HELP hijack this results

P

pone

Logfile of HijackThis v1.97.7
Scan saved at 7:23:38 PM, on 3/29/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\DELLMMKB.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\doug\Local
Settings\Temp\Temporary Directory 1 for hijackthis
[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,
(Default) = about:blank
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0
\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-
FADC6B084872} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-
7859DF00B1D6} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1
\navapw32.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [Blubster] C:\Program
Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline
Global\PC Booster\pcbooster.exe
O4 - HKCU\..\Run: [Weather] C:\Program
Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Define - C:\Program
Files\Common Files\Microsoft Shared\Reference 2001
\A\ERS_DEF.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Look Up in &Encyclopedia -
C:\Program Files\Common Files\Microsoft Shared\Reference
2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O16 - DPF: Ali Baba Slots TM by pogo -
http://temp35.pogo.com/applet/slots/alibaba-ob-assets.cab
O16 - DPF: Backgammon by pogo -
http://gammon.pogo.com/applet/backgammon/backgammon-ob-
assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo -
http://vbjack.pogo.com/applet/videoblackjack/videoblackjac
k-ob-assets.cab
O16 - DPF: Checkers by pogo.com -
http://checkers.pogo.com/applet/checkers2/checkers-ob-
assets.cab
O16 - DPF: Cribbage by pogo -
http://crib.pogo.com/applet/cribbage/cribbage-ob-
assets.cab
O16 - DPF: Dice Derby by pogo -
http://checkeredflag.pogo.com/applet/checkeredflag/checker
edflag-ob-assets.cab
O16 - DPF: Dice Derby by pogo.com -
http://checkeredflag.pogo.com/applet/checkeredflag/checker
edflag-ob-assets.cab
O16 - DPF: Dominoes by pogo -
http://domino.pogo.com/applet/domino/domino-ob-assets.cab
O16 - DPF: Dominoes by pogo.com -
http://domino07.pogo.com/applet/domino/domino-ob-
assets.cab
O16 - DPF: Euchre by pogo -
http://euchre.pogo.com/applet/euchre/euchre-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo -
http://bingoe.pogo.com/applet/bingo/bingoe-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo.com -
http://bingoe.pogo.com/applet/bingo/bingoe-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo -
http://solitaire44.pogo.com/applet/solitaire2/solitaire2-
ob-assets.cab
O16 - DPF: First Class Solitaire by pogo.com -
http://temp39.pogo.com/applet/solitaire2/solitaire2-ob-
assets.cab
O16 - DPF: Fortune Bingo by pogo -
http://superbingo.pogo.com/applet/superbingo/superbingo-
ob-assets.cab
O16 - DPF: Greenback Bayou by pogo -
http://greenback.pogo.com/applet/greenback/greenback-ob-
assets.cab
O16 - DPF: Greenback Bayou by pogo.com -
http://greenback.pogo.com/applet/greenback/greenback-ob-
assets.cab
O16 - DPF: Hammerhead Pool by pogo.com -
http://temp14.pogo.com/applet/pool/pool-ob-assets.cab
O16 - DPF: Hearts by pogo -
http://hearts.pogo.com/applet/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo -
http://temp77fe.pogo.com/applet/drawpoker/drawpoker-ob-
assets.cab
O16 - DPF: Jokers Wild Poker by pogo -
http://temp91.pogo.com/applet/videopoker2/jokerswild-ob-
assets.cab
O16 - DPF: Jungle Gin by pogo -
http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Jungle Gin by pogo.com -
http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Keno by pogo -
http://keno.pogo.com/applet/keno/keno-ob-assets.cab
O16 - DPF: Keno by pogo.com -
http://keno.pogo.com/applet/keno/keno-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo -
http://mahjong.pogo.com/applet/mahjong/mahjong-ob-
assets.cab
O16 - DPF: Payday FreeCell by pogo -
http://freecell.pogo.com/applet/freecell/freecell-ob-
assets.cab
O16 - DPF: Payday FreeCell by pogo.com -
http://temp12.pogo.com/applet/freecell/freecell-ob-
assets.cab
O16 - DPF: Pebble Beach Golf by pogo -
http://temp40.pogo.com/applet/pebble/pebble-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo -
http://swashbucks11.pogo.com/applet/piratesgold/piratesgol
d-ob-assets.cab
O16 - DPF: Pop Fu by pogo -
http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
O16 - DPF: Pop Fu by pogo.com -
http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
O16 - DPF: Poppit TM by pogo -
http://poppit13.pogo.com/applet/poppit/poppit-ob-
assets.cab
O16 - DPF: Poppit! TM by pogo.com -
http://poppit26.pogo.com/applet/poppit/poppit-ob-
assets.cab
O16 - DPF: SciFi Slots by pogo -
http://temp92.pogo.com/applet/slots/scifi-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo.com -
http://showbiz2.pogo.com/applet/slots/showbiz2-ob-
assets.cab
O16 - DPF: Showbiz Slots by pogo.com -
http://showbiz.pogo.com/applet/slots/showbiz-ob-assets.cab
O16 - DPF: Spades by pogo.com -
http://temp35.pogo.com/applet/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo -
http://squelchies.pogo.com/applet/squelchies/squelchies-
ob-assets.cab
O16 - DPF: Squelchies by pogo.com -
http://squelchies.pogo.com/applet/squelchies/squelchies-
ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo -
http://temp81fe.pogo.com/applet/sweettooth/sweettooth-ob-
assets.cab
O16 - DPF: Tri-Peaks by pogo -
http://peaks.pogo.com/applet/peaks/peaks-ob-assets.cab
O16 - DPF: Tumble Bees by pogo -
http://temp36.pogo.com/applet/jumbee/jumbee-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo -
http://turbo21.pogo.com/applet/turbo21/turbo21-ob-
assets.cab
O16 - DPF: Turbo 21 TM by pogo.com -
http://temp14.pogo.com/applet/turbo21/turbo21-ob-
assets.cab
O16 - DPF: Word Whomp by pogo -
http://whomp.pogo.com/applet/wordwhomp/wordwhomp-ob-
assets.cab
O16 - DPF: Word Whomp by pogo.com -
http://temp39.pogo.com/applet/wordwhomp/wordwhomp-ob-
assets.cab
O16 - DPF: Word Whomp Whackdown by pogo -
http://whackdown.pogo.com/applet/whackdown/whackdown-ob-
assets.cab
O16 - DPF: Word Whomp Whackdown by pogo.com -
http://whackdown.pogo.com/applet/whackdown/whackdown-ob-
assets.cab
O16 - DPF: World Class Solitaire by pogo -
http://klondike.pogo.com/applet/worldclass/worldclass-ob-
assets.cab
O16 - DPF: Yahoo! Bingo -
http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Dice -
http://download.games.yahoo.com/games/clients/y/dct0_x.cab
O16 - DPF: Yahoo! Euchre -
http://download.games.yahoo.com/games/clients/y/et0_x.cab
O16 - DPF: Yahoo! Toki Toki Boom -
http://download.games.yahoo.com/games/clients/y/vtj_x.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED}
(Support.com SmartIssue) -
http://support.charter.com/sdccommon/download/tgctlsi.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}
(Support.com Configuration Class) -
http://support.charter.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
(Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director
/sw.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-006097DF2317} -
http://www.ea.com/downloads/games/common/boot_strap/iegils
..cab
O16 - DPF: {1954A4B1-9627-4CF2-A041-58AA2045CB35}
(Brix6ie Control) -
http://a19.g.akamai.net/7/19/7125/1410/ftp.coupons.com/v7/
brix6ie.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}
(MiniBugTransporterX Class) -
http://download.weatherbug.com/minibug/tricklers/AWS/MiniB
ugTransporter.cab?rand=20034412
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
(YInstStarter Class) -
http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.inf
o.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} (MSN
Chat Control 4.2) -
http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update
Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuct
l.CAB?37608.7291782407
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78D}
(DoomCln Object) -
http://www.microsoft.com/security/controls/DoomCln.CAB
O16 - DPF: {C6B086D2-146B-47A4-A218-B82DCAF2D872}
(cpbrxpie Control) -
http://a19.g.akamai.net/7/19/7125/4003/ftp.coupons.com/r31
20/cpbrxpie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/sw
flash.cab
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} -
http://fdl.msn.com/public/chat/msnchat4.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yi
ebio5_0_2_1.cab
 
M

MAP

Wrong forum try this one

www.spywareinfo.com/forums/

Good luck

-----Original Message-----
Logfile of HijackThis v1.97.7
Scan saved at 7:23:38 PM, on 3/29/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\DELLMMKB.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\doug\Local
Settings\Temp\Temporary Directory 1 for hijackthis
[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,
(Default) = about:blank
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0
\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-
FADC6B084872} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238- 8AD1-
7859DF00B1D6} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1
\navapw32.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [Blubster] C:\Program
Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline
Global\PC Booster\pcbooster.exe
O4 - HKCU\..\Run: [Weather] C:\Program
Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Define - C:\Program
Files\Common Files\Microsoft Shared\Reference 2001
\A\ERS_DEF.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Look Up in &Encyclopedia -
C:\Program Files\Common Files\Microsoft Shared\Reference
2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O16 - DPF: Ali Baba Slots TM by pogo -
http://temp35.pogo.com/applet/slots/alibaba-ob-assets.cab
O16 - DPF: Backgammon by pogo -
http://gammon.pogo.com/applet/backgammon/backgammon-ob-
assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo -
http://vbjack.pogo.com/applet/videoblackjack/videoblackja c
k-ob-assets.cab
O16 - DPF: Checkers by pogo.com -
http://checkers.pogo.com/applet/checkers2/checkers-ob-
assets.cab
O16 - DPF: Cribbage by pogo -
http://crib.pogo.com/applet/cribbage/cribbage-ob-
assets.cab
O16 - DPF: Dice Derby by pogo -
http://checkeredflag.pogo.com/applet/checkeredflag/checke r
edflag-ob-assets.cab
O16 - DPF: Dice Derby by pogo.com -
http://checkeredflag.pogo.com/applet/checkeredflag/checke r
edflag-ob-assets.cab
O16 - DPF: Dominoes by pogo -
http://domino.pogo.com/applet/domino/domino-ob-assets.cab
O16 - DPF: Dominoes by pogo.com -
http://domino07.pogo.com/applet/domino/domino-ob-
assets.cab
O16 - DPF: Euchre by pogo -
http://euchre.pogo.com/applet/euchre/euchre-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo -
http://bingoe.pogo.com/applet/bingo/bingoe-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo.com -
http://bingoe.pogo.com/applet/bingo/bingoe-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo -
http://solitaire44.pogo.com/applet/solitaire2/solitaire2-
ob-assets.cab
O16 - DPF: First Class Solitaire by pogo.com -
http://temp39.pogo.com/applet/solitaire2/solitaire2-ob-
assets.cab
O16 - DPF: Fortune Bingo by pogo -
http://superbingo.pogo.com/applet/superbingo/superbingo-
ob-assets.cab
O16 - DPF: Greenback Bayou by pogo -
http://greenback.pogo.com/applet/greenback/greenback-ob-
assets.cab
O16 - DPF: Greenback Bayou by pogo.com -
http://greenback.pogo.com/applet/greenback/greenback-ob-
assets.cab
O16 - DPF: Hammerhead Pool by pogo.com -
http://temp14.pogo.com/applet/pool/pool-ob-assets.cab
O16 - DPF: Hearts by pogo -
http://hearts.pogo.com/applet/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo -
http://temp77fe.pogo.com/applet/drawpoker/drawpoker-ob-
assets.cab
O16 - DPF: Jokers Wild Poker by pogo -
http://temp91.pogo.com/applet/videopoker2/jokerswild-ob-
assets.cab
O16 - DPF: Jungle Gin by pogo -
http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Jungle Gin by pogo.com -
http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Keno by pogo -
http://keno.pogo.com/applet/keno/keno-ob-assets.cab
O16 - DPF: Keno by pogo.com -
http://keno.pogo.com/applet/keno/keno-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo -
http://mahjong.pogo.com/applet/mahjong/mahjong-ob-
assets.cab
O16 - DPF: Payday FreeCell by pogo -
http://freecell.pogo.com/applet/freecell/freecell-ob-
assets.cab
O16 - DPF: Payday FreeCell by pogo.com -
http://temp12.pogo.com/applet/freecell/freecell-ob-
assets.cab
O16 - DPF: Pebble Beach Golf by pogo -
http://temp40.pogo.com/applet/pebble/pebble-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo -
http://swashbucks11.pogo.com/applet/piratesgold/piratesgo l
d-ob-assets.cab
O16 - DPF: Pop Fu by pogo -
http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
O16 - DPF: Pop Fu by pogo.com -
http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
O16 - DPF: Poppit TM by pogo -
http://poppit13.pogo.com/applet/poppit/poppit-ob-
assets.cab
O16 - DPF: Poppit! TM by pogo.com -
http://poppit26.pogo.com/applet/poppit/poppit-ob-
assets.cab
O16 - DPF: SciFi Slots by pogo -
http://temp92.pogo.com/applet/slots/scifi-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo.com -
http://showbiz2.pogo.com/applet/slots/showbiz2-ob-
assets.cab
O16 - DPF: Showbiz Slots by pogo.com -
http://showbiz.pogo.com/applet/slots/showbiz-ob- assets.cab
O16 - DPF: Spades by pogo.com -
http://temp35.pogo.com/applet/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo -
http://squelchies.pogo.com/applet/squelchies/squelchies-
ob-assets.cab
O16 - DPF: Squelchies by pogo.com -
http://squelchies.pogo.com/applet/squelchies/squelchies-
ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo -
http://temp81fe.pogo.com/applet/sweettooth/sweettooth-ob-
assets.cab
O16 - DPF: Tri-Peaks by pogo -
http://peaks.pogo.com/applet/peaks/peaks-ob-assets.cab
O16 - DPF: Tumble Bees by pogo -
http://temp36.pogo.com/applet/jumbee/jumbee-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo -
http://turbo21.pogo.com/applet/turbo21/turbo21-ob-
assets.cab
O16 - DPF: Turbo 21 TM by pogo.com -
http://temp14.pogo.com/applet/turbo21/turbo21-ob-
assets.cab
O16 - DPF: Word Whomp by pogo -
http://whomp.pogo.com/applet/wordwhomp/wordwhomp-ob-
assets.cab
O16 - DPF: Word Whomp by pogo.com -
http://temp39.pogo.com/applet/wordwhomp/wordwhomp-ob-
assets.cab
O16 - DPF: Word Whomp Whackdown by pogo -
http://whackdown.pogo.com/applet/whackdown/whackdown-ob-
assets.cab
O16 - DPF: Word Whomp Whackdown by pogo.com -
http://whackdown.pogo.com/applet/whackdown/whackdown-ob-
assets.cab
O16 - DPF: World Class Solitaire by pogo -
http://klondike.pogo.com/applet/worldclass/worldclass-ob-
assets.cab
O16 - DPF: Yahoo! Bingo -
http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Dice -
http://download.games.yahoo.com/games/clients/y/dct0_x.ca b
O16 - DPF: Yahoo! Euchre -
http://download.games.yahoo.com/games/clients/y/et0_x.cab
O16 - DPF: Yahoo! Toki Toki Boom -
http://download.games.yahoo.com/games/clients/y/vtj_x.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED}
(Support.com SmartIssue) -
http://support.charter.com/sdccommon/download/tgctlsi.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}
(Support.com Configuration Class) -
http://support.charter.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
(Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/directo r
/sw.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-006097DF2317} -
http://www.ea.com/downloads/games/common/boot_strap/iegil s
..cab
O16 - DPF: {1954A4B1-9627-4CF2-A041-58AA2045CB35}
(Brix6ie Control) -
http://a19.g.akamai.net/7/19/7125/1410/ftp.coupons.com/v7 /
brix6ie.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}
(MiniBugTransporterX Class) -
http://download.weatherbug.com/minibug/tricklers/AWS/Mini B
ugTransporter.cab?rand=20034412
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
(YInstStarter Class) -
http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.in f
o.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} (MSN
Chat Control 4.2) -
http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update
Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuc t
l.CAB?37608.7291782407
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78D}
(DoomCln Object) -
http://www.microsoft.com/security/controls/DoomCln.CAB
O16 - DPF: {C6B086D2-146B-47A4-A218-B82DCAF2D872}
(cpbrxpie Control) -
http://a19.g.akamai.net/7/19/7125/4003/ftp.coupons.com/r3 1
20/cpbrxpie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/s w
flash.cab
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} -
http://fdl.msn.com/public/chat/msnchat4.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/y i
ebio5_0_2_1.cab


.
Click to expand...
 
W

We Live For The One We Die For The One

You deleted somthing you should not have HA HA.

Hope you have a restore point do you ?

hijack this works great for me, one phrase if in doubt DONT ****ING
DELETE IT :)

Works for me.


Wrong forum try this one

www.spywareinfo.com/forums/

Good luck

-----Original Message-----
Logfile of HijackThis v1.97.7
Scan saved at 7:23:38 PM, on 3/29/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\DELLMMKB.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\doug\Local
Settings\Temp\Temporary Directory 1 for hijackthis
[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,
(Default) = about:blank
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0
\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-
FADC6B084872} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238- 8AD1-
7859DF00B1D6} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1
\navapw32.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [Blubster] C:\Program
Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline
Global\PC Booster\pcbooster.exe
O4 - HKCU\..\Run: [Weather] C:\Program
Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Define - C:\Program
Files\Common Files\Microsoft Shared\Reference 2001
\A\ERS_DEF.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Look Up in &Encyclopedia -
C:\Program Files\Common Files\Microsoft Shared\Reference
2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O16 - DPF: Ali Baba Slots TM by pogo -
http://temp35.pogo.com/applet/slots/alibaba-ob-assets.cab
O16 - DPF: Backgammon by pogo -
http://gammon.pogo.com/applet/backgammon/backgammon-ob-
assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo -
http://vbjack.pogo.com/applet/videoblackjack/videoblackja c
k-ob-assets.cab
O16 - DPF: Checkers by pogo.com -
http://checkers.pogo.com/applet/checkers2/checkers-ob-
assets.cab
O16 - DPF: Cribbage by pogo -
http://crib.pogo.com/applet/cribbage/cribbage-ob-
assets.cab
O16 - DPF: Dice Derby by pogo -
http://checkeredflag.pogo.com/applet/checkeredflag/checke r
edflag-ob-assets.cab
O16 - DPF: Dice Derby by pogo.com -
http://checkeredflag.pogo.com/applet/checkeredflag/checke r
edflag-ob-assets.cab
O16 - DPF: Dominoes by pogo -
http://domino.pogo.com/applet/domino/domino-ob-assets.cab
O16 - DPF: Dominoes by pogo.com -
http://domino07.pogo.com/applet/domino/domino-ob-
assets.cab
O16 - DPF: Euchre by pogo -
http://euchre.pogo.com/applet/euchre/euchre-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo -
http://bingoe.pogo.com/applet/bingo/bingoe-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo.com -
http://bingoe.pogo.com/applet/bingo/bingoe-ob-assets.cab
O16 - DPF: First Class Solitaire by pogo -
http://solitaire44.pogo.com/applet/solitaire2/solitaire2-
ob-assets.cab
O16 - DPF: First Class Solitaire by pogo.com -
http://temp39.pogo.com/applet/solitaire2/solitaire2-ob-
assets.cab
O16 - DPF: Fortune Bingo by pogo -
http://superbingo.pogo.com/applet/superbingo/superbingo-
ob-assets.cab
O16 - DPF: Greenback Bayou by pogo -
http://greenback.pogo.com/applet/greenback/greenback-ob-
assets.cab
O16 - DPF: Greenback Bayou by pogo.com -
http://greenback.pogo.com/applet/greenback/greenback-ob-
assets.cab
O16 - DPF: Hammerhead Pool by pogo.com -
http://temp14.pogo.com/applet/pool/pool-ob-assets.cab
O16 - DPF: Hearts by pogo -
http://hearts.pogo.com/applet/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo -
http://temp77fe.pogo.com/applet/drawpoker/drawpoker-ob-
assets.cab
O16 - DPF: Jokers Wild Poker by pogo -
http://temp91.pogo.com/applet/videopoker2/jokerswild-ob-
assets.cab
O16 - DPF: Jungle Gin by pogo -
http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Jungle Gin by pogo.com -
http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Keno by pogo -
http://keno.pogo.com/applet/keno/keno-ob-assets.cab
O16 - DPF: Keno by pogo.com -
http://keno.pogo.com/applet/keno/keno-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo -
http://mahjong.pogo.com/applet/mahjong/mahjong-ob-
assets.cab
O16 - DPF: Payday FreeCell by pogo -
http://freecell.pogo.com/applet/freecell/freecell-ob-
assets.cab
O16 - DPF: Payday FreeCell by pogo.com -
http://temp12.pogo.com/applet/freecell/freecell-ob-
assets.cab
O16 - DPF: Pebble Beach Golf by pogo -
http://temp40.pogo.com/applet/pebble/pebble-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo -
http://swashbucks11.pogo.com/applet/piratesgold/piratesgo l
d-ob-assets.cab
O16 - DPF: Pop Fu by pogo -
http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
O16 - DPF: Pop Fu by pogo.com -
http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
O16 - DPF: Poppit TM by pogo -
http://poppit13.pogo.com/applet/poppit/poppit-ob-
assets.cab
O16 - DPF: Poppit! TM by pogo.com -
http://poppit26.pogo.com/applet/poppit/poppit-ob-
assets.cab
O16 - DPF: SciFi Slots by pogo -
http://temp92.pogo.com/applet/slots/scifi-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo.com -
http://showbiz2.pogo.com/applet/slots/showbiz2-ob-
assets.cab
O16 - DPF: Showbiz Slots by pogo.com -
http://showbiz.pogo.com/applet/slots/showbiz-ob- assets.cab
O16 - DPF: Spades by pogo.com -
http://temp35.pogo.com/applet/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo -
http://squelchies.pogo.com/applet/squelchies/squelchies-
ob-assets.cab
O16 - DPF: Squelchies by pogo.com -
http://squelchies.pogo.com/applet/squelchies/squelchies-
ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo -
http://temp81fe.pogo.com/applet/sweettooth/sweettooth-ob-
assets.cab
O16 - DPF: Tri-Peaks by pogo -
http://peaks.pogo.com/applet/peaks/peaks-ob-assets.cab
O16 - DPF: Tumble Bees by pogo -
http://temp36.pogo.com/applet/jumbee/jumbee-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo -
http://turbo21.pogo.com/applet/turbo21/turbo21-ob-
assets.cab
O16 - DPF: Turbo 21 TM by pogo.com -
http://temp14.pogo.com/applet/turbo21/turbo21-ob-
assets.cab
O16 - DPF: Word Whomp by pogo -
http://whomp.pogo.com/applet/wordwhomp/wordwhomp-ob-
assets.cab
O16 - DPF: Word Whomp by pogo.com -
http://temp39.pogo.com/applet/wordwhomp/wordwhomp-ob-
assets.cab
O16 - DPF: Word Whomp Whackdown by pogo -
http://whackdown.pogo.com/applet/whackdown/whackdown-ob-
assets.cab
O16 - DPF: Word Whomp Whackdown by pogo.com -
http://whackdown.pogo.com/applet/whackdown/whackdown-ob-
assets.cab
O16 - DPF: World Class Solitaire by pogo -
http://klondike.pogo.com/applet/worldclass/worldclass-ob-
assets.cab
O16 - DPF: Yahoo! Bingo -
http://download.games.yahoo.com/games/clients/y/xt0_x.cab
O16 - DPF: Yahoo! Dice -
http://download.games.yahoo.com/games/clients/y/dct0_x.ca b
O16 - DPF: Yahoo! Euchre -
http://download.games.yahoo.com/games/clients/y/et0_x.cab
O16 - DPF: Yahoo! Toki Toki Boom -
http://download.games.yahoo.com/games/clients/y/vtj_x.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED}
(Support.com SmartIssue) -
http://support.charter.com/sdccommon/download/tgctlsi.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}
(Support.com Configuration Class) -
http://support.charter.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
(Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/directo r
/sw.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-006097DF2317} -
http://www.ea.com/downloads/games/common/boot_strap/iegil s
..cab
O16 - DPF: {1954A4B1-9627-4CF2-A041-58AA2045CB35}
(Brix6ie Control) -
http://a19.g.akamai.net/7/19/7125/1410/ftp.coupons.com/v7 /
brix6ie.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}
(MiniBugTransporterX Class) -
http://download.weatherbug.com/minibug/tricklers/AWS/Mini B
ugTransporter.cab?rand=20034412
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
(YInstStarter Class) -
http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.in f
o.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} (MSN
Chat Control 4.2) -
http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update
Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuc t
l.CAB?37608.7291782407
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78D}
(DoomCln Object) -
http://www.microsoft.com/security/controls/DoomCln.CAB
O16 - DPF: {C6B086D2-146B-47A4-A218-B82DCAF2D872}
(cpbrxpie Control) -
http://a19.g.akamai.net/7/19/7125/4003/ftp.coupons.com/r3 1
20/cpbrxpie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/s w
flash.cab
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} -
http://fdl.msn.com/public/chat/msnchat4.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/y i
ebio5_0_2_1.cab


.
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ActiveX problems 3
evaluate logfile 1
Blank Page- windows Internet Explorer 2
Spybot freezes in safe mode 3
HELP New to Hijackthis 1
Norton SystemWorks 2006 - HELP!!! 2
coolwwwsearch 3
Spoolsv.exe problem - Continued 8

Top