Spy Sweeper)

You will be prompted to check for updated definitions, please do so.
(This may take several minutes)

Click on Options > Sweep Options and check Sweep all Folders on Selected drives. Check Local Disc C.
Under What to Sweep, check every box.

Click on Sweep and allow it to fully scan your system.

When the sweep has finished, click Remove. Click Select All and then Next

From 'Results', select the Session Log tab. Click Save to File and save the log somewhere convenient.

Exit Spy Sweeper.

Restart your computer, and then please copy and paste the SpySweeper log into this thread.

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#21 Guest_DeputyMoniker_*

Guest_DeputyMoniker_*
  • Guests

Posted 17 May 2006 - 10:56 PM

******** 9:47 PM: | Start of Session, Wednesday, May 17, 2006 | 9:47 PM: Spy Sweeper started 9:47 PM: Sweep initiated using definitions version 680 9:47 PM: Starting Memory Sweep 9:54 PM: Memory Sweep Complete, Elapsed Time: 00:06:53 9:54 PM: Starting Registry Sweep 9:54 PM: Found Adware: purityscan 9:54 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/mediaticketsinstaller.ocx\ (2 subtraces) (ID = 137986) 9:55 PM: Found Adware: security2k hijacker 9:55 PM: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objecta\ (ID = 735573) 9:55 PM: Found Trojan Horse: trojan agent winlogonhook 9:55 PM: HKLM\software\microsoft\mssmgr\ (13 subtraces) (ID = 937101) 9:55 PM: Registry Sweep Complete, Elapsed Time:00:00:50 9:55 PM: Starting Cookie Sweep 9:55 PM: Found Spy Cookie: about cookie 9:55 PM: queen@trucks.about[1].txt (ID = 2038) 9:55 PM: Found Spy Cookie: ic-live cookie 9:55 PM: queen@ic-live[1].txt (ID = 2821) 9:55 PM: Found Spy Cookie: atwola cookie 9:55 PM: queen@atwola[1].txt (ID = 2255) 9:55 PM: Found Spy Cookie: nextag cookie 9:55 PM: queen@nextag[1].txt (ID = 5014) 9:55 PM: Found Spy Cookie: pub cookie 9:55 PM: queen@pub[1].txt (ID = 3205) 9:55 PM: queen@top40.about[1].txt (ID = 2038) 9:55 PM: queen@genealogy.about[2].txt (ID = 2038) 9:55 PM: Found Spy Cookie: belnk cookie 9:55 PM: queen@belnk[1].txt (ID = 2292) 9:55 PM: Found Spy Cookie: adknowledge cookie 9:55 PM: queen@adknowledge[1].txt (ID = 2072) 9:55 PM: queen@about[2].txt (ID = 2037) 9:55 PM: Found Spy Cookie: homestore cookie 9:55 PM: queen@homestore[1].txt (ID = 2793) 9:55 PM: Found Spy Cookie: bannerspace cookie 9:55 PM: queen@bannerspace[2].txt (ID = 2284) 9:55 PM: queen@dist.belnk[2].txt (ID = 2293) 9:55 PM: Found Spy Cookie: directtrack cookie 9:55 PM: queen@sideshow.directtrack[1].txt (ID = 2528) 9:55 PM: Found Spy Cookie: askmen cookie 9:55 PM: queen@askmen[2].txt (ID = 2247) 9:55 PM: Found Spy Cookie: ask cookie 9:55 PM: queen@ask[1].txt (ID = 2245) 9:55 PM: Found Spy Cookie: azjmp cookie 9:55 PM: queen@azjmp[2].txt (ID = 2270) 9:55 PM: Found Spy Cookie: burstnet cookie 9:55 PM: queen@burstnet[1].txt (ID = 2336) 9:55 PM: Found Spy Cookie: specificclick.com cookie 9:55 PM: queen@adopt.specificclick[1].txt (ID = 3400) 9:55 PM: Cookie Sweep Complete, Elapsed Time: 00:00:01 9:55 PM: Starting File Sweep 9:55 PM: Warning: Failed to open file "c:\hiberfil.sys". Access is denied 9:55 PM: Warning: Failed to open file "c:\pagefile.sys". Access is denied 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\system.log". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\software.log". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\default.log". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\security". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\sam". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\sam.log". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\security.log". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\system". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\software". The process cannot access the file because it is being used by another process 10:09 PM: Warning: Failed to open file "c:\windows\system32\config\default". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\networkservice\ntuser.dat". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\networkservice\ntuser.dat.log". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\ntuser.dat". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\ntuser.dat.log". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb669158f-08da-4a03-bfdb-cb303e0a2b76.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs72949bb0-317a-49a2-9764-162d2f7b43fd.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3e26fc37-29f6-4525-b47f-92d2291f7202.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsc0d6fa9d-e825-4549-811a-d004200d0212.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsaff17054-14fb-4f00-8593-6a40479aeac2.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf53c06ae-9e20-430d-a9b0-d072893aaac0.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsae02d132-4c9b-463d-9d9c-44290a58ebcb.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsab80801c-b629-4f32-a1ee-fd05453dfbe4.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3a5911e8-e597-4666-8918-48af64a276f1.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs54e4fc6d-3789-4ec8-93cb-88cd5cc4b22a.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa129f245-ce93-4ea9-9a71-3e1a8459f768.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs148d4f3c-4d8c-49d6-b15c-d7bde32456a2.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs6094970b-4634-426d-b31f-e933607198ac.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs36ff1c13-a709-4b17-b0de-ca4adc73f384.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs472037f3-11c5-41af-b285-cb9800be7782.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsd9938b0f-b98a-4ed0-84c0-8452034b9807.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf390d7fb-a1aa-4f57-a978-fc73377df8fb.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3b338f35-8865-485a-ad6d-8493aeb6719a.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse633d4af-28fd-43c6-9e99-e3728926aaa5.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3d04114c-0fb1-4d01-a07d-ce2a586963b9.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa8ded84c-d280-4eb2-a39c-874aa5ca9d9c.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsba74d9b0-cf0a-4489-aff1-37385ccfbc79.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsc6b6e6ee-2abc-452f-9211-73078b34f57f.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs6c9cfee1-39d3-4625-ae68-8eca8118f559.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsfc23ef6e-7eed-4f02-b6c0-187a16f5c364.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs915fffff-8e6a-4adc-b3a1-a2d2e53caeac.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs68c90d51-3721-483f-9114-327f995dacb7.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsecfe2805-9c73-41c6-b1aa-a55a5224ec3c.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs2479df37-e6c2-4613-b8f5-7f7c2f927a42.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs27b991a4-c6d3-4bde-91f5-d96a8261c1a5.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs4df7aab8-2e85-4886-b68d-be0c7ef27047.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsbf5d9877-84a3-48ae-8c99-f55790226a2c.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs98b716cb-66ab-4379-92cb-0491f16bc1d4.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs50ec42d1-1590-4cb6-9640-bf1414fe9985.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf501c6c3-4611-4051-b265-8e1d3658bd95.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs5c8ba332-9031-4383-8950-d6c03aa93af4.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3a4a5998-769f-42d5-b320-e0dde77230b3.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb582ac6e-e44b-4b82-877c-e0433bd8e8b0.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs583183ef-5408-4b46-8848-1d27b59d18e1.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs8dd722a6-4dd3-4453-9d07-68c504d92e2b.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs12069626-755f-4edb-a985-1e88c54ad8bb.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsacb6ea38-fb1b-4d81-aada-0298978f6c3a.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs076a33dc-c36e-4914-b6af-9361389940c3.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse6df1013-8290-433a-a6b6-ce5e1dd4bbb5.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs8f651b73-1749-4fbd-b9aa-a7fbafcb2e22.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3d1343f0-b3bf-4c63-b553-4b161476d25a.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs6a6d537d-1d16-4a83-9abc-1f541755bc2e.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsc6584c27-e965-47dc-8b63-2926a77eafc3.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs332c5c4e-59b8-4985-b491-2110aa38d226.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsc7a0a707-4e9f-4bb7-90a4-fd8d9ab3d491.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb788d0ea-4233-4aae-bae5-9c3a803fb5f2.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs175a4048-59c9-4ca2-bd9c-c3e4867f4ab4.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs91f34d92-c249-486c-8086-2058a181e18c.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsfcb63809-c709-4fb9-a1c3-59883e3e15dd.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb1455a87-4950-4ded-89df-b9d2bf49bd40.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs150143e7-4a82-4cdf-bc8c-31f0aa4cdb99.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa0662c6d-005b-4963-8148-3ec3d94d1d1b.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs00ec952e-b21d-4814-8fa2-388484cfa55d.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf41154ef-98d7-4c9d-9ec9-58f72c4a9fb6.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs7eb4a5b0-c48d-48fb-b15d-ef2d0b2c7d4c.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs06aa54da-2221-485b-965d-afae9d67ecbf.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf5b1a61e-d379-40f2-b39d-38ee633c87cf.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse4d8d2e0-b86b-4f77-9ec1-eadcda52f0a2.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs900a39d9-8e0e-4a7a-81bb-fd1adc8aee0f.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse180b24e-4e27-41c0-bf2a-8ed6cd04043f.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse15ea1b8-543e-4129-b01e-af96637187e0.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs0a89aee1-aa88-44d9-af85-ea71b3ee5e36.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs2a06260d-2c85-4cb3-8dd2-67351fb48539.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs0015e261-c9f2-4aaa-bc9f-ab1fba616c82.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsd668a41f-2935-45a4-acc5-d756577e6b09.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs3edd9367-92b5-4838-a407-29458b279539.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs8c80e1ca-245e-4bcf-b563-9f895c97b53e.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscscbf1e011-ff96-4bcf-b681-49619bf13c99.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs190a0d5d-4b7e-4fab-9b02-9a572f3d7958.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs82644433-d610-4712-bd64-41fdadfb57e4.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscse3495ccf-e903-44c8-8f13-07543b086fe7.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf4709a6e-3173-4d1a-b749-bf4ce72bf4e0.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs5a561ff4-42b8-48f0-aac9-88f2869725ff.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs2f4004f2-855f-441a-bb1e-fa74ce910478.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsdc9291c1-b80d-433a-b9da-e88143c5a576.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs17b7a7d2-28cf-4795-9405-a2a52ad3f92f.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs4efdf988-df8a-4dc7-8234-8a5b26b60e29.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs954ddefc-a02a-43a4-af69-cd393fc71ae2.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsaa230cfe-0173-4775-8c72-c400e03ef241.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs72084ce3-4717-4f06-ad3d-257ca056b94b.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs09861488-4a71-4297-962c-490a39fb6a81.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs104aeda3-6bbc-4da4-8098-e0bdd0121ade.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs867506b8-3244-4a9e-a3a9-286dfc0d44c6.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs6429e70f-68a0-44af-b490-f24d65601456.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs1afe6db0-8e1a-4cb9-86b4-056cf03170cb.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf98aa3f3-1dc9-4832-8a2b-688b46c8e5ca.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs76590e2d-5e48-4221-b127-5c222dc04fc7.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs56cbd74e-49f3-4251-9e57-7fba3b1fdda9.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs96105ad3-a4a2-4c95-9c9f-df2df82d58f2.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs133ac851-c7f0-4e79-b8c9-f586eb5b1b1d.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs40b16d2c-539e-4366-881b-2803a1bbbdd9.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs00677308-4f10-4863-8b99-48c87e75a466.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs4852d232-27a7-4e32-adf3-2f59ad9cc502.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs2e229c49-9dc9-49f8-91d7-8633e9ce1f56.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsf8628aac-3b4e-49d4-9cd1-2fd36888e180.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs0750d374-0b84-4c55-93c6-88006ec9b49e.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsa806f1ec-afc6-46b6-97a9-5b9b57ef93f1.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscs2a36ecee-8c59-40cd-86cd-c73ff53cabae.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\sscsb086bf4d-9979-4292-97c8-03fafe6d5c83.tmp". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\king\ntuser.dat". The process cannot access the file because it is being used by another process 10:40 PM: Warning: Failed to open file "c:\documents and settings\king\ntuser.dat.log". The process cannot access the file because it is being used by another process 10:41 PM: Warning: Failed to open file "c:\documents and settings\king\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process 10:41 PM: Warning: Failed to open file "c:\documents and settings\king\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process 11:08 PM: Warning: Unhandled Archive Type 11:11 PM: Found System Monitor: activity monitor 2002 11:11 PM: activmon.zip (ID = 291894) 11:11 PM: Warning: Unhandled Archive Type 11:11 PM: Warning: Unhandled Archive Type 11:11 PM: Warning: Unhandled Archive Type 11:11 PM: Warning: Unhandled Archive Type 11:11 PM: Warning: Unhandled Archive Type 11:12 PM: File Sweep Complete, Elapsed Time: 01:17:30 11:12 PM: Full Sweep has completed. Elapsed time 01:25:30 11:12 PM: Traces Found: 38 11:23 PM: Removal process initiated 11:24 PM: Quarantining All Traces: activity monitor 2002 11:24 PM: Quarantining All Traces: purityscan 11:24 PM: Quarantining All Traces: security2k hijacker 11:24 PM: Quarantining All Traces: trojan agent winlogonhook 11:24 PM: Quarantining All Traces: about cookie 11:24 PM: Quarantining All Traces: adknowledge cookie 11:24 PM: Quarantining All Traces: ask cookie 11:24 PM: Quarantining All Traces: askmen cookie 11:24 PM: Quarantining All Traces: atwola cookie 11:24 PM: Quarantining All Traces: azjmp cookie 11:24 PM: Quarantining All Traces: bannerspace cookie 11:24 PM: Quarantining All Traces: belnk cookie 11:24 PM: Quarantining All Traces: burstnet cookie 11:24 PM: Quarantining All Traces: directtrack cookie 11:24 PM: Quarantining All Traces: homestore cookie 11:24 PM: Quarantining All Traces: ic-live cookie 11:24 PM: Quarantining All Traces: nextag cookie 11:24 PM: Quarantining All Traces: pub cookie 11:24 PM: Quarantining All Traces: specificclick.com cookie 11:24 PM: Removal process completed. Elapsed time 00:00:32 ******** 9:45 PM: | Start of Session, Wednesday, May 17, 2006 | 9:45 PM: Spy Sweeper started 9:46 PM: Your spyware definitions have been updated. 9:47 PM: | End of Session, Wednesday, May 17, 2006 |

#22 Guest_DeputyMoniker_*

Guest_DeputyMoniker_*
  • Guests

Posted 18 May 2006 - 12:35 AM

I was just looking over the log I posted today. I see a lot of problems are comming from my wifes account. Could it still be something I did on my acount or did it probably happen while she was signed in?

#23 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 18 May 2006 - 05:57 AM

Good Morning, I was looking for a rootkit and none showed up. No matter who is signed in, if you download a virus it will effect the whole computer. When you say you are getting popups, what are they and what do they say?? If there just normal popups from say msnbc.com or similiar, you can configure IE to block them by going to Tools> Pop Up Blocker > Turn on Pop Up Blocker or download and install a 3rd party popup blocker. Spysweeper did find traces of infections that where just bits and pieces, it looks like there gone. Ken :D

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#24 Guest_DeputyMoniker_*

Guest_DeputyMoniker_*
  • Guests

Posted 18 May 2006 - 04:52 PM

I very rarely use IE. I stick with FF as much as possible. The pop ups only happen when I click the address bar to type a web address. As soon as I click it I get a "Free PS3" pop up. I always happens when I open a new browser window. I guess its nothing. Im just not used to getting pop ups at all, maybe these guys are finally writing them for FF users too.

#25 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 18 May 2006 - 05:27 PM

DeputyMoniker


I could be off base here but I am suspecious of a couple of things.

1. C:\Program Files\SurfControl\CyberPatrol
I went into this site to see what it was all about and I got about 8 pop up adds.


2. "Free PS3"
You have some Sony software installed and this could be related to an advertisement for a Free Playstation 3


Outside of these, your log looks fine, with all the scans we have run, nothing has jumped out to suggest that this is malware. FF also has a pop up blocker.

Ken :D

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

    Advertisements

Register to Remove

#26 Guest_DeputyMoniker_*

Guest_DeputyMoniker_*
  • Guests

Posted 18 May 2006 - 05:55 PM

That surfcontrol is a parenting tool used for monitoring internet usage. I was testing it out for someone who was looking for an easy tool. Im going to uninstall it now.
The URL for the pop up I get is:
http://a.tribalfusion.com
It may be releated to a banner add I have to pass over to get to my address bar. :P

#27 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 18 May 2006 - 06:01 PM

Read this...


http://www3.ca.com/s...px?id=453075246



In FF, to to Tools > Options> Privacy and clean out your Cookies and Cache

Edited by ken545, 18 May 2006 - 06:06 PM.


 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#28 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 22 May 2006 - 08:11 AM

DeputyMoniker, If your ok at this point I would like to close this thread. Ken :D

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#29 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 26 May 2006 - 05:55 AM

Glad we could be of assistance. This topic is now closed. If you wish it reopened, please send us an email (Click for address) with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Make sure you use proper prevention to keep from having problems occur to your computer in the future.

Coyote's Installed programs for prevention:

http://forums.tomcoy...showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·