Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

WinFixer pop-ups [RESOLVED]

Started by crooner , Nov 18 2005 12:26 AM

  • This topic is locked This topic is locked

#1
crooner
Posted 18 November 2005 - 12:26 AM

crooner

    Member

  • Member
  • PipPip
  • 22 posts
I've been having many pop-ups from WinFixer. After reading through some of your boards, it looks to be fairly common.

I'm running Windows 2000 on an HP laptop. I've run Adware SE, cleared cookies, temp files and run a Norton Virus Scan.

Here's the HiJackThis notes...


Logfile of HijackThis v1.99.1
Scan saved at 11:42:47 PM, on 11/17/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\WINNT\loadqm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb01.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\unzipped\hijackthis\HijackThis.exe

O2 - BHO: MSEvents Object - {B313D637-F405-4052-AC37-E2119AB3C8F8} - C:\WINNT\System32\khfcd.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb01.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O20 - Winlogon Notify: khfcd - C:\WINNT\System32\khfcd.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  • 0

Advertisements

#2
John_L
Posted 18 November 2005 - 07:23 AM

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Hello Crooner and welocome to Geeks To Go :tazz:

Please run this tool and lets see what it does for us.

Please download WebRoot SpySweeper from HERE (It's a 2 week trial):
  • Click the Free Trial link under to "SpySweeper" to download the program.
  • Install it. Once the program is installed, it will open.
  • It will prompt you to update to the latest definitions, click Yes.
  • Once the definitions are installed, click Options on the left side.
  • Click the Sweep Options tab.
  • Under What to Sweep please put a check next to the following:
    • Sweep Memory
    • Sweep Registry
    • Sweep Cookies
    • Sweep All User Accounts
    • Enable Direct Disk Sweeping
    • Sweep Contents of Compressed Files
    • Sweep for Rootkits
    • Please UNCHECK Do not Sweep System Restore Folder.
  • Click Sweep Now on the left side.
  • Click the Start button.
  • When it's done scanning, click the Next button.
  • Make sure everything has a check next to it, then click the Next button.
  • It will remove all of the items found.
  • Click Session Log in the upper right corner, copy everything in that window.
  • Click the Summary tab and click Finish.
  • Paste the contents of the session log you copied into your next reply.

  • 0

#3
crooner
Posted 18 November 2005 - 07:57 PM

crooner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
After my first scan, my computer froze after selecting to remove all of the items found. When I was able to restart, I scanned a second time. It appears both logs are here. I highlighted what I saw from WinFixer in bold.


6:54 PM: | Start of Session, Friday, November 18, 2005 |
6:54 PM: Spy Sweeper started
6:54 PM: Sweep initiated using definitions version 574
6:54 PM: Starting Memory Sweep
7:02 PM: Memory Sweep Complete, Elapsed Time: 00:08:00
7:02 PM: Starting Registry Sweep
7:03 PM: Found Adware: multidial
7:03 PM: HKCR\dialerr.dialerr\ (3 subtraces) (ID = 135344)
7:03 PM: HKLM\software\classes\dialerr.dialerr\ (3 subtraces) (ID = 135355)
7:04 PM: HKCR\dialerr.dialerr.1\ (3 subtraces) (ID = 661961)
7:04 PM: HKCR\icwconn.apprentice\ (5 subtraces) (ID = 661963)
7:04 PM: HKCR\icwconn.gifconvert\ (5 subtraces) (ID = 661968)
7:04 PM: HKCR\icwconn.ispdata\ (5 subtraces) (ID = 661973)
7:04 PM: HKCR\icwconn.walker\ (5 subtraces) (ID = 661978)
7:04 PM: HKCR\icwconn.webview\ (5 subtraces) (ID = 661983)
7:04 PM: HKCR\icwsystemconfig.icwsystemconfig\ (3 subtraces) (ID = 661988)
7:04 PM: HKCR\inshandler.inshandler\ (3 subtraces) (ID = 661992)
7:04 PM: HKCR\refdial.refdial\ (3 subtraces) (ID = 661996)
7:04 PM: HKCR\smartstart.smartstart\ (3 subtraces) (ID = 662000)
7:04 PM: HKCR\tapilocationinfo.tapilocationinfo\ (3 subtraces) (ID = 662004)
7:04 PM: HKCR\userinfo.userinfo\ (3 subtraces) (ID = 662008)
7:04 PM: HKCR\webgate.webgate\ (3 subtraces) (ID = 662012)
7:04 PM: HKCR\clsid\{462f7758-8848-11d1-add8-0000f87734f0}\control\ (ID = 662065)
7:04 PM: HKLM\software\classes\dialerr.dialerr.1\ (3 subtraces) (ID = 662143)
7:04 PM: Registry Sweep Complete, Elapsed Time:00:01:54
7:04 PM: Starting Cookie Sweep
7:04 PM: Found Spy Cookie: fe.lea.lycos.com cookie
7:04 PM: [email protected][1].txt (ID = 2660)
7:04 PM: Found Spy Cookie: mircx cookie
7:04 PM: [email protected][1].txt (ID = 2998)
7:04 PM: Found Spy Cookie: burstnet cookie
7:04 PM: [email protected][1].txt (ID = 2337)
7:04 PM: Found Spy Cookie: screensavers.com cookie
7:04 PM: [email protected][1].txt (ID = 3298)
7:04 PM: Found Spy Cookie: toplist cookie
7:04 PM: bain@toplist[1].txt (ID = 3557)
7:04 PM: Found Spy Cookie: rightmedia cookie
7:04 PM: bain@rightmedia[1].txt (ID = 3259)
7:04 PM: Found Spy Cookie: xiti cookie
7:04 PM: bain@xiti[1].txt (ID = 3717)
7:04 PM: Found Spy Cookie: atwola cookie
7:04 PM: bain@atwola[2].txt (ID = 2255)
7:04 PM: Found Spy Cookie: reliablestats cookie
7:04 PM: [email protected][2].txt (ID = 3254)
7:04 PM: Found Spy Cookie: nextag cookie
7:04 PM: bain@nextag[2].txt (ID = 5014)
7:04 PM: Found Spy Cookie: ask cookie
7:04 PM: bain@ask[1].txt (ID = 2245)
7:04 PM: Found Spy Cookie: tribalfusion cookie
7:04 PM: [email protected][1].txt (ID = 3590)
7:04 PM: Found Spy Cookie: starware.com cookie
7:04 PM: bain@starware[2].txt (ID = 3441)
7:04 PM: [email protected][1].txt (ID = 3298)
7:04 PM: Found Spy Cookie: specificclick.com cookie
7:04 PM: [email protected][2].txt (ID = 3400)
7:04 PM: Found Spy Cookie: adlegend cookie
7:04 PM: bain@adlegend[1].txt (ID = 2074)
7:04 PM: Found Spy Cookie: hbmediapro cookie
7:04 PM: [email protected][2].txt (ID = 2768)
7:04 PM: Found Spy Cookie: hotbar cookie
7:04 PM: [email protected][2].txt (ID = 4207)
7:04 PM: Found Spy Cookie: adknowledge cookie
7:04 PM: bain@adknowledge[1].txt (ID = 2072)
7:04 PM: Found Spy Cookie: belnk cookie
7:04 PM: [email protected][2].txt (ID = 2293)
7:04 PM: bain@belnk[1].txt (ID = 2292)
7:04 PM: Found Spy Cookie: 2o7.net cookie
7:04 PM: [email protected][2].txt (ID = 1958)
7:04 PM: Found Spy Cookie: burstbeacon cookie
7:04 PM: [email protected][2].txt (ID = 2335)
7:04 PM: Found Spy Cookie: go.com cookie
7:04 PM: bain@go[2].txt (ID = 2728)
7:04 PM: [email protected][1].txt (ID = 2729)
7:04 PM: [email protected][2].txt (ID = 2729)
7:04 PM: Found Spy Cookie: 360i cookie
7:04 PM: [email protected][2].txt (ID = 1962)
7:04 PM: bain@burstnet[1].txt (ID = 2336)
7:04 PM: [email protected][2].txt (ID = 2293)
7:04 PM: Found Spy Cookie: yieldmanager cookie
7:04 PM: [email protected][1].txt (ID = 3751)
7:04 PM: Cookie Sweep Complete, Elapsed Time: 00:00:09
7:04 PM: Starting File Sweep
7:04 PM: Warning: Failed to open file "c:\pagefile.sys". Access is denied
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\software.log". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\default.log". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\security". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\security.log". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\system.alt". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\sam". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\sam.log". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\system". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\software". The process cannot access the file because it is being used by another process
7:19 PM: Warning: Failed to open file "c:\winnt\system32\config\default". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscse106fe64-d5b6-4930-b1ce-1f764e4dd3fc.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsf3007e4a-4425-4cc2-add7-c4fcd4b3f924.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsf783a883-26e5-4461-afea-bf1647365761.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5986d40f-33e4-425a-b312-ba50f7128bb7.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsdfa92736-948a-4ea3-b221-45288b094848.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs788318cb-fc04-484c-88c6-bd4c95856a61.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsba0a7982-b4a6-4025-8700-97a8e46bb66c.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs0b891a9f-3d46-43ca-803b-bffaf6456ccd.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsf01c48f4-f4b0-4b03-a6eb-5dfa51c03a2b.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs773e912b-0792-4721-b3ec-b3d1a1be3854.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs7f0777c5-aeed-43cd-8309-0625b3f8a34f.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs2e6b0326-19e4-477f-9611-0f5443ea1c59.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs6519ed29-f970-4212-b0d6-3de7e62930fc.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9feb9409-2555-43bf-9740-27ffbdf4ebb5.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa2944f77-11eb-492c-ae83-c2d30dd68e0a.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsb1a2c352-b914-451e-8064-03e3088b1966.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsed062f70-7679-4399-9975-c2f89148f9fc.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs05a9edb9-cf4c-4fc2-89a3-1609a41ce1ba.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs67a237e9-67c3-4006-879b-42e3b123b2e7.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs3136d740-e0eb-4ab2-8ed4-c521b092dad0.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs1829d71a-94e7-4011-b95d-87d97869bca2.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs84051b42-5e4f-42af-9fa3-c059b091840b.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs28298fb8-b9a7-442a-aa0a-1e9dbe3de0ca.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs040d5fcd-5755-48e9-8414-5e030e5d292c.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs45ea368d-1c2f-4452-bb78-3eacbffb05af.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5fa3ab39-9561-4db6-b4e4-a2878e8bc31c.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs16c3a467-89c6-4457-9436-97799800d539.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs47c68ec9-7e18-4299-87fd-42da17b0fbda.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5614c5e1-950d-4627-88cc-5c9ff02716fa.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5b044d28-f883-4966-a544-cb13302fd55d.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa4dc5861-5387-4f8e-ab9b-4f6fbffe27f9.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs82e65afd-dc2b-49a6-bd35-a89ef4724ddf.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs173732b8-06d3-4e10-9fe5-8977659b0846.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsc107116f-ee15-4a0e-9925-d43b12fd3d26.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa897353e-4688-4546-9fa0-79968f1b06d3.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsb7ef4e64-4fee-41ec-8284-9df3a8ba3b9f.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsd5eee933-db02-4b31-978f-671dd0c5be61.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs2ebf2686-77db-458b-b62a-ff82a6326a95.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs56479461-00f8-43a3-9c8f-a1533ac45425.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs74c409c1-bcb1-42d8-adfe-12f184fe29de.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs8dce44b6-9d43-45c9-98da-935ec8babd31.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscse3a51bce-9eaf-4814-b3c3-cf081da2ce78.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscse423df47-330a-4a2b-a633-42570eb2f2d7.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa8060280-4301-414b-b555-18992d2dabda.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs249028ac-d445-4719-84fb-fd7b3cbf0206.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs4e306c89-6679-4cc7-94a2-28869429a49b.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs78656be8-706e-4f9c-9741-e138ab65d3cf.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs3e105195-a431-4f6c-a070-5216838f90f6.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsae546a1a-3bda-4a7d-89eb-554b94b7186b.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs482b0a6b-0a52-4785-92d1-8569959f9bc6.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs88f678fd-61bb-4049-99f1-c66f3ac9704d.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsca78dc56-9fda-4daf-9c4e-ceee5398a33c.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5d72744e-71f2-44e7-905b-962da277e5d6.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsb39ff165-4d84-4095-8874-ac94c621e39c.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs3f6eda61-2604-4c81-91ba-cfd45a5c1b15.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9cca30a4-5c22-4b67-ad2a-d5250d4f9f3b.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa9216898-c6ec-40d2-8bda-8181d957a8ce.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs439fb0ab-1b61-4466-86e6-913f7b41596e.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5b1aacd5-c644-4869-bad8-6ad11096fec8.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs6741a7cf-869f-4af0-84aa-fdaa6ed9ca68.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs147dca23-5bf7-4156-b90e-9c9d3f146eab.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsf87fb0e9-b956-4d2f-bd66-67b1d9fad2ac.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsee3c0d72-e60d-4406-905f-2ba8d3e6a650.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs8855080d-ef44-488e-946c-f710bd87ac6e.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs21d24526-f4d2-4929-a445-88bc1cf99864.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9bec8b84-f54c-4b6c-bb8e-fe705d83f069.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs01f13667-75c4-4739-ad11-b8361d17e0f1.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs42b408b0-9c2a-46ba-a074-c6434a13038e.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsdb4f1d78-ef42-4e8d-af35-c9840fd9b53f.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs670760cd-c8be-481b-8f84-55d1818a6126.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsf7d7c6b6-ed14-4cc2-b247-34b00fc8c962.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs096eadb9-8f4c-4155-a908-9870fedee912.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9f1455e9-71d6-44a4-a838-5bbddb669111.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs96715220-f538-4043-8f06-41e966c59fe8.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs3f2aec7b-6997-4f22-9154-8afab5db7381.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsaf88bd98-5e7e-4e66-abcb-bf1013836611.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9347663f-8c04-4c88-acd7-152f97ea83e5.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsb6cdd1f4-24cf-4d2b-99d0-dd4ffd4cd7d8.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs50dec3c6-cba8-4f7a-8aec-612839313d46.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs6bed6462-67dc-40fc-b4d7-c50e81dee89c.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs30646663-4376-42d7-a22d-1b4d0563db32.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs97a42118-c008-4ee0-a312-fb700935f165.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsafd89999-d780-4080-a503-4008052442be.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs2067e3fb-1c67-4575-9e63-017ba8e34ca3.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs483a1af1-8f3c-4124-83bd-3b88552f1b11.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsabf40cd9-f044-46a0-8e15-12b312563bee.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscscaed69cc-10f4-40f3-858e-427562746c4f.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsb277a799-f46a-40e1-a1d1-f8491712e607.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs26b47567-5cd6-4298-bc11-763f8073b4ba.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs1a28aec4-c20e-43ff-8ff6-16146348ad3e.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs4b45969c-dc08-482c-87cf-e6694ba4b722.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa06b426c-8522-4440-94ad-d78fc7c41639.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs489c2c1f-357f-42fe-8685-322433d6c75e.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs926bbe57-ffdf-453e-b5f3-a415d95bc7f1.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs4723252e-390e-48e7-a3fb-e6e852c66272.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs634fa750-4408-4a53-8bd0-712a3818d122.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs2d777b63-2e49-40f4-be3b-18831a97b5d1.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsf35ab533-8844-4fb2-836f-28cddd3a3dc1.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs90b324f3-cd47-4360-823c-2eefc1608d94.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9c744a01-1355-4c5a-ad48-cec8a442864b.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9588f0d0-ee4c-4bc3-8368-264fe2181e9e.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsba5a3ef1-399f-4098-8aab-f98c2f8cc37a.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs434eb47f-ba35-41b3-960c-987ce18fa326.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs36f898cf-4f72-4113-a5b5-18433e282c93.tmp". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\bain\ntuser.dat". The process cannot access the file because it is being used by another process
7:25 PM: Warning: Failed to open file "c:\documents and settings\bain\ntuser.dat.log". The process cannot access the file because it is being used by another process
7:33 PM: Warning: Failed to open file "c:\documents and settings\bain\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process
7:33 PM: Warning: Failed to open file "c:\documents and settings\bain\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process
7:34 PM: File Sweep Complete, Elapsed Time: 00:29:55
7:34 PM: Full Sweep has completed. Elapsed time 00:40:11
7:34 PM: Traces Found: 105
7:52 PM: Removal process initiated
7:52 PM: Quarantining All Traces: multidial
7:53 PM: Quarantining All Traces: 2o7.net cookie
7:53 PM: Quarantining All Traces: 360i cookie
7:53 PM: Quarantining All Traces: adknowledge cookie
7:53 PM: Quarantining All Traces: adlegend cookie
7:53 PM: Quarantining All Traces: ask cookie
7:53 PM: Quarantining All Traces: atwola cookie
7:53 PM: Quarantining All Traces: belnk cookie
7:53 PM: Quarantining All Traces: burstbeacon cookie
7:53 PM: Quarantining All Traces: burstnet cookie
7:53 PM: Quarantining All Traces: fe.lea.lycos.com cookie
7:53 PM: Quarantining All Traces: go.com cookie
7:53 PM: Quarantining All Traces: hbmediapro cookie
7:53 PM: Quarantining All Traces: hotbar cookie
7:53 PM: Quarantining All Traces: mircx cookie
7:53 PM: Quarantining All Traces: nextag cookie
7:53 PM: Quarantining All Traces: reliablestats cookie
7:53 PM: Quarantining All Traces: rightmedia cookie
7:53 PM: Quarantining All Traces: screensavers.com cookie
7:53 PM: Quarantining All Traces: specificclick.com cookie
7:53 PM: Quarantining All Traces: starware.com cookie
7:53 PM: Quarantining All Traces: toplist cookie
7:53 PM: Quarantining All Traces: tribalfusion cookie
7:53 PM: Quarantining All Traces: xiti cookie
7:53 PM: Quarantining All Traces: yieldmanager cookie
7:53 PM: Removal process completed. Elapsed time 00:00:40
********
5:30 PM: | Start of Session, Friday, November 18, 2005 |
5:30 PM: Spy Sweeper started
5:30 PM: Sweep initiated using definitions version 574
5:30 PM: Starting Memory Sweep
5:34 PM: Found Adware: virtumonde
5:34 PM: Detected running threat: C:\WINNT\system32\khfcd.dll (ID = 77)
5:46 PM: Memory Sweep Complete, Elapsed Time: 00:15:57
5:46 PM: Starting Registry Sweep
5:48 PM: Found Adware: multidial
5:48 PM: HKCR\dialerr.dialerr\ (3 subtraces) (ID = 135344)
5:48 PM: HKLM\software\classes\dialerr.dialerr\ (3 subtraces) (ID = 135355)
5:48 PM: HKCR\dialerr.dialerr.1\ (3 subtraces) (ID = 661961)
5:48 PM: HKCR\icwconn.apprentice\ (5 subtraces) (ID = 661963)
5:48 PM: HKCR\icwconn.gifconvert\ (5 subtraces) (ID = 661968)
5:48 PM: HKCR\icwconn.ispdata\ (5 subtraces) (ID = 661973)
5:48 PM: HKCR\icwconn.walker\ (5 subtraces) (ID = 661978)
5:48 PM: HKCR\icwconn.webview\ (5 subtraces) (ID = 661983)
5:48 PM: HKCR\icwsystemconfig.icwsystemconfig\ (3 subtraces) (ID = 661988)
5:48 PM: HKCR\inshandler.inshandler\ (3 subtraces) (ID = 661992)
5:48 PM: HKCR\refdial.refdial\ (3 subtraces) (ID = 661996)
5:48 PM: HKCR\smartstart.smartstart\ (3 subtraces) (ID = 662000)
5:48 PM: HKCR\tapilocationinfo.tapilocationinfo\ (3 subtraces) (ID = 662004)
5:48 PM: HKCR\userinfo.userinfo\ (3 subtraces) (ID = 662008)
5:48 PM: HKCR\webgate.webgate\ (3 subtraces) (ID = 662012)
5:48 PM: HKCR\clsid\{462f7758-8848-11d1-add8-0000f87734f0}\control\ (ID = 662065)
5:48 PM: HKLM\software\classes\dialerr.dialerr.1\ (3 subtraces) (ID = 662143)
5:49 PM: Registry Sweep Complete, Elapsed Time:00:02:30
5:49 PM: Starting Cookie Sweep
5:49 PM: Found Spy Cookie: fe.lea.lycos.com cookie
5:49 PM: [email protected][1].txt (ID = 2660)
5:49 PM: Found Spy Cookie: mircx cookie
5:49 PM: [email protected][1].txt (ID = 2998)
5:49 PM: Found Spy Cookie: burstnet cookie
5:49 PM: [email protected][1].txt (ID = 2337)
5:49 PM: Found Spy Cookie: screensavers.com cookie
5:49 PM: [email protected][1].txt (ID = 3298)
5:49 PM: Found Spy Cookie: toplist cookie
5:49 PM: bain@toplist[1].txt (ID = 3557)
5:49 PM: Found Spy Cookie: rightmedia cookie
5:49 PM: bain@rightmedia[1].txt (ID = 3259)
5:49 PM: Found Spy Cookie: xiti cookie
5:49 PM: bain@xiti[1].txt (ID = 3717)
5:49 PM: Found Spy Cookie: atwola cookie
5:49 PM: bain@atwola[2].txt (ID = 2255)
5:49 PM: Found Spy Cookie: reliablestats cookie
5:49 PM: [email protected][2].txt (ID = 3254)
5:49 PM: Found Spy Cookie: nextag cookie
5:49 PM: bain@nextag[2].txt (ID = 5014)
5:49 PM: Found Spy Cookie: ask cookie
5:49 PM: bain@ask[1].txt (ID = 2245)
5:49 PM: Found Spy Cookie: tribalfusion cookie
5:49 PM: [email protected][1].txt (ID = 3590)
5:49 PM: Found Spy Cookie: starware.com cookie
5:49 PM: bain@starware[2].txt (ID = 3441)
5:49 PM: [email protected][1].txt (ID = 3298)
5:49 PM: Found Spy Cookie: specificclick.com cookie
5:49 PM: [email protected][2].txt (ID = 3400)
5:49 PM: Found Spy Cookie: adlegend cookie
5:49 PM: bain@adlegend[1].txt (ID = 2074)
5:49 PM: Found Spy Cookie: hbmediapro cookie
5:49 PM: [email protected][2].txt (ID = 2768)
5:49 PM: Found Spy Cookie: hotbar cookie
5:49 PM: [email protected][2].txt (ID = 4207)
5:49 PM: Found Spy Cookie: adknowledge cookie
5:49 PM: bain@adknowledge[1].txt (ID = 2072)
5:49 PM: Found Spy Cookie: belnk cookie
5:49 PM: [email protected][2].txt (ID = 2293)
5:49 PM: bain@belnk[1].txt (ID = 2292)
5:49 PM: Found Spy Cookie: 2o7.net cookie
5:49 PM: [email protected][2].txt (ID = 1958)
5:49 PM: Found Spy Cookie: burstbeacon cookie
5:49 PM: [email protected][2].txt (ID = 2335)
5:49 PM: Found Spy Cookie: go.com cookie
5:49 PM: bain@go[2].txt (ID = 2728)
5:49 PM: [email protected][1].txt (ID = 2729)
5:49 PM: [email protected][2].txt (ID = 2729)
5:49 PM: Found Spy Cookie: 360i cookie
5:49 PM: [email protected][2].txt (ID = 1962)
5:49 PM: bain@burstnet[1].txt (ID = 2336)
5:49 PM: [email protected][2].txt (ID = 2293)
5:49 PM: Found Spy Cookie: yieldmanager cookie
5:49 PM: [email protected][1].txt (ID = 3751)
5:49 PM: Cookie Sweep Complete, Elapsed Time: 00:00:09
5:49 PM: Starting File Sweep
5:49 PM: Warning: Failed to open file "c:\pagefile.sys". Access is denied
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\software.log". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\default.log". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\security". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\security.log". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\system.alt". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\sam". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\sam.log". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\system". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\software". The process cannot access the file because it is being used by another process
6:04 PM: Warning: Failed to open file "c:\winnt\system32\config\default". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs47c53297-027f-4a0d-9786-62bf5bdc4e6f.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs1a0cb1c7-b886-425c-99a4-fd6821cb3bae.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs6155c66d-f1a0-4c83-8a33-6ec3005b5d02.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs239ea01d-f22f-4491-aeed-50ee333705b4.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa23b7c9e-6fd2-45ce-b7d1-1be38709c766.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsaa90e16b-6a23-464f-9a18-3bda3455aafc.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsab198e16-4b76-4dbd-b95c-78b5de19914a.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs8b98d37c-9b75-40d9-bf6a-1c6b91e84d04.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs115b46d7-13f8-4e04-90cb-0322e6656945.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs810730c1-b71e-46ab-9806-49b8d4b60425.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs82601a99-a307-4a68-968b-11e0c1ee4f4c.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs74e66d1d-6228-432a-b5df-bc240130c5db.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs2c2b1852-2e23-40de-b97b-c7f8220b7a5d.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsdd8e88b2-7c69-4826-9dcf-9070658649c3.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs3732759e-8f93-46b1-a53b-2acfb5881020.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs212503da-d6e5-4cc9-92ad-f16f718c9dec.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs18d95956-f6e7-48a9-aa19-4f28529b29ce.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsd487e8f0-72ae-4b2e-a4fd-419b2f39e819.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscse3549c50-aaa3-4799-8387-63c618adaf08.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9ba320a4-0d5e-481e-9c1e-aa600e6313bf.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5e4f2509-5229-45b0-bb52-e7301ca5c4c9.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsc12bdaab-082c-4f64-95c5-15b06849a2c9.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs96410ce6-cc91-4e7e-ad78-68a4b89d0f88.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscscf72ff39-1d02-491f-b9d8-a1aec631689c.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9f5692a7-554f-4eba-9b1b-06669ffff879.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5adaf17a-ec8d-434e-9f97-9ae3c565e078.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs040fe627-3e2b-4a06-959f-b99db95f4908.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs31093ce3-0730-4d21-935e-406c3b7336ad.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs645cc07a-8247-4335-a672-c21717660006.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsde339778-7788-453a-9dde-18edf7dbb613.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsb3ed8fb5-8868-4991-9527-f2975060e91e.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa013dabb-a213-4bb0-b97c-a9e70c708b0e.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsc137a1a7-9d3f-4c76-a2c2-d22ee061fd59.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsa1e5a532-0298-4ecb-9523-33ab72e563e8.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs33a77289-877f-43c4-a056-6d2e8760dbdd.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscseb017c08-02c2-4e9b-92c7-a429174f7f47.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs2dcb1672-ef1b-4021-a21e-86af57c8ddf7.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs474e384c-4886-4bd9-883a-395d035a43ba.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs19812a3c-ef53-4599-997e-a762e7b8e056.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs6fd972a2-5d8d-4dad-95be-5b8c0fa77414.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs229c095d-e063-4dd9-a66f-2d479724a092.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsc310168f-4e72-4b6d-b068-ea35fa89cc80.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs72ae6554-a6f1-41cc-981f-542dea179994.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs7db70c7a-65fe-45df-83e6-d470e7791492.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs8200be4a-7d02-4667-addc-4a7047074f72.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs3a90c0d6-11e5-49e4-8167-6850c939b471.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs781da430-401e-4a3b-b883-6cd45aafcb2d.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs8632ac63-7466-4609-9aa2-a9da6192d643.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs25e35e52-ee4f-4ce7-bd13-f0373d8a0ec1.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs61267518-ae5f-4a82-ae43-a0ae5ba4c990.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs894256d5-1999-413f-9c8f-ed3051f02a3b.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscscbb1a894-2fbd-4e57-ad08-41cd507bfb85.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs9bbfc1c3-1065-4851-afa9-0403b37f80af.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs50097128-13ff-4265-a358-ce59ba1bc1c1.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs2905ed2d-0e73-4723-bc9d-43f8a5f15002.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs530c7d99-8a54-4752-85e3-796909cdb93e.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscse6872213-827a-4aa9-a11f-360b3f374feb.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsd3e903b3-6613-44c5-a2b0-9141525949c6.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs48875e79-3dfb-4373-9e18-9510b08c44fc.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs59bb2c31-2d35-4053-9e6b-3715ff0ca936.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs0b8156c4-faae-4b3a-a2b6-63c40b3c5fb2.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs274bc2f2-341c-4606-98c1-78b69e49609b.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file &q
  • 0

#4
crooner
Posted 18 November 2005 - 08:04 PM

crooner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Continued from previous post...



6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscse43ee3f9-6358-489a-ac50-5cfe568e5305.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs35cb2b92-d97e-48ec-84ee-f2e4a6bbb96c.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsddc278c1-02c1-4699-9906-4674fe30819f.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs23bd2569-16c4-4350-8d23-d30361329e0f.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsde09722e-f409-4cd7-9a53-73c0ff202ed0.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs7c03bb7d-3ac2-475f-80d3-65bc35ef6cdc.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs85661bb6-30d1-4a92-b6d1-11cf17858b0b.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs55ea4051-1614-48d8-a0df-07c8083aa1ad.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs17cf2f79-05a1-4972-bee5-4d2de0f50e31.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs708016b8-fef6-4e60-aeac-898ca11dc937.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs40ca935b-c99a-4b81-bb0e-17d6f2220802.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs382a6417-7cc9-4e5f-a6fe-8660d09dae06.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5ddcbd35-5914-431a-bb91-2a92b8554eb6.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsd0a7f36d-9d2f-4f48-9e5e-c7e4e815a613.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsc5c2333e-9e52-4480-a208-5ecc71626c77.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs3f8064df-1eea-4a0e-9630-cf2343a45be0.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsbf933963-f1d8-4e9a-bc37-e1ba8a640acb.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs0298e1db-2cb2-4560-9e71-71125e9ab239.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs08e0fdae-db76-46da-9a52-e77190eb3ab3.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs8b96542d-bee1-4d27-86c8-d85255abb056.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsfaef6827-775d-4eb9-8d3a-1d116bd31780.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs851f4321-fc2d-45cb-ae5f-e6fbcc1b8ff3.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs46cd5dc5-5c5b-4fca-822e-2238717f3eb6.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs74d0029e-fa42-439a-9e64-c1d9438f38a1.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs7b7764ad-6780-4d47-97a3-022344b207ee.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs13527255-7cb6-4a53-aacf-d4c76067599b.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsfefba82d-e45e-4d4c-9f24-435b51d0824b.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsf77d4eb5-e404-44db-b7d8-4289ef996dca.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs97ee4b42-08d9-44a3-88ef-309b77aa6c8d.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsc2fdd975-d0b4-4a60-8470-40f69b2c3900.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs71c92caf-64c5-443a-9661-edc4d08d9d07.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscsd69bfe4c-7675-4223-9b68-6fe807d1dea4.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs263f9216-176c-4009-b816-5d543e207ad2.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs8160837c-b00f-42e2-8bb4-ba83c78283e2.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5e33707d-1ad0-486c-96c6-6aaeeeb015db.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscse7358654-7ca2-4b2d-8d1b-ff6ad519e076.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs996df2f2-206a-4d70-9a18-6750a89a85b8.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs6c15bb4b-b66f-4f3a-baa6-87227c015bf0.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs20aa3a9a-d3e0-4d56-9634-a2827fc5b8e8.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs5b7d6f62-f98c-4c23-9a55-f58fe3975b40.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscse7f18599-3c8d-456b-b749-27977a32f984.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\all users\application data\webroot\spy sweeper\temp\sscs702ca4b3-a680-4dd0-8bed-12bf80b0fec2.tmp". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\bain\ntuser.dat". The process cannot access the file because it is being used by another process
6:11 PM: Warning: Failed to open file "c:\documents and settings\bain\ntuser.dat.log". The process cannot access the file because it is being used by another process
6:21 PM: Warning: Failed to open file "c:\documents and settings\bain\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process
6:21 PM: Warning: Failed to open file "c:\documents and settings\bain\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process
6:22 PM: Found Adware: winantispyware 2005
6:22 PM: winfixerscannerinstall[1].cab (ID = 194452)
6:28 PM: Warning: Unhandled Archive Type
6:28 PM: Warning: Unhandled Archive Type
6:28 PM: Warning: Unhandled Archive Type
6:28 PM: Warning: Unhandled Archive Type
6:28 PM: Warning: Unhandled Archive Type
6:28 PM: Warning: Unhandled Archive Type
6:28 PM: Warning: Unhandled Archive Type
6:29 PM: File Sweep Complete, Elapsed Time: 00:39:37
6:29 PM: Full Sweep has completed. Elapsed time 00:58:29
6:29 PM: Traces Found: 107
6:30 PM: Removal process initiated
6:30 PM: Quarantining All Traces: virtumonde
********
5:24 PM: | Start of Session, Friday, November 18, 2005 |
5:24 PM: Spy Sweeper started
5:28 PM: Your spyware definitions have been updated.
5:30 PM: | End of Session, Friday, November 18, 2005 |
  • 0

#5
John_L
Posted 18 November 2005 - 08:29 PM

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Hello again :tazz:

Can you please show me another hijack log? I seemed to have forgot to add that part.
  • 0

#6
crooner
Posted 18 November 2005 - 10:13 PM

crooner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
HiJack log....


Logfile of HijackThis v1.99.1
Scan saved at 10:26:14 PM, on 11/18/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINNT\Explorer.exe
C:\WINNT\loadqm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb01.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Bain\Desktop\Installs\SRip32.exe
C:\Documents and Settings\Bain\Desktop\Installs\HijackThis.exe

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb01.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O20 - Winlogon Notify: WRNotifier - C:\WINNT\SYSTEM32\WRLogonNTF.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
  • 0

#7
John_L
Posted 19 November 2005 - 03:03 PM

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Hello again :)

Looks all good from this end, congrats you are clean :tazz:

Since your issues have been addressed and you are ready to travel the net again, I will just give you a few ideas on how to stay safe out there. Best of all these programs are all readily available on the net for free :)

To reduce the potential for spyware infection in the future, I strongly recommend installing SpywareBlaster and SpyWareGuard.

SpywareBlaster and SpywareGuard are by JavaCool and both are free programs. SpywareBlaster will prevent spyware from being installed and consumes no system resources. SpywareGuard offers realtime protection from spyware installation attempts.

More info and download is available at:

Spyware Blaster Spyware Guard

Might I suggest the following Free Spyware programs for added security, you can download them at the following links. These programs work great for detection:

Ad-aware SE--Adaware Tutorial

Spybot S&D--Spybot Tutorial

Antiviruses play an important role in keeping your computer safe and worry free while using the net. *NOTE* Only one antivirus must be allowed to run on your computer, as having two or more running can and will cause conflicts.

AVG Avast

Firewalls are also a must in any good prevention :

Zone Alarm Sygate Kerio

There are different browsers available on the net, other than Internet Explorer, we believe!! these are better for security purposes :

Firefox Opera

You must stay on top of your updates at all times, for the above mentioned applications.

It is vitally important to stay on top of your critical updates provided by microsoft.

This can be accessed by going to Windows Updates and following the prompts.

To add to the performance of your computer, i suggest a weekly maintenance program. Run this tool. Ccleaner

Lastly a second opinion on the Antivirus that you have chosen. I suggest running these online virus scans periodically, just to make sure that the av is doing a proper job, of keeping you safe :

Rav Online Scan Housecall Online Scan Panda Activescan

Housecall Java Online Scan<---For those who use Firefox

And finally a little Posted Image How did I get infected in the first place ? (by Mr. Tony Klein)

Good luck and safe surfing :woot:
  • 0

#8
crooner
Posted 21 November 2005 - 12:21 AM

crooner

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
I haven't had a problem since the WebRoot Spy Sweeper did it's thing.

Thank you for your help and for recomending some downloads.
  • 0

#9
John_L
Posted 21 November 2005 - 07:01 AM

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
That's great to hear :)

Your very welcome, thanks for stopping by, and safe surfing. :tazz:

Edited by John_L, 21 November 2005 - 07:01 AM.

  • 0

#10
John_L
Posted 21 November 2005 - 07:01 AM

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP