Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

new higjackthis thread, Please help, and thanks

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

new higjackthis thread, Please help, and thanks

Unread postby drdgdo » January 3rd, 2008, 8:39 pm

6:04 PM: Traces Found: 78
6:04 PM: Full Sweep has completed. Elapsed time 00:20:50
6:04 PM: File Sweep Complete, Elapsed Time: 00:16:00
6:02 PM: Warning: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be scanned.
6:01 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms7cf217c5-7ea7-4e46-bd96-1386764ae5ee.tmp". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsb6405f64-995a-40f2-9ff0-08314fedfa0d.tmp". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsf93389a1-bb7c-49e2-a90f-ba1465853fc2.tmp". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms7552cd07-667a-4860-ad8d-317a5464f446.tmp". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsa774c1f9-9c0a-47a3-bfd8-6613416b6e86.tmp". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsb51e9794-5e23-477e-9809-6c1c8cf61521.tmp". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsb97a76f9-55ae-4533-8e76-d6471d93a06e.tmp". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsa969bf9c-387f-4c0e-a48b-e4ffe4ef9651.tmp". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\windows\temp\_avast4_\webshlock.txt". The operation completed successfully
6:01 PM: Warning: Failed to open file "c:\documents and settings\the grounds\cookies\the_grounds@www.yahoo[1].txt". The operation completed successfully
5:51 PM: ApplicationMinimized - EXIT
5:51 PM: ApplicationMinimized - ENTER
5:48 PM: Starting File Sweep
5:48 PM: Cookie Sweep Complete, Elapsed Time: 00:00:10
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@yadro[1].txt (ID = 3743)
5:48 PM: Found Spy Cookie: yadro cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@www.screensavers[1].txt (ID = 3298)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@www.pricegrabber[1].txt (ID = 3186)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@www.burstnet[1].txt (ID = 2337)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@www.burstbeacon[1].txt (ID = 2335)
5:48 PM: Found Spy Cookie: burstbeacon cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@ugo[1].txt (ID = 3608)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@tv.disney.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@try.starware[1].txt (ID = 3442)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@try.screensavers[1].txt (ID = 3298)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@tribalfusion[1].txt (ID = 3589)
5:48 PM: Found Spy Cookie: tribalfusion cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@toplist[1].txt (ID = 3557)
5:48 PM: Found Spy Cookie: toplist cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@tampa.about[1].txt (ID = 2038)
5:48 PM: Warning: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned.
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@sex[2].txt (ID = 3347)
5:48 PM: Found Spy Cookie: sex cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@screensavers[2].txt (ID = 3297)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@runeshop2.tripod[2].txt (ID = 3592)
5:48 PM: Found Spy Cookie: tripod cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@questionmarket[2].txt (ID = 3217)
5:48 PM: Found Spy Cookie: questionmarket cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@pricegrabber[2].txt (ID = 3185)
5:48 PM: Found Spy Cookie: pricegrabber cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@overture[1].txt (ID = 3105)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@nextag[1].txt (ID = 5014)
5:48 PM: Found Spy Cookie: nextag cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@network.aptimus[1].txt (ID = 2235)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@mediaplex[1].txt (ID = 6442)
5:48 PM: Found Spy Cookie: mediaplex cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@media.adrevolver[1].txt (ID = 2089)
5:48 PM: Found Spy Cookie: adrevolver cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@kinghost[2].txt (ID = 2903)
5:48 PM: Found Spy Cookie: kinghost cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@i.screensavers[2].txt (ID = 3298)
5:48 PM: Found Spy Cookie: screensavers.com cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@howstuffworks[1].txt (ID = 2805)
5:48 PM: Found Spy Cookie: howstuffworks cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@home.disney.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@h.starware[1].txt (ID = 3442)
5:48 PM: Found Spy Cookie: starware.com cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@go[1].txt (ID = 2728)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@goflorida.about[1].txt (ID = 2038)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@espn.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@enhance[1].txt (ID = 2613)
5:48 PM: Found Spy Cookie: enhance cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@disneymusic.disney.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@disney.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@data.coremetrics[1].txt (ID = 2472)
5:48 PM: Found Spy Cookie: coremetrics cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@cz4.clickzs[2].txt (ID = 2413)
5:48 PM: Found Spy Cookie: clickzs cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@chronicfatigue.about[1].txt (ID = 2038)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@cheats.ugo[1].txt (ID = 3609)
5:48 PM: Found Spy Cookie: ugo cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@casalemedia[1].txt (ID = 2354)
5:48 PM: Found Spy Cookie: casalemedia cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@burstnet[1].txt (ID = 2336)
5:48 PM: Found Spy Cookie: burstnet cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@atwola[2].txt (ID = 2255)
5:48 PM: Found Spy Cookie: atwola cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@atdmt[2].txt (ID = 2253)
5:48 PM: Found Spy Cookie: atlas dmt cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@aptimus[2].txt (ID = 2233)
5:48 PM: Found Spy Cookie: aptimus cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@anat.tacoda[2].txt (ID = 6445)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@anad.tacoda[1].txt (ID = 6445)
5:48 PM: Found Spy Cookie: tacoda cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@advertising[2].txt (ID = 2175)
5:48 PM: Found Spy Cookie: advertising cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@ads.stileproject[1].txt (ID = 2127)
5:48 PM: Found Spy Cookie: ads.stileproject cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@ads.pointroll[1].txt (ID = 3148)
5:48 PM: Found Spy Cookie: pointroll cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@adopt.specificclick[2].txt (ID = 3400)
5:48 PM: Found Spy Cookie: specificclick.com cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@add.about[2].txt (ID = 2038)
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@ad.yieldmanager[2].txt (ID = 3751)
5:48 PM: Found Spy Cookie: yieldmanager cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@a.websponsors[2].txt (ID = 3665)
5:48 PM: Found Spy Cookie: websponsors cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the_grounds@2o7[2].txt (ID = 1957)
5:48 PM: Found Spy Cookie: 2o7.net cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@xiti[1].txt (ID = 3717)
5:48 PM: Found Spy Cookie: xiti cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@www.myaffiliateprogram[1].txt (ID = 3032)
5:48 PM: Found Spy Cookie: myaffiliateprogram.com cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@tvguide[1].txt (ID = 3599)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@sports.espn.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@southernfood.about[1].txt (ID = 2038)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@search.disney.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@sdc.tvguide[1].txt (ID = 3600)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@rsi.tvguide[1].txt (ID = 3600)
5:48 PM: Found Spy Cookie: tvguide cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@rsi.espn.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@rsi.abc.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@jobsearch.about[2].txt (ID = 2038)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@ic-live[1].txt (ID = 2821)
5:48 PM: Found Spy Cookie: ic-live cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@homestore[2].txt (ID = 2793)
5:48 PM: Found Spy Cookie: homestore cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@did-it[2].txt (ID = 2523)
5:48 PM: Found Spy Cookie: did-it cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@data3.perf.overture[1].txt (ID = 3106)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@data1.perf.overture[1].txt (ID = 3106)
5:48 PM: Found Spy Cookie: overture cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@ct.360i[2].txt (ID = 1962)
5:48 PM: Found Spy Cookie: 360i cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@corporate.disney.go[1].txt (ID = 2729)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@chinesefood.about[1].txt (ID = 2038)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@cellphones.about[1].txt (ID = 2038)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@cb.adprofile[1].txt (ID = 2085)
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@benefits.military[1].txt (ID = 2997)
5:48 PM: Found Spy Cookie: military cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@belnk[1].txt (ID = 2292)
5:48 PM: Found Spy Cookie: belnk cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@animatedtv.about[1].txt (ID = 2038)
5:48 PM: Found Spy Cookie: about cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@adprofile[1].txt (ID = 2084)
5:48 PM: Found Spy Cookie: adprofile cookie
5:48 PM: c:\documents and settings\the grounds\cookies\the grounds@abc.go[2].txt (ID = 2729)
5:48 PM: Found Spy Cookie: go.com cookie
5:48 PM: Starting Cookie Sweep
5:48 PM: Registry Sweep Complete, Elapsed Time:00:00:13
5:48 PM: Starting Registry Sweep
5:48 PM: Memory Sweep Complete, Elapsed Time: 00:04:17
5:44 PM: Starting Memory Sweep
5:44 PM: Start Full Sweep
5:44 PM: Sweep initiated using definitions version 992
Keylogger: Off
E-mail Attachment: On
5:43 PM: Informational: ShieldEmail: Start monitoring port 25 for mail activities
5:43 PM: Informational: ShieldEmail: Start monitoring port 110 for mail activities
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
File System Shield: On
Execution Shield: On
System Services Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
5:43 PM: Shield States
5:43 PM: License Check Status (0): Success
5:43 PM: Spyware Definitions: 992
5:42 PM: Spy Sweeper 5.5.7.103 started
5:42 PM: Spy Sweeper 5.5.7.103 started
5:42 PM: | Start of Session, Thursday, January 03, 2008 |
drdgdo
Active Member
 
Posts: 1
Joined: January 3rd, 2008, 8:20 pm
Advertisement
Register to Remove

Re: new higjackthis thread, Please help, and thanks

Unread postby Shaba » January 5th, 2008, 2:26 pm

Hi drdgdo

Click here to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: new higjackthis thread, Please help, and thanks

Unread postby Shaba » January 12th, 2008, 7:26 am

This topic is now closed due to inactivity. If you wish it to be reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

If it has been 10 days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, this topic will not be reopened. If you still require help, please start a new topic and include a fresh HijackThis log and a link to this thread in your new topic.

You can help support this site from this link :
Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware