A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Security and Administration with Windows XP
Reload this Page hijacked home page
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

hijacked home page


« Previous Thread | Next Thread »

 
 
Thread Tools Display Modes
  #1  
Old September 13th 04, 09:47 PM
CANT FIX HIJACKED HOMEPAGE
external usenet poster
  
Posts: n/a
Default hijacked home page
i have tried everything from adaware,hijack this , browser hijack blaster ,
cws shredder ,antivirus software and even did the step by step guide from one
of the experts(sorry i cant remember youre name)but nothing has fixed my
problem . adaware finds everything i think but it still goes back to the sane
page which is msn search page but with an address
res://ycrm.dll/index.html#35759 and many other addresses of the same content
but with a different res://****.html#35759, i am not sure but i think that
this address is also linked to my problem www.v61.com. here is a log from my
adaware. NOTICE NUMBER TWO!!!
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :13 September 2004 19:53:37
Created with Ad-aware Personal, free for private use.
Using reference-file :01R340 06.09.2004
__________________________________________________ ____

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file


13-09-2004 19:53:37 - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 13-09-2004 17:51:25
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 105 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:40
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:55

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:22
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:50

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 13-09-2004 17:51:29
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:43
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:57

#:8 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 309 KB
FileVersion : 1.03.4
ProductVersion : 1.03.4
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Event Manager
Created on : 13/11/2002 16:44:02
Last accessed : 13/09/2004 18:53:06
Last modified : 13/11/2002 16:44:02

#:9 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 113 KB
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 14/11/2002 19:41:26
Last accessed : 13/09/2004 18:53:07
Last modified : 14/11/2002 19:41:26

#:10 [nisum.exe]
FilePath : C:\Program Files\Norton Internet Security\
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 137 KB
FileVersion : 6.02.1015
ProductVersion : 6.02.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security NISUM
InternalName : NISUM
OriginalFilename : NISUM.exe
ProductName : Norton Internet Security
Created on : 14/11/2002 19:31:24
Last accessed : 13/09/2004 18:53:37
Last modified : 14/11/2002 19:31:24

#:11 [nkkua]
FilePath : C:\WINDOWS\wiaservc.log:
ThreadCreationTime : 13-09-2004 17:51:32
BasePriority : Normal


#:12 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 13-09-2004 17:51:35
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:13 [ccpxysvc.exe]
FilePath : C:\Program Files\Norton Internet Security\
ThreadCreationTime : 13-09-2004 17:51:35
BasePriority : Normal
FileSize : 33 KB
FileVersion : 6.02.1015
ProductVersion : 6.02.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security Proxy Service
InternalName : ccPxySvc
OriginalFilename : ccPxySvc.exe
ProductName : Norton Internet Security
Created on : 14/11/2002 19:30:06
Last accessed : 13/09/2004 18:53:37
Last modified : 14/11/2002 19:30:06

#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 13-09-2004 18:52:31
BasePriority : Normal
FileSize : 1008 KB
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 06/08/2004 04:52:07
Last accessed : 13/09/2004 18:52:34
Last modified : 04/08/2004 07:56:49

#:15 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 05/08/2003 16:07:27
Last accessed : 13/09/2004 18:52:36
Last modified : 05/08/2003 16:07:27

#:16 [soundman.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 53 KB
FileVersion : 5.1.00
ProductVersion : 5.1.00
Copyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 21/08/2004 11:28:08
Last accessed : 13/09/2004 18:52:36
Last modified : 21/08/2004 11:28:08

#:17 [sdkss.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 27 KB
Created on : 11/08/2004 03:30:06
Last accessed : 13/09/2004 18:52:36
Last modified : 11/08/2004 03:30:06

#:18 [traycontrol.exe]
FilePath : C:\Program Files\Packard Bell EverSafe\
ThreadCreationTime : 13-09-2004 18:52:37
BasePriority : Normal
FileSize : 744 KB
FileVersion : 4.0
ProductVersion : 4.0
Copyright : Copyright
CompanyName : NovaStor Corporation
FileDescription : Tray Control
InternalName : TRAYCONTROL
OriginalFilename : TrayControl.exe
ProductName : NovaNet-WEB
Created on : 02/01/2004 23:39:37
Last accessed : 13/09/2004 18:52:37
Last modified : 31/07/2002 15:00:36

#:19 [em_exec.exe]
FilePath : C:\PROGRA~1\MOUSEW~1\SYSTEM\
ThreadCreationTime : 13-09-2004 18:52:37
BasePriority : Normal
FileSize : 34 KB
FileVersion : 9.43.75
ProductVersion : 9.43
Copyright : Copyright
CompanyName : Logitech Inc.
FileDescription : Control Center
InternalName : EM_EXEC
OriginalFilename : EM_EXEC.CPP
ProductName : MouseWare
Created on : 05/08/2003 15:58:13
Last accessed : 13/09/2004 18:52:37
Last modified : 28/01/2002 08:43:00

#:20 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 53 KB
FileVersion : 1.03.15
ProductVersion : 1.03.15
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 14/11/2002 19:29:06
Last accessed : 13/09/2004 18:53:08
Last modified : 14/11/2002 19:29:06

#:21 [atiptaxx.exe]
FilePath : C:\ATI Technologies\ATI Control Panel\
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 328 KB
FileVersion : 6.14.10.5019
ProductVersion : 6.14.10.5019
Copyright : Copyright (C) 1998-2002 ATI Technologies Inc.
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
OriginalFilename : Atiptaxx.exe
ProductName : ATI Desktop Component
Created on : 05/08/2003 15:58:53
Last accessed : 13/09/2004 18:52:38
Last modified : 19/06/2003 12:31:00

#:22 [aboard.exe]
FilePath : C:\apps\ABoard\
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 24 KB
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
Copyright : Copyright (C) 2003
CompanyName : NEC Computers International
FileDescription : Activboard Application
InternalName : Activboard
OriginalFilename : ABoard.exe
ProductName : Activboard Application
Created on : 05/08/2003 16:06:05
Last accessed : 13/09/2004 18:52:39
Last modified : 02/05/2003 10:31:50

#:23 [spykiller.exe]
FilePath : C:\Program Files\SpyKiller\
ThreadCreationTime : 13-09-2004 18:52:41
BasePriority : Normal
FileSize : 261 KB
FileVersion : 1.00
ProductVersion : 1.00
CompanyName : www.spykiller.com
FileDescription : SpyWare/AdWare Remover
InternalName : SpyKiller
OriginalFilename : SpyKiller.exe
ProductName : SpyKiller 2004
Created on : 01/07/2003 06:04:18
Last accessed : 13/09/2004 18:52:41
Last modified : 10/06/2004 06:01:52

#:24 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ThreadCreationTime : 13-09-2004 18:52:41
BasePriority : Normal
FileSize : 1628 KB
FileVersion : 4.7.3000
ProductVersion : Version 4.7.3000
Copyright : Copyright (c) Microsoft Corporation 2004
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 19:05:20
Last accessed : 13/09/2004 17:55:38
Last modified : 04/08/2004 07:56:53

#:25 [quickdcf.exe]
FilePath : C:\Program Files\FinePixViewer\
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 196 KB
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
Copyright : Copyright 2000-2003 FUJI PHOTO FILM CO.,LTD.
CompanyName : FUJI PHOTO FILM CO., LTD.
FileDescription : Exif Launcher
InternalName : QuickDCF
OriginalFilename : QuickDCF.exe
ProductName : FinePixViewer
Created on : 19/05/2004 22:53:05
Last accessed : 13/09/2004 18:52:42
Last modified : 20/12/2002 15:18:40

#:26 [hpohmr08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 144 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOHMR08
OriginalFilename : HPOHMR08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 06/04/2003 01:17:18
Last accessed : 13/09/2004 18:53:37
Last modified : 06/04/2003 01:17:18

#:27 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
OriginalFilename : hpotdd01.exe
ProductName : Hewlett-Packard hpotdd01
Created on : 06/04/2003 01:06:58
Last accessed : 13/09/2004 18:52:42
Last modified : 06/04/2003 01:06:58

#:28 [aosd.exe]
FilePath : C:\apps\ABoard\
ThreadCreationTime : 13-09-2004 18:52:43
BasePriority : ?
FileSize : 68 KB
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
Copyright : Copyright (C) 2003
CompanyName : NEC Computers International
FileDescription : ActivOSD Application
InternalName : ActivOSD
OriginalFilename : ActivOSD.exe
ProductName : ActivOSD Application
Created on : 05/08/2003 16:06:05
Last accessed : 13/09/2004 18:52:43
Last modified : 02/05/2003 10:31:38

#:29 [calcheck.exe]
FilePath : C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\
ThreadCreationTime : 13-09-2004 18:52:43
BasePriority : Normal
FileSize : 68 KB
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
Copyright : Copyright (C) 1992-1999.Ulead Systems, Inc.
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
OriginalFilename : CalCheck.EXE
ProductName : Calendar Checker Application
Created on : 02/01/2004 22:41:28
Last accessed : 13/09/2004 18:53:37
Last modified : 16/04/2002 16:11:28

#:30 [hpoevm08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 13-09-2004 18:52:51
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
OriginalFilename : HPOEVM08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 06/04/2003 00:45:10
Last accessed : 13/09/2004 18:53:02
Last modified : 06/04/2003 00:45:10

#:31 [hposts08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
ThreadCreationTime : 13-09-2004 18:52:56
BasePriority : Normal
FileSize : 304 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
OriginalFilename : HPOSTS08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 06/04/2003 00:55:04
Last accessed : 13/09/2004 18:53:37
Last modified : 06/04/2003 00:55:04

#:32 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 13-09-2004 18:53:31
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 29/07/2004 20:44:08
Last accessed : 13/09/2004 18:22:03
Last modified : 12/07/2003 20:00:20

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Deep scanning and examining files (C
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

CoolWebSearch Object recognized!
Type : File
Data : a0003236.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 07/09/2004 22:17:40
Last accessed : 13/09/2004 18:43:29
Last modified : 07/09/2004 22:17:40

CoolWebSearch Object recognized!
Type : File
Data : a0003237.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 23/08/2004 18:47:20
Last accessed : 13/09/2004 18:43:29
Last modified : 23/08/2004 18:47:20

CoolWebSearch Object recognized!
Type : File
Data : a0003238.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 28/08/2004 18:05:09
Last accessed : 13/09/2004 18:43:29
Last modified : 28/08/2004 18:05:09

CoolWebSearch Object recognized!
Type : File
Data : a0003239.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 31/08/2004 02:37:36
Last accessed : 13/09/2004 18:43:29
Last modified : 31/08/2004 02:37:36

CoolWebSearch Object recognized!
Type : File
Data : a0003244.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 11/08/2004 05:53:47
Last accessed : 13/09/2004 18:43:30
Last modified : 11/08/2004 05:53:47

CoolWebSearch Object recognized!
Type : File
Data : a0003245.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 03/08/2004 19:18:56
Last accessed : 13/09/2004 18:43:30
Last modified : 03/08/2004 19:18:56

CoolWebSearch Object recognized!
Type : File
Data : a0003247.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 14/08/2004 08:38:06
Last accessed : 13/09/2004 18:43:30
Last modified : 14/08/2004 08:38:06

CoolWebSearch Object recognized!
Type : File
Data : a0003248.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 09/08/2004 21:04:51
Last accessed : 13/09/2004 18:43:30
Last modified : 09/08/2004 21:04:51

CoolWebSearch Object recognized!
Type : File
Data : a0003249.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 04/08/2004 05:13:46
Last accessed : 13/09/2004 18:43:30
Last modified : 04/08/2004 05:13:46

CoolWebSearch Object recognized!
Type : File
Data : a0003250.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 26/08/2004 03:08:03
Last accessed : 13/09/2004 18:43:30
Last modified : 26/08/2004 03:08:03

CoolWebSearch Object recognized!
Type : File
Data : a0003251.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 31/08/2004 12:31:24
Last accessed : 13/09/2004 18:43:30
Last modified : 31/08/2004 12:31:24

CoolWebSearch Object recognized!
Type : File
Data : a0003252.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 17/08/2004 17:53:11
Last accessed : 13/09/2004 18:43:30
Last modified : 17/08/2004 17:53:11

CoolWebSearch Object recognized!
Type : File
Data : a0003253.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 06/08/2004 00:44:07
Last accessed : 13/09/2004 18:43:30
Last modified : 06/08/2004 00:44:07

CoolWebSearch Object recognized!
Type : File
Data : a0003254.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 10/09/2004 16:50:23
Last accessed : 13/09/2004 18:43:30
Last modified : 10/09/2004 16:50:23

CoolWebSearch Object recognized!
Type : File
Data : a0003261.dll
Object : C:\System Volume
Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 04/09/2004 03:20:31
Last accessed : 13/09/2004 18:43:30
Last modified : 04/09/2004 03:20:31

Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 41

Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

CoolWebSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object :
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstal l\HSA

CoolWebSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object :
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstal l\SE

CoolWebSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object :
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstal l\SW

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 3
Objects found so far: 44

20:05:17 Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:11:40:281
Objects scanned :182283
Objects identified :44
Objects ignored :0
New objects :44
THANK YOU FOR YOUR HELP
Ads
  #2  
Old September 14th 04, 01:45 AM
external usenet poster
  
Posts: n/a
Default hijacked home page
Hi, I'm a fellow victim who hasn't solved the problem=20
yet but here's something that may help you: On=20
SecuriTeam.com under "removing about:blank homepage=20
hijacker" I found directions to uncover the name of a=20
hidden file that needs to be removed along with the files=20
hijackThis uncovers. Unfortunately for me the program=20
Reglite.exe doesn't appear to work with Windows xp home=20
edition. Let me know if it works for you. =20
Good luck
=20
-----Original Message-----
i have tried everything from adaware,hijack this ,=20
browser hijack blaster ,=20
cws shredder ,antivirus software and even did the step=20
by step guide from one=20
of the experts(sorry i cant remember youre name)but=20
nothing has fixed my=20
problem . adaware finds everything i think but it still=20
goes back to the sane=20
page which is msn search page but with an address=20
res://ycrm.dll/index.html#35759 and many other addresses=20
of the same content=20
but with a different res://****.html#35759, i am not=20
sure but i think that=20
this address is also linked to my problem www.v61.com.=20
here is a log from my=20
adaware. NOTICE NUMBER TWO!!!
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :13 September 2004 19:53:37
Created with Ad-aware Personal, free for private use.
Using reference-file :01R340 06.09.2004
_________________________________________________ _____

Ad-aware Settings
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= 3D=3D=3D=3D=3D=3D=3D=3D=
=3D
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file


13-09-2004 19:53:37 - Scan started. (Custom mode)

Listing running processes
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 13-09-2004 17:51:25
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 105 KB
FileVersion : 5.1.2600.2180=20
(xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft=20
Created on : 19/09/2002 19:26:40
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:55

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.2180=20
(xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft=20
Created on : 19/09/2002 19:26:22
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:50

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180=20
(xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32=20
Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft=20
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 13-09-2004 17:51:29
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180=20
(xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32=20
Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft=20
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.2600.2180=20
(xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft=20
Created on : 19/09/2002 19:26:43
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:57

#:8 [ccevtmgr.exe]
FilePath : C:\Program Files\Common=20
Files\Symantec Shared\
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 309 KB
FileVersion : 1.03.4
ProductVersion : 1.03.4
Copyright : Copyright (c) 2000-2002=20
Symantec Corporation. All=20
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Event Manager
Created on : 13/11/2002 16:44:02
Last accessed : 13/09/2004 18:53:06
Last modified : 13/11/2002 16:44:02

#:9 [navapsvc.exe]
FilePath : C:\Program Files\Norton=20
AntiVirus\
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 113 KB
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
Copyright : Copyright (c) 2000-2002=20
Symantec Corporation. All=20
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect=20
Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 14/11/2002 19:41:26
Last accessed : 13/09/2004 18:53:07
Last modified : 14/11/2002 19:41:26

#:10 [nisum.exe]
FilePath : C:\Program Files\Norton=20
Internet Security\
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 137 KB
FileVersion : 6.02.1015
ProductVersion : 6.02.1015
Copyright : Copyright (c) 2000-2002=20
Symantec Corporation. All=20
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security NISUM
InternalName : NISUM
OriginalFilename : NISUM.exe
ProductName : Norton Internet Security
Created on : 14/11/2002 19:31:24
Last accessed : 13/09/2004 18:53:37
Last modified : 14/11/2002 19:31:24

#:11 [nkkua]
FilePath : C:\WINDOWS\wiaservc.log:
ThreadCreationTime : 13-09-2004 17:51:32
BasePriority : Normal


#:12 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 13-09-2004 17:51:35
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180=20
(xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32=20
Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft=20
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:13 [ccpxysvc.exe]
FilePath : C:\Program Files\Norton=20
Internet Security\
ThreadCreationTime : 13-09-2004 17:51:35
BasePriority : Normal
FileSize : 33 KB
FileVersion : 6.02.1015
ProductVersion : 6.02.1015
Copyright : Copyright (c) 2000-2002=20
Symantec Corporation. All=20
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security Proxy=20
Service
InternalName : ccPxySvc
OriginalFilename : ccPxySvc.exe
ProductName : Norton Internet Security
Created on : 14/11/2002 19:30:06
Last accessed : 13/09/2004 18:53:37
Last modified : 14/11/2002 19:30:06

#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 13-09-2004 18:52:31
BasePriority : Normal
FileSize : 1008 KB
FileVersion : 6.00.2900.2180=20
(xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft=20
Created on : 06/08/2004 04:52:07
Last accessed : 13/09/2004 18:52:34
Last modified : 04/08/2004 07:56:49

#:15 [realsched.exe]
FilePath : C:\Program Files\Common=20
Files\Real\Update_OB\
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright =20
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)=20
Created on : 05/08/2003 16:07:27
Last accessed : 13/09/2004 18:52:36
Last modified : 05/08/2003 16:07:27

#:16 [soundman.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 53 KB
FileVersion : 5.1.00
ProductVersion : 5.1.00
Copyright : Copyright (c) 2001-2003 Realtek=20
Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 21/08/2004 11:28:08
Last accessed : 13/09/2004 18:52:36
Last modified : 21/08/2004 11:28:08

#:17 [sdkss.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 27 KB
Created on : 11/08/2004 03:30:06
Last accessed : 13/09/2004 18:52:36
Last modified : 11/08/2004 03:30:06

#:18 [traycontrol.exe]
FilePath : C:\Program Files\Packard Bell=20
EverSafe\
ThreadCreationTime : 13-09-2004 18:52:37
BasePriority : Normal
FileSize : 744 KB
FileVersion : 4.0
ProductVersion : 4.0
Copyright : Copyright =20
CompanyName : NovaStor Corporation
FileDescription : Tray Control
InternalName : TRAYCONTROL
OriginalFilename : TrayControl.exe
ProductName : NovaNet-WEB
Created on : 02/01/2004 23:39:37
Last accessed : 13/09/2004 18:52:37
Last modified : 31/07/2002 15:00:36

#:19 [em_exec.exe]
FilePath : C:\PROGRA~1\MOUSEW~1\SYSTEM\
ThreadCreationTime : 13-09-2004 18:52:37
BasePriority : Normal
FileSize : 34 KB
FileVersion : 9.43.75=20
ProductVersion : 9.43=20
Copyright : Copyright =20
CompanyName : Logitech=20
Inc. =20
FileDescription : Control Center
InternalName : EM_EXEC
OriginalFilename : EM_EXEC.CPP
ProductName : MouseWare=20
Created on : 05/08/2003 15:58:13
Last accessed : 13/09/2004 18:52:37
Last modified : 28/01/2002 08:43:00

#:20 [ccapp.exe]
FilePath : C:\Program Files\Common=20
Files\Symantec Shared\
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 53 KB
FileVersion : 1.03.15
ProductVersion : 1.03.15
Copyright : Copyright (c) 2000-2002=20
Symantec Corporation. All=20
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 14/11/2002 19:29:06
Last accessed : 13/09/2004 18:53:08
Last modified : 14/11/2002 19:29:06

#:21 [atiptaxx.exe]
FilePath : C:\ATI Technologies\ATI Control=20
Panel\
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 328 KB
FileVersion : 6.14.10.5019
ProductVersion : 6.14.10.5019
Copyright : Copyright (C) 1998-2002 ATI=20
Technologies Inc.
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
OriginalFilename : Atiptaxx.exe
ProductName : ATI Desktop Component
Created on : 05/08/2003 15:58:53
Last accessed : 13/09/2004 18:52:38
Last modified : 19/06/2003 12:31:00

#:22 [aboard.exe]
FilePath : C:\apps\ABoard\
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 24 KB
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
Copyright : Copyright (C) 2003
CompanyName : NEC Computers International
FileDescription : Activboard Application
InternalName : Activboard
OriginalFilename : ABoard.exe
ProductName : Activboard Application
Created on : 05/08/2003 16:06:05
Last accessed : 13/09/2004 18:52:39
Last modified : 02/05/2003 10:31:50

#:23 [spykiller.exe]
FilePath : C:\Program Files\SpyKiller\
ThreadCreationTime : 13-09-2004 18:52:41
BasePriority : Normal
FileSize : 261 KB
FileVersion : 1.00=20
ProductVersion : 1.00=20
CompanyName : www.spykiller.com=20
FileDescription : SpyWare/AdWare Remover=20
InternalName : SpyKiller=20
OriginalFilename : SpyKiller.exe=20
ProductName : SpyKiller 2004=20
Created on : 01/07/2003 06:04:18
Last accessed : 13/09/2004 18:52:41
Last modified : 10/06/2004 06:01:52

#:24 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ThreadCreationTime : 13-09-2004 18:52:41
BasePriority : Normal
FileSize : 1628 KB
FileVersion : 4.7.3000
ProductVersion : Version 4.7.3000
Copyright : Copyright (c) Microsoft=20
Corporation 2004
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 19:05:20
Last accessed : 13/09/2004 17:55:38
Last modified : 04/08/2004 07:56:53

#:25 [quickdcf.exe]
FilePath : C:\Program Files\FinePixViewer\
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 196 KB
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
Copyright : Copyright 2000-2003 FUJI PHOTO=20
FILM CO.,LTD.
CompanyName : FUJI PHOTO FILM CO., LTD.
FileDescription : Exif Launcher
InternalName : QuickDCF
OriginalFilename : QuickDCF.exe
ProductName : FinePixViewer
Created on : 19/05/2004 22:53:05
Last accessed : 13/09/2004 18:52:42
Last modified : 20/12/2002 15:18:40

#:26 [hpohmr08.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Digital Imaging\bin\
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 144 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard=20
Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOHMR08
OriginalFilename : HPOHMR08.EXE
ProductName : hp digital imaging - hp all-in-
one series
Created on : 06/04/2003 01:17:18
Last accessed : 13/09/2004 18:53:37
Last modified : 06/04/2003 01:17:18

#:27 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Digital Imaging\bin\
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright =20
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
OriginalFilename : hpotdd01.exe
ProductName : Hewlett-Packard hpotdd01
Created on : 06/04/2003 01:06:58
Last accessed : 13/09/2004 18:52:42
Last modified : 06/04/2003 01:06:58

#:28 [aosd.exe]
FilePath : C:\apps\ABoard\
ThreadCreationTime : 13-09-2004 18:52:43
BasePriority : ?
FileSize : 68 KB
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
Copyright : Copyright (C) 2003
CompanyName : NEC Computers International
FileDescription : ActivOSD Application
InternalName : ActivOSD
OriginalFilename : ActivOSD.exe
ProductName : ActivOSD Application
Created on : 05/08/2003 16:06:05
Last accessed : 13/09/2004 18:52:43
Last modified : 02/05/2003 10:31:38

#:29 [calcheck.exe]
FilePath : C:\APPS\Ulead Systems\Ulead=20
Photo Express 4.0 SE\
ThreadCreationTime : 13-09-2004 18:52:43
BasePriority : Normal
FileSize : 68 KB
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
Copyright : Copyright (C) 1992-1999.Ulead=20
Systems, Inc.
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar=20
Checker
InternalName : CalCheck
OriginalFilename : CalCheck.EXE
ProductName : Calendar Checker Application
Created on : 02/01/2004 22:41:28
Last accessed : 13/09/2004 18:53:37
Last modified : 16/04/2002 16:11:28

#:30 [hpoevm08.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Digital Imaging\bin\
ThreadCreationTime : 13-09-2004 18:52:51
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard=20
Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
OriginalFilename : HPOEVM08.EXE
ProductName : hp digital imaging - hp all-in-
one series
Created on : 06/04/2003 00:45:10
Last accessed : 13/09/2004 18:53:02
Last modified : 06/04/2003 00:45:10

#:31 [hposts08.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Digital Imaging\Bin\
ThreadCreationTime : 13-09-2004 18:52:56
BasePriority : Normal
FileSize : 304 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard=20
Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
OriginalFilename : HPOSTS08.EXE
ProductName : hp digital imaging - hp all-in-
one series
Created on : 06/04/2003 00:55:04
Last accessed : 13/09/2004 18:53:37
Last modified : 06/04/2003 00:55:04

#:32 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 13-09-2004 18:53:31
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright =20
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 29/07/2004 20:44:08
Last accessed : 13/09/2004 18:22:03
Last modified : 12/07/2003 20:00:20

Memory scan result :
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF
New objects : 0
Objects found so far: 0


Started registry scan
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF

Registry scan result :
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF
New objects : 0
Objects found so far: 0


Started deep registry scan
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF

Deep registry scan result :
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF
New objects : 0
Objects found so far: 0


Deep scanning and examining files (C
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF

CoolWebSearch Object recognized!
Type : File
Data : a0003236.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 07/09/2004 22:17:40
Last accessed : 13/09/2004 18:43:29
Last modified : 07/09/2004 22:17:40

CoolWebSearch Object recognized!
Type : File
Data : a0003237.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 23/08/2004 18:47:20
Last accessed : 13/09/2004 18:43:29
Last modified : 23/08/2004 18:47:20

CoolWebSearch Object recognized!
Type : File
Data : a0003238.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 28/08/2004 18:05:09
Last accessed : 13/09/2004 18:43:29
Last modified : 28/08/2004 18:05:09

CoolWebSearch Object recognized!
Type : File
Data : a0003239.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 31/08/2004 02:37:36
Last accessed : 13/09/2004 18:43:29
Last modified : 31/08/2004 02:37:36

CoolWebSearch Object recognized!
Type : File
Data : a0003244.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 11/08/2004 05:53:47
Last accessed : 13/09/2004 18:43:30
Last modified : 11/08/2004 05:53:47

CoolWebSearch Object recognized!
Type : File
Data : a0003245.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 03/08/2004 19:18:56
Last accessed : 13/09/2004 18:43:30
Last modified : 03/08/2004 19:18:56
=20
CoolWebSearch Object recognized!
Type : File
Data : a0003247.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 14/08/2004 08:38:06
Last accessed : 13/09/2004 18:43:30
Last modified : 14/08/2004 08:38:06

CoolWebSearch Object recognized!
Type : File
Data : a0003248.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 09/08/2004 21:04:51
Last accessed : 13/09/2004 18:43:30
Last modified : 09/08/2004 21:04:51

CoolWebSearch Object recognized!
Type : File
Data : a0003249.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 04/08/2004 05:13:46
Last accessed : 13/09/2004 18:43:30
Last modified : 04/08/2004 05:13:46

CoolWebSearch Object recognized!
Type : File
Data : a0003250.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 26/08/2004 03:08:03
Last accessed : 13/09/2004 18:43:30
Last modified : 26/08/2004 03:08:03

CoolWebSearch Object recognized!
Type : File
Data : a0003251.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 31/08/2004 12:31:24
Last accessed : 13/09/2004 18:43:30
Last modified : 31/08/2004 12:31:24

CoolWebSearch Object recognized!
Type : File
Data : a0003252.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 17/08/2004 17:53:11
Last accessed : 13/09/2004 18:43:30
Last modified : 17/08/2004 17:53:11

CoolWebSearch Object recognized!
Type : File
Data : a0003253.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 06/08/2004 00:44:07
Last accessed : 13/09/2004 18:43:30
Last modified : 06/08/2004 00:44:07

CoolWebSearch Object recognized!
Type : File
Data : a0003254.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 10/09/2004 16:50:23
Last accessed : 13/09/2004 18:43:30
Last modified : 10/09/2004 16:50:23

CoolWebSearch Object recognized!
Type : File
Data : a0003261.dll
Object : C:\System Volume=20
Information\_restore{98E46F0A-9DA1-4258-92C4-
7CCAE5D21E6E}\RP17\
FileSize : 55 KB
Created on : 04/09/2004 03:20:31
Last accessed : 13/09/2004 18:43:30
Last modified : 04/09/2004 03:20:31

Disk scan result for C:\
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF
New objects : 0
Objects found so far: 41

Performing conditional scans..
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF

CoolWebSearch Object recognized!
Type : RegKey
Data :=20
Rootkey : HKEY_LOCAL_MACHINE
Object :=20
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninsta ll\HSA

CoolWebSearch Object recognized!
Type : RegKey
Data :=20
Rootkey : HKEY_LOCAL_MACHINE
Object :=20
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninsta ll\SE

CoolWebSearch Object recognized!
Type : RegKey
Data :=20
Rootkey : HKEY_LOCAL_MACHINE
Object :=20
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninsta ll\SW

Conditional scan result:
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF
New objects : 3
Objects found so far: 44

20:05:17 Scan complete

Summary of this scan
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF= C2=AF=C2=AF=C2=AF=C2=AF=
=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C 2=AF=C2=AF=C2=AF=C2=AF=C2=
=AF=C2=AF=C2=AF=C2=AF=C2
=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=AF=C2=A F=C2=AF
Total scanning time :00:11:40:281
Objects scanned :182283
Objects identified :44
Objects ignored :0
New objects :44
THANK YOU FOR YOUR HELP
.
 



« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Home Page In IE6 Hijacked Dave Hannam Windows XP Help and Support 7 September 12th 04 05:18 AM
Hijacked Internet Explore Home Page George Performance and Maintainance of XP 1 September 5th 04 02:38 AM
IE6 Won't change Home Page Pop Windows XP Help and Support 1 August 31st 04 12:19 AM
Hijacked Home Page Afshin Hakim Security and Administration with Windows XP 1 August 31st 04 12:09 AM
option for changing home page is totally disabled ron howard Networking and the Internet with Windows XP 2 August 26th 04 11:32 PM






All times are GMT +1. The time now is 11:42 AM.

Feed Icon - Contact Us - Windows XP Help Forum home - FAQ - Links - Privacy Statement - Top

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.