Jump to content


Photo

Homepage gets redirected


  • Please log in to reply
3 replies to this topic

#1 Garrett

Garrett

    Member

  • New Member
  • Pip
  • 4 posts

Posted 17 June 2004 - 04:14 PM

Hey, I'm on a XP Home which I share this computer with my little sister. On her name, when she opens Internet Explorer it goes to www.gopostal.com. When I open internet explorer on my username it goes to msn. (Yes I've tried internet options and virus scans). I've run many ad-aware scans and nothing has prevailed. Here is a full Ad-Aware scan from a few days ago.

Thanks in advance!

(Lemme know if you want a HijackThis log as well)
[quote]

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Wednesday, June 16, 2004 12:18:09 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R319 15.06.2004
______________________________________________________

Reffile status:
=========================
Reference file loaded:
Reference Number : 01R318 13.06.2004
Internal build : 250
File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1241033 Bytes
Signature data size : 1220738 Bytes
Reference data size : 20231 Bytes
Signatures total : 27180
Target categories : 10
Target families : 497
6-16-2004 12:18:02 PM Performing Webupdate...

Installing Update...
Reference file loaded:
Reference Number : 01R319 15.06.2004
Internal build : 251
File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1243271 Bytes
Signature data size : 1222976 Bytes
Reference data size : 20231 Bytes
Signatures total : 27234
Target categories : 10
Target families : 497

6-16-2004 12:18:08 PM Success.
Update successfully downlodaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:32 %
Total physical memory:523276 kb
Available physical memory:166980 kb
Total page file size:1278768 kb
Available on page file:873720 kb
Total virtual memory:2097024 kb
Available virtual memory:2049424 kb
OS:

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result


6-16-2004 12:18:09 PM - Scan started. (Custom mode)

Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 6-15-2004 5:01:26 PM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-15-2004 5:01:33 PM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-15-2004 5:01:34 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 8/18/2001 12:00:00 PM
Last accessed : 6/16/2004 4:18:09 PM
Last modified : 8/18/2001 12:00:00 PM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-15-2004 5:01:34 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8/18/2001 12:00:00 PM
Last accessed : 6/16/2004 4:18:09 PM
Last modified : 8/29/2002 10:41:26 AM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-15-2004 5:01:35 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/18/2001 12:00:00 PM
Last accessed : 6/16/2004 4:13:19 PM
Last modified : 8/18/2001 12:00:00 PM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-15-2004 5:01:35 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/18/2001 12:00:00 PM
Last accessed : 6/16/2004 4:13:19 PM
Last modified : 8/18/2001 12:00:00 PM

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-15-2004 5:01:39 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8/18/2001 12:00:00 PM
Last accessed : 6/16/2004 4:18:09 PM
Last modified : 8/18/2001 12:00:00 PM

#:8 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 6-15-2004 5:01:46 PM
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright İ 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 11/10/2003 8:30:12 PM
Last accessed : 6/16/2004 4:13:13 PM
Last modified : 11/10/2003 8:30:12 PM

#:9 [navapsvc.exe]
FilePath : C:\Program Files\Norton Trial2\
ThreadCreationTime : 6-15-2004 5:01:46 PM
BasePriority : Normal
FileSize : 154 KB
FileVersion : 10.00.13
ProductVersion : 10.00.13
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright İ 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 11/24/2003 10:46:28 PM
Last accessed : 6/16/2004 4:13:26 PM
Last modified : 11/24/2003 10:46:28 PM

#:10 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-15-2004 5:01:47 PM
BasePriority : Normal
FileSize : 80 KB
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
Copyright : İ NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 52.16
Created on : 10/6/2003 7:16:00 PM
Last accessed : 6/16/2004 4:18:10 PM
Last modified : 10/6/2003 7:16:00 PM

#:11 [savscan.exe]
FilePath : C:\Program Files\Norton Trial2\
ThreadCreationTime : 6-15-2004 5:01:47 PM
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.1.14
ProductVersion : 9.2
Copyright : Copyright İ 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 11/8/2003 12:46:58 AM
Last accessed : 6/16/2004 4:18:10 PM
Last modified : 11/8/2003 12:46:58 AM

#:12 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ThreadCreationTime : 6-15-2004 5:01:52 PM
BasePriority : Normal
FileSize : 572 KB
FileVersion : 1, 8, 48, 79
ProductVersion : 1, 8, 48, 79
Copyright : Copyright İ 2003
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
OriginalFilename : symlcsvc.exe
ProductName : Symantec Core Component
Created on : 3/24/2004 11:50:10 PM
Last accessed : 6/16/2004 4:18:10 PM
Last modified : 3/24/2004 11:50:10 PM

#:13 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 6-15-2004 5:01:54 PM
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright İ 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 11/10/2003 8:30:04 PM
Last accessed : 6/16/2004 4:13:26 PM
Last modified : 11/10/2003 8:30:04 PM

#:14 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-16-2004 4:11:32 PM
BasePriority : High


#:15 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-16-2004 4:11:56 PM
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 6/12/2004 2:07:46 PM
Last accessed : 6/16/2004 4:12:03 PM
Last modified : 8/29/2002 10:41:24 AM

#:16 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ThreadCreationTime : 6-16-2004 4:12:10 PM
BasePriority : Normal
FileSize : 76 KB
FileVersion : 6.4
ProductVersion : QuickTime 6.4
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
OriginalFilename : QTTask.exe
ProductName : QuickTime
Created on : 7/27/2002 1:34:32 PM
Last accessed : 6/16/2004 4:12:10 PM
Last modified : 10/26/2003 4:31:21 PM

#:17 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ThreadCreationTime : 6-16-2004 4:12:10 PM
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 11/7/2003 5:49:10 PM
Last accessed : 6/16/2004 4:12:11 PM
Last modified : 11/7/2003 5:49:10 PM

#:18 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 6-16-2004 4:12:20 PM
BasePriority : Normal
FileSize : 69 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright İ 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 11/10/2003 8:30:02 PM
Last accessed : 6/16/2004 4:12:20 PM
Last modified : 11/10/2003 8:30:02 PM

#:19 [viewmgr.exe]
FilePath : C:\Program Files\Viewpoint\Viewpoint Manager\
ThreadCreationTime : 6-16-2004 4:12:23 PM
BasePriority : Normal
FileSize : 100 KB
FileVersion : 1, 0, 0, 43
ProductVersion : 1, 0, 0, 43
Copyright : Copyright
CompanyName : Viewpoint Corporation
FileDescription : ViewMgr
InternalName : Viewpoint Manager
OriginalFilename : ViewMgr.exe
ProductName : Viewpoint Manager
Created on : 5/4/2004 7:47:56 PM
Last accessed : 6/16/2004 4:12:23 PM
Last modified : 4/19/2004 4:06:56 PM

#:20 [khost.exe]
FilePath : C:\WINDOWS\kdx\
ThreadCreationTime : 6-16-2004 4:12:27 PM
BasePriority : Normal
FileSize : 1716 KB
FileVersion : 2.20.40120.0
ProductVersion : 2.20.40120.0
Copyright : Copyright 2001-03 Kontiki, Inc.
CompanyName : Kontiki Inc.
FileDescription : Secure Delivery Plug-In
InternalName : khost.exe
OriginalFilename : khost.exe
ProductName : Secure Delivery Plug-In
Created on : 1/20/2004 4:45:00 PM
Last accessed : 6/16/2004 4:12:27 PM
Last modified : 1/20/2004 4:45:00 PM

#:21 [aim.exe]
FilePath : C:\Program Files\AIM95\
ThreadCreationTime : 6-16-2004 4:12:27 PM
BasePriority : Normal
FileSize : 60 KB
FileVersion : 5.5.3572
ProductVersion : 5.5.3572
Copyright : Copyright
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
OriginalFilename : AIM.EXE
ProductName : AOL Instant Messenger
Created on : 12/21/2003 6:35:12 PM
Last accessed : 6/16/2004 3:36:03 PM
Last modified : 2/4/2004 8:29:24 PM

#:22 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ThreadCreationTime : 6-16-2004 4:12:27 PM
BasePriority : Normal
FileSize : 1456 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright İ Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 4/15/2003 12:30:14 AM
Last accessed : 6/16/2004 4:12:28 PM
Last modified : 4/15/2003 12:30:14 AM

#:23 [wkcalrem.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ThreadCreationTime : 6-16-2004 4:12:34 PM
BasePriority : Normal
FileSize : 24 KB
FileVersion : 6.00.1911.0
ProductVersion : 6.00.1911.0
Copyright : Copyright
CompanyName : Microsoft
FileDescription : Microsoft
InternalName : WkCalRem
OriginalFilename : WKCALREM.EXE
ProductName : Microsoft
Created on : 8/7/2001 10:06:54 PM
Last accessed : 6/16/2004 4:12:35 PM
Last modified : 8/7/2001 10:06:54 PM

#:24 [wlanmonitor.exe]
FilePath : C:\Program Files\Belkin\Belkin Wireless USB Adapter Manager\
ThreadCreationTime : 6-16-2004 4:12:39 PM
BasePriority : Normal
FileSize : 120 KB
FileVersion : 3, 1, 3, 4
ProductVersion : 1, 0, 0, 0
Copyright : Copyright
FileDescription : Wireless LAN USB Utility
InternalName : WlanMonitor
OriginalFilename : WlanMonitor.exe
ProductName : Wireless LAN USB Utility
Created on : 10/4/2003 6:57:13 PM
Last accessed : 6/16/2004 4:12:45 PM
Last modified : 9/28/2001 10:18:18 PM

#:25 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 6-16-2004 4:13:35 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 6/12/2004 2:08:31 PM
Last accessed : 6/16/2004 4:13:39 PM
Last modified : 8/29/2002 10:41:26 AM

#:26 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 6-16-2004 4:13:54 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 4/10/2003 5:47:41 PM
Last accessed : 6/16/2004 4:13:54 PM
Last modified : 7/13/2003 2:00:20 AM

Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

WinFavorites Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : ({939438A9-CF0F-44d8-9140-599736F0D3A2})
Rootkey : HKEY_CLASSES_ROOT
Object : WMPPublsihCntr.WMPPublsihCntr


WinFavorites Object recognized!
Type : RegKey
Data :
Category : Malware
Comment : ({939438A9-CF0F-44d8-9140-599736F0D3A2})
Rootkey : HKEY_CLASSES_ROOT
Object : WMPPublsihCntr.WMPPublsihCntr.1


Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 2
Objects found so far: 2


Deep scanning and examining files (C:)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Tracking Cookie Object recognized!
Type : File
Data : .txt]alexa@cgi-bin[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Alexa.TT-ZTACMJ69FJQZ\Cookies\

Created on : 6/13/2004 10:19:18 PM
Last accessed : 6/16/2004 4:21:10 PM
Last modified : 6/13/2004 10:19:18 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]alexa@zedo[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Alexa.TT-ZTACMJ69FJQZ\Cookies\

Created on : 6/13/2004 10:15:17 PM
Last accessed : 6/16/2004 4:21:11 PM
Last modified : 6/13/2004 10:15:19 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@ads.specificpop[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/16/2004 2:58:46 AM
Last accessed : 6/16/2004 4:24:48 PM
Last modified : 6/16/2004 2:58:46 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@advertising[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/16/2004 3:48:02 PM
Last accessed : 6/16/2004 3:48:02 PM
Last modified : 6/16/2004 3:48:02 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@as-us.falkag[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 12:25:08 AM
Last accessed : 6/16/2004 4:24:48 PM
Last modified : 6/14/2004 12:25:08 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@atdmt[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 5:03:59 PM
Last accessed : 6/16/2004 4:24:48 PM
Last modified : 6/14/2004 5:03:59 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@bluestreak[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 12:25:08 AM
Last accessed : 6/16/2004 4:09:14 PM
Last modified : 6/16/2004 4:09:14 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@casalemedia[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/16/2004 12:46:10 AM
Last accessed : 6/16/2004 4:24:49 PM
Last modified : 6/16/2004 12:46:11 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@centrport[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/15/2004 9:34:41 PM
Last accessed : 6/16/2004 4:24:49 PM
Last modified : 6/15/2004 9:34:41 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@cgi-bin[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 2:13:26 AM
Last accessed : 6/16/2004 4:24:49 PM
Last modified : 6/14/2004 2:13:38 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@cgi-bin[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 2:13:26 AM
Last accessed : 6/16/2004 4:24:49 PM
Last modified : 6/14/2004 2:13:26 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@cgi-bin[3].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 10:24:02 PM
Last accessed : 6/16/2004 4:24:49 PM
Last modified : 6/14/2004 10:24:02 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@cgi-bin[5].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/16/2004 12:50:06 AM
Last accessed : 6/16/2004 4:24:49 PM
Last modified : 6/16/2004 12:50:06 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@doubleclick[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 5:06:44 PM
Last accessed : 6/16/2004 3:38:39 PM
Last modified : 6/14/2004 5:07:23 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@edge.ru4[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\
FileSize : 1 KB
Created on : 6/16/2004 4:18:24 PM
Last accessed : 6/16/2004 4:18:24 PM
Last modified : 6/16/2004 4:18:24 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@ehg-dig.hitbox[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\
FileSize : 1 KB
Created on : 6/16/2004 2:58:46 AM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/16/2004 2:58:57 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@ehg-gigex.hitbox[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/13/2004 11:54:46 PM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/13/2004 11:54:46 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@ehg-sonycomputer.hitbox[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/15/2004 9:04:31 PM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/15/2004 9:32:38 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@ehg-sonyny.hitbox[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/15/2004 9:04:23 PM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/15/2004 9:04:29 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@ehg-ubisoft.hitbox[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 12:43:29 AM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/14/2004 12:43:29 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@fastclick[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/16/2004 12:49:23 AM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/16/2004 12:53:30 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@gator[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/13/2004 11:55:47 PM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/16/2004 12:59:12 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@hg1.hitbox[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/15/2004 12:02:52 AM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/15/2004 12:04:30 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@hitbox[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/15/2004 12:01:36 AM
Last accessed : 6/16/2004 4:24:50 PM
Last modified : 6/16/2004 2:58:57 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@mediaplex[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 6:36:44 PM
Last accessed : 6/16/2004 4:24:51 PM
Last modified : 6/14/2004 6:36:44 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@qksrv[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 12:25:33 AM
Last accessed : 6/16/2004 4:24:52 PM
Last modified : 6/16/2004 12:53:28 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@questionmarket[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/15/2004 8:48:45 PM
Last accessed : 6/16/2004 4:24:52 PM
Last modified : 6/15/2004 9:37:21 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@realmedia[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/16/2004 2:23:38 PM
Last accessed : 6/16/2004 3:48:12 PM
Last modified : 6/16/2004 3:48:12 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@revenue[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 9:15:22 PM
Last accessed : 6/16/2004 4:24:52 PM
Last modified : 6/14/2004 9:15:22 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@servedby.advertising[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\
FileSize : 2 KB
Created on : 6/16/2004 1:03:00 PM
Last accessed : 6/16/2004 3:48:12 PM
Last modified : 6/16/2004 3:48:12 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@tmpad[1].txt
Category : Data Miner
Comment : www.searchtraffic.com
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 7:15:33 PM
Last accessed : 6/16/2004 3:48:02 PM
Last modified : 6/14/2004 7:15:33 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@trafficmp[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 7:15:33 PM
Last accessed : 6/16/2004 3:48:03 PM
Last modified : 6/16/2004 3:48:03 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@tribalfusion[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/13/2004 11:56:39 PM
Last accessed : 6/16/2004 4:24:53 PM
Last modified : 6/14/2004 12:25:07 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@tripod[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 9:31:41 PM
Last accessed : 6/16/2004 4:24:53 PM
Last modified : 6/14/2004 9:31:41 PM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@valueclick[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/16/2004 12:53:23 AM
Last accessed : 6/16/2004 4:24:53 PM
Last modified : 6/16/2004 12:53:28 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@z1.adserver[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/14/2004 6:42:59 PM
Last accessed : 6/16/2004 4:24:57 PM
Last modified : 6/16/2004 2:55:18 AM



Tracking Cookie Object recognized!
Type : File
Data : .txt]main@zedo[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\main\Cookies\

Created on : 6/16/2004 11:04:03 AM
Last accessed : 6/16/2004 4:24:57 PM
Last modified : 6/16/2004 11:04:03 AM



Disk scan result for C:\
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 39


Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Hosts file scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
1 entries scanned.
New objects :0
Objects found so far: 39




Performing conditional scans..
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Conditional scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 39


12:47:27 PM Scan complete

Summary of this scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Total scanning time :00:29:16:875
Objects scanned :264458
Objects identified :39
Objects ignored :0
New objects :39

#2 Garrett

Garrett

    Member

  • New Member
  • Pip
  • 4 posts

Posted 17 June 2004 - 04:27 PM

(Sorry if its against the rules to double post or anything, I just want to get this fixed A.S.A.P.)
HijackThis log:

Logfile of HijackThis v1.97.7
Scan saved at 5:25:10 PM, on 6/17/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Trial2\navapsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Norton Trial2\SAVScan.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Belkin\Belkin Wireless USB Adapter Manager\WlanMonitor.exe
C:\Program Files\Steam2\Steam.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\AIM95\aim.exe
C:\Documents and Settings\Garrett\My Documents\runescape.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh309190.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Trial2\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Trial2\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SysUpd] C:\WINDOWS\sysupd.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Red Swoosh EDN Client] C:\Program Files\RSNet\RSEDNClient.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\RunOnce: [LRPatch] "C:\DOCUME~1\main\LOCALS~1\Temp\LRPatch.exe" /RUN
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: USB Manager.lnk = C:\Program Files\Belkin\Belkin Wireless USB Adapter Manager\WlanMonitor.exe
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.v...od/install.html
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...ector/swdir.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yaho...s/yinst0401.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) - http://fdl.msn.com/p...13/invinstl.exe
O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} (shizmoo Class) - http://shizmoo.com/activex/web665.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://arcade.icq.co...dyssey_web8.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installen...gine/isetup.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterf...ds/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {AECD14A8-F662-11D1-A395-00805F535788} (Plotwon Control) - http://www.investors...ocx/plotwon.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {E123BED4-B8C7-42BB-958F-F13CA77EF95D} (Anark Client ActiveX Control) - http://install.anark...en/AMClient.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - http://www.wildtange...wave/wtinst.cab



#3 Garrett

Garrett

    Member

  • New Member
  • Pip
  • 4 posts

Posted 17 June 2004 - 08:13 PM

*Sigh* Bump...

#4 Garrett

Garrett

    Member

  • New Member
  • Pip
  • 4 posts

Posted 18 June 2004 - 06:42 AM

Anybody? Help?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button