Anti-Spyware
I ran SpySweeper right away 'cuz it takes forever to run.
How do you download the free edition of AVG Anti-Spyware / Anti-Virus??
Here are the results from SpySweeper:
8:44 PM: None
8:44 PM: Traces Found: 0
8:44 PM: Custom Sweep has completed. Elapsed time 01:15:42
8:44 PM: File Sweep Complete, Elapsed Time: 01:09:28
8:44 PM: Warning: Access violation at address 00401D84 in module 'SpySweeper.exe'. Read of address 7E40000C
8:44 PM: Warning: Access violation at address 005A985C in module 'SpySweeper.exe'. Read of address 0000038C
(This Warning was repeated hundreds of times!)
8:17 PM: Warning: AntiVirus engine returned [File Encrypted] on [c:\program files\adobe\acrobat 7.0\reader\websearch\websearchenu.pdf]
8:17 PM: Warning: AntiVirus engine returned [File Encrypted] on [c:\program files\adobe\acrobat 7.0\reader\messages\enu\rdrmsgenu.pdf]
8:17 PM: Warning: AntiVirus engine returned [File Encrypted] on [c:\program files\adobe\acrobat 7.0\reader\messages\enu\read0600win_enuyhoo0010.pd f]
8:17 PM: Warning: AntiVirus engine returned [File Encrypted] on [c:\program files\adobe\acrobat 7.0\reader\messages\rdrmsgsplash.pdf]
8:14 PM: Warning: AntiVirus engine returned [File Encrypted] on [c:\documents and settings\jordan\application data\adobe\acrobat\7.0\messages\enu\read0700win_en uadbe0700.pdf]
8:11 PM: Warning: AntiVirus engine returned [File Encrypted] on [c:\documents and settings\frenzel\my documents\winzip80.exe]
8:09 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\documents and settings\frenzel\local settings\application data\microsoft\windows\usrclass.dat.log]
8:09 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\documents and settings\frenzel\ntuser.dat.log]
8:09 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat]
8:09 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat.log]
8:09 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\documents and settings\localservice\ntuser.dat.log]
8:08 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat.log]
8:08 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat]
8:08 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\documents and settings\networkservice\ntuser.dat.log]
8:05 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\windows\softwaredistribution\eventcache\{f2e40b 36-804e-435f-a20f-790c430e4154}.bin]
8:05 PM: Warning: Failed to open file "c:\documents and settings\frenzel\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process
8:05 PM: Warning: Failed to open file "c:\documents and settings\frenzel\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process
8:05 PM: Warning: Failed to open file "c:\documents and settings\frenzel\ntuser.dat.log". The process cannot access the file because it is being used by another process
8:05 PM: Warning: Failed to open file "c:\documents and settings\frenzel\ntuser.dat". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\localservice\ntuser.dat.log". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\localservice\ntuser.dat". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\networkservice\application data\webroot\spy sweeper\data\settings.dat". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat.log". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\networkservice\ntuser.dat.log". The process cannot access the file because it is being used by another process
8:04 PM: Warning: Failed to open file "c:\documents and settings\networkservice\ntuser.dat". The process cannot access the file because it is being used by another process
8:03 PM: Warning: AntiVirus engine returned [File Corrupted] on [c:\windows\installer\c449e96.msi]
8:01 PM: Warning: Failed to open file "c:\windows\softwaredistribution\datastore\logs\ed b.log". The process cannot access the file because it is being used by another process
8:01 PM: Warning: Failed to open file "c:\windows\softwaredistribution\datastore\logs\tm p.edb". The process cannot access the file because it is being used by another process
8:01 PM: Warning: Failed to open file "c:\windows\softwaredistribution\datastore\datasto re.edb". The process cannot access the file because it is being used by another process
8:01 PM: Warning: Failed to open file "c:\windows\softwaredistribution\eventcache\{f2e40 b36-804e-435f-a20f-790c430e4154}.bin". The process cannot access the file because it is being used by another process
7:53 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\windows\system32\config\default.log]
7:53 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\windows\system32\config\software.log]
7:53 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\windows\system32\config\system.log]
7:53 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\windows\system32\config\security.log]
7:53 PM: Warning: AntiVirus engine returned [Error Code 8000FFFF] on [c:\windows\system32\config\sam.log]
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\sam". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\system". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\software". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\security". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\default". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\security.log". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\sam.log". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\default.log". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\software.log". The process cannot access the file because it is being used by another process
7:50 PM: Warning: Failed to open file "c:\windows\system32\config\system.log". The process cannot access the file because it is being used by another process
7:35 PM: Warning: AntiVirus engine returned [Access Denied] on [c:\pagefile.sys]
7:35 PM: Warning: Failed to open file "c:\pagefile.sys". Access is denied
7:35 PM: Warning: AntiVirus engine returned [Access Denied] on [c:\hiberfil.sys]
7:35 PM: Warning: Failed to open file "c:\hiberfil.sys". Access is denied
7:35 PM: Starting File Sweep
7:35 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
7:35 PM: Starting Cookie Sweep
7:35 PM: Registry Sweep Complete, Elapsed Time:00:00:38
7:34 PM: Starting Registry Sweep
7:34 PM: Memory Sweep Complete, Elapsed Time: 00:05:13
7:29 PM: Starting Memory Sweep
7:29 PM: Start Custom Sweep
7:29 PM: Sweep initiated using definitions version 821
7:29 PM: Spy Sweeper 5.2.3.2132 started
7:29 PM: | Start of Session, Dec 13, 2006 |
********
7:29 PM: | End of Session, Dec 13, 2006 |
7:28 PM: The Internet Communication shield has blocked access to: PIXEL.NETSTER.COM
7:28 PM: The Internet Communication shield has blocked access to: PIXEL.NETSTER.COM
Operation: Terminate
Target: C:\Webroot\SpySweeperUI.exe
Source: C:\WINDOWS\System32\csrss.exe
6:40 PM: Tamper Detection
Keylogger: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: On
5:52 PM: Shield States
5:52 PM: Informational: Loaded AntiVirus Engine: 2.39.2; SDK Version: 4.11; Virus Definitions: 12/13/2006 2:59:52 PM (GMT)
5:51 PM: Warning: Unable to remove cookie c:\documents and settings\jordan\cookies\jordan@questionmarket[2].txt
Keylogger: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: On
5:51 PM: Shield States
5:07 PM: Warning: A required privilege is not held by the client
Keylogger: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: On
5:07 PM: Shield States
5:07 PM: Spyware Definitions: 820
5:07 PM: Informational: Loaded AntiVirus Engine: 2.39.2; SDK Version: 4.11; Virus Definitions: 12/13/2006 1:24:56 PM (GMT)
5:06 PM: Spy Sweeper 5.2.3.2132 started
Operation: File Access
Target:
Source: C:\PROGRAM FILES\CLEANUP!\CLEANUP.EXE
4:51 PM: Tamper Detection
1:29 PM: Warning: A required privilege is not held by the client
8:18 AM: Your virus definitions have been updated.
8:18 AM: Informational: Loaded AntiVirus Engine: 2.39.2; SDK Version: 4.11; Virus Definitions: 12/13/2006 1:24:56 PM (GMT)
8:17 AM: Your spyware definitions have been updated.
8:16 AM: Warning: A required privilege is not held by the client
8:16 AM: Automated check for program update in progress.
Keylogger: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: On
8:15 AM: Shield States
8:15 AM: Spyware Definitions: 819
8:15 AM: Informational: Loaded AntiVirus Engine: 2.39.2; SDK Version: 4.11; Virus Definitions: 12/11/2006 11:55:22 PM (GMT)
8:14 AM: Spy Sweeper 5.2.3.2132 started
6:36 AM: IE Tracking Cookies Shield: Removed webtrends cookie
6:36 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:31 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:31 AM: IE Tracking Cookies Shield: Removed atlas dmt cookie
12:25 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:24 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:23 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:23 AM: IE Tracking Cookies Shield: Removed atlas dmt cookie
12:23 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:21 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:21 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:20 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:17 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:17 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:17 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:14 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:13 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:11 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:08 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:05 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:04 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:03 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:02 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:01 AM: IE Tracking Cookies Shield: Removed webtrends cookie
12:01 AM: IE Tracking Cookies Shield: Removed webtrends cookie
11:59 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:59 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:59 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:57 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:57 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:57 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:57 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:57 PM: IE Tracking Cookies Shield: Removed atlas dmt cookie
11:56 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:56 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:56 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:55 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:55 PM: IE Tracking Cookies Shield: Removed atlas dmt cookie
11:55 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:54 PM: IE Tracking Cookies Shield: Removed webtrends cookie
11:35 PM: Warning: A required privilege is not held by the client
11:35 PM: Warning: A required privilege is not held by the client
Keylogger: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: On
11:34 PM: Shield States
11:34 PM: Spyware Definitions: 819
11:34 PM: Informational: Loaded AntiVirus Engine: 2.39.2; SDK Version: 4.11; Virus Definitions: 12/11/2006 11:55:22 PM (GMT)
11:34 PM: Spy Sweeper 5.2.3.2132 started
10:54 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:53 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:52 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:52 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:48 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:47 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:39 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:38 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:36 PM: IE Tracking Cookies Shield: Removed webtrends cookie
10:36 PM: IE Tracking Cookies Shield: Removed webtrends cookie
8:39 PM: Your virus definitions have been updated.
8:39 PM: Informational: Loaded AntiVirus Engine: 2.39.2; SDK Version: 4.11; Virus Definitions: 12/11/2006 11:55:22 PM (GMT)
8:39 PM: Your spyware definitions have been updated.
8:37 PM: Automated check for program update in progress.
6:00 PM: Warning: A required privilege is not held by the client
Keylogger: On
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: On
5:59 PM: Shield States
5:59 PM: Spyware Definitions: 818
5:59 PM: Informational: Loaded AntiVirus Engine: 2.39.2; SDK Version: 4.11; Virus Definitions: 12/10/2006 2:58:58 PM (GMT)
5:58 PM: Spy Sweeper 5.2.3.2132 started
Operation: File Access
Target:
Source: C:\PROGRAM FILES\CLEANUP!\CLEANUP.EXE
5:39 PM: Tamper Detection
12:53 PM: The Internet Communication shield has blocked access to: SEARCHPORTAL.INFORMATION.COM
12:52 PM: The Internet Communication shield has blocked access to: SEARCHPORTAL.INFORMATION.COM
11:25 AM: IE Tracking Cookies Shield: Removed webtrends cookie
11:25 AM: IE Tracking Cookies Shield: Removed webtrends cookie
11:25 AM: IE Tracking Cookies Shield: Removed webtrends cookie
11:20 AM: IE Tracking Cookies Shield: Removed webtrends cookie
11:19 AM: IE Tracking Cookies Shield: Removed webtrends cookie
9:57 AM: IE Tracking Cookies Shield: Removed webtrends cookie
9:57 AM: IE Tracking Cookies Shield: Removed atlas dmt cookie
4:51 AM: None
4:51 AM: Traces Found: 0
4:51 AM: Scheduled Sweep has completed. Elapsed time 01:50:55
4:50 AM: File Sweep Complete, Elapsed Time: 01:44:40
I will run AVG as soon as hear back from you re: the download.
Thanks a bunch!!!!
CrazyKate
|
PC Help Forum
» Security & Safety
» [Fixed] Hijackthis! Logs
»
[Resolved] HELP Plz!!! Add/Remove Programs
Linear Mode
