|
|
|||||||
| Spyware Cleaning Section Closed!! |
| Notice: The spyware cleaning (HijackThis) section is closed. Wilders Security no longer provides one on one spyware cleaning assistance. Please see this announcement for a list of websites that provide such services. |
|
|
Thread Tools | Search this Thread |
|
#1
July 15th, 2004, 10:37 AM
|
|||
|
|||
[Solved]log file
Hi,
Please help me with this log file: Logfile of HijackThis v1.97.7 Scan saved at 15:22:23, on 15/07/2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 (6.00.2462.0000) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\NavNT\defwatch.exe C:\WINNT\System32\svchost.exe C:\WINNT\LogWatNT.exe C:\Program Files\NavNT\rtvscan.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\MsgSys.EXE C:\WINNT\Explorer.EXE C:\Program Files\NavNT\vptray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINNT\system32\internat.exe C:\Program Files\Yahoo!\Messenger\ypager.exe C:\Program Files\ICQ\ICQ.exe C:\Program Files\SA Dictionary 2002\Diction.exe C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe C:\Program Files\Opera\Opera.exe C:\DOCUME~1\RADOSL~1.AND\LOCALS~1\Temp\HijackThis.exe C:\WINNT\System32\MDM.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/ymsgr/...ch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cetis.ac.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cust...//my.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com O1 - Hosts: 66.98.178.19 06272002-dbase.hitcountz.net O1 - Hosts: 66.98.178.19 1ca.cqcounter.com O1 - Hosts: 66.98.178.19 2001-007.com O1 - Hosts: 66.98.178.19 ad-logics.com O1 - Hosts: 66.98.178.19 ad.trafficmp.com O1 - Hosts: 66.98.178.19 adclient.rottentomatoes.com O1 - Hosts: 66.98.178.19 adcounter.globeandmail.com O1 - Hosts: 66.98.178.19 adcounter.theglobeandmail.com O1 - Hosts: 66.98.178.19 adlog.com.com O1 - Hosts: 66.98.178.19 admanmail.com O1 - Hosts: 66.98.178.19 ads.specificpop.com O1 - Hosts: 66.98.178.19 adtech.de O1 - Hosts: 66.98.178.19 askmen.thruport.com O1 - Hosts: 66.98.178.19 banner.0catch.com O1 - Hosts: 66.98.178.19 bilbo.counted.com O1 - Hosts: 66.98.178.19 c1.statcounter.com O1 - Hosts: 66.98.178.19 c1.thecounter.com O1 - Hosts: 66.98.178.19 c2.gostats.com O1 - Hosts: 66.98.178.19 c2.thecounter.com O1 - Hosts: 66.98.178.19 c3.thecounter.com O1 - Hosts: 66.98.178.19 c3.xxxcounter.com O1 - Hosts: 66.98.178.19 cashcounter.com O1 - Hosts: 66.98.178.19 cgi.hotstat.nl O1 - Hosts: 66.98.178.19 clit6.sextracker.com O1 - Hosts: 66.98.178.19 clit8.sextracker.com O1 - Hosts: 66.98.178.19 cookies.cmpnet.com O1 - Hosts: 66.98.178.19 counter.aaddzz.com O1 - Hosts: 66.98.178.19 counter.bloke.com O1 - Hosts: 66.98.178.19 counter.hitslink.com O1 - Hosts: 66.98.178.19 counter.yadro.ru O1 - Hosts: 66.98.178.19 counter14.sextracker.com O1 - Hosts: 66.98.178.19 counter16.bravenet.com O1 - Hosts: 66.98.178.19 counter17.bravenet.com O1 - Hosts: 66.98.178.19 counter2.hitslink.com O1 - Hosts: 66.98.178.19 counter26.bravenet.com O1 - Hosts: 66.98.178.19 counter32.bravenet.com O1 - Hosts: 66.98.178.19 counter34.breavenet.com O1 - Hosts: 66.98.178.19 counter41.bravenet.com O1 - Hosts: 66.98.178.19 counter47.bravenet.com O1 - Hosts: 66.98.178.19 counter6.sextracker.com O1 - Hosts: 66.98.178.19 counter8.bravenet.com O1 - Hosts: 66.98.178.19 data.coremetrics.com O1 - Hosts: 66.98.178.19 delivery.loopingclick.com O1 - Hosts: 66.98.178.19 dwclick.com O1 - Hosts: 66.98.178.19 ebay.doubleclick.net O1 - Hosts: 66.98.178.19 ehg-amerix.hitbox.com O1 - Hosts: 66.98.178.19 ehg-bestbuy.hitbox.com O1 - Hosts: 66.98.178.19 ehg-crain.hitbox.com O1 - Hosts: 66.98.178.19 ehg-dig.hitbox.com O1 - Hosts: 66.98.178.19 ehg-eckounlimited.hitbox.com O1 - Hosts: 66.98.178.19 ehg-espn.hitbox.com O1 - Hosts: 66.98.178.19 ehg-idg.hitbox.com O1 - Hosts: 66.98.178.19 ehg-liveperson.hitbox.com O1 - Hosts: 66.98.178.19 ehg-oreilley.hitbox.com O1 - Hosts: 66.98.178.19 ehg-space.hitbox.com O1 - Hosts: 66.98.178.19 ehg-sportsline.hitbox.com O1 - Hosts: 66.98.178.19 ehg-techtarget.hitbox.com O1 - Hosts: 66.98.178.19 ehg-tigerdirect.hitbox.com O1 - Hosts: 66.98.178.19 ehg-uniontrib.hitbox.com O1 - Hosts: 66.98.178.19 ehg-viacom.hitbox.com O1 - Hosts: 66.98.178.19 ehg.commjun.hitbox.com O1 - Hosts: 66.98.178.19 ehg.hitbox.com O1 - Hosts: 66.98.178.19 fastclick.net O1 - Hosts: 66.98.178.19 fcstats.bcentral.com O1 - Hosts: 66.98.178.19 flycast.com O1 - Hosts: 66.98.178.19 g-wizzads.net O1 - Hosts: 66.98.178.19 gostats.com O1 - Hosts: 66.98.178.19 gtcc1.acecounter.com O1 - Hosts: 66.98.178.19 hc2.humanclick.com O1 - Hosts: 66.98.178.19 hit2.hotlog.ru O1 - Hosts: 66.98.178.19 hit37.chark.dk O1 - Hosts: 66.98.178.19 hitbox.com O1 - Hosts: 66.98.178.19 hits.webstat.com O1 - Hosts: 66.98.178.19 images.dailydiscounts.com O1 - Hosts: 66.98.178.19 imp.clickability.com O1 - Hosts: 66.98.178.19 impacts.alliancehub.com O1 - Hosts: 66.98.178.19 insightfirst.com O1 - Hosts: 66.98.178.19 int.sitestat.com O1 - Hosts: 66.98.178.19 jkearns.freestats.com O1 - Hosts: 66.98.178.19 linktrack.bravenet.com O1 - Hosts: 66.98.178.19 logs.comics.com O1 - Hosts: 66.98.178.19 m1.nedstatbasic.net O1 - Hosts: 66.98.178.19 media101.sitebrand.com O1 - Hosts: 66.98.178.19 mediatrack.revenue.net O1 - Hosts: 66.98.178.19 mt122.mtree.com O1 - Hosts: 66.98.178.19 nedstat.s0.nl O1 - Hosts: 66.98.178.19 nl.sitestat.com O1 - Hosts: 66.98.178.19 partner.alerts.aol.com O1 - Hosts: 66.98.178.19 paxito.sitetracker.com O1 - Hosts: 66.98.178.19 perso.estat.com O1 - Hosts: 66.98.178.19 pmg.ad-logics.com O1 - Hosts: 66.98.178.19 postclick.adcentriconline.com O1 - Hosts: 66.98.178.19 prof.estat.com O1 - Hosts: 66.98.178.19 s10.sitemeter.com O1 - Hosts: 66.98.178.19 s11.sitemeter.com O1 - Hosts: 66.98.178.19 s12.sitemeter.com O1 - Hosts: 66.98.178.19 s13.sitemeter.com O1 - Hosts: 66.98.178.19 s14.sitemeter.com O1 - Hosts: 66.98.178.19 s15.sitemeter.com O1 - Hosts: 66.98.178.19 s16.sitemeter.com O1 - Hosts: 66.98.178.19 s2.statcounter.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: (no name) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - C:\WINNT\Downloaded Program Files\SbCIe028.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\NDetect.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AutoUpdater] C:\PROGRA~1\AUTOUP~1\AUTOUP~1.EXE O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon.exe -AutoStart O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [Cydoor] CD_Load.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\ICQ.exe -trayboot O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Shortcut to mapp.lnk = C:\mapp.bat O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm O8 - Extra context menu item: Edit with &XML Spy - C:\Program Files\Altova\xmlspy\spy.htm O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: SideStep (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: ICQ Pro (HKLM) O9 - Extra 'Tools' menuitem: ICQ (HKLM) O9 - Extra button: Contacts (HKLM) O9 - Extra button: FlashGet (HKLM) O9 - Extra 'Tools' menuitem: &FlashGet (HKLM) O9 - Extra button: Edit with XML Spy (HKCU) O9 - Extra 'Tools' menuitem: Edit with XML Spy (HKCU) O9 - Extra button: NeoTrace It! (HKCU) O10 - Broken Internet access because of LSP provider 'c:\winnt\system32\nutafun4.dll' missing O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: Dialpad Webphone - https://www.dialpad.com/md/update/cham.cab O16 - DPF: Microsoft WFC Forms Designer - file://\\INTEL_COMM\INSTALLS\VJ6\VJ98\wfcforms.cab O16 - DPF: Visual Studio 6 Extensibility Libraries - file://\\INTEL_COMM\INSTALLS\VJ6\VJ98\vstudio6.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {0348CD18-6EFE-415B-AF32-58F08FA29B33} (WCSAXrview Control) - http://136.201.154.197/wcsarview.cab O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://digitalid.verisign.com/xenroll.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k42037/sb028.cab O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} (IEAnimBehaviorFactory Class) - http://download.microsoft.com/downlo...-US/msorun.cab O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/co...20/SassCln.CAB O16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} - http://webpdp.gator.com/v3/download/...tdmgainads.cab O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/crack.CAB |
|
#2
July 15th, 2004, 04:13 PM
|
||||
|
||||
|
Re: log file
Hi rado
Pls. save your HijackThis in its OWN folder ! Check the following items in HijackThis. Close all windows except HijackThis and click "Fix checked": R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cus...://my.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cus...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com O1 - Hosts: 66.98.178.19 06272002-dbase.hitcountz.net O1 - Hosts: 66.98.178.19 1ca.cqcounter.com O1 - Hosts: 66.98.178.19 2001-007.com O1 - Hosts: 66.98.178.19 ad-logics.com O1 - Hosts: 66.98.178.19 ad.trafficmp.com O1 - Hosts: 66.98.178.19 adclient.rottentomatoes.com O1 - Hosts: 66.98.178.19 adcounter.globeandmail.com O1 - Hosts: 66.98.178.19 adcounter.theglobeandmail.com O1 - Hosts: 66.98.178.19 adlog.com.com O1 - Hosts: 66.98.178.19 admanmail.com O1 - Hosts: 66.98.178.19 ads.specificpop.com O1 - Hosts: 66.98.178.19 adtech.de O1 - Hosts: 66.98.178.19 askmen.thruport.com O1 - Hosts: 66.98.178.19 banner.0catch.com O1 - Hosts: 66.98.178.19 bilbo.counted.com O1 - Hosts: 66.98.178.19 c1.statcounter.com O1 - Hosts: 66.98.178.19 c1.thecounter.com O1 - Hosts: 66.98.178.19 c2.gostats.com O1 - Hosts: 66.98.178.19 c2.thecounter.com O1 - Hosts: 66.98.178.19 c3.thecounter.com O1 - Hosts: 66.98.178.19 c3.xxxcounter.com O1 - Hosts: 66.98.178.19 cashcounter.com O1 - Hosts: 66.98.178.19 cgi.hotstat.nl O1 - Hosts: 66.98.178.19 clit6.sextracker.com O1 - Hosts: 66.98.178.19 clit8.sextracker.com O1 - Hosts: 66.98.178.19 cookies.cmpnet.com O1 - Hosts: 66.98.178.19 counter.aaddzz.com O1 - Hosts: 66.98.178.19 counter.bloke.com O1 - Hosts: 66.98.178.19 counter.hitslink.com O1 - Hosts: 66.98.178.19 counter.yadro.ru O1 - Hosts: 66.98.178.19 counter14.sextracker.com O1 - Hosts: 66.98.178.19 counter16.bravenet.com O1 - Hosts: 66.98.178.19 counter17.bravenet.com O1 - Hosts: 66.98.178.19 counter2.hitslink.com O1 - Hosts: 66.98.178.19 counter26.bravenet.com O1 - Hosts: 66.98.178.19 counter32.bravenet.com O1 - Hosts: 66.98.178.19 counter34.breavenet.com O1 - Hosts: 66.98.178.19 counter41.bravenet.com O1 - Hosts: 66.98.178.19 counter47.bravenet.com O1 - Hosts: 66.98.178.19 counter6.sextracker.com O1 - Hosts: 66.98.178.19 counter8.bravenet.com O1 - Hosts: 66.98.178.19 data.coremetrics.com O1 - Hosts: 66.98.178.19 delivery.loopingclick.com O1 - Hosts: 66.98.178.19 dwclick.com O1 - Hosts: 66.98.178.19 ebay.doubleclick.net O1 - Hosts: 66.98.178.19 ehg-amerix.hitbox.com O1 - Hosts: 66.98.178.19 ehg-bestbuy.hitbox.com O1 - Hosts: 66.98.178.19 ehg-crain.hitbox.com O1 - Hosts: 66.98.178.19 ehg-dig.hitbox.com O1 - Hosts: 66.98.178.19 ehg-eckounlimited.hitbox.com O1 - Hosts: 66.98.178.19 ehg-espn.hitbox.com O1 - Hosts: 66.98.178.19 ehg-idg.hitbox.com O1 - Hosts: 66.98.178.19 ehg-liveperson.hitbox.com O1 - Hosts: 66.98.178.19 ehg-oreilley.hitbox.com O1 - Hosts: 66.98.178.19 ehg-space.hitbox.com O1 - Hosts: 66.98.178.19 ehg-sportsline.hitbox.com O1 - Hosts: 66.98.178.19 ehg-techtarget.hitbox.com O1 - Hosts: 66.98.178.19 ehg-tigerdirect.hitbox.com O1 - Hosts: 66.98.178.19 ehg-uniontrib.hitbox.com O1 - Hosts: 66.98.178.19 ehg-viacom.hitbox.com O1 - Hosts: 66.98.178.19 ehg.commjun.hitbox.com O1 - Hosts: 66.98.178.19 ehg.hitbox.com O1 - Hosts: 66.98.178.19 fastclick.net O1 - Hosts: 66.98.178.19 fcstats.bcentral.com O1 - Hosts: 66.98.178.19 flycast.com O1 - Hosts: 66.98.178.19 g-wizzads.net O1 - Hosts: 66.98.178.19 gostats.com O1 - Hosts: 66.98.178.19 gtcc1.acecounter.com O1 - Hosts: 66.98.178.19 hc2.humanclick.com O1 - Hosts: 66.98.178.19 hit2.hotlog.ru O1 - Hosts: 66.98.178.19 hit37.chark.dk O1 - Hosts: 66.98.178.19 hitbox.com O1 - Hosts: 66.98.178.19 hits.webstat.com O1 - Hosts: 66.98.178.19 images.dailydiscounts.com O1 - Hosts: 66.98.178.19 imp.clickability.com O1 - Hosts: 66.98.178.19 impacts.alliancehub.com O1 - Hosts: 66.98.178.19 insightfirst.com O1 - Hosts: 66.98.178.19 int.sitestat.com O1 - Hosts: 66.98.178.19 jkearns.freestats.com O1 - Hosts: 66.98.178.19 linktrack.bravenet.com O1 - Hosts: 66.98.178.19 logs.comics.com O1 - Hosts: 66.98.178.19 m1.nedstatbasic.net O1 - Hosts: 66.98.178.19 media101.sitebrand.com O1 - Hosts: 66.98.178.19 mediatrack.revenue.net O1 - Hosts: 66.98.178.19 mt122.mtree.com O1 - Hosts: 66.98.178.19 nedstat.s0.nl O1 - Hosts: 66.98.178.19 nl.sitestat.com O1 - Hosts: 66.98.178.19 partner.alerts.aol.com O1 - Hosts: 66.98.178.19 paxito.sitetracker.com O1 - Hosts: 66.98.178.19 perso.estat.com O1 - Hosts: 66.98.178.19 pmg.ad-logics.com O1 - Hosts: 66.98.178.19 postclick.adcentriconline.com O1 - Hosts: 66.98.178.19 prof.estat.com O1 - Hosts: 66.98.178.19 s10.sitemeter.com O1 - Hosts: 66.98.178.19 s11.sitemeter.com O1 - Hosts: 66.98.178.19 s12.sitemeter.com O1 - Hosts: 66.98.178.19 s13.sitemeter.com O1 - Hosts: 66.98.178.19 s14.sitemeter.com O1 - Hosts: 66.98.178.19 s15.sitemeter.com O1 - Hosts: 66.98.178.19 s16.sitemeter.com O1 - Hosts: 66.98.178.19 s2.statcounter.com O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - C:\WINNT\Downloaded Program Files\SbCIe028.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot <--------optional O4 - HKLM\..\Run: [AutoUpdater] C:\PROGRA~1\AUTOUP~1\AUTOUP~1.EXE O4 - HKCU\..\Run: [Cydoor] CD_Load.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE <--------optional O16 - DPF: {0348CD18-6EFE-415B-AF32-58F08FA29B33} (WCSAXrview Control) - http://136.201.154.197/wcsarview.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe O16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} - http://webpdp.gator.com/v3/download...ptdmgainads.cab O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/crack.CAB Make sure you can view hidden and system files: Instructions here Then Boot to safe mode: Instructions here Delete the following folder IF still present: C:\PROGRA~1\AUTOUP~1 Then reboot and use AdAware as described : HERE Spybot S&D The download for Spybot S&D is available here: http://www.computercops.biz/downloads-file-108.html Install by double-clicking on the downloaded file. Run Spybot S&D from desktop icon or Start menu. Press "Search for updates" button to get list of updates available. Press "Download updates" button. Close all IE windows and close & restart Spybot S&D. Press "Check for problems" button. Have SpyBot remove all it marks in red by pressing "Fix selected problems". Close Spybot S&D, reboot your system . Then browse to the C:\documents and settings\\User Name (repeat for all users)\local settings\temp folder and delete all files and folders in it. Then browse to the C:\Windows\Temp folder and delete all files in it. Then in internet explore click tools>internet Options>General. Click on Delete Files make sure you get all offline content as well. Problems gone? |
|
#3
July 16th, 2004, 10:20 AM
|
|||
|
|||
|
Re: log file
Thank you, Marianna.
I did what you advised me and it seems that I don't get anymore trouble with yumhee.com lookup. I will wait and see in the near future if my Internet connection will crash so often as it's been doing recently. Many Thanks! |
|
#4
July 16th, 2004, 12:04 PM
|
||||
|
||||
|
Re: log file
Hi rado
Great Job and thanks for your feedback ! Also here is an excellent source for tips to tighten security. Follow the advice and get the free downloads to help avoid some of these problems in the future. Happy Safe Computing ! |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
