These keep coming back...

Hi again Pieter,

<G> yes, timezones are pesky <G>

I hope this doesn't ruin your.... evening?... even after the (almost) clean hijack this reports, i still have stuff showing up in both spybot and adaware. these are the logs from those- after the last hijack corrections.

both are from dad's desktop.

i just cut and pasted.. do they make any sense?

----------------------
spybot report. these don't go away- always 7 DSO exploit files, even after reapiring them. spybot says they are successfully removed every time.


DSO Exploit: Data source object exploit (Registry change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3 DSO Exploit: Data source object exploit (Registry change, nothing done) HKEY_USERS\S-1-5-21-152836777-779544829-3809216588-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3 DSO Exploit: Data source object exploit (Registry change, nothing done) HKEY_USERS\S-1-5-21-152836777-779544829-3809216588-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3 DSO Exploit: Data source object exploit (Registry change, nothing done) HKEY_USERS\S-1-5-21-152836777-779544829-3809216588-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3 DSO Exploit: Data source object exploit (Registry change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3 DSO Exploit: Data source object exploit (Registry change, nothing done) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3 DSO Exploit: Data source object exploit (Registry change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3 --- Spybot - Search && Destroy version: 1.3 --- 2004-05-25 Includes\Cookies.sbi 2004-05-29 Includes\Dialer.sbi 2004-05-28 Includes\Hijackers.sbi 2004-05-28 Includes\Keyloggers.sbi 2004-05-12 Includes\LSP.sbi 2004-05-28 Includes\Malware.sbi 2004-05-04 Includes\Revision.sbi 2004-04-12 Includes\Security.sbi 2004-05-28 Includes\Spybots.sbi 2004-05-24 Includes\Tracks.uti 2004-05-28 Includes\Trojans.sbi

---------------------
and this is the adaware:

lots of data miners and malware... that doesn't sound good <G>

also- it says it is deleting them, but then shows 800+ files in the quarantine section... can i get rid of them, or do they sit there forever?


Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Tuesday, June 15, 2004 9:55:40 AM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R318 13.06.2004
______________________________________________________

Reffile status:
=========================
Reference file loaded:
Reference Number : 01R318 13.06.2004
Internal build : 250
File location : C:\PROGRA~1\Lavasoft\AD-AWA~1\reflist.ref
Total size : 1241033 Bytes
Signature data size : 1220738 Bytes
Reference data size : 20231 Bytes
Signatures total : 27180
Target categories : 10
Target families : 497

Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:62 %
Total physical memory:522224 kb
Available physical memory:323260 kb
Total page file size:1279264 kb
Available on page file:1077176 kb
Total virtual memory:2097024 kb
Available virtual memory:2055600 kb
OS:

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result


6-15-2004 9:55:40 AM - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 6-14-2004 11:53:10 PM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-14-2004 11:53:17 PM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-14-2004 11:53:17 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-114
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/29/2002 11:00:00 AM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-14-2004 11:53:17 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/29/2002 11:00:00 AM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-14-2004 11:53:18 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-114
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/29/2002 11:00:00 AM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-14-2004 11:53:18 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-114
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/29/2002 11:00:00 AM

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 6-14-2004 11:53:19 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-114
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/29/2002 11:00:00 AM

#:8 [mcvsrte.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 6-14-2004 11:53:27 PM
BasePriority : Normal
FileSize : 100 KB
FileVersion : 4, 4, 0, 35
ProductVersion : 4, 4, 0, 20
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan Online Realtime Engine
InternalName : mcvsrte
OriginalFilename : mcvsrte.exe
ProductName : McAfee VirusScan Online
Created on : 1/6/2004 9:31:41 PM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 3/21/2003 6:51:52 PM

#:9 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\
ThreadCreationTime : 6-14-2004 11:53:27 PM
BasePriority : Normal
FileSize : 314 KB
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft
Created on : 6/20/2003 5:25:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 6/20/2003 5:25:00 AM

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-14-2004 11:53:27 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-114
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/29/2002 11:00:00 AM

#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 6-14-2004 11:53:32 PM
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/15/2004 1:52:55 PM
Last modified : 8/29/2002 11:00:00 AM

#:12 [mcshield.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 6-14-2004 11:53:33 PM
BasePriority : High
FileSize : 220 KB
Created on : 1/6/2004 9:31:40 PM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 3/13/2002 2:50:34 PM

#:13 [hkcmd.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-14-2004 11:53:34 PM
BasePriority : Normal
FileSize : 112 KB
FileVersion : 3,0,0,2104
ProductVersion : 7,0,0,2104
Copyright : Copyright 1999-2003, Intel Corporation
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
OriginalFilename : HKCMD.EXE
ProductName : Intel(R) Common User Interface
Created on : 1/1/1980 6:00:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 4/7/2003 6:07:38 AM

#:14 [dsentry.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-14-2004 11:53:34 PM
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 5, 0
ProductVersion : 1, 0, 5, 0
Copyright : Copyright
CompanyName : Dell - Advanced Desktop Engineering
FileDescription : DVDSentry
InternalName : DVDSentry
OriginalFilename : DSentry.exe
ProductName : Dell - DVDSentry
Created on : 8/13/2003 4:27:40 PM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/13/2003 4:27:40 PM

#:15 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ThreadCreationTime : 6-14-2004 11:53:34 PM
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 1/6/2004 9:31:04 PM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 1/6/2004 9:31:04 PM

#:16 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ThreadCreationTime : 6-14-2004 11:53:35 PM
BasePriority : Normal
FileSize : 196 KB
FileVersion : 4, 2, 0, 8
ProductVersion : 4, 2, 0, 0
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
OriginalFilename : mcagent.exe
ProductName : McAfee SecurityCenter
Created on : 1/6/2004 9:31:35 PM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 3/18/2003 7:53:52 PM

#:17 [mcvsshld.exe]
FilePath : C:\PROGRA~1\mcafee.com\vso\
ThreadCreationTime : 6-14-2004 11:53:36 PM
BasePriority : Normal
FileSize : 156 KB
FileVersion : 4, 4, 0, 35
ProductVersion : 4, 4, 0, 20
Copyright : Copyright
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee ActiveShield
InternalName : msvcshld
OriginalFilename : mcvsshld.exe
ProductName : McAfee VirusScan Online
Created on : 1/6/2004 9:31:41 PM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 3/21/2003 6:52:12 PM

#:18 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-14-2004 11:53:36 PM
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 8/29/2002 11:00:00 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/29/2002 11:00:00 AM

#:19 [dlg.exe]
FilePath : C:\Program Files\Digital Line Detect\
ThreadCreationTime : 6-14-2004 11:53:36 PM
BasePriority : Normal
FileSize : 24 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : BVRP Software
FileDescription : Digital Line Detection
InternalName : TestLine
OriginalFilename : TestLine.exe
ProductName : BVRP Software TestLine
Created on : 1/6/2004 9:27:52 PM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 6/20/2003 9:43:00 AM

#:20 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 6-14-2004 11:53:36 PM
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
OriginalFilename : hpotdd01.exe
ProductName : Hewlett-Packard hpotdd01
Created on : 4/9/2003 11:11:12 PM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 4/9/2003 11:11:12 PM

#:21 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-15-2004 12:03:53 AM
BasePriority : High


#:22 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 6-15-2004 12:05:51 AM
BasePriority : High


#:23 [wisptis.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 6-15-2004 11:29:45 AM
BasePriority : High
FileSize : 185 KB
FileVersion : 1.0.2201.0 (xpsp1.020820-1800)
ProductVersion : 1.0.2201.0
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft Tablet PC Platform Component
InternalName : WISPTIS.EXE
OriginalFilename : WISPTIS.EXE
ProductName : Microsoft
Created on : 8/21/2002 11:13:12 AM
Last accessed : 6/15/2004 1:55:40 PM
Last modified : 8/21/2002 11:13:12 AM

#:24 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 6-15-2004 1:55:17 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 6/6/2004 2:50:00 AM
Last accessed : 6/15/2004 1:52:54 PM
Last modified : 7/13/2003 1:00:20 AM

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Deep scanning and examining files (A
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for A:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Deep scanning and examining files (C
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Tracking Cookie Object recognized!
Type : File
Data : blue moon@atdmt[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Blue Moon\Cookies\

Created on : 6/15/2004 12:07:05 AM
Last accessed : 6/15/2004 1:58:18 PM
Last modified : 6/15/2004 12:07:05 AM



Tracking Cookie Object recognized!
Type : File
Data : blue moon@doubleclick[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Blue Moon\Cookies\

Created on : 6/15/2004 12:06:52 AM
Last accessed : 6/15/2004 1:58:18 PM
Last modified : 6/15/2004 12:07:01 AM



BroadCastPC Object recognized!
Type : File
Data : glk18.tmp
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Blue Moon\Local Settings\Temp\
FileSize : 33 KB
Created on : 6/15/2004 3:32:38 AM
Last accessed : 6/15/2004 1:58:26 PM
Last modified : 6/15/2004 3:32:39 AM



BroadCastPC Object recognized!
Type : File
Data : glk9.tmp
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Blue Moon\Local Settings\Temp\
FileSize : 33 KB
Created on : 6/15/2004 12:20:08 AM
Last accessed : 6/15/2004 1:58:27 PM
Last modified : 6/15/2004 12:20:08 AM



BroadCastPC Object recognized!
Type : File
Data : glkf.tmp
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Blue Moon\Local Settings\Temp\
FileSize : 33 KB
Created on : 6/15/2004 12:20:41 AM
Last accessed : 6/15/2004 1:58:27 PM
Last modified : 6/15/2004 12:20:41 AM



Tracking Cookie Object recognized!
Type : File
Data : dad@2o7[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Dad\Cookies\

Created on : 6/15/2004 11:23:16 AM
Last accessed : 6/15/2004 2:00:15 PM
Last modified : 6/15/2004 11:23:16 AM



Tracking Cookie Object recognized!
Type : File
Data : dad@fastclick[2].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Dad\Cookies\

Created on : 6/15/2004 1:55:15 PM
Last accessed : 6/15/2004 1:55:15 PM
Last modified : 6/15/2004 1:55:15 PM



Tracking Cookie Object recognized!
Type : File
Data : dad@tribalfusion[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Dad\Cookies\

Created on : 6/15/2004 11:24:08 AM
Last accessed : 6/15/2004 1:35:17 PM
Last modified : 6/15/2004 11:24:08 AM



Tracking Cookie Object recognized!
Type : File
Data : dad@z1.adserver[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Dad\Cookies\

Created on : 6/14/2004 11:55:14 PM
Last accessed : 6/15/2004 1:53:20 PM
Last modified : 6/14/2004 11:55:14 PM



Tracking Cookie Object recognized!
Type : File
Data : dad@zedo[1].txt
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Dad\Cookies\

Created on : 6/15/2004 11:24:08 AM
Last accessed : 6/15/2004 1:35:19 PM
Last modified : 6/15/2004 1:35:19 PM



DyFuCA Object recognized!
Type : File
Data : a0009677.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP174\
FileSize : 53 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2002
FileDescription : DyFuCA_BH Module
InternalName : DyFuCA_BH
OriginalFilename : DyFuCA_BH.DLL
ProductName : DyFuCA_BH Module
Created on : 6/5/2004 3:28:11 PM
Last accessed : 6/15/2004 2:05:16 PM
Last modified : 6/6/2004 1:41:01 PM



Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 11


Deep scanning and examining files (D
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for D:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 11


Deep scanning and examining files (E
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Disk scan result for E:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 11


Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
4 entries scanned.
New objects :0
Objects found so far: 11




Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

BroadCastPC Object recognized!
Type : Folder
Category : Data Miner
Comment :
Object : c:\program files\TV Media


Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 12


10:07:29 AM Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:11:49:359
Objects scanned :143515
Objects identified :12
Objects ignored :0
New objects :12

thank you thank you thank you for your time!!

-s

 

Ok One by one yur sorrows will melt away.

DSO exploits by Spybot S&D: http://forums.net-integration.net/index.php?showtopic=15308

Control cookies in IE6: http://privacy.getnetwise.org/browsing/tools/ie6/cookiesadvanced

Malware in your Restore Points: http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam

Oh, and you are one update behind on AdAware.

Regards,

Pieter

 

<BG> she is happy! she is very very happy!

skipping off to run a final round of diagnostics... any suggestions on maintaining my squeaky-clean status?

are there watch-dog programs, or should i just run everything very often?

TIA
-s

 

Pieter, Illuka ,
many thanks! Next time you're in CT you're invited. we'll roast some marshmallows and the kids will do their celebration dance. <G>

-Sarah

 

Hi gullicat,

Glad we could help.

Please read: Why did I get infected in the first place

Regards,

Pieter