Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cachecachekit


  • Please log in to reply
4 replies to this topic

#1 BobbyCourt

BobbyCourt

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 01 April 2007 - 09:37 PM

I see others have had this problem and see that I need your help before I start.
I have xp and protected by Norton Internet security 2007 or so I thought. Haven't had any real issues this year. However at start up norton every few 5 secs or so warns that has stopped cachecachekit and computter is secure.
Firefox sometimes comes uip and says there is an error although it is not a start up program.
Norton also says that Windows automatic updates is swithed off, but when I turn it back on, it gets switched off in a second and up comes the cachecachekit warning.
I also find that it changes my network settings. When I chenge them back to default, the acess rights get changed back again on reboot. I have not found all the changes and cannot access the computer from others on the net. Access denied
I have run all the software for spyware that I can and do not find the cache cachekit.
I ran HJT but do not understand it and do not find similar entries to others who have posted here on the forum.
Norton did not stop the cachecachekit. However I have now AVG and spyware doctor running in protect mode as it does stop the changes being made after about 5 mins. I do not normally have 3 only 1 security on at a time.


I think thats it. Apart from the HJT can I tell you more??
Where do I post the HJT :thumbsup:

BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:34 AM

Posted 01 April 2007 - 10:28 PM

Download Asquared and run it in safe mode, it should take care of it.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 buddy215

buddy215

  • Moderator
  • 13,134 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:34 AM

Posted 02 April 2007 - 07:14 PM

Welcome to BC, You can post a Hijack This log by following the instructions in the link below. Post it in the Hijack This Forum. Not Here.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 BobbyCourt

BobbyCourt
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 03 April 2007 - 09:52 AM

I ran a-squared as proposed.it did not find cachecachekit. It found a few cookies but also identified 2 trojans that other scans did not pick up and when checking a-squared site, it suggests these are double positives and not harmfull. Part of for instance KillBox which is supposed to kill certain items.
I pasted the results here incase you think the result is not harmless. I quarantined them all for now.Is that OK?

Scan settings:

Objects: Memory, Traces, Cookies, C:\, G:\
Scan archives: On
Heuristics: On
ADS Scan: On

Scan start: 02/04/2007 12:05:26

C:\Documents and Settings\All Users\Desktop\yahoo! messenger with voice.lnk detected: Trace.File.IMMonitor Yahoo Messenger Spy
C:\Documents and Settings\LIBBY\Cookies\libby@cdfreaks[2].txt detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@companieshouse.gov[1].txt detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@counter.plugin[1].txt detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@dealtime.co[1].txt detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@mediaatlantic[2].txt detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@pricegrabber.co[1].txt detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@travelocity.co[1].txt detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:43 detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:148 detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:192 detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:227 detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:228 detected: Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:231 detected: Trace.TrackingCookie
C:\Program Files\SmartSync Pro\Activate.exe detected: Trojan-PSW.Win32.QQRob.hi
C:\WINDOWS\Motive\btbb\pskill.exe detected: Riskware.RiskTool.Win32.PsKill.1101

Scanned

Files: 370358
Traces: 105316
Cookies: 989
Processes: 10

Found

Files: 2
Traces: 1
Cookies: 13
Processes: 0
Registry keys: 0

Scan end: 02/04/2007 16:57:59
Scan time: 04:52:33

C:\WINDOWS\Motive\btbb\pskill.exe Quarantined Riskware.RiskTool.Win32.PsKill.1101
C:\Program Files\SmartSync Pro\Activate.exe Quarantined Trojan-PSW.Win32.QQRob.hi
C:\Documents and Settings\LIBBY\Cookies\libby@cdfreaks[2].txt Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@companieshouse.gov[1].txt Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@counter.plugin[1].txt Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@dealtime.co[1].txt Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@mediaatlantic[2].txt Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@pricegrabber.co[1].txt Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Cookies\libby@travelocity.co[1].txt Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:43 Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:148 Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:192 Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:227 Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:228 Quarantined Trace.TrackingCookie
C:\Documents and Settings\LIBBY\Application Data\Mozilla\Firefox\Profiles\9ugw2cgz.default\cookies.txt:231 Quarantined Trace.TrackingCookie
C:\Documents and Settings\All Users\Desktop\yahoo! messenger with voice.lnk Quarantined Trace.File.IMMonitor Yahoo Messenger Spy

Quarantined

Files: 2
Traces: 1
Cookies: 13

#5 BobbyCourt

BobbyCourt
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:34 AM

Posted 03 April 2007 - 10:10 AM

I have followed the link instructions and posted the HJT log on security HJT forum.
Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users