Resolved Might a virus be responsible for multiple attempts to access a webpage from my PC?

Status
Not open for further replies.
O

ormolu611

Posts: 33   +0
Hello all, I hope I am posting this in the correct area. I have gotten great, top notch help here before from Bobbye, and decided to check in again for a very important question that I have with hopes that someone can help.

A significant portion of my income is from the acceptance of "orders" for property valuations over the internet. These are like informal appraisals that I complete as a real estate agent. I received an email message this morning from the employing company stating that my account has been frozen because I was caught using auto accept software. The thing is, I have done no such thing!

The coordinator told me that there was an attempt to access my account every three minutes from 6:30pm to 8:20pm with 62 failed attempts. My question is this:

What could possibly explain an attempt every 3 minutes to my account with 62 failed attempts? A virus? A hacker?

I am trying to resolve the issue so that I can go back to the coordinator with some useful information to not only exonerate myself, but to get back to work asap! The bottom line is that I have used no auto accept software at all and have attempted no downloads for any such thing. I need to make sure that whatever happened does not happen again. Thanks!
 
The coordinator told me that there was an attempt to access my account every three minutes from 6:30pm to 8:20pm with 62 failed attempts. My question is this:
What could possibly explain an attempt every 3 minutes to my account with 62 failed attempts? A virus? A hacker?
Click to expand...
You should understand that thousands of scan are sent very day looking for unprotected systems. If your system security is good: Current ipdates antivirus program, bi-directional firewall, 2 or more antimalware programs of different types, the access should be prevented.

What could possibly explain an attempt every 3 minutes to my account with 62 failed attempts? A virus? A hacker?
Click to expand...
A few years ago, I once watched as my firewall blocked over 200 attempts to access my computer through one of the music file sharing ports in 10 minutes. (I don't download or do any file sharing). None got through, but that didn't prevent the machine that was trying from sending the scans. Probably some kids looking for free music!

I do not have enough information at this point, to give you any information of what is happening. Scans from the internet to access unprotected system are "normal internet traffic." You coordinator was much too vague> if 62 attempts were made to access and 62 attempts were blocked, then it sounds like your security is doing it's job!

If you'd like me to check the system now, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
=======================================
My Guidelines: please read and follow:
  • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
  • Read my instructions carefully. If you don't understand or have a problem, ask me.
  • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
  • Follow the order of the tasks I give you. Order is crucial in cleaning process.
  • File sharing programs should be uninstalled or disabled during the cleaning process..
  • Observe these:
    [o] Don't use any other cleaning programs or scans while I'm helping you.
    [o] Don't use a Registry cleaner or make any changes in the Registry.
    [o] Don't download and install new programs- except those I give you.
  • Please let me know if there is any change in the system.
If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
=====================================
 
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 7029

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18372

7/5/2011 5:16:45 PM
mbam-log-2011-07-05 (17-16-45).txt

Scan type: Quick scan
Objects scanned: 177428
Time elapsed: 6 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
Okay Bobbye, I just received the information from my coordinator that I am pasting below for you to review when you have time. I hope it helps. As I said before, the thing is, I have no kind of auto logger that I installed on my pc. I am at a loss here as to what could have caused this. Thanks.


Per our IT department:



Please see log below, session expired, followed immediately by excessive automated login attempts every 3 minutes. The timing of the logins after session expiration would indicate an auto logger of some kind, maybe something like Robo Form. Yes, our software is doing its job and he was locked out after 21 unsuccessful attempts.



emlprodpv.emlprod.serror_log:[10732] 07/04/2011 08:36:25 WebLogin:Re-Authen Session Expired or Not Found U:LOVET1 IP:174.150.213.44

emlprodpv.emlprod.serror_log:[32706] 07/04/2011 18:07:31 WebLogin:Re-Authen Session Expired or Not Found U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[32706] 07/04/2011 18:07:31 WebLogin:Re-Authen [Login Time Expired] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[19744] 07/04/2011 18:07:32 WebLogin:Authenticate [Account Password Error: 1] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[18417] 07/04/2011 18:07:33 WebLogin:Authenticate [Account Password Error: 2] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10967] 07/04/2011 18:07:33 WebLogin:Authenticate [Account Password Error: 3] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10443] 07/04/2011 18:07:33 WebLogin:Authenticate [Account Password Error: 5] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[3339 ] 07/04/2011 18:07:33 WebLogin:Authenticate [Account Password Error: 5] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[2586 ] 07/04/2011 18:07:33 WebLogin:Authenticate [Account Password Error: 6] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[3137 ] 07/04/2011 18:08:49 WebLogin:Authenticate [Account Password Error: 7] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26183] 07/04/2011 18:09:02 WebLogin:Authenticate [Account Password Error: 8] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26110] 07/04/2011 18:11:52 WebLogin:Authenticate [Account Password Error: 9] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[24033] 07/04/2011 18:12:04 WebLogin:Authenticate [Account Password Error: 10] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[3339 ] 07/04/2011 18:14:55 WebLogin:Authenticate [Account Password Error: 11] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[12906] 07/04/2011 18:15:08 WebLogin:Authenticate [Account Password Error: 12] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[14730] 07/04/2011 18:18:04 WebLogin:Authenticate [Account Password Error: 13] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[18417] 07/04/2011 18:18:18 WebLogin:Authenticate [Account Password Error: 14] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[5600 ] 07/04/2011 18:21:15 WebLogin:Authenticate [Account Password Error: 15] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[30920] 07/04/2011 18:21:29 WebLogin:Authenticate [Account Password Error: 16] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7985 ] 07/04/2011 18:24:20 WebLogin:Authenticate [Account Password Error: 17] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[14730] 07/04/2011 18:24:32 WebLogin:Authenticate [Account Password Error: 18] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[24033] 07/04/2011 18:27:22 WebLogin:Authenticate [Account Password Error: 19] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[31890] 07/04/2011 18:27:35 WebLogin:Authenticate [Account Password Error: 20] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7210 ] 07/04/2011 18:30:25 WebLogin:Authenticate [Too Many Password Attempts: 21] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10967] 07/04/2011 18:30:36 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10967] 07/04/2011 18:30:36 WebLogin:Authenticate [Too Many Password Attempts: 22] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[4260 ] 07/04/2011 18:33:27 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[4260 ] 07/04/2011 18:33:28 WebLogin:Authenticate [Too Many Password Attempts: 23] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10732] 07/04/2011 18:33:40 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10732] 07/04/2011 18:33:40 WebLogin:Authenticate [Too Many Password Attempts: 24] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26180] 07/04/2011 18:36:30 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26180] 07/04/2011 18:36:30 WebLogin:Authenticate [Too Many Password Attempts: 25] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[30920] 07/04/2011 18:36:41 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[30920] 07/04/2011 18:36:41 WebLogin:Authenticate [Too Many Password Attempts: 26] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[11796] 07/04/2011 18:39:31 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[11796] 07/04/2011 18:39:31 WebLogin:Authenticate [Too Many Password Attempts: 27] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26183] 07/04/2011 18:39:43 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26183] 07/04/2011 18:39:43 WebLogin:Authenticate [Too Many Password Attempts: 28] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[3339 ] 07/04/2011 18:42:34 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[3339 ] 07/04/2011 18:42:34 WebLogin:Authenticate [Too Many Password Attempts: 29] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[388 ] 07/04/2011 18:42:46 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[388 ] 07/04/2011 18:42:46 WebLogin:Authenticate [Too Many Password Attempts: 30] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[24124] 07/04/2011 18:46:00 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[24124] 07/04/2011 18:46:00 WebLogin:Authenticate [Too Many Password Attempts: 31] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[1666 ] 07/04/2011 18:49:02 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[1666 ] 07/04/2011 18:49:02 WebLogin:Authenticate [Too Many Password Attempts: 32] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[4585 ] 07/04/2011 18:52:04 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[4585 ] 07/04/2011 18:52:04 WebLogin:Authenticate [Too Many Password Attempts: 33] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10967] 07/04/2011 18:55:06 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10967] 07/04/2011 18:55:06 WebLogin:Authenticate [Too Many Password Attempts: 34] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7985 ] 07/04/2011 18:58:08 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7985 ] 07/04/2011 18:58:08 WebLogin:Authenticate [Too Many Password Attempts: 35] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[5948 ] 07/04/2011 19:01:10 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[5948 ] 07/04/2011 19:01:10 WebLogin:Authenticate [Too Many Password Attempts: 36] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10732] 07/04/2011 19:04:13 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[10732] 07/04/2011 19:04:13 WebLogin:Authenticate [Too Many Password Attempts: 37] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[27889] 07/04/2011 19:07:15 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[27889] 07/04/2011 19:07:15 WebLogin:Authenticate [Too Many Password Attempts: 38] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[16203] 07/04/2011 19:10:18 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[16203] 07/04/2011 19:10:18 WebLogin:Authenticate [Too Many Password Attempts: 39] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7210 ] 07/04/2011 19:13:20 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7210 ] 07/04/2011 19:13:20 WebLogin:Authenticate [Too Many Password Attempts: 40] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[31890] 07/04/2011 19:16:22 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[31890] 07/04/2011 19:16:22 WebLogin:Authenticate [Too Many Password Attempts: 41] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7720 ] 07/04/2011 19:19:24 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7720 ] 07/04/2011 19:19:24 WebLogin:Authenticate [Too Many Password Attempts: 42] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[14157] 07/04/2011 19:22:26 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[14157] 07/04/2011 19:22:26 WebLogin:Authenticate [Too Many Password Attempts: 43] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[16203] 07/04/2011 19:25:28 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[16203] 07/04/2011 19:25:28 WebLogin:Authenticate [Too Many Password Attempts: 44] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[23328] 07/04/2011 19:28:31 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[23328] 07/04/2011 19:28:31 WebLogin:Authenticate [Too Many Password Attempts: 45] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[11796] 07/04/2011 19:31:33 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[11796] 07/04/2011 19:31:33 WebLogin:Authenticate [Too Many Password Attempts: 46] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[1309 ] 07/04/2011 19:34:35 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[1309 ] 07/04/2011 19:34:35 WebLogin:Authenticate [Too Many Password Attempts: 47] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[4260 ] 07/04/2011 19:37:37 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[4260 ] 07/04/2011 19:37:37 WebLogin:Authenticate [Too Many Password Attempts: 48] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[21513] 07/04/2011 19:40:40 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[21513] 07/04/2011 19:40:40 WebLogin:Authenticate [Too Many Password Attempts: 49] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[27889] 07/04/2011 19:43:42 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[27889] 07/04/2011 19:43:42 WebLogin:Authenticate [Too Many Password Attempts: 50] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[31890] 07/04/2011 19:46:44 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[31890] 07/04/2011 19:46:44 WebLogin:Authenticate [Too Many Password Attempts: 51] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26183] 07/04/2011 19:49:46 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26183] 07/04/2011 19:49:46 WebLogin:Authenticate [Too Many Password Attempts: 52] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[5948 ] 07/04/2011 19:52:48 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[5948 ] 07/04/2011 19:52:48 WebLogin:Authenticate [Too Many Password Attempts: 53] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[24133] 07/04/2011 19:55:51 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[24133] 07/04/2011 19:55:51 WebLogin:Authenticate [Too Many Password Attempts: 54] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[11796] 07/04/2011 19:58:53 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[11796] 07/04/2011 19:58:53 WebLogin:Authenticate [Too Many Password Attempts: 55] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[5948 ] 07/04/2011 20:01:55 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[5948 ] 07/04/2011 20:01:55 WebLogin:Authenticate [Too Many Password Attempts: 56] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26183] 07/04/2011 20:04:57 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26183] 07/04/2011 20:04:57 WebLogin:Authenticate [Too Many Password Attempts: 57] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[30435] 07/04/2011 20:07:59 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[30435] 07/04/2011 20:07:59 WebLogin:Authenticate [Too Many Password Attempts: 58] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[1666 ] 07/04/2011 20:11:02 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[1666 ] 07/04/2011 20:11:02 WebLogin:Authenticate [Too Many Password Attempts: 59] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7985 ] 07/04/2011 20:14:04 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[7985 ] 07/04/2011 20:14:04 WebLogin:Authenticate [Too Many Password Attempts: 60] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[4260 ] 07/04/2011 20:17:07 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[4260 ] 07/04/2011 20:17:07 WebLogin:Authenticate [Too Many Password Attempts: 61] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26110] 07/04/2011 20:20:09 WebLogin:CheckDB [User Account:Locked Out] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[26110] 07/04/2011 20:20:09 WebLogin:Authenticate [Too Many Password Attempts: 62] U:LOVET1 IP:24.127.253.49

emlprodpv.emlprod.serror_log:[11994] 07/05/2011 10:28:35 WebLogin:CheckDB [User Account:Disabled] U:LOVET1 IP:174.150.180.155

emlprodpv.emlprod.serror_log:[16907] 07/05/2011 10:28:47 WebLogin:CheckDB [User Account:Disabled] U:LOVET1 IP:174.150.180.155

emlprodpv.emlprod.serror_log:[10732] 07/05/2011 10:30:53 WebLogin:CheckDB [User Account:Disabled] U:LOVET1 IP:174.150.180.155

emlprodpv.emlprod.serror_log:[19621] 07/05/2011 10:33:56 WebLogin:CheckDB [User Account:Disabled] U:LOVET1 IP:174.150.180.155

emlprodpv.emlprod.serror_log:[23668] 07/05/2011 10:47:09 WebLogin:CheckDB [User Account:Disabled] U:LOVET1 IP:174.150.180.155

emlprodpv.emlprod.serror_log:[16203] 07/05/2011 11:22:50 WebLogin:CheckDB [User Account:Disabled] U:LOVET1 IP:174.150.180.155

emlprodpv.emlprod.serror_log:[27277] 07/05/2011 12:32:18 WebLogin:CheckDB [User Account:Disabled] U:LOVET1 IP:108.106.39.13

emlprodpv.emlprod.serror_log:[30473] 07/05/2011 15:03:23 WebLogin:CheckDB [User Account:Disabled] U:LOVET1 IP:108.107.100.230

emlprodpv.emlprod.serror_log:[30473] 07/05/2011 15:03:24 WebLogin:Authenticate [Too Many Password Attempts: 63] U:LOVET1 IP:108.107.100.230
 
Per the entries sent to you, it appears that U:LOVE1 may be "User" = LOVE1. If that is your account name, the access attempts are being made under your account name. If by chance that isn't your user name, I found a user named LOVET1 here >>http://www.king.com/profiles/lovet1?language=en_US

The IPs are:
IP 174.150.213.44>> Sprint Nextel Corporation SPRINT-WIRELESS
IP 24.127.253.49>> Comcast Cable Communications
===============================

The coordinator told me that there was an attempt to access my account every three minutes from 6:30pm to 8:20pm with 62 failed attempts.
Click to expand...
Questions and Comments:
1. "These are like informal appraisals that I complete as a real estate agent.">>>
Do you add these appraisals to a database by way of sending it to your employer?
How do you do this? Do you access the database online, log in, then add the information?
Do you send the result through email? If yes, which email are you using?
====================
The coordinator has sent you a copy of their error log, showing the multiple attempts to access the database where both user and password has failed and the number of failed attempts exceeded their pre-set number.

2. The activities I see on what the coordinator sent to you:
  1. You-or someone- was logged on to the account. It would be a secure account.
  2. A length of time passed without activity and a message was sent something to the effect of:
    "Your session have expired. Do you want to remain connected?"
  3. If answer was Yes, account would be signed on again, requiring re-authentication.
  4. Multiple attempts were made to enter the password, but the password wasn't correct.
  5. After a pre-set number of attempts that are wrong, the user will be locked out of the account.
  6. Eventually, more attempts were made to enter a password. They were wrong and again, after a pre-set number of attempts, the account were locked down again.
  7. First the user is locked out. If the behavior continues, the account will be disabled.

3. The Web Login would go something like this:
[o] The company may have a single sign on set up for web based services.
[o] Some companies will use a CRYPTOCard authentication which creates a login session that lets you access services and information from many web sites. A session lasts for up to X hours and is preset by the company
4. The basics:
[o]Logging In> User name, Password
[o]Logging out should follow when the session is over
[o]To further protect against unauthorized access, inactive sessions are automatically closed. On site sessions are closed if they are idle for X hours, X minutes for sessions .
===============================================
4.Account Security
You can protect your account by taking a few simple precautions when using the web. These are especially important when using public systems at kiosks, cyber cafes, and conferences.
  • Do not leave an active web session unattended; exit the browser, logout, or lock the screen.
  • If you use a CRYTPOCard for logging in and it is lost, you should contact the company immediately
  • If you get repeated, unexplained "Invalid passcode" errors. Your account may have been compromised.
  • Do not enter your password into an unfamiliar web site; you could be giving someone you don't know the information needed to login as you.
  • Only send your login information over a secure connection. You can verify this by looking for https: in the location.
  • If you get warning screens about "certificates". You may be about to send your login information to an adversary's system.

If any of the above Account Security applies to you, you will need to advise the company coordinator and ask for help in cleaning the system from their IT.

I cannot handle this over this internet help forum. Even if we found and remove malware, that would not assure that the system hadn't been compromised.
===============================================
I'm leaving the information for you with the hope that it will help you determine how your account could have been breached. The coordinator is doing what is necessary to protect the security of the company. You are being advised that attempt are being made to access from within your system. You are being advised, not blamed.
 
Bobbye. Thanks so much for this useful information. To answer your question, I do not send the completed reports via email, but rather complete the employer's online forms and submit them via this secure form directly to the employer. The interface/website is provided by and is the property of the employer. It sounds as if someone or something was trying to hack into my account? Every 3 minutes for about two hours certainly sounds automated.

The two ip addresses that you mentioned are legit. The wireless Sprint ip address is my own network, and the Comcast one is my girlfriend's broadband connection, which is where I was when this happened it looks like. I wonder if this might be the result of something on her network? Whatever was trying to gain access obviously did not have my password, right? I would think that if I had some automatic software, it would be able to sign in just fine, because I would have provided the correct password, right? I wonder if something like this might stem from my girlfriend's network? I have to somehow convince my employer (and myself) that this will not happen again. To recap, it seems that something (because it appears automated) was trying to hack into my account, right? Am I understanding this? Thanks so very much.
 
I wonder if something like this might stem from my girlfriend's network?
Click to expand...

Explain what you mean please and what kind of 'network' you're referring to.

Is there some reason why you don't want to run the scans? In addition to Mbam, there is GMER and DDS. They will provide logs that may be of help.

Please add the following scan to the others:
SASLogo48x48.gif

SuperAntiSpyware Home Edition Free Version
  • Please download SuperAntiSpyware from HERE
  • Launch SuperAntiSpyware and click on 'Check for updates'.
  • Wait for the updates to be installed
  • On the main screen click on 'Scan your computer'.
  • Check: 'Perform Complete Scan then Click 'Next' to start the scan.
  • Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
  • Make sure everything found has a checkmark next to it,then press 'Next'.
  • Click on 'Finish' when you've done.
It's possible that the program will ask you to reboot in order to delete some files.

Obtain the SuperAntiSpyware log as follows:
  • Click on 'Preferences'.
  • Click on the 'Statistics/Logs' tab.
  • Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
It will then open in your default text editor,such as Notepad. Paste the notepad file here on your reply
 
.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18372 BrowserJavaVersion: 1.6.0_24
Run by Thomas Love at 14:14:58 on 2011-07-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.418 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe
C:\WINDOWS\system32\TPSODDCtl.exe
C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\WINDOWS\system32\TFNF5.exe
C:\WINDOWS\SkyTel.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.emortgagelogic.com/www/index.htm
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110513075038.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [TRot.exe] c:\program files\toshiba\toshiba rotation utility\TRot.exe
mRun: [TouchED] c:\program files\toshiba\touched\TouchED.Exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [TSkrMain] c:\program files\toshiba\acceleration utilities\shaker\TSkrMain.exe
mRun: [TPSODDCtl] TPSODDCtl.exe
mRun: [TPSMain] TPSMain.exe
mRun: [TOSDCR] TOSDCR.EXE
mRun: [TAcelMgr] c:\program files\toshiba\acceleration utilities\tacelmgr\TAcelMgr.exe
mRun: [TabletWizard] c:\windows\help\SplshWrp.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [DDWMon] c:\program files\toshiba\toshiba direct disc writer\\ddwmon.exe
mRun: [00THotkey] c:\windows\system32\00THotkey.exe
mRun: [000StTHK] 000StTHK.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [CrossMenu] c:\program files\toshiba\crossmenu\CrossMenu.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TFNF5] TFNF5.exe
mRun: [TabletTip] "c:\program files\common files\microsoft shared\ink\tabtip.exe" /resume
mRun: [SkyTel] SkyTel.EXE
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} - hxxp://apps.corel.com/nos_dl_manager_dev/plugin/IEGetPlugin.ocx
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxps://web11.farvv.com/sn/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D22A640E-00A4-4F2B-95FB-34476E405A51} : DhcpNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
Notify: loginkey - c:\program files\common files\microsoft shared\ink\loginkey.dll
Notify: psfus - psqlpwd.dll
Notify: TabBtnWL - TabBtnWL.dll
Notify: tpgwlnotify - tpgwlnot.dll
Notify: TSigNP - TSigNP.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\thomas love\application data\mozilla\firefox\profiles\olrqrkyz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.nefar.com/memberMain.php|http://flexmls.realtyweb.net/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\thomas love\application data\mozilla\firefox\profiles\olrqrkyz.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npxsciter.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Garmin Communicator: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E} - %profile%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-8-24 387480]
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2004-12-28 16384]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2006-5-12 6144]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-5-10 84200]
R1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.sys [2006-5-12 5888]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2006-5-12 14336]
R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2006-5-5 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2006-5-5 33024]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-11-1 171168]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-11-1 141792]
R2 smihlp;SMI helper driver;c:\program files\protector suite ql\smihlp.sys [2006-5-5 3456]
R2 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [2006-3-24 98560]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-5-10 153280]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-5-10 52320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-5-10 314088]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-5-10 88736]
R3 TBtnKey;TOSHIBA Tablet PC Buttons Type N HID Driver;c:\windows\system32\drivers\TBtnKey.sys [2006-5-12 8832]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2006-5-12 14208]
S1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys --> c:\windows\system32\drivers\avg7core.sys [?]
S1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys --> c:\windows\system32\drivers\avg7rsw.sys [?]
S1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys --> c:\windows\system32\drivers\avg7rsxp.sys [?]
S1 AvgClean;AVG Clean Driver;c:\windows\system32\drivers\avgclean.sys --> c:\windows\system32\drivers\avgclean.sys [?]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-5-10 56064]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-5-10 88736]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-5-10 84488]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-9-23 20480]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2009-5-19 174720]
S4 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avgfre~1\avgamsvr.exe --> c:\progra~1\grisoft\avgfre~1\avgamsvr.exe [?]
S4 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avgfre~1\avgupsvc.exe --> c:\progra~1\grisoft\avgfre~1\avgupsvc.exe [?]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-17 136176]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-10-17 136176]
S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-11-1 271480]
S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S4 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-11-1 271480]
S4 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-11-1 271480]
S4 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-11-1 271480]
S4 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-11-1 188136]
S4 Tmesrv;Tmesrv3;c:\program files\toshiba\tme3\TMESRV31.exe [2006-5-12 126976]
.
=============== Created Last 30 ================
.
2011-07-06 01:14:26 -------- d-----w- c:\program files\Carbonite
2011-07-06 01:14:26 -------- d-----w- c:\documents and settings\all users\application data\Carbonite
2011-06-24 05:51:27 413696 ----a-r- c:\documents and settings\thomas love\application data\microsoft\installer\{75157f34-02c6-4831-bd66-3bc49e7a8394}\NewShortcut2_5B2EDCAA303A43629DACC3FFFABD0901.exe
2011-06-24 05:51:26 69632 ----a-r- c:\documents and settings\thomas love\application data\microsoft\installer\{75157f34-02c6-4831-bd66-3bc49e7a8394}\NewShortcut4_838BDC75346D4F49BD1D5328F986CD86.exe
2011-06-24 05:51:26 413696 ----a-r- c:\documents and settings\thomas love\application data\microsoft\installer\{75157f34-02c6-4831-bd66-3bc49e7a8394}\NewShortcut1_9F9ABBA94B874F449DBFBD7EB1332F16.exe
2011-06-24 05:51:25 413696 ----a-r- c:\documents and settings\thomas love\application data\microsoft\installer\{75157f34-02c6-4831-bd66-3bc49e7a8394}\ARPPRODUCTICON.exe
2011-06-17 19:35:11 -------- d-----w- c:\program files\iPod
2011-06-17 19:35:05 -------- d-----w- c:\program files\iTunes
2011-06-16 03:42:07 105472 -c----w- c:\windows\system32\dllcache\mup.sys
.
==================== Find3M ====================
.
2011-06-24 20:27:43 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 13:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-04-14 18:01:38 95824 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-04-14 18:01:38 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 18:01:38 88736 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2011-04-14 18:01:38 84488 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-04-14 18:01:38 84200 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2011-04-14 18:01:38 56064 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-04-14 18:01:38 52320 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-04-14 18:01:38 387480 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-04-14 18:01:38 314088 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-04-14 18:01:38 153280 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 18:01:38 141792 ----a-w- c:\windows\system32\mfevtps.exe
.
============= FINISH: 14:16:48.64 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/2/2006 8:54:42 AM
System Uptime: 7/7/2011 11:09:29 AM (3 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Genuine Intel(R) CPU T2050 @ 1.60GHz | uFC-PGA Socket | 1596/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 49.533 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2: 5/14/2011 10:45:39 AM - Googe Redirect Recovery
RP3: 5/17/2011 1:42:08 AM - NMEA Port
RP4: 5/17/2011 1:42:58 AM - Removed Sprint SmartView.
RP5: 5/24/2011 8:40:07 PM - System Checkpoint
RP6: 5/28/2011 2:21:52 PM - System Checkpoint
RP7: 6/3/2011 7:23:05 PM - System Checkpoint
RP8: 6/8/2011 12:54:45 PM - System Checkpoint
RP9: 6/9/2011 7:46:51 PM - System Checkpoint
RP10: 6/16/2011 7:24:07 PM - Software Distribution Service 3.0
RP11: 6/19/2011 2:33:56 PM - System Checkpoint
RP12: 6/19/2011 3:00:17 PM - Software Distribution Service 3.0
RP13: 6/24/2011 12:32:13 AM - Installed Microsoft Office Outlook Connector
RP14: 6/24/2011 2:10:57 PM - Software Distribution Service 3.0
RP15: 6/29/2011 9:53:22 PM - Software Distribution Service 3.0
RP16: 7/5/2011 7:59:57 PM - Installed Java(TM) 6 Update 26
RP17: 7/7/2011 11:51:23 AM - System Checkpoint
.
==== Installed Programs ======================
.
7300
7300_Help
7300Trb
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 7.0.1
Adobe Reader X (10.1.0)
Agilix GoBinder Lite
AiO_Scan
AiOSoftware
Akamai NetSession Interface
ALPS Touch Pad Driver
America Online (Choose which version to remove)
AnswerWorks 5.0 English Runtime
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
AOL You've Got Pictures Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arachnophilia 5.4
ArcSoft Panorama Maker 5
ArcSoft Software Suite
AudibleManager
Bejeweled 2 Deluxe
BlackBerry Desktop Software 6.1
Blasterball 2 Revolution
Bluetooth Stack for Windows by Toshiba
Bonjour
BufferChm
Carbonite
CCleaner
CD/DVD Drive Acoustic Silencer
Compatibility Pack for the 2007 Office system
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
CueTour
CutePDF Writer 2.7
Destinations
Director
DocProc
DocumentViewer
DVD-RAM Driver
FATE
Fax
File Uploader
Florida Real Estate Exam Manual
FranklinCovey TabletPlanner
Google AFE
Google Earth
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Extended Capabilities 4.7
HP Image Zone 4.7
HP Officejet 7300 series
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Update
HPSystemDiagnostics
Ink Art
InstallVC90Support
InstantShare
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
iTunes
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java(TM) 6 Update 24
K-Lite Codec Pack 5.5.1 (Standard)
LivePost powered by PostNexus
Malwarebytes' Anti-Malware version 1.51.0.1200
MapSource - City Select North America v7
MarketResearch
McAfee Security Scan Plus
McAfee SecurityCenter
mCore
mDrWiFi
mHelp
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Education Pack for Windows XP Tablet PC Edition
Microsoft Energy Blue Theme Pack
Microsoft Experience Pack for Tablet PC
Microsoft Ink Crossword
Microsoft Ink Desktop
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Media Transfer
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office OneNote 2003
Microsoft Office Outlook Connector
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Standard Edition 2003
Microsoft Publisher 2002
Microsoft Silverlight
Microsoft Snipping Tool 2.0
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
mIWA
mLogView
mMHouse
Mozilla Firefox (3.6.13)
mPfMgr
mPfWiz
mProSafe
MSN
MSN Toolbar
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
MyConnect Special Offer
mZConfig
Nikon Message Center
Nikon Transfer
oDesk Team
Office 2003 Trial Assistant
Opera 11.50
PanoStandAlone
PhotoGallery
Picture Control Utility
Polar Golfer
PrimoPDF -- by Nitro PDF Software
ProductContext
Protector Suite 5.4
Pure Networks Port Magic
QFolder
Quicken 2008
QuickTime
Readme
RealPlayer Basic
Realtek High Definition Audio Driver
Revo Uninstaller 1.85
Scan
ScannerCopy
SCRABBLE
SD Secure Module
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
Tablet PC Tutorials for Microsoft Windows XP SP2
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Top Producer Editor
TOSHIBA Accelerometer Utilities
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Direct Disc Writer
TOSHIBA Disc Creator
TOSHIBA Display Devices Change Utility
TOSHIBA Game Console
TOSHIBA HDD Protection
TOSHIBA Hotkey Utility for Display Devices
TOSHIBA Mobile Extension3 for Windows XP V3.82.00.XP
TOSHIBA Password Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
Toshiba Registration
TOSHIBA Rotation Utility
TOSHIBA SD Memory Boot Utility
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Tablet Access Code Logon Utility
TOSHIBA TouchPad On/Off Utility V2.05.01
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
TrayApp
Trial1-2-3FileConvert v3.0
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB961813)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
ViewNX
Viewpoint Media Player
W Photo Studio
WebFldrs XP
WebReg
WildTangent Web Driver
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8 Release Candidate 1
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
7/6/2011 8:32:03 PM, error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.100. The machine with the IP address 192.168.1.101 did not allow the name to be claimed by this machine.
7/6/2011 8:31:37 PM, error: Dhcp [1002] - The IP address lease 192.168.0.12 for the Network Card with network address 00130288A1D0 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
7/6/2011 5:04:55 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service mcmscsvc with arguments "" in order to run the server: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
7/6/2011 4:49:28 PM, error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.0.12. The machine with the IP address 192.168.0.1 did not allow the name to be claimed by this machine.
7/1/2011 8:52:25 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
7/1/2011 8:52:25 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service CarboniteService with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}
7/1/2011 8:51:07 AM, error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.104. The machine with the IP address 192.168.1.101 did not allow the name to be claimed by this machine.
7/1/2011 2:33:11 PM, error: BROWSER [8020] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is unknown.
7/1/2011 2:33:11 PM, error: BROWSER [8019] - The browser was unable to promote itself to master browser. The browser will continue to attempt to promote itself to the master browser, but will no longer log any events in the event log in Event Viewer.
.
==== End Of File ===========================
 
I'm sorry about the confusion. I am using the wrong term? When I typed network, I simply meant that I was accessing the internet using her Comcast account. I just posted the logs for your review when you have the time.

Someone also gave me another bit of info that might prove to be helpful. I was told that IE8 can sometimes be set to auto refresh itself. I looked into my security settings, and sure enough, META REFRESH was enabled. I disabled it. I wonder if I had a browser window open to my employer's site in the background, and Internet Explorer was auto refreshing every 3 minutes? I wonder if that could come across on their end as 62 failed attempts to log in every 3 minutes? Does that even sound plausible? Thanks again for all of your help.
 
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/07/2011 at 03:47 PM

Application Version : 4.55.1000

Core Rules Database Version : 7385
Trace Rules Database Version: 5197

Scan type : Complete Scan
Total Scan Time : 01:03:35

Memory items scanned : 626
Memory threats detected : 0
Registry items scanned : 8482
Registry threats detected : 0
File items scanned : 30208
File threats detected : 160

Adware.Tracking Cookie
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@invitemedia[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@adxpose[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ru4[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ad.wsod[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@content.yieldmanager[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@statcounter[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@collective-media[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@mm.chitika[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@overture[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@adserver.adtechus[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@r1-ads.ace.advertising[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@apmebf[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ads.monster[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@eyewonder[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ads.bridgetrack[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@pointroll[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@liveperson[3].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@affiliates.trafficsynergy[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@citi.bridgetrack[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@theclosetentrepreneur[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ar.atwola[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@burstnet[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@zillow.122.2o7[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@fastclick[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@xiti[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@doubleclick[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@media6degrees[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@revsci[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@imrworldwide[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ads.pointroll[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@lucidmedia[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@content.yieldmanager[3].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ads.m4internet[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@liveperson[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@realmedia[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@legolas-media[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@specificclick[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ad.yieldmanager[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@advertising[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@snap9.advertserve[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@tacoda.at.atwola[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@azjmp[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@trafficmp[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@accounts.youtube[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@stats.talkingpointsmemo[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@atdmt[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ads.undertone[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@a1.interclick[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@www.googleadservices[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@tribalfusion[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@questionmarket[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@ads.nefar[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@yieldmanager[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@interclick[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@serving-sys[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@adbrite[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@at.atwola[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@msnportal.112.2o7[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@liveperson[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@mediaplex[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@mediabrandsww[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@zedo[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@counters.gigya[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@pro-market[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@microsoftwindows.112.2o7[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@sales.liveperson[2].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@t.pointroll[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@account.carbonite[1].txt
C:\Documents and Settings\Thomas Love\Cookies\thomas_love@statse.webtrendslive[1].txt
ia.media-imdb.com [ C:\Documents and Settings\Thomas Love\Application Data\Macromedia\Flash Player\#SharedObjects\LDQ5RESL ]
media.mtvnservices.com [ C:\Documents and Settings\Thomas Love\Application Data\Macromedia\Flash Player\#SharedObjects\LDQ5RESL ]
polltracker.talkingpointsmemo.com [ C:\Documents and Settings\Thomas Love\Application Data\Macromedia\Flash Player\#SharedObjects\LDQ5RESL ]
secure-us.imrworldwide.com [ C:\Documents and Settings\Thomas Love\Application Data\Macromedia\Flash Player\#SharedObjects\LDQ5RESL ]
.pro-market.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.pro-market.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.xiti.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.ar.atwola.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
segment-pixel.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
g-pixel.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
bridge2.admarketplace.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.admarketplace.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.stopzilla.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.stopzilla.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.stopzilla.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.yieldmanager.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Thomas Love\Application Data\Mozilla\Firefox\Profiles\olrqrkyz.default\cookies.sqlite ]
 
I only see Tracking Cookie for the account of Thomas Love Most are the 'run if the mil' internet advertising Cookies. But it does show you have no protection from 3rd party Cookies. I will have you reset the Cookies. If you did not check the line in SuperantiSpyware to remove the entries, run another scan and remove. Then>>>

Reset Cookies

For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

For Firefox: Tools> Options> Privacy> Cookies> CHECK ‘accept Cookies from Sites’> UNCHECK 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')

I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
AdBlock Plus
Easy List

For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
(First-party and third-party cookies can be set by the website you're visiting and websites that have items embedded in the website you're visiting. But when you next visit the website, only first-party cookie information is sent to the website. Third-party cookie information isn't sent back to the websites that originally set the third-party cookies.)
============================================
One site in particular could put you more at risk, so you need to block it:

For IE: Access Internet Options through Tools in IE or through the Control Panel> Security tab> Restricted Sites> Sites> type the following in then click on Block:
*. azjmp.com

For Firefox: Open Firefox> Tools> Options> Security> Allow Cookies> Exceptions> type in *. azjmp.com> Block.

To summarize =User Review Summary for azjmp.com
This site spams
Adware, spyware, or viruses
Phishing or other scams
Bad shopping experience
=================================================
For the record, I have 'allow metadata' checked. It has not caused a problem. But I still only have IE6 as I use Firefox exclusively.
I wonder if I had a browser window open to my employer's site in the background, and Internet Explorer was auto refreshing every 3 minutes?
Click to expand...
No
=================================================
Your are still running Windows Internet Explorer 8 Release Candidate 1 This has been out in Final Version for a while. You need to update to the final.
================================================
You still have AVG v7 installed and running. This will cause a conflict with McAfee. V7 has not been support for a long time, so it doesn't have a current database:
Download AVG Remover:32bit
Run this AVG Remover eliminates all the parts of your AVG installation from your computer, including registry items, installation files, user files, etc.
Note:
  • AVG user settings will be removed.
  • Virus Vault contents will be removed.
  • All other items related to AVG installation and use will be removed.
  • You will be asked during the removal procedure to restart your computer. Please do so.
  • Make sure there is no open work in process prior to launching AVG Remover.
  • Follow any screen promotes to run.
Reboot the computer when done:
===================================================
You have multiple old versions of Java and do not have the current version. The best way to handle that is to run the following: Note: I do not want this log!

Please download JavaRa and unzip it to your desktop.

Important!***Please close any instances of Internet Explorer before continuing!***
  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that
    a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location.Note: Do not leave this log.
Download and install then most current version and update of Java RuntimeEnvironment (JRE)HERE.
===========================================
I still have some removals to run through Combofix but I don't know that any of the will solve the problem. Seems to me you need to seek some guidance from the coordinator and/or office IT. They may thing it's best to reformat and reinstall the OS. If you haven't backed up, consider doing it now.
 
Okay, thanks Bobbye. I am wondering though, should I follow through with these remaining steps or might it be a better idea to just reinstall the OS as you suggested? What is your honest opinion? Another related question: If I reinstall the OS, I have everything backed up via Carbonite online backup service. If there is a problem such as some malicious entity lurking on my pc, might there be a danger of reinstalling it if I recover date via Carbonite? Thanks!

Oh, and as for using IE, I wish I didn't have to use it, but the employer's site is only compatable with IE....frustrating. Anyways, thanks again.
 
Sorry, but I think I just answered the Carbonite question....

10. What if I get a virus? Will Carbonite back that up too?

Viruses live in and affect executable files. By "executable files", I mean files that can perform some kind of task. In the past, it was safe to say that viruses only affected programs, but these days most documents support some type of embedded macro or scripting language. It's possible that documents created by Microsoft Office or other programs could contain what is called a "macro virus" - a virus that can run when that file is opened by the program that created it. Luckily, these types of viruses tend to be the easiest to correct and remove while the virus is still dormant.

When recovering from a virus infection, my recommendation would be to reinstall your operating system and applications, and in particular a good anti-virus program. Be sure to get the latest virus definition files from the manufacturer of the anti-virus program. (This is usually included as part of your subscription, and the latest definition files can be downloaded via the Internet.) After reinstalling your operating system and anti-virus program, restore your backup, but be careful not to open your restored documents until after scanning them for viruses.

Well, there you go. That's our top ten. I hope you find this information helpful. You can find more detail on these topics by searching the frequently asked questions in Carbonite support. But as always, if you have additional questions, please let us know by e-mailing customersupport@carbonite.com.
 
Update: Bobbye, you won't believe this, but I just heard from my coordinator and the problem was on their end this entire time! She said that when it first happened to me, it was an isolated event, but all this week, it has happened to someone new every day. Anyway, my profile has been reactivated and I am very much relieved. I will follow the instructions in your last post. Thank you for all of your help!
 
Ha! So it was their server trying to hack! That is one for the books. Thanks for letting me know. Ask the coordinator if the company will pay for the grey hairs you got trying to figure out their problem!

As for this:
Viruses live in and affect executable files. By "executable files", I mean files that can perform some kind of task
Click to expand...
Really a convoluted statement there. Carbonite is the only site I could find using this wording. Check http://www.computerhope.com/jargon/e/execfile.htm and here http://en.wikipedia.org/wiki/Executable

Anyway, glad you're back in good standing!
 
Status
Not open for further replies.

Similar threads

midian182
AI-powered neurotechnology evolution could be a threat to mental privacy, says UNESCO
Replies
3
Views
423
Uncle Al
Uncle Al
Cal Jeffrey
The MyHouse Doom 2 mod is a masterpiece of creepy map editing
Replies
4
Views
776
loki1944
L
Bob O'Donnell
Is there still room to innovate in PC design? HP seems to think so.
Replies
1
Views
330
Theinsanegamer
T

Latest posts

Back