Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Hijacked desktop control
   
BullGuard Antivirus Forum > General Security > Spyware > Hijacked desktop control  
Forum Quick Jump
 
New Topic Post reply to : Hijacked desktop control Printable version of : Hijacked desktop control
[ << Previous Thread | Next Thread >> ]

sf1970
New Member


Date Joined Dec 2005
Total Posts : 1
  		   Posted 12-29-2005 10:11 (GMT +1)    Quote: Hijacked desktop controlAlert an admin about: Hijacked desktop control
Hey! I used a fix suggested to graham_bard to "free" my desktop. So far so good - no more bright blue warning screen. Here's the log:
 
********
3:07 PM: |       Start of Session, Thursday, December 29, 2005       |
3:07 PM: Spy Sweeper started
3:07 PM: Sweep initiated using definitions version 592
3:07 PM: Starting Memory Sweep
3:10 PM: Memory Sweep Complete, Elapsed Time: 00:03:22
3:10 PM: Starting Registry Sweep
3:11 PM:   Found Adware: linkmaker
3:11 PM:   HKLM\software\lm\  (5 subtraces) (ID = 129744)
3:11 PM:   Found Adware: screensavers
3:11 PM:   HKCR\clsid\{722d2939-a14a-41a9-9eac-ab8f4e295819}\  (14 subtraces) (ID = 140550)
3:11 PM:   HKCR\clsid\{88d758a3-d33b-45fd-91e3-67749b4057fa}\  (14 subtraces) (ID = 140551)
3:11 PM:   HKCR\interface\{760aca60-79c3-4875-9d19-b14a5b3fea77}\  (8 subtraces) (ID = 140552)
3:11 PM:   HKCR\interface\{883ea659-ed80-46f9-9ed2-83327f67789f}\  (8 subtraces) (ID = 140553)
3:11 PM:   HKCR\interface\{b64c73d7-459e-4816-91f9-1348f8e36984}\  (8 subtraces) (ID = 140554)
3:11 PM:   HKLM\software\classes\clsid\{722d2939-a14a-41a9-9eac-ab8f4e295819}\  (14 subtraces) (ID = 140555)
3:11 PM:   HKLM\software\classes\clsid\{88d758a3-d33b-45fd-91e3-67749b4057fa}\  (14 subtraces) (ID = 140556)
3:11 PM:   HKLM\software\classes\interface\{760aca60-79c3-4875-9d19-b14a5b3fea77}\  (8 subtraces) (ID = 140557)
3:11 PM:   HKLM\software\classes\interface\{883ea659-ed80-46f9-9ed2-83327f67789f}\  (8 subtraces) (ID = 140558)
3:11 PM:   HKLM\software\classes\interface\{b64c73d7-459e-4816-91f9-1348f8e36984}\  (8 subtraces) (ID = 140559)
3:11 PM:   HKLM\software\classes\screensaversinstaller.installer.1\  (3 subtraces) (ID = 140560)
3:11 PM:   HKLM\software\classes\screensaversinstaller.installer\  (5 subtraces) (ID = 140561)
3:11 PM:   HKLM\software\classes\screensaversinstaller.sinstaller.1\  (3 subtraces) (ID = 140562)
3:11 PM:   HKLM\software\classes\screensaversinstaller.sinstaller.1\clsid\  (1 subtraces) (ID = 140563)
3:11 PM:   HKLM\software\classes\screensaversinstaller.sinstaller\  (5 subtraces) (ID = 140564)
3:11 PM:   HKLM\software\classes\typelib\{0ab5b0d8-2b74-4c1c-8fa4-e52550b8b45b}\  (9 subtraces) (ID = 140565)
3:11 PM:   HKLM\software\microsoft\windows\currentversion\uninstall\screensaversinstaller\  (2 subtraces) (ID = 140568)
3:11 PM:   HKLM\software\screensavers.com\  (14 subtraces) (ID = 140569)
3:11 PM:   HKCR\screensaversinstaller.installer.1\  (3 subtraces) (ID = 140570)
3:11 PM:   HKCR\screensaversinstaller.installer\  (5 subtraces) (ID = 140571)
3:11 PM:   HKCR\screensaversinstaller.sinstaller.1\  (3 subtraces) (ID = 140572)
3:11 PM:   HKCR\screensaversinstaller.sinstaller.1\clsid\  (1 subtraces) (ID = 140573)
3:11 PM:   HKCR\screensaversinstaller.sinstaller\  (5 subtraces) (ID = 140574)
3:11 PM:   HKCR\typelib\{0ab5b0d8-2b74-4c1c-8fa4-e52550b8b45b}\  (9 subtraces) (ID = 140575)
3:11 PM:   Found Adware: starware toolbar
3:11 PM:   HKCR\clsid\{2d51d869-c36b-42bd-ae68-0a81bc771fa5}\  (6 subtraces) (ID = 142841)
3:11 PM:   HKCR\clsid\{7bed0340-176b-44bc-915e-c21c1dd6f617}\  (6 subtraces) (ID = 142842)
3:11 PM:   HKCR\clsid\{ca356d79-679b-4b4c-8e49-5af97014f4c1}\  (4 subtraces) (ID = 142844)
3:11 PM:   HKCR\clsid\{d49e9d35-254c-4c6a-9d17-95018d228ff5}\  (4 subtraces) (ID = 142845)
3:11 PM:   HKLM\software\classes\clsid\{2d51d869-c36b-42bd-ae68-0a81bc771fa5}\  (6 subtraces) (ID = 142849)
3:11 PM:   HKLM\software\classes\clsid\{7bed0340-176b-44bc-915e-c21c1dd6f617}\  (6 subtraces) (ID = 142850)
3:11 PM:   HKLM\software\classes\clsid\{ca356d79-679b-4b4c-8e49-5af97014f4c1}\  (4 subtraces) (ID = 142852)
3:11 PM:   HKLM\software\classes\clsid\{d49e9d35-254c-4c6a-9d17-95018d228ff5}\  (4 subtraces) (ID = 142853)
3:11 PM:   HKLM\software\microsoft\internet explorer\toolbar\ || {d49e9d35-254c-4c6a-9d17-95018d228ff5} (ID = 142858)
3:11 PM:   HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{ca356d79-679b-4b4c-8e49-5af97014f4c1}\ (ID = 142863)
3:11 PM:   HKLM\software\microsoft\windows\currentversion\uninstall\starware\  (3 subtraces) (ID = 142865)
3:11 PM:   Found Adware: starware.com hijack
3:11 PM:   HKLM\software\microsoft\internet explorer\search\ || searchassistant (ID = 142868)
3:11 PM:   Found Adware: accoona toolbar
3:11 PM:   HKCR\asearchassist.adefaultsearch\  (5 subtraces) (ID = 520489)
3:11 PM:   HKCR\clsid\{944864a5-3916-46e2-96a9-a2e84f3f1208}\  (11 subtraces) (ID = 520510)
3:11 PM:   HKCR\typelib\{ea3956d2-ec38-41ab-b601-47aa281e4952}\  (9 subtraces) (ID = 520538)
3:11 PM:   HKLM\software\accoona\ (ID = 520615)
3:11 PM:   HKLM\software\classes\asearchassist.adefaultsearch\  (5 subtraces) (ID = 520749)
3:11 PM:   HKLM\software\classes\asearchassist.adefaultsearch.1\  (3 subtraces) (ID = 520755)
3:11 PM:   Found Adware: whenu save
3:11 PM:   HKCR\appid\acm.dll\  (1 subtraces) (ID = 773960)
3:11 PM:   HKCR\appid\{127df9b4-d75d-44a6-af78-8c3a8ceb03db}\  (1 subtraces) (ID = 773962)
3:11 PM:   HKLM\software\classes\appid\acm.dll\  (1 subtraces) (ID = 773974)
3:11 PM:   HKLM\software\classes\appid\{127df9b4-d75d-44a6-af78-8c3a8ceb03db}\  (1 subtraces) (ID = 773976)
3:11 PM:   HKCR\asearchassist.adefaultsearch.1\  (3 subtraces) (ID = 954985)
3:11 PM:   HKCR\clsid\{f80c1d93-0d22-436e-963e-9d3156997a4e}\  (4 subtraces) (ID = 954998)
3:11 PM:   HKLM\software\classes\clsid\{944864a5-3916-46e2-96a9-a2e84f3f1208}\  (11 subtraces) (ID = 955049)
3:11 PM:   HKLM\software\classes\clsid\{f80c1d93-0d22-436e-963e-9d3156997a4e}\  (4 subtraces) (ID = 955055)
3:11 PM:   HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{944864a5-3916-46e2-96a9-a2e84f3f1208}\  (1 subtraces) (ID = 955071)
3:11 PM:   HKLM\software\classes\typelib\{ea3956d2-ec38-41ab-b601-47aa281e4952}\  (9 subtraces) (ID = 955503)
3:11 PM:   HKU\S-1-5-21-1957994488-1659004503-725345543-1003\software\microsoft\internet explorer\toolbar\webbrowser\ || {2d51d869-c36b-42bd-ae68-0a81bc771fa5} (ID = 142860)
3:11 PM:   HKU\S-1-5-21-1957994488-1659004503-725345543-1003\software\microsoft\internet explorer\toolbar\webbrowser\ || {d49e9d35-254c-4c6a-9d17-95018d228ff5} (ID = 142862)
3:11 PM:   HKU\S-1-5-21-1957994488-1659004503-725345543-1003\software\starware\  (18 subtraces) (ID = 142866)
3:11 PM:   Found Adware: spysheriff
3:11 PM:   HKU\S-1-5-21-1957994488-1659004503-725345543-1003\software\sno2\ (ID = 782236)
3:11 PM:   Found Adware: webrebates
3:11 PM:   HKU\S-1-5-21-1957994488-1659004503-725345543-1003\software\microsoft\internet explorer\menuext\web rebates.\  (2 subtraces) (ID = 866137)
3:11 PM:   HKU\S-1-5-21-1957994488-1659004503-725345543-1003\software\microsoft\internet explorer\urlsearchhooks\{944864a5-3916-46e2-96a9-a2e84f3f1208}\ (ID = 955003)
3:11 PM:   HKU\S-1-5-21-1957994488-1659004503-725345543-1003\software\microsoft\internet explorer\searchurl\ (ID = 1061688)
3:11 PM: Registry Sweep Complete, Elapsed Time:00:00:29
3:11 PM: Starting Cookie Sweep
3:11 PM:   Found Spy Cookie: 2o7.net cookie
3:11 PM:   owner@112.2o7[2].txt (ID = 1958)
3:11 PM:   Found Spy Cookie: 247realmedia cookie
3:11 PM:   owner@247realmedia[2].txt (ID = 1953)
3:11 PM:   owner@2o7[1].txt (ID = 1957)
3:11 PM:   Found Spy Cookie: websponsors cookie
3:11 PM:   owner@a.websponsors[2].txt (ID = 3665)
3:11 PM:   Found Spy Cookie: go.com cookie
3:11 PM:   owner@abc.go[2].txt (ID = 2729)
3:11 PM:   Found Spy Cookie: about cookie
3:11 PM:   owner@about[1].txt (ID = 2037)
3:11 PM:   Found Spy Cookie: accoona cookie
3:11 PM:   owner@accoona[1].txt (ID = 2041)
3:11 PM:   Found Spy Cookie: yieldmanager cookie
3:11 PM:   owner@ad.yieldmanager[2].txt (ID = 3751)
3:11 PM:   Found Spy Cookie: adknowledge cookie
3:11 PM:   owner@adknowledge[1].txt (ID = 2072)
3:11 PM:   Found Spy Cookie: specificclick.com cookie
3:11 PM:   owner@adopt.specificclick[2].txt (ID = 3400)
3:11 PM:   Found Spy Cookie: adrevolver cookie
3:11 PM:   owner@adrevolver[1].txt (ID = 2088)
3:11 PM:   owner@adrevolver[3].txt (ID = 2088)
3:11 PM:   Found Spy Cookie: addynamix cookie
3:11 PM:   owner@ads.addynamix[1].txt (ID = 2062)
3:11 PM:   Found Spy Cookie: ads.adsag cookie
3:11 PM:   owner@ads.adsag[2].txt (ID = 2108)
3:11 PM:   Found Spy Cookie: belointeractive cookie
3:11 PM:   owner@ads.belointeractive[1].txt (ID = 2295)
3:11 PM:   Found Spy Cookie: ads.businessweek cookie
3:11 PM:   owner@ads.businessweek[1].txt (ID = 2113)
3:11 PM:   Found Spy Cookie: fortunecity cookie
3:11 PM:   owner@ads.fortunecity[1].txt (ID = 2687)
3:11 PM:   Found Spy Cookie: pointroll cookie
3:11 PM:   owner@ads.pointroll[2].txt (ID = 3148)
3:11 PM:   Found Spy Cookie: specificpop cookie
3:11 PM:   owner@ads.specificpop[1].txt (ID = 3402)
3:11 PM:   Found Spy Cookie: starpulse cookie
3:11 PM:   owner@ads.starpulse[1].txt (ID = 3440)
3:11 PM:   Found Spy Cookie: x10 cookie
3:11 PM:   owner@ads.x10[2].txt (ID = 3712)
3:11 PM:   Found Spy Cookie: adserver.trb cookie
3:11 PM:   owner@adserver.trb[1].txt (ID = 2147)
3:11 PM:   Found Spy Cookie: adserver cookie
3:11 PM:   owner@adserver[1].txt (ID = 2141)
3:11 PM:   Found Spy Cookie: advertising cookie
3:11 PM:   owner@advertising[2].txt (ID = 2175)
3:11 PM:   Found Spy Cookie: falkag cookie
3:11 PM:   owner@as-us.falkag[2].txt (ID = 2650)
3:11 PM:   Found Spy Cookie: ask cookie
3:11 PM:   owner@ask[1].txt (ID = 2245)
3:11 PM:   Found Spy Cookie: atlas dmt cookie
3:11 PM:   owner@atdmt[2].txt (ID = 2253)
3:11 PM:   Found Spy Cookie: belnk cookie
3:11 PM:   owner@ath.belnk[1].txt (ID = 2293)
3:11 PM:   Found Spy Cookie: atwola cookie
3:11 PM:   owner@atwola[2].txt (ID = 2255)
3:11 PM:   Found Spy Cookie: bannerspace cookie
3:11 PM:   owner@bannerspace[2].txt (ID = 2284)
3:11 PM:   owner@belnk[1].txt (ID = 2292)
3:11 PM:   owner@belointeractive[1].txt (ID = 2294)
3:11 PM:   Found Spy Cookie: bizrate cookie
3:11 PM:   owner@bizrate[1].txt (ID = 2308)
3:11 PM:   Found Spy Cookie: bluemountain cookie
3:11 PM:   owner@bluemountain[1].txt (ID = 2312)
3:11 PM:   Found Spy Cookie: bluestreak cookie
3:11 PM:   owner@bluestreak[2].txt (ID = 2314)
3:11 PM:   Found Spy Cookie: bravenet cookie
3:11 PM:   owner@bravenet[1].txt (ID = 2322)
3:11 PM:   Found Spy Cookie: bs.serving-sys cookie
3:11 PM:   owner@bs.serving-sys[2].txt (ID = 2330)
3:11 PM:   Found Spy Cookie: burstnet cookie
3:11 PM:   owner@burstnet[2].txt (ID = 2336)
3:11 PM:   Found Spy Cookie: zedo cookie
3:11 PM:   owner@c5.zedo[1].txt (ID = 3763)
3:11 PM:   owner@cartoonnetwork.122.2o7[1].txt (ID = 1958)
3:11 PM:   Found Spy Cookie: casalemedia cookie
3:11 PM:   owner@casalemedia[1].txt (ID = 2354)
3:11 PM:   owner@cbs.112.2o7[1].txt (ID = 1958)
3:11 PM:   Found Spy Cookie: centrport net cookie
3:11 PM:   owner@centrport[1].txt (ID = 2374)
3:11 PM:   Found Spy Cookie: classmates cookie
3:11 PM:   owner@classmates[2].txt (ID = 2384)
3:11 PM:   Found Spy Cookie: clickagents cookie
3:11 PM:   owner@clickagents[1].txt (ID = 2394)
3:11 PM:   owner@cnn.122.2o7[1].txt (ID = 1958)
3:11 PM:   owner@compactiongames.about[2].txt (ID = 2038)
3:11 PM:   Found Spy Cookie: hitslink cookie
3:11 PM:   owner@counter.hitslink[2].txt (ID = 2790)
3:11 PM:   Found Spy Cookie: 360i cookie
3:11 PM:   owner@ct.360i[2].txt (ID = 1962)
3:11 PM:   Found Spy Cookie: clickzs cookie
3:11 PM:   owner@cz7.clickzs[1].txt (ID = 2413)
3:11 PM:   Found Spy Cookie: coremetrics cookie
3:11 PM:   owner@data.coremetrics[1].txt (ID = 2472)
3:11 PM:   Found Spy Cookie: overture cookie
3:11 PM:   owner@data2.perf.overture[2].txt (ID = 3106)
3:11 PM:   Found Spy Cookie: dbbsrv cookie
3:11 PM:   owner@dbbsrv[1].txt (ID = 2499)
3:11 PM:   Found Spy Cookie: webtrendslive cookie
3:11 PM:   owner@dcs8ir0f010000oyioyaka1kl_8j7n[2].txt (ID = 3673)
3:11 PM:   owner@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt (ID = 3674)
3:11 PM:   Found Spy Cookie: dealtime cookie
3:11 PM:   owner@dealtime[2].txt (ID = 2505)
3:11 PM:   owner@dist.belnk[1].txt (ID = 2293)
3:11 PM:   Found Spy Cookie: ru4 cookie
3:11 PM:   owner@edge.ru4[2].txt (ID = 3269)
3:11 PM:   owner@espn.go[1].txt (ID = 2729)
3:11 PM:   owner@fashion.about[1].txt (ID = 2038)
3:11 PM:   Found Spy Cookie: fastclick cookie
3:11 PM:   owner@fastclick[1].txt (ID = 2651)
3:11 PM:   Found Spy Cookie: findwhat cookie
3:11 PM:   owner@findwhat[1].txt (ID = 2674)
3:11 PM:   owner@fortunecity[1].txt (ID = 2686)
3:11 PM:   Found Spy Cookie: gamespy cookie
3:11 PM:   owner@gamespy[1].txt (ID = 2719)
3:11 PM:   Found Spy Cookie: go2net.com cookie
3:11 PM:   owner@go2net[1].txt (ID = 2730)
3:11 PM:   owner@go[1].txt (ID = 2728)
3:11 PM:   owner@homepage.belointeractive[1].txt (ID = 2295)
3:11 PM:   Found Spy Cookie: homestore cookie
3:11 PM:   owner@homestore[1].txt (ID = 2793)
3:11 PM:   Found Spy Cookie: hotlog cookie
3:11 PM:   owner@hotlog[1].txt (ID = 2801)
3:11 PM:   Found Spy Cookie: screensavers.com cookie
3:11 PM:   owner@i.screensavers[2].txt (ID = 3298)
3:11 PM:   Found Spy Cookie: ic-live cookie
3:11 PM:   owner@ic-live[1].txt (ID = 2821)
3:11 PM:   Found Spy Cookie: infospace cookie
3:11 PM:   owner@infospace[2].txt (ID = 2865)
3:11 PM:   owner@!!!elry.about[1].txt (ID = 2038)
3:11 PM:   Found Spy Cookie: l2m.net cookie
3:11 PM:   owner@l2m[1].txt (ID = 2913)
3:11 PM:   Found Spy Cookie: maxserving cookie
3:11 PM:   owner@maxserving[1].txt (ID = 2966)
3:11 PM:   owner@media.fastclick[1].txt (ID = 2652)
3:11 PM:   Found Spy Cookie: metareward.com cookie
3:11 PM:   owner@metareward[1].txt (ID = 2990)
3:11 PM:   owner@microsofteup.112.2o7[1].txt (ID = 1958)
3:11 PM:   Found Spy Cookie: military cookie
3:11 PM:   owner@military[1].txt (ID = 2996)
3:11 PM:   Found Spy Cookie: touchclarity cookie
3:11 PM:   owner@msn.touchclarity[1].txt (ID = 3566)
3:11 PM:   owner@msnportal.112.2o7[1].txt (ID = 1958)
3:11 PM:   Found Spy Cookie: nextag cookie
3:11 PM:   owner@nextag[2].txt (ID = 5014)
3:11 PM:   Found Spy Cookie: one-time-offer cookie
3:11 PM:   owner@one-time-offer[2].txt (ID = 3095)
3:11 PM:   owner@overture[1].txt (ID = 3105)
3:11 PM:   Found Spy Cookie: peel network cookie
3:11 PM:   owner@peel[1].txt (ID = 3127)
3:11 PM:   owner@perf.overture[1].txt (ID = 3106)
3:11 PM:   Found Spy Cookie: pro-market cookie
3:11 PM:   owner@pro-market[1].txt (ID = 3197)
3:11 PM:   owner@proxy.espn.go[1].txt (ID = 2729)
3:11 PM:   Found Spy Cookie: pub cookie
3:11 PM:   owner@pub[2].txt (ID = 3205)
3:11 PM:   Found Spy Cookie: questionmarket cookie
3:11 PM:   owner@questionmarket[2].txt (ID = 3217)
3:11 PM:   Found Spy Cookie: rc cookie
3:11 PM:   owner@rc[1].txt (ID = 3231)
3:11 PM:   Found Spy Cookie: realmedia cookie
3:11 PM:   owner@realmedia[1].txt (ID = 3235)
3:11 PM:   Found Spy Cookie: reunion cookie
3:11 PM:   owner@reunion[1].txt (ID = 3255)
3:11 PM:   Found Spy Cookie: rightmedia cookie
3:11 PM:   owner@rightmedia[2].txt (ID = 3259)
3:11 PM:   owner@rsi.abc.go[1].txt (ID = 2729)
3:11 PM:   owner@rsi.espn.go[1].txt (ID = 2729)
3:11 PM:   owner@screensavers[1].txt (ID = 3297)
3:11 PM:   owner@search.espn.go[1].txt (ID = 2729)
3:11 PM:   Found Spy Cookie: seeq cookie
3:11 PM:   owner@seeq[2].txt (ID = 3331)
3:11 PM:   owner@sel.as-us.falkag[1].txt (ID = 2650)
3:11 PM:   Found Spy Cookie: server.iad.liveperson cookie
3:11 PM:   owner@server.iad.liveperson[1].txt (ID = 3341)
3:11 PM:   Found Spy Cookie: serving-sys cookie
3:11 PM:   owner@serving-sys[1].txt (ID = 3343)
3:11 PM:   Found Spy Cookie: servlet cookie
3:11 PM:   owner@servlet[2].txt (ID = 3345)
3:11 PM:   owner@spanish.about[2].txt (ID = 2038)
3:11 PM:   owner@sports-att.espn.go[1].txt (ID = 2729)
3:11 PM:   owner@sports.espn.go[1].txt (ID = 2729)
3:11 PM:   Found Spy Cookie: starware.com cookie
3:11 PM:   owner@starware[2].txt (ID = 3441)
3:11 PM:   owner@stat.dealtime[2].txt (ID = 2506)
3:11 PM:   Found Spy Cookie: statcounter cookie
3:11 PM:   owner@statcounter[1].txt (ID = 3447)
3:11 PM:   Found Spy Cookie: stats.klsoft.com cookie
3:11 PM:   owner@stats.klsoft[1].txt (ID = 3451)
3:11 PM:   Found Spy Cookie: clicktracks cookie
3:11 PM:   owner@stats3.clicktracks[1].txt (ID = 2407)
3:11 PM:   owner@statse.webtrendslive[2].txt (ID = 3667)
3:11 PM:   owner@test.coremetrics[1].txt (ID = 2472)
3:11 PM:   Found Spy Cookie: tickle cookie
3:11 PM:   owner@tickle[1].txt (ID = 3529)
3:11 PM:   Found Spy Cookie: toprebates.com cookie
3:11 PM:   owner@toprebates[2].txt (ID = 3561)
3:11 PM:   Found Spy Cookie: tracking cookie
3:11 PM:   owner@tracking[2].txt (ID = 3571)
3:11 PM:   Found Spy Cookie: trafficmp cookie
3:11 PM:   owner@trafficmp[2].txt (ID = 3581)
3:11 PM:   Found Spy Cookie: tribalfusion cookie
3:11 PM:   owner@tribalfusion[1].txt (ID = 3589)
3:11 PM:   Found Spy Cookie: tripod cookie
3:11 PM:   owner@tripod[1].txt (ID = 3591)
3:11 PM:   owner@twci.coremetrics[1].txt (ID = 2472)
3:11 PM:   owner@victorian.fortunecity[1].txt (ID = 2687)
3:11 PM:   Found Spy Cookie: webpower cookie
3:11 PM:   owner@webpower[1].txt (ID = 3660)
3:11 PM:   Found Spy Cookie: burstbeacon cookie
3:11 PM:   owner@www.burstbeacon[2].txt (ID = 2335)
3:11 PM:   Found Spy Cookie: myaffiliateprogram.com cookie
3:11 PM:   owner@www.myaffiliateprogram[1].txt (ID = 3032)
3:11 PM:   owner@www.screensavers[1].txt (ID = 3298)
3:11 PM:   owner@www.starpulse[1].txt (ID = 3440)
3:11 PM:   Found Spy Cookie: upspiral cookie
3:11 PM:   owner@www.upspiral[2].txt (ID = 3615)
3:11 PM:   Found Spy Cookie: xiti cookie
3:11 PM:   owner@xiti[1].txt (ID = 3717)
3:11 PM:   owner@z1.adserver[2].txt (ID = 2142)
3:11 PM:   owner@zedo[1].txt (ID = 3762)
3:11 PM: Cookie Sweep Complete, Elapsed Time: 00:00:04
3:11 PM: Starting File Sweep
3:11 PM:   Found Adware: whenu
3:11 PM:   c:\documents and settings\owner\start menu\programs\whenu (3 subtraces) (ID = -2147480383)
3:11 PM:   c:\program files\accoona (2 subtraces) (ID = -2147476360)
3:11 PM:   c:\program files\webrebates4 (55 subtraces) (ID = -2147470148)
3:11 PM:   c:\program files\screensavers.com (11 subtraces) (ID = -2147480365)
3:11 PM:   c:\program files\starware (7 subtraces) (ID = -2147480223)
3:11 PM:   c:\documents and settings\owner\application data\starware (53 subtraces) (ID = -2147480225)
3:11 PM:   c:\documents and settings\all users.windows\application data\starware (39 subtraces) (ID = -2147480224)
3:12 PM:   a0012433.dll (ID = 184243)
3:12 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs9b0afa31-18ae-4a84-98a6-2079feff68f5.tmp". The process cannot access the file because it is being used by another process
3:12 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs5450818e-5cb1-4c5e-9adc-45f5dc677a89.tmp". The process cannot access the file because it is being used by another process
3:12 PM:   screensaversinst.dll (ID = 74752)
3:12 PM:   a0012428.dll (ID = 184244)
3:13 PM:   swpstart.exe (ID = 74759)
3:13 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs76af2286-83ae-438b-97f3-561940f77d29.tmp". The process cannot access the file because it is being used by another process
3:13 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs84512eec-27a3-4eed-a860-ea15ed06b961.tmp". The process cannot access the file because it is being used by another process
3:14 PM:   Found Adware: quicklink search toolbar
3:14 PM:   a0012414.exe (ID = 73428)
3:14 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsd9bc20a8-e8b7-4891-8e12-22ee3ab24901.tmp". The process cannot access the file because it is being used by another process
3:15 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsd5aad91e-b742-4f66-bbdc-7d5b074f6ee5.tmp". The process cannot access the file because it is being used by another process
3:15 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsb27034fc-e287-496a-87ee-198bde24c7a4.tmp". The process cannot access the file because it is being used by another process
3:15 PM:   Found Adware: shopathomeselect
3:15 PM:   intlib.bin (ID = 131688)
3:18 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsc2a78694-c7c8-4f31-9dd1-3c09e50ae867.tmp". The process cannot access the file because it is being used by another process
3:18 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs2d46a279-6874-4f1d-84bb-f40fe932b472.tmp". The process cannot access the file because it is being used by another process
3:18 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsdb44a2a1-d68c-4ab8-9712-281036ad5a67.tmp". The process cannot access the file because it is being used by another process
3:20 PM:   a0012442.exe (ID = 182875)
3:21 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsbee77f3f-9b43-4989-a272-ffd1d3050206.tmp". The process cannot access the file because it is being used by another process
3:21 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsae835ce0-b800-4834-89ca-1fff5c1ca2ad.tmp". The process cannot access the file because it is being used by another process
3:21 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsb7e4945f-9f6e-4dc7-9f33-e1b10dfe97ce.tmp". The process cannot access the file because it is being used by another process
3:22 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscse10c6ac0-3f0d-4ee1-8678-16f59a11316a.tmp". The process cannot access the file because it is being used by another process
3:22 PM:   readme.txt (ID = 119871)
3:22 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsb3a5c7a0-dff6-4689-91fc-da5646221a52.tmp". The process cannot access the file because it is being used by another process
3:23 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs6d917c27-4091-407b-9a9e-e13961bb2667.tmp". The process cannot access the file because it is being used by another process
3:23 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs303b1e9e-2d6c-4440-b923-c4d1448ebd1c.tmp". The process cannot access the file because it is being used by another process
3:28 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs6713e114-98cf-43b1-9fc8-ab206a82ea01.tmp". The process cannot access the file because it is being used by another process
3:28 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsc883f2ef-de9a-4263-87ed-c3aafca08615.tmp". The process cannot access the file because it is being used by another process
3:28 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs5fa03872-7222-494b-ac70-3f6bbc8a9165.tmp". The process cannot access the file because it is being used by another process
3:28 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsf486c680-ec95-4e95-97ce-c666906af369.tmp". The process cannot access the file because it is being used by another process
3:28 PM:   asearchassist.dll (ID = 184243)
3:28 PM:   a0012519.dll (ID = 184243)
3:28 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscscd66eaef-027b-40a0-be0f-b82822c65471.tmp". The process cannot access the file because it is being used by another process
3:29 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs436fdc87-229f-4bf5-bdee-14a418f9700a.tmp". The process cannot access the file because it is being used by another process
3:31 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsf547c047-9112-45ba-ab6b-94a31048771d.tmp". The process cannot access the file because it is being used by another process
3:31 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs427f9415-d0bf-4b21-83f8-7e284bfd8e0f.tmp". The process cannot access the file because it is being used by another process
3:34 PM:   Found Adware: whenu savenow
3:34 PM:   80df2f7a-803f-43f0-874e-1b4dca (ID = 74460)
3:34 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscscb6d5b33-7c0b-432c-851d-25ff9cfb4dd9.tmp". The process cannot access the file because it is being used by another process
3:36 PM:   4b91cef8-9421-4777-8fce-8a4c82 (ID = 182874)
3:37 PM:   secure32.html (ID = 184319)
3:37 PM:   desktop.html (ID = 214323)
3:38 PM:   a0012443.dll (ID = 182873)
3:38 PM:   33d0865f-2b80-4984-9d91-f8586c (ID = 182873)
3:40 PM:   a0012429.exe (ID = 121066)
3:41 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsa1b69de7-6cac-4ff7-9126-dbd66a9fa73d.tmp". The process cannot access the file because it is being used by another process
3:41 PM:   a0012441.exe (ID = 74460)
3:42 PM:   webrebates2.dll (ID = 207056)
3:42 PM:   3f055155-2e3a-4afe-a6ac-e6909b (ID = 182875)
3:43 PM:   secure32.html (ID = 184319)
3:43 PM:   a0012444.exe (ID = 182874)
3:43 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsef08f73a-5e9a-4954-9161-78cfe7c5f795.tmp". The process cannot access the file because it is being used by another process
3:44 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs6b08a287-ce82-4bf6-b2f9-a5b198f75b18.tmp". The process cannot access the file because it is being used by another process
3:44 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs9d4dda96-13b3-419f-ba72-058a3f7b33cd.tmp". The process cannot access the file because it is being used by another process
3:44 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs26c6566f-3358-436f-94ad-2f14987db554.tmp". The process cannot access the file because it is being used by another process
3:44 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs81508747-b237-4a12-b81c-2769ddf52cfc.tmp". The process cannot access the file because it is being used by another process
3:44 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscs4119644b-6dd0-42e5-84c5-64ae09709a78.tmp". The process cannot access the file because it is being used by another process
3:44 PM:   Warning: Failed to open file "c:\documents and settings\localservice.nt authority\application data\webroot\spy sweeper\temp\sscsb10438d1-fbdd-4453-b72b-cce372fa0714.tmp". The process cannot access the file because it is being used by another process
3:48 PM: File Sweep Complete, Elapsed Time: 00:36:13
3:48 PM: Full Sweep has completed.  Elapsed time 00:40:29
3:48 PM: Traces Found: 698
3:54 PM: Removal process initiated
3:55 PM:   Quarantining All Traces: spysheriff
3:55 PM:   Quarantining All Traces: starware toolbar
3:55 PM:   Quarantining All Traces: accoona toolbar
3:55 PM:   Quarantining All Traces: linkmaker
3:55 PM:   Quarantining All Traces: quicklink search toolbar
3:55 PM:   Quarantining All Traces: screensavers
3:55 PM:   Quarantining All Traces: shopathomeselect
3:55 PM:   Quarantining All Traces: starware.com hijack
3:56 PM:   Quarantining All Traces: webrebates
3:56 PM:   Quarantining All Traces: 247realmedia cookie
3:56 PM:   Quarantining All Traces: 2o7.net cookie
3:56 PM:   Quarantining All Traces: 360i cookie
3:56 PM:   Quarantining All Traces: about cookie
3:56 PM:   Quarantining All Traces: accoona cookie
3:56 PM:   Quarantining All Traces: addynamix cookie
3:56 PM:   Quarantining All Traces: adknowledge cookie
3:56 PM:   Quarantining All Traces: adrevolver cookie
3:56 PM:   Quarantining All Traces: ads.adsag cookie
3:56 PM:   Quarantining All Traces: ads.businessweek cookie
3:56 PM:   Quarantining All Traces: adserver cookie
3:56 PM:   Quarantining All Traces: adserver.trb cookie
3:56 PM:   Quarantining All Traces: advertising cookie
3:56 PM:   Quarantining All Traces: ask cookie
3:56 PM:   Quarantining All Traces: atlas dmt cookie
3:56 PM:   Quarantining All Traces: atwola cookie
3:56 PM:   Quarantining All Traces: bannerspace cookie
3:56 PM:   Quarantining All Traces: belnk cookie
3:56 PM:   Quarantining All Traces: belointeractive cookie
3:56 PM:   Quarantining All Traces: bizrate cookie
3:56 PM:   Quarantining All Traces: bluemountain cookie
3:56 PM:   Quarantining All Traces: bluestreak cookie
3:56 PM:   Quarantining All Traces: bravenet cookie
3:56 PM:   Quarantining All Traces: bs.serving-sys cookie
3:56 PM:   Quarantining All Traces: burstbeacon cookie
3:56 PM:   Quarantining All Traces: burstnet cookie
3:56 PM:   Quarantining All Traces: casalemedia cookie
3:56 PM:   Quarantining All Traces: centrport net cookie
3:56 PM:   Quarantining All Traces: classmates cookie
3:56 PM:   Quarantining All Traces: clickagents cookie
3:56 PM:   Quarantining All Traces: clicktracks cookie
3:56 PM:   Quarantining All Traces: clickzs cookie
3:56 PM:   Quarantining All Traces: coremetrics cookie
3:56 PM:   Quarantining All Traces: dbbsrv cookie
3:56 PM:   Quarantining All Traces: dealtime cookie
3:56 PM:   Quarantining All Traces: falkag cookie
3:56 PM:   Quarantining All Traces: fastclick cookie
3:56 PM:   Quarantining All Traces: findwhat cookie
3:56 PM:   Quarantining All Traces: fortunecity cookie
3:56 PM:   Quarantining All Traces: gamespy cookie
3:56 PM:   Quarantining All Traces: go.com cookie
3:56 PM:   Quarantining All Traces: go2net.com cookie
3:56 PM:   Quarantining All Traces: hitslink cookie
3:56 PM:   Quarantining All Traces: homestore cookie
3:56 PM:   Quarantining All Traces: hotlog cookie
3:56 PM:   Quarantining All Traces: ic-live cookie
3:56 PM:   Quarantining All Traces: infospace cookie
3:56 PM:   Quarantining All Traces: l2m.net cookie
3:56 PM:   Quarantining All Traces: maxserving cookie
3:56 PM:   Quarantining All Traces: metareward.com cookie
3:56 PM:   Quarantining All Traces: military cookie
3:56 PM:   Quarantining All Traces: myaffiliateprogram.com cookie
3:56 PM:   Quarantining All Traces: nextag cookie
3:56 PM:   Quarantining All Traces: one-time-offer cookie
3:56 PM:   Quarantining All Traces: overture cookie
3:56 PM:   Quarantining All Traces: peel network cookie
3:56 PM:   Quarantining All Traces: pointroll cookie
3:56 PM:   Quarantining All Traces: pro-market cookie
3:56 PM:   Quarantining All Traces: pub cookie
3:56 PM:   Quarantining All Traces: questionmarket cookie
3:56 PM:   Quarantining All Traces: rc cookie
3:56 PM:   Quarantining All Traces: realmedia cookie
3:56 PM:   Quarantining All Traces: reunion cookie
3:56 PM:   Quarantining All Traces: rightmedia cookie
3:56 PM:   Quarantining All Traces: ru4 cookie
3:56 PM:   Quarantining All Traces: screensavers.com cookie
3:56 PM:   Quarantining All Traces: seeq cookie
3:56 PM:   Quarantining All Traces: server.iad.liveperson cookie
3:56 PM:   Quarantining All Traces: serving-sys cookie
3:56 PM:   Quarantining All Traces: servlet cookie
3:56 PM:   Quarantining All Traces: specificclick.com cookie
3:56 PM:   Quarantining All Traces: specificpop cookie
3:56 PM:   Quarantining All Traces: starpulse cookie
3:56 PM:   Quarantining All Traces: starware.com cookie
3:56 PM:   Quarantining All Traces: statcounter cookie
3:56 PM:   Quarantining All Traces: stats.klsoft.com cookie
3:56 PM:   Quarantining All Traces: tickle cookie
3:56 PM:   Quarantining All Traces: toprebates.com cookie
3:56 PM:   Quarantining All Traces: touchclarity cookie
3:56 PM:   Quarantining All Traces: tracking cookie
3:56 PM:   Quarantining All Traces: trafficmp cookie
3:56 PM:   Quarantining All Traces: tribalfusion cookie
3:56 PM:   Quarantining All Traces: tripod cookie
3:56 PM:   Quarantining All Traces: upspiral cookie
3:56 PM:   Quarantining All Traces: webpower cookie
3:56 PM:   Quarantining All Traces: websponsors cookie
3:56 PM:   Quarantining All Traces: webtrendslive cookie
3:56 PM:   Quarantining All Traces: whenu savenow
3:56 PM:   Quarantining All Traces: whenu save
3:56 PM:   Quarantining All Traces: whenu
3:56 PM:   Quarantining All Traces: x10 cookie
3:56 PM:   Quarantining All Traces: xiti cookie
3:56 PM:   Quarantining All Traces: yieldmanager cookie
3:56 PM:   Quarantining All Traces: zedo cookie
3:58 PM: Removal process completed.  Elapsed time 00:03:20
********
3:04 PM: |       Start of Session, Thursday, December 29, 2005       |
3:04 PM: Spy Sweeper started
3:05 PM: Your spyware definitions have been updated.
3:07 PM: |       End of Session, Thursday, December 29, 2005       |
Back to Top
 
New Topic Post reply to : Hijacked desktop control Printable version of : Hijacked desktop control
 
Forum Information
Currently it is Thursday, December 04, 2008 7:30 PM (GMT +1)
There are a total of 64.631 posts in 15.923 threads.
In the last 3 days there were 21 new threads and 132 reply posts. View Active Threads
Who's Online
This forum has 27354 registered members. Please welcome our newest member, Wello.
45 Guest(s), 2 Registered Member(s) are currently online.  Details
Churrosgomoo, Wello
5 Latest Threads
About a worm "recycled/boot.com" (0)04-12-2008 18:27:11 (Wello)
Vundo. BG & Generic 10.AMUY Trojan Horse...How do I get rid of them? (6)04-12-2008 17:25:37 (arusell)
Used MBAM to remove Virtrigger... But (2)04-12-2008 17:24:19 (Churrosgomoo)
Command Service (10)04-12-2008 17:21:11 (yogendra)
Need for upgrade from Bullguard 6.1 to 8.5 (9)04-12-2008 17:07:16 (Roger May)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard