Re: HELP hijack this results

anonymous_at_discussions.microsoft.com
Date: 03/30/04

• Next message: Eli: "Attempted Intrusion from my own PC to another"
• Previous message: Kath: "Pop Ups and Ads"
• In reply to: Tedd Riggs: "Re: HELP hijack this results"
• Next in thread: Mike Burgess: "Re: HELP hijack this results"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 29 Mar 2004 22:30:08 -0800

thanks for the firewall information, would you happen to
have any information as to why i cannot access webpages
that require passwords like hotmail and such. when i try
to access these pages i get the "Cannot find server. The
page cannot be displayed" error page. also when i tried
to access the online virus scan at symantecs an error
message came up saying i had activeX setting that would
not allow me to access the scan.
                                 thanks for the help
>-----Original Message-----
>You need far more then just the basic Windows Firewall
as that will only
>stop incoming traffic. I would get something like Zone
Alarm, turn your
>security up to at least medium and you will just have to
face it that you
>are going to get alot of junk with all the casino type
sites you visit,
>those are famous for hijacking and tracking cookies.
>
>--
>Tedd Riggs
>PDA Square Content Developer
>www.pdasquare.com
>Redmond, WA
>
>
>
>"PONE" <anonymous@discussions.microsoft.com> wrote in
message
>news:153a701c415ee$40f62750$a301280a@phx.gbl...
>> why do i keep getting spam and i cannot log on to my
>> hotmail account. here is what hijack this gave back to
me
>> but i need a little help understanding it. i run spybot
>> and adaware 6 everyday, and everyday more spam. my
>> windows firewall is up.
>>
>> Logfile of HijackThis v1.97.7
>> Scan saved at 7:23:38 PM, on 3/29/2004
>> Platform: Windows XP SP1 (WinNT 5.01.2600)
>> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>>
>> Running processes:
>> C:\WINDOWS\System32\smss.exe
>> C:\WINDOWS\system32\winlogon.exe
>> C:\WINDOWS\system32\services.exe
>> C:\WINDOWS\system32\lsass.exe
>> C:\WINDOWS\system32\svchost.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\WINDOWS\system32\spoolsv.exe
>> C:\PROGRA~1\NORTON~1\navapw32.exe
>> C:\WINDOWS\DELLMMKB.EXE
>> C:\WINDOWS\Nhksrv.exe
>> C:\Program Files\Norton AntiVirus\navapsvc.exe
>> C:\WINDOWS\System32\nvsvc32.exe
>> C:\Program Files\Netropa\OSD.exe
>> C:\Program Files\AWS\WeatherBug\Weather.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\WINDOWS\wanmpsvc.exe
>> C:\WINDOWS\explorer.exe
>> C:\Documents and Settings\doug\Local
>> Settings\Temp\Temporary Directory 1 for hijackthis
>> [1].zip\HijackThis.exe
>>
>> R1 - HKCU\Software\Microsoft\Internet
>> Explorer\Main,Default_Page_URL =
http://www.dellnet.com/
>> R0 - HKLM\Software\Microsoft\Internet
>> Explorer\Search,SearchAssistant = about:blank
>> R1 - HKCU\Software\Microsoft\Internet
Explorer\SearchURL,
>> (Default) = about:blank
>> O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-
>> 784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0
>> \Reader\ActiveX\AcroIEHelper.ocx
>> O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-
>> FADC6B084872} - C:\Program Files\Norton
>> AntiVirus\NavShExt.dll
>> O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-
8AD1-
>> 7859DF00B1D6} - C:\Program Files\Norton
>> AntiVirus\NavShExt.dll
>> O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-
>> 00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
>> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
>> NvQTwk,NvCplDaemon initialize
>> O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1
>> \navapw32.exe
>> O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
>> O4 - HKLM\..\Run: [Blubster] C:\Program
>> Files\Blubster\Blubster.exe SILENT
>> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
>> Files\QuickTime\qttask.exe" -atboottime
>> O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline
>> Global\PC Booster\pcbooster.exe
>> O4 - HKCU\..\Run: [Weather] C:\Program
>> Files\AWS\WeatherBug\Weather.exe 1
>> O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
>> Messenger\msnmsgr.exe" /background
>> O8 - Extra context menu item: &Define - C:\Program
>> Files\Common Files\Microsoft Shared\Reference 2001
>> \A\ERS_DEF.HTM
>> O8 - Extra context menu item: E&xport to Microsoft
Excel -
>> res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
>> O8 - Extra context menu item: Look Up in
&Encyclopedia -
>> C:\Program Files\Common Files\Microsoft
Shared\Reference
>> 2001\A\ERS_ENC.HTM
>> O9 - Extra button: Encarta Encyclopedia (HKLM)
>> O9 - Extra 'Tools' menuitem: Encarta Encyclopedia
(HKLM)
>> O9 - Extra button: Messenger (HKLM)
>> O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
>> O9 - Extra button: Define (HKLM)
>> O9 - Extra 'Tools' menuitem: Define (HKLM)
>> O9 - Extra button: AIM (HKLM)
>> O9 - Extra button: Messenger (HKLM)
>> O9 - Extra 'Tools' menuitem: Messenger (HKLM)
>> O9 - Extra button: WeatherBug (HKCU)
>> O16 - DPF: Ali Baba Slots TM by pogo -
>> http://temp35.pogo.com/applet/slots/alibaba-ob-
assets.cab
>> O16 - DPF: Backgammon by pogo -
>> http://gammon.pogo.com/applet/backgammon/backgammon-ob-
>> assets.cab
>> O16 - DPF: Buckaroo Blackjack TM by pogo -
>>
http://vbjack.pogo.com/applet/videoblackjack/videoblackjac
>> k-ob-assets.cab
>> O16 - DPF: Checkers by pogo.com -
>> http://checkers.pogo.com/applet/checkers2/checkers-ob-
>> assets.cab
>> O16 - DPF: Cribbage by pogo -
>> http://crib.pogo.com/applet/cribbage/cribbage-ob-
>> assets.cab
>> O16 - DPF: Dice Derby by pogo -
>>
http://checkeredflag.pogo.com/applet/checkeredflag/checker
>> edflag-ob-assets.cab
>> O16 - DPF: Dice Derby by pogo.com -
>>
http://checkeredflag.pogo.com/applet/checkeredflag/checker
>> edflag-ob-assets.cab
>> O16 - DPF: Dominoes by pogo -
>> http://domino.pogo.com/applet/domino/domino-ob-
assets.cab
>> O16 - DPF: Dominoes by pogo.com -
>> http://domino07.pogo.com/applet/domino/domino-ob-
>> assets.cab
>> O16 - DPF: Euchre by pogo -
>> http://euchre.pogo.com/applet/euchre/euchre-ob-
assets.cab
>> O16 - DPF: EZ Win Bingo by pogo -
>> http://bingoe.pogo.com/applet/bingo/bingoe-ob-
assets.cab
>> O16 - DPF: EZ Win Bingo by pogo.com -
>> http://bingoe.pogo.com/applet/bingo/bingoe-ob-
assets.cab
>> O16 - DPF: First Class Solitaire by pogo -
>>
http://solitaire44.pogo.com/applet/solitaire2/solitaire2-
>> ob-assets.cab
>> O16 - DPF: First Class Solitaire by pogo.com -
>> http://temp39.pogo.com/applet/solitaire2/solitaire2-ob-
>> assets.cab
>> O16 - DPF: Fortune Bingo by pogo -
>>
http://superbingo.pogo.com/applet/superbingo/superbingo-
>> ob-assets.cab
>> O16 - DPF: Greenback Bayou by pogo -
>> http://greenback.pogo.com/applet/greenback/greenback-
ob-
>> assets.cab
>> O16 - DPF: Greenback Bayou by pogo.com -
>> http://greenback.pogo.com/applet/greenback/greenback-
ob-
>> assets.cab
>> O16 - DPF: Hammerhead Pool by pogo.com -
>> http://temp14.pogo.com/applet/pool/pool-ob-assets.cab
>> O16 - DPF: Hearts by pogo -
>> http://hearts.pogo.com/applet/hearts/hearts-ob-
assets.cab
>> O16 - DPF: High Stakes Poker by pogo -
>> http://temp77fe.pogo.com/applet/drawpoker/drawpoker-ob-
>> assets.cab
>> O16 - DPF: Jokers Wild Poker by pogo -
>> http://temp91.pogo.com/applet/videopoker2/jokerswild-
ob-
>> assets.cab
>> O16 - DPF: Jungle Gin by pogo -
>> http://gin.pogo.com/applet/gin/gin-ob-assets.cab
>> O16 - DPF: Jungle Gin by pogo.com -
>> http://gin.pogo.com/applet/gin/gin-ob-assets.cab
>> O16 - DPF: Keno by pogo -
>> http://keno.pogo.com/applet/keno/keno-ob-assets.cab
>> O16 - DPF: Keno by pogo.com -
>> http://keno.pogo.com/applet/keno/keno-ob-assets.cab
>> O16 - DPF: Mah Jong Garden by pogo -
>> http://mahjong.pogo.com/applet/mahjong/mahjong-ob-
>> assets.cab
>> O16 - DPF: Payday FreeCell by pogo -
>> http://freecell.pogo.com/applet/freecell/freecell-ob-
>> assets.cab
>> O16 - DPF: Payday FreeCell by pogo.com -
>> http://temp12.pogo.com/applet/freecell/freecell-ob-
>> assets.cab
>> O16 - DPF: Pebble Beach Golf by pogo -
>> http://temp40.pogo.com/applet/pebble/pebble-ob-
assets.cab
>> O16 - DPF: Pirate's Gold by pogo -
>>
http://swashbucks11.pogo.com/applet/piratesgold/piratesgol
>> d-ob-assets.cab
>> O16 - DPF: Pop Fu by pogo -
>> http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
>> O16 - DPF: Pop Fu by pogo.com -
>> http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
>> O16 - DPF: Poppit TM by pogo -
>> http://poppit13.pogo.com/applet/poppit/poppit-ob-
>> assets.cab
>> O16 - DPF: Poppit! TM by pogo.com -
>> http://poppit26.pogo.com/applet/poppit/poppit-ob-
>> assets.cab
>> O16 - DPF: SciFi Slots by pogo -
>> http://temp92.pogo.com/applet/slots/scifi-ob-assets.cab
>> O16 - DPF: Showbiz Slots 2 by pogo.com -
>> http://showbiz2.pogo.com/applet/slots/showbiz2-ob-
>> assets.cab
>> O16 - DPF: Showbiz Slots by pogo.com -
>> http://showbiz.pogo.com/applet/slots/showbiz-ob-
assets.cab
>> O16 - DPF: Spades by pogo.com -
>> http://temp35.pogo.com/applet/spades/spades-ob-
assets.cab
>> O16 - DPF: Squelchies by pogo -
>>
http://squelchies.pogo.com/applet/squelchies/squelchies-
>> ob-assets.cab
>> O16 - DPF: Squelchies by pogo.com -
>>
http://squelchies.pogo.com/applet/squelchies/squelchies-
>> ob-assets.cab
>> O16 - DPF: Sweet Tooth TM by pogo -
>> http://temp81fe.pogo.com/applet/sweettooth/sweettooth-
ob-
>> assets.cab
>> O16 - DPF: Tri-Peaks by pogo -
>> http://peaks.pogo.com/applet/peaks/peaks-ob-assets.cab
>> O16 - DPF: Tumble Bees by pogo -
>> http://temp36.pogo.com/applet/jumbee/jumbee-ob-
assets.cab
>> O16 - DPF: Turbo 21 TM by pogo -
>> http://turbo21.pogo.com/applet/turbo21/turbo21-ob-
>> assets.cab
>> O16 - DPF: Turbo 21 TM by pogo.com -
>> http://temp14.pogo.com/applet/turbo21/turbo21-ob-
>> assets.cab
>> O16 - DPF: Word Whomp by pogo -
>> http://whomp.pogo.com/applet/wordwhomp/wordwhomp-ob-
>> assets.cab
>> O16 - DPF: Word Whomp by pogo.com -
>> http://temp39.pogo.com/applet/wordwhomp/wordwhomp-ob-
>> assets.cab
>> O16 - DPF: Word Whomp Whackdown by pogo -
>> http://whackdown.pogo.com/applet/whackdown/whackdown-
ob-
>> assets.cab
>> O16 - DPF: Word Whomp Whackdown by pogo.com -
>> http://whackdown.pogo.com/applet/whackdown/whackdown-
ob-
>> assets.cab
>> O16 - DPF: World Class Solitaire by pogo -
>> http://klondike.pogo.com/applet/worldclass/worldclass-
ob-
>> assets.cab
>> O16 - DPF: Yahoo! Bingo -
>>
http://download.games.yahoo.com/games/clients/y/xt0_x.cab
>> O16 - DPF: Yahoo! Dice -
>>
http://download.games.yahoo.com/games/clients/y/dct0_x.cab
>> O16 - DPF: Yahoo! Euchre -
>>
http://download.games.yahoo.com/games/clients/y/et0_x.cab
>> O16 - DPF: Yahoo! Toki Toki Boom -
>>
http://download.games.yahoo.com/games/clients/y/vtj_x.cab
>> O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED}
>> (Support.com SmartIssue) -
>>
http://support.charter.com/sdccommon/download/tgctlsi.cab
>> O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}
>> (Support.com Configuration Class) -
>>
http://support.charter.com/sdccommon/download/tgctlcm.cab
>> O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
>> (Shockwave ActiveX Control) -
>>
http://download.macromedia.com/pub/shockwave/cabs/director
>> /sw.cab
>> O16 - DPF: {17163BB4-107E-11D4-9B76-006097DF2317} -
>>
http://www.ea.com/downloads/games/common/boot_strap/iegils
>> .cab
>> O16 - DPF: {1954A4B1-9627-4CF2-A041-58AA2045CB35}
>> (Brix6ie Control) -
>>
http://a19.g.akamai.net/7/19/7125/1410/ftp.coupons.com/v7/
>> brix6ie.cab
>> O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}
>> (MiniBugTransporterX Class) -
>>
http://download.weatherbug.com/minibug/tricklers/AWS/MiniB
>> ugTransporter.cab?rand=20034412
>> O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
>> (YInstStarter Class) -
>> http://download.yahoo.com/dl/installs/yinst.cab
>> O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
>>
http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.inf
>> o.apple.com/borris/us/win/QuickTimeInstaller.exe
>> O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} (MSN
>> Chat Control 4.2) -
>> http://fdl.msn.com/public/chat/msnchat42.cab
>> O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F}
(Update
>> Class) -
>>
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuct
>> l.CAB?37608.7291782407
>> O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78D}
>> (DoomCln Object) -
>> http://www.microsoft.com/security/controls/DoomCln.CAB
>> O16 - DPF: {C6B086D2-146B-47A4-A218-B82DCAF2D872}
>> (cpbrxpie Control) -
>>
http://a19.g.akamai.net/7/19/7125/4003/ftp.coupons.com/r31
>> 20/cpbrxpie.cab
>> O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
>> (Shockwave Flash Object) -
>>
http://download.macromedia.com/pub/shockwave/cabs/flash/sw
>> flash.cab
>> O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} -
>> http://fdl.msn.com/public/chat/msnchat4.cab
>> O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
>>
http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yi
>> ebio5_0_2_1.cab
>>
>>
>
>.
>

---

• Next message: Eli: "Attempted Intrusion from my own PC to another"
• Previous message: Kath: "Pop Ups and Ads"
• In reply to: Tedd Riggs: "Re: HELP hijack this results"
• Next in thread: Mike Burgess: "Re: HELP hijack this results"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)