Very Annoying problem plz HELP!! (new member)

Discussion in 'adware, spyware & hijack cleaning' started by roger_a320, Jun 19, 2004.

Thread Status:
Not open for further replies.
  1. roger_a320

    roger_a320 Registered Member

    Joined:
    Jun 19, 2004
    Posts:
    7
    I'm a new member to this forum, i hope someone can help me with a problem i'm having. My computer keeps trying to connect to the internet without me telling it to do so (very very often), a diologue box appears saying the page i request cannot be viewed offline and that i should connect in order to see it. Of course i didn't 'request' any web page, and when i do click "connect" no page appears it simply connects. Another problem i'm having which i think is related to the above is an annoying fluttering of the window i might be using, for example say i'm typing, (it's happening now. very annoying by the way) my browser window, or any other window for that matter, keeps falling into the background then coming back to the foreground it is annoying because say i want to type: "Hello" it flutters after i type the H so that what you see is: "Hllo"
    Please give me some advice or ideas as to what could be causing this (how can i find out) and how to stop it! Thank you.







    I moved your post to where it will get the attention it needs==bigc Roger please post your replies in this forum/hijack cleaning thank you ==bigc
     
    Last edited by a moderator: Jun 19, 2004
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
  3. roger_a320

    roger_a320 Registered Member

    Joined:
    Jun 19, 2004
    Posts:
    7
    Here's the HJT log bigc73542!

    I'm a new member to this forum, i hope someone can help me with a problem i'm having. My computer keeps trying to connect to the internet without me telling it to do so (very very often), a diologue box appears saying the page i request cannot be viewed offline and that i should connect in order to see it. Of course i didn't 'request' any web page, and when i do click "connect" no page appears it simply connects. Another problem i'm having which i think is related to the above is an annoying fluttering of the window i might be using, for example say i'm typing, (it's happening now. very annoying by the way) my browser window, or any other window for that matter, keeps falling into the background then coming back to the foreground it is annoying because say i want to type: "Hello" it flutters after i type the H so that what you see is: "Hllo"
    Please give me some advice or ideas as to what could be causing this (how can i find out) and how to stop it! Thank you.

    I used Adaware to scan.

    See https://www.wilderssecurity.com/showthread.php?t=37144

    Below is the HJT log


    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :Saturday, June 19, 2004 08:20:48 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R321 19.06.2004
    ______________________________________________________

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry


    19-06-2004 08:20:48 PM - Scan started. (Custom mode)


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    BonziBuddy Object recognized!
    Type : File
    Data : bbsetuplnd.exe
    Object : C:\Downloads\
    FileSize : 138 KB
    Created on : 09/02/2004 03:05:54 AM
    Last accessed : 20/06/2004 01:29:34 AM
    Last modified : 09/02/2004 03:05:54 AM



    BonziBuddy Object recognized!
    Type : File
    Data : bbsmartstubfal.exe
    Object : C:\Program Files\BonziBUDDY\
    FileSize : 139 KB
    Created on : 09/02/2004 03:06:22 AM
    Last accessed : 20/06/2004 02:24:57 AM
    Last modified : 09/02/2004 03:07:43 AM



    BonziBuddy Object recognized!
    Type : File
    Data : bbuddymini.exe
    Object : C:\Program Files\BonziBUDDY\
    FileSize : 184 KB
    Created on : 09/02/2004 03:18:24 AM
    Last accessed : 20/06/2004 02:24:57 AM
    Last modified : 28/06/2002 06:19:32 PM



    BonziBuddy Object recognized!
    Type : File
    Data : bonzibuddyuninstall.exe
    Object : C:\Program Files\BonziBUDDY\
    FileSize : 16 KB
    FileVersion : 1.00
    ProductVersion : 1.00
    CompanyName : BONZI Software
    InternalName : BonziBUDDYUninstall
    OriginalFilename : BonziBUDDYUninstall.exe
    ProductName : BonziBUDDYUninstall
    Created on : 09/02/2004 05:00:29 AM
    Last accessed : 20/06/2004 02:24:57 AM
    Last modified : 28/06/2002 06:16:50 PM



    BonziBuddy Object recognized!
    Type : File
    Data : bonzictb.dll
    Object : C:\Program Files\BonziBUDDY\
    FileSize : 28 KB
    FileVersion : 1.00
    ProductVersion : 1.00
    CompanyName : BONZI Software
    InternalName : BonziCTB
    OriginalFilename : BonziCTB.dll
    ProductName : BonziCTBHelper
    Created on : 09/02/2004 04:59:37 AM
    Last accessed : 20/06/2004 02:24:57 AM
    Last modified : 23/04/2002 03:30:10 PM



    Lop Object recognized!
    Type : File
    Data : setup.exe
    Object : C:\Program Files\C2Media\
    FileSize : 7 KB
    Created on : 05/06/2004 03:53:20 AM
    Last accessed : 20/06/2004 02:24:58 AM
    Last modified : 14/06/2004 02:03:05 AM



    CometSystems Object recognized!
    Type : File
    Data : cssecure.dll
    Object : C:\Program Files\Comet Systems\DM\bin\
    FileSize : 56 KB
    FileVersion : 1, 1, 210, 58
    ProductVersion : 1, 1, 210, 58
    Copyright : Copyright 2003
    CompanyName : Comet Systems, Inc
    FileDescription : CSSecurity Module
    InternalName : CSSecurity
    OriginalFilename : CSSecurity.DLL
    ProductName : CSSecurity Module
    Created on : 19/06/2004 05:11:01 AM
    Last accessed : 20/06/2004 02:24:58 AM
    Last modified : 06/02/2004 12:32:32 AM



    CometSystems Object recognized!
    Type : File
    Data : dmproxy.dll
    Object : C:\Program Files\Comet Systems\DM\bin\
    FileSize : 99 KB
    FileVersion : 1, 2, 263, 146
    ProductVersion : 1.0.0.1
    Copyright : Copyright 2003
    CompanyName : Comet Systems, Inc
    FileDescription : ActiveX control for Download Manager
    InternalName : DMProxy.dll
    OriginalFilename : DMProxy.dll
    ProductName : Download Manager
    Created on : 19/06/2004 05:11:01 AM
    Last accessed : 20/06/2004 02:24:58 AM
    Last modified : 06/02/2004 12:32:38 AM



    CometSystems Object recognized!
    Type : File
    Data : dmserver.exe
    Object : C:\Program Files\Comet Systems\DM\bin\
    FileSize : 159 KB
    FileVersion : 1, 2, 263, 224
    ProductVersion : 1.0.0.1
    Copyright : Copyright 2003
    CompanyName : Comet Systems, Inc
    FileDescription : Download Manager implementation
    InternalName : DMServer.exe
    OriginalFilename : DMServer.exe
    ProductName : Download Manager
    Created on : 19/06/2004 05:11:01 AM
    Last accessed : 20/06/2004 02:01:52 AM
    Last modified : 06/02/2004 12:32:36 AM



    CometSystems Object recognized!
    Type : File
    Data : csbho.dll
    Object : C:\Program Files\Comet Systems\Platform\Bin\
    FileSize : 31 KB
    FileVersion : 5, 0, 181, 221
    ProductVersion : 5, 0, 181, 221
    Copyright : Copyright 1999
    CompanyName : Comet Systems, Inc
    FileDescription : BHO Module (Internal build)
    InternalName : BHO
    OriginalFilename : BHO.DLL
    ProductName : BHO Module
    Created on : 12/05/2004 02:56:39 AM
    Last accessed : 20/06/2004 02:24:59 AM
    Last modified : 09/04/2004 10:14:22 PM



    TopMoxie Object recognized!
    Type : File
    Data : webrebates.exe
    Object : C:\Program Files\WebRebates\
    FileSize : 44 KB
    Created on : 15/09/2003 11:38:32 PM
    Last accessed : 20/06/2004 02:26:14 AM
    Last modified : 15/09/2003 11:38:32 PM



    SahAgent Object recognized!
    Type : File
    Data : 00048703.dll
    Object : C:\RECYCLER\NPROTECT\
    FileSize : 52 KB
    FileVersion : 1, 1, 1, 19
    ProductVersion : 1, 1, 1, 19
    Copyright : Copyright
    CompanyName : ITForum
    FileDescription : LSP
    InternalName : LSP
    OriginalFilename : LSP.DLL
    ProductName : ITForum LSP
    Created on : 10/01/2004 06:00:01 AM
    Last accessed : 20/06/2004 02:26:41 AM
    Last modified : 09/10/2003 11:58:12 AM



    SahAgent Object recognized!
    Type : File
    Data : 00048704.exe
    Object : C:\RECYCLER\NPROTECT\
    FileSize : 232 KB
    FileVersion : 1, 1, 1, 33
    ProductVersion : 1, 1, 1, 33
    Copyright : Copyright
    CompanyName : ITForum
    FileDescription : SahAgent
    InternalName : SahAgent
    OriginalFilename : SahAgent.exe
    ProductName : ITForum SahAgent
    Created on : 10/01/2004 06:00:02 AM
    Last accessed : 20/06/2004 02:26:42 AM
    Last modified : 13/10/2003 11:50:16 AM



    SahAgent Object recognized!
    Type : File
    Data : 00048705.exe
    Object : C:\RECYCLER\NPROTECT\
    FileSize : 56 KB
    FileVersion : 1, 1, 1, 17
    ProductVersion : 1, 1, 1, 17
    Copyright : Copyright
    CompanyName : ITForum
    FileDescription : SahDownloader
    InternalName : SahDownloader
    OriginalFilename : SahDownloader.exe
    ProductName : ITForum SahDownloader
    Created on : 10/01/2004 06:00:02 AM
    Last accessed : 20/06/2004 02:26:42 AM
    Last modified : 10/07/2003 11:16:38 AM



    SahAgent Object recognized!
    Type : File
    Data : 00048710.exe
    Object : C:\RECYCLER\NPROTECT\
    FileSize : 68 KB
    FileVersion : 1, 1, 1, 18
    ProductVersion : 1, 1, 1, 18
    Copyright : Copyright
    FileDescription : SAHUninstall
    InternalName : SAHUninstall
    OriginalFilename : SAHUninstall.dll
    ProductName : - SAHUninstall
    Created on : 10/01/2004 06:00:02 AM
    Last accessed : 20/06/2004 02:26:42 AM
    Last modified : 08/10/2003 02:21:56 PM



    SahAgent Object recognized!
    Type : File
    Data : 00048712.exe
    Object : C:\RECYCLER\NPROTECT\
    FileSize : 76 KB
    FileVersion : 1, 1, 1, 5
    ProductVersion : 1, 1, 1, 5
    Copyright : Copyright
    CompanyName : VGroup
    FileDescription : Html
    InternalName : Html
    OriginalFilename : Html.exe
    ProductName : VGroup Html
    Created on : 10/01/2004 06:00:02 AM
    Last accessed : 20/06/2004 02:26:42 AM
    Last modified : 09/10/2003 08:40:34 AM



    SahAgent Object recognized!
    Type : File
    Data : 00048713.exe
    Object : C:\RECYCLER\NPROTECT\
    FileSize : 76 KB
    FileVersion : 1, 1, 1, 5
    ProductVersion : 1, 1, 1, 5
    Copyright : Copyright
    CompanyName : VGroup
    FileDescription : Html
    InternalName : Html
    OriginalFilename : Html.exe
    ProductName : VGroup Html
    Created on : 10/01/2004 06:00:05 AM
    Last accessed : 20/06/2004 02:26:42 AM
    Last modified : 09/10/2003 08:40:34 AM



    SahAgent Object recognized!
    Type : File
    Data : 00048719.dll
    Object : C:\RECYCLER\NPROTECT\
    FileSize : 52 KB
    FileVersion : 1, 1, 1, 19
    ProductVersion : 1, 1, 1, 19
    Copyright : Copyright
    CompanyName : ITForum
    FileDescription : LSP
    InternalName : LSP
    OriginalFilename : LSP.DLL
    ProductName : ITForum LSP
    Created on : 10/01/2004 06:00:04 AM
    Last accessed : 20/06/2004 02:26:42 AM
    Last modified : 09/10/2003 11:58:12 AM



    SahAgent Object recognized!
    Type : File
    Data : 00048720.exe
    Object : C:\RECYCLER\NPROTECT\
    FileSize : 56 KB
    FileVersion : 1, 1, 1, 17
    ProductVersion : 1, 1, 1, 17
    Copyright : Copyright
    CompanyName : ITForum
    FileDescription : SahDownloader
    InternalName : SahDownloader
    OriginalFilename : SahDownloader.exe
    ProductName : ITForum SahDownloader
    Created on : 10/01/2004 06:00:05 AM
    Last accessed : 20/06/2004 02:26:42 AM
    Last modified : 10/07/2003 11:16:38 AM



    AdLogix Object recognized!
    Type : File
    Data : test.ocx
    Object : C:\WINDOWS\Downloaded Program Files\
    FileSize : 22 KB
    FileVersion : 1.00
    ProductVersion : 1.00
    CompanyName : download
    InternalName : test
    OriginalFilename : test.ocx
    ProductName : Project1
    Created on : 01/11/2003 06:15:18 AM
    Last accessed : 20/06/2004 02:27:19 AM
    Last modified : 01/11/2003 06:15:18 AM



    DyFuCA Object recognized!
    Type : File
    Data : unidist.ocx
    Object : C:\WINDOWS\Downloaded Program Files\
    FileSize : 36 KB
    FileVersion : 1, 0, 0, 7
    ProductVersion : 1, 0, 0, 7
    Copyright : Copyright (C) 2003
    CompanyName : AMNV
    FileDescription : UniDist ActiveX Control Module
    InternalName : UniDist
    OriginalFilename : UniDist.OCX
    ProductName : UniDist ActiveX Control Module
    Created on : 08/08/2003 12:03:32 AM
    Last accessed : 20/06/2004 02:27:19 AM
    Last modified : 08/08/2003 12:03:32 AM



    BonziBuddy Object recognized!
    Type : File
    Data : short.acs
    Object : C:\WINDOWS\msagent\chars\
    FileSize : 466 KB
    Created on : 09/02/2004 03:18:44 AM
    Last accessed : 20/06/2004 02:27:44 AM
    Last modified : 17/11/2000 06:53:58 PM



    VX2.BetterInternet Object recognized!
    Type : File
    Data : bih.exe
    Object : C:\WINDOWS\system32\
    FileSize : 132 KB
    Created on : 10/01/2004 05:57:34 AM
    Last accessed : 20/06/2004 02:29:08 AM
    Last modified : 10/01/2004 05:57:34 AM



    BonziBuddy Object recognized!
    Type : File
    Data : bonzitapfilters.dll
    Object : C:\WINDOWS\system32\
    FileSize : 180 KB
    FileVersion : 2.00
    ProductVersion : 2.00
    CompanyName : BONZI Software
    InternalName : BonziTapFilters
    OriginalFilename : BonziTapFilters.dll
    ProductName : BonziTapFilters
    Created on : 09/02/2004 03:23:21 AM
    Last accessed : 20/06/2004 02:29:08 AM
    Last modified : 04/06/2003 10:10:10 PM



    SahAgent Object recognized!
    Type : File
    Data : c36bhs.dll
    Object : C:\WINDOWS\system32\
    FileSize : 212 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright 2001
    FileDescription : exe_in_dll Module
    InternalName : exe_in_dll
    OriginalFilename : exe_in_dll.DLL
    ProductName : exe_in_dll Module
    Created on : 10/01/2004 01:48:31 AM
    Last accessed : 20/06/2004 02:29:09 AM
    Last modified : 10/01/2004 05:57:33 AM



    Cydoor Object recognized!
    Type : File
    Data : cd_clint.dll
    Object : C:\WINDOWS\system32\
    FileSize : 151 KB
    FileVersion : 3, 2, 1, 0
    ProductVersion : 3, 2, 1, 0
    Copyright : Copyright (C) Cydoor Technologies, Inc. 1999-2001
    CompanyName : Cydoor Technologies, Inc.
    FileDescription : Cydoor Technologies ad-system
    InternalName : CD_Clint.dll
    OriginalFilename : CD_Clint.dll
    ProductName : Cydoor Technologies ad-system
    Created on : 23/01/2004 06:56:19 PM
    Last accessed : 20/06/2004 02:29:09 AM
    Last modified : 23/01/2004 06:56:19 PM



    VX2.BetterInternet Object recognized!
    Type : File
    Data : ddm3dia.dll
    Object : C:\WINDOWS\system32\
    FileSize : 111 KB
    FileVersion : 2, 0, 0, 1
    ProductVersion : 2, 0, 0, 1
    FileDescription : Windows Help 4 Smart Browsing
    Created on : 10/01/2004 01:39:34 AM
    Last accessed : 20/06/2004 02:29:12 AM
    Last modified : 10/01/2004 01:39:34 AM



    BonziBuddy Object recognized!
    Type : File
    Data : iehelpermiddleman.dll
    Object : C:\WINDOWS\system32\
    FileSize : 32 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright (C) 2000
    FileDescription : IEHelperMiddleMan DLL
    InternalName : IEHelperMiddleMan
    OriginalFilename : IEHelperMiddleMan.DLL
    ProductName : IEHelperMiddleMan Dynamic Link Library
    Created on : 09/02/2004 03:26:25 AM
    Last accessed : 20/06/2004 02:29:18 AM
    Last modified : 25/02/2000 06:40:08 PM



    Favoriteman Object recognized!
    Type : File
    Data : im64.dll
    Object : C:\WINDOWS\system32\

    Created on : 10/01/2004 01:48:30 AM
    Last accessed : 20/06/2004 02:29:18 AM
    Last modified : 16/01/2004 09:36:40 PM



    NetPal Object recognized!
    Type : File
    Data : n3tpa1.dll
    Object : C:\WINDOWS\system32\
    FileSize : 66 KB
    FileVersion : 2, 0, 0, 1
    ProductVersion : 2, 0, 0, 1
    Copyright : Copyright 2002
    CompanyName : Netpalnow.com
    FileDescription : Netpal Module
    InternalName : Netpal
    OriginalFilename : netpal.DLL
    ProductName : netpal Module
    Created on : 10/01/2004 01:39:36 AM
    Last accessed : 20/06/2004 02:21:10 AM
    Last modified : 10/01/2004 01:39:36 AM



    SahAgent Object recognized!
    Type : File
    Data : sahagent1007.exe
    Object : C:\WINDOWS\system32\
    FileSize : 72 KB
    Created on : 10/01/2004 05:57:45 AM
    Last accessed : 20/06/2004 02:29:35 AM
    Last modified : 10/01/2004 05:57:45 AM



    Disk scan result for C:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 31

    08:29:55 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:09:05:845
    Objects scanned :128958
    Objects identified :31
    Objects ignored :0
    New objects :31
     
  4. roger_a320

    roger_a320 Registered Member

    Joined:
    Jun 19, 2004
    Posts:
    7
    Re: Here's the HJT log bigc73542!

    I think the above is wrong the log is:


    Logfile of HijackThis v1.97.7
    Scan saved at 09:17:33 PM, on 19/06/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\WINDOWS\system32\ssoftsrv.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\Integrator.exe
    C:\WINDOWS\System.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Downloads\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rotateapage.com/rotator/trafficrotator.php?ref=earningatlast
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.rotateapage.com/rotator/trafficrotator.php?ref=earningatlast
    O1 - Hosts: 66.98.178.19 06272002-dbase.hitcountz.net
    O1 - Hosts: 66.98.178.19 1ca.cqcounter.com
    O1 - Hosts: 66.98.178.19 2001-007.com
    O1 - Hosts: 66.98.178.19 ad-logics.com
    O1 - Hosts: 66.98.178.19 ad.trafficmp.com
    O1 - Hosts: 66.98.178.19 adclient.rottentomatoes.com
    O1 - Hosts: 66.98.178.19 adcounter.globeandmail.com
    O1 - Hosts: 66.98.178.19 adcounter.theglobeandmail.com
    O1 - Hosts: 66.98.178.19 adlog.com.com
    O1 - Hosts: 66.98.178.19 admanmail.com
    O1 - Hosts: 66.98.178.19 ads.specificpop.com
    O1 - Hosts: 66.98.178.19 adtech.de
    O1 - Hosts: 66.98.178.19 askmen.thruport.com
    O1 - Hosts: 66.98.178.19 banner.0catch.com
    O1 - Hosts: 66.98.178.19 bilbo.counted.com
    O1 - Hosts: 66.98.178.19 c1.statcounter.com
    O1 - Hosts: 66.98.178.19 c1.thecounter.com
    O1 - Hosts: 66.98.178.19 c2.gostats.com
    O1 - Hosts: 66.98.178.19 c2.thecounter.com
    O1 - Hosts: 66.98.178.19 c3.thecounter.com
    O1 - Hosts: 66.98.178.19 c3.xxxcounter.com
    O1 - Hosts: 66.98.178.19 cashcounter.com
    O1 - Hosts: 66.98.178.19 cgi.hotstat.nl
    O1 - Hosts: 66.98.178.19 clit6.sextracker.com
    O1 - Hosts: 66.98.178.19 clit8.sextracker.com
    O1 - Hosts: 66.98.178.19 cookies.cmpnet.com
    O1 - Hosts: 66.98.178.19 counter.aaddzz.com
    O1 - Hosts: 66.98.178.19 counter.bloke.com
    O1 - Hosts: 66.98.178.19 counter.hitslink.com
    O1 - Hosts: 66.98.178.19 counter.yadro.ru
    O1 - Hosts: 66.98.178.19 counter14.sextracker.com
    O1 - Hosts: 66.98.178.19 counter16.bravenet.com
    O1 - Hosts: 66.98.178.19 counter17.bravenet.com
    O1 - Hosts: 66.98.178.19 counter2.hitslink.com
    O1 - Hosts: 66.98.178.19 counter26.bravenet.com
    O1 - Hosts: 66.98.178.19 counter32.bravenet.com
    O1 - Hosts: 66.98.178.19 counter34.breavenet.com
    O1 - Hosts: 66.98.178.19 counter41.bravenet.com
    O1 - Hosts: 66.98.178.19 counter47.bravenet.com
    O1 - Hosts: 66.98.178.19 counter6.sextracker.com
    O1 - Hosts: 66.98.178.19 counter8.bravenet.com
    O1 - Hosts: 66.98.178.19 data.coremetrics.com
    O1 - Hosts: 66.98.178.19 delivery.loopingclick.com
    O1 - Hosts: 66.98.178.19 dwclick.com
    O1 - Hosts: 66.98.178.19 ehg-amerix.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-bestbuy.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-crain.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-dig.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-eckounlimited.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-espn.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-idg.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-liveperson.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-oreilley.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-space.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-sportsline.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-techtarget.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-tigerdirect.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-uniontrib.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg-viacom.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg.commjun.hitbox.com
    O1 - Hosts: 66.98.178.19 ehg.hitbox.com
    O1 - Hosts: 66.98.178.19 fastclick.net
    O1 - Hosts: 66.98.178.19 fcstats.bcentral.com
    O1 - Hosts: 66.98.178.19 flycast.com
    O1 - Hosts: 66.98.178.19 g-wizzads.net
    O1 - Hosts: 66.98.178.19 gostats.com
    O1 - Hosts: 66.98.178.19 gtcc1.acecounter.com
    O1 - Hosts: 66.98.178.19 hc2.humanclick.com
    O1 - Hosts: 66.98.178.19 hit2.hotlog.ru
    O1 - Hosts: 66.98.178.19 hit37.chark.dk
    O1 - Hosts: 66.98.178.19 hitbox.com
    O1 - Hosts: 66.98.178.19 hits.webstat.com
    O1 - Hosts: 66.98.178.19 images.dailydiscounts.com
    O1 - Hosts: 66.98.178.19 imp.clickability.com
    O1 - Hosts: 66.98.178.19 impacts.alliancehub.com
    O1 - Hosts: 66.98.178.19 insightfirst.com
    O1 - Hosts: 66.98.178.19 int.sitestat.com
    O1 - Hosts: 66.98.178.19 jkearns.freestats.com
    O1 - Hosts: 66.98.178.19 linktrack.bravenet.com
    O1 - Hosts: 66.98.178.19 logs.comics.com
    O1 - Hosts: 66.98.178.19 m1.nedstatbasic.net
    O1 - Hosts: 66.98.178.19 media101.sitebrand.com
    O1 - Hosts: 66.98.178.19 mediatrack.revenue.net
    O1 - Hosts: 66.98.178.19 mt122.mtree.com
    O1 - Hosts: 66.98.178.19 nedstat.s0.nl
    O1 - Hosts: 66.98.178.19 nl.sitestat.com
    O1 - Hosts: 66.98.178.19 partner.alerts.aol.com
    O1 - Hosts: 66.98.178.19 paxito.sitetracker.com
    O1 - Hosts: 66.98.178.19 perso.estat.com
    O1 - Hosts: 66.98.178.19 pmg.ad-logics.com
    O1 - Hosts: 66.98.178.19 postclick.adcentriconline.com
    O1 - Hosts: 66.98.178.19 prof.estat.com
    O1 - Hosts: 66.98.178.19 s10.sitemeter.com
    O1 - Hosts: 66.98.178.19 s11.sitemeter.com
    O1 - Hosts: 66.98.178.19 s12.sitemeter.com
    O1 - Hosts: 66.98.178.19 s13.sitemeter.com
    O1 - Hosts: 66.98.178.19 s14.sitemeter.com
    O1 - Hosts: 66.98.178.19 s15.sitemeter.com
    O1 - Hosts: 66.98.178.19 s16.sitemeter.com
    O1 - Hosts: 66.98.178.19 s2.statcounter.com
    O1 - Hosts: 66.98.178.19 sm1.sitemeter.com
    O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file)
    O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Program Files\DAP\DAPIEBar.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_16_0.dll
    O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_16_0.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
    O3 - Toolbar: DAP Bar - {62999427-33fc-4baf-9c9c-bce6bd127f08} - C:\PROGRA~1\DAP\dapiebar.dll
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - Startup: Hare.lnk = C:\Program Files\Dachshund Software\Hare\Hare.exe
    O4 - User Startup: Hare.lnk = C:\Program Files\Dachshund Software\Hare\Hare.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Run DAP (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
    O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
    O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_3_16_0.cab
    O16 - DPF: {F2BFA3FF-D28F-4262-A058-3DEF09B3F502} (ReportAX Class) - http://www.nehuenmultimedia.com.ar/apps/spamcab.cab
    O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/crack.CAB
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
     
  5. dave38

    dave38 Spyware Expert

    Joined:
    Feb 26, 2004
    Posts:
    377
    Re: Here's the HJT log bigc73542!

    Have Hijack This fix all of the following by placing a check in the appropriate boxes and hitting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rotateapage.com/rotator/...f=earningatlast
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...rch/search.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.rotateapage.com/rotator/...f=earningatlast

    ALL the O1 - Hosts: entries.

    O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file)

    O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsol...ArcadeRdxIE.cab
    O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/crack.CAB

    Reboot after fixing.

    Please post a followup Hijack this log, and say if your problems persist.
     
  6. roger_a320

    roger_a320 Registered Member

    Joined:
    Jun 19, 2004
    Posts:
    7
    Re: Very Annoying problem plz HELP!! (new member) Problem persists

    Below is the follow up hijackthis log. The problem still persists, as soon as i boot up it says that the web page i requested cannot be viewed offline and of course like before, i didn't request anything, after all i just booted.
    Hope you guys can really help me.

    Logfile of HijackThis v1.97.7
    Scan saved at 01:21:53 PM, on 20/06/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\WINDOWS\system32\ssoftsrv.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\Integrator.exe
    C:\WINDOWS\System.exe
    C:\Downloads\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com
    O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\Program Files\DAP\DAPIEBar.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_16_0.dll
    O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_16_0.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
    O3 - Toolbar: DAP Bar - {62999427-33fc-4baf-9c9c-bce6bd127f08} - C:\PROGRA~1\DAP\dapiebar.dll
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - Startup: Hare.lnk = C:\Program Files\Dachshund Software\Hare\Hare.exe
    O4 - User Startup: Hare.lnk = C:\Program Files\Dachshund Software\Hare\Hare.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Run DAP (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
    O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_3_16_0.cab
    O16 - DPF: {F2BFA3FF-D28F-4262-A058-3DEF09B3F502} (ReportAX Class) - http://www.nehuenmultimedia.com.ar/apps/spamcab.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
     
  7. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.