Can't get rid of homepage "best safetyguide.net"

G

greenvillemhunt

OSNN Newbie
Joined
20 Jun 2006
Messages
2
Ran the SmitFraud fix and other scans in safe mode - no more pop-ups, but the homepage remains.

Any suggestions?

Here's the latest ewido log (HJT and SmitFraud attached):


---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:43:21 AM 6/20/2006

+ Scan result:

C:\WINDOWS\system32\components\flx6.dll -> Not-A-Virus.Hoax.Win32.Renos.dp : Ignored.
C:\WINDOWS\system32\components\flx7.dll -> Not-A-Virus.Hoax.Win32.Renos.dp : Ignored.
:mozilla.10:C:\Documents and Settings\Matt\Application Data\Netscape\NSB\Profiles\6mgxzgm7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.11:C:\Documents and Settings\Matt\Application Data\Netscape\NSB\Profiles\6mgxzgm7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:C:\Documents and Settings\Matt\Application Data\Netscape\NSB\Profiles\6mgxzgm7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:C:\Documents and Settings\Matt\Application Data\Netscape\NSB\Profiles\6mgxzgm7.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.161:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.39:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.41:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:C:\Documents and Settings\Kenny Kaye\Application Data\Mozilla\Profiles\default\idhwdc1p.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.71:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.73:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.74:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Kenny Kaye\Application Data\Mozilla\Profiles\default\idhwdc1p.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.8:C:\Documents and Settings\Kenny Kaye\Application Data\Mozilla\Profiles\default\idhwdc1p.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Abby\Cookies\abby@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Jake\Cookies\jake@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kenny Kaye\Cookies\kenny kaye@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Matt\Cookies\matt@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Matt\Cookies\matt@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.61:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.64:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.65:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.29:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.30:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.33:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.34:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.34:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.35:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.36:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.18:C:\Documents and Settings\Matt\Application Data\Netscape\NSB\Profiles\6mgxzgm7.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.22:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.28:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.31:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.102:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.162:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.163:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.164:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.113:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Kenny Kaye\Cookies\kenny kaye@www.burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.138:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.139:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.25:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.34:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.35:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.38:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.39:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.40:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.46:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Kenny Kaye\Cookies\kenny kaye@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.85:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.86:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.87:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.88:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.89:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.54:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.55:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.59:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.60:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.165:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.168:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.10:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.10:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.11:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.11:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.12:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.12:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.13:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.14:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.15:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.16:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.17:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.18:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.18:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.20:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.21:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.6:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.7:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.8:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.90:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.92:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.93:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.9:C:\Documents and Settings\Abby\Application Data\Netscape\NSB\Profiles\u0z8pnzx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Abby\Cookies\abby@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Jake\Cookies\jake@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.17:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.18:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.143:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Kenny Kaye\Cookies\kenny kaye@data4.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.146:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.147:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.148:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.149:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.35:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.36:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.37:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.38:C:\Documents and Settings\Jake\Application Data\Netscape\NSB\Profiles\2rt6ahpj.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.76:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.77:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.78:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.130:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.131:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.132:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.133:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.134:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.135:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.136:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.108:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.109:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.110:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.127:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.128:C:\Documents and Settings\Kenny Kaye\Application Data\Netscape\NSB\Profiles\hw8dqntb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kenny Kaye\Cookies\kenny kaye@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end
 

Attachments

  • SmitFraud6.19.8.38.txt
    1.2 KB · Views: 124
  • hijackthis6.20.6.txt
    7.7 KB · Views: 93
You have two things in your HJT log that should be removed:

O2 - BHO: (no name) - {7fcf04b6-6354-47ef-b45e-a48268e92757} - C:\WINDOWS\System32\ixt0.dll
O4 - HKCU\..\Run: [68e8f6f7.exe] C:\Documents and Settings\Matt\Local Settings\Application Data\68e8f6f7.exe

Reboot into safemode and delete:

C:\Documents and Settings\Matt\Local Settings\Application Data\68e8f6f7.exe <--file
C:\WINDOWS\System32\issearch.exe <--file

reboot and post a new log.
 
if that don't work, as a temporary fix (if you're using IE.... dunno if it works for FireFox, Opera, etc...), create a shortcut on your desktop if you don't already have one. go to the properties of said shortcut, and in the Target box, at the end put a space, then "-nohome" without the quotes. that might be able to override it until the real problem is discovered.
 
The BHO is the real problem.
 
Try the free trial of this program Ewido Security Suite

When you ran SmitFraud fix make sure your system restore is off in windows and run it in safemode. After you do this run a clean up. CCcleaner is good. Or follow these instructions.

Do a disk cleanup. Go to Start > Run and type in the box: Cleanmgr
Wait while Windows scans your system for files to delete.
Make sure these 3 are checkmarked and press *ok* to delete them.

Temporary Files
Temporary Internet Files
Recycle Bin
....................................................
And be sure to follow up with a full system scan with Adaware SE
....................................
Now that your PC is clean, make sure all programs are running properly and then you'll need to reset your restore point in Windows XP.......why?

One of the best features of Windows ME or XP is the System Restore option, however if a malware infects a computer with this operating system it can be backed up in the System Restore folder. Therefore, clearing the restore points is necessary after malware removal.

To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

(winXP)

1. Turn off System Restore.
Go to Start and right-click on *My Computer*.
Click Properties.
Click the System Restore tab.
Put a Checkmark in the box next to "Turn off System Restore".
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
Go to Start and right-click on *My Computer*.
Click Properties.
Click the System Restore tab.
Remove the checkmark next to "Turn off System Restore".
Click Apply, and then click OK.

How to Turn On and Turn Off System Restore in Windows XP
http://support.microsoft.com/default.aspx?...kb;en-us;310405

Next, I highly recommend you get some extra protection to prevent future infections. Here are some things you can do and some free programs to help
smile.gif
.
How do I prevent Browser Hijacks and Spyware?
http://www.dslreports.com/faq/13620

I'm happy to see you have SP2 installed. That will address numerous security issues in your Operating System and IE
Make sure that you keep your Operating System and IE updated with the latest Critical Security Updates from Microsoft...they usually come out once a month, on the 2nd Tuesday of each month. This is the first step in malware prevention, as many nasties now take advantage of new exploits and if not patched, you are vulnerable!
Windows Update
http://update.microsoft.com/microsoftupdate/

And see this link for instructions on how to configure the enhanced security features in SP2:
http://www.microsoft.com/technet/security/...xp/iesecxp.mspx

I also highly recommend to get the free tool, Microsoft Baseline Security Analyzer (MBSA) from Microsoft to analyze your PC security for prevention purposes.

MBSA Version 2.0 will scan for common system misconfigurations on Windows 2000, Windows XP, and Windows Server 2003 systems. This program will identify the system security weaknesses in your browser and operating system and provides easy instructions to correct them. This includes any missing critical Windows security updates, system vulnerabilities and your IE Browser security settings. Get the download here:
Microsoft Baseline Security Analyzer
http://www.microsoft.com/technet/security/...s/mbsahome.mspx
Choose MBSAsetup-EN.msi = (English Version) or the language appropriate for you
 
Last edited:
Seems to have done the trick. Thanks.
Here's the new log:

Logfile of HijackThis v1.99.1
Scan saved at 7:51:53 PM, on 6/20/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\COMPAQ\CPQINET\CPQInet.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\Program Files\Norton Internet Security\ATRACK.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Matt\Desktop\HijackThis\HijackThis.exe
C:\WINDOWS\ServicePackFiles\i386\iexplore.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {7fcf04b6-6354-47ef-b45e-a48268e92757} - C:\WINDOWS\System32\ixt0.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunOnce: [Compaq_RBA] C:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exe -z
O4 - HKCU\..\Run: [MoneyStartUp] c:\Program Files\Microsoft Money\System\Money Startup.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150669317765
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O23 - Service: Compaq Advisor (Compaq_RBA) - NeoPlanet - C:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISSERV.EXE
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\SymProxySvc.exe
 
Looks clean, you have one orphaned entry that should be removed:

O2 - BHO: (no name) - {7fcf04b6-6354-47ef-b45e-a48268e92757} - C:\WINDOWS\System32\ixt0.dll (file missing)
 
You must log in or register to reply here.

Members online

No members online now.
Total: 431 (members: 1, guests: 430)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back