analyze - Techist - Tech Forum

Go Back   Techist - Tech Forum > Security | Computer, Devices, Software and Systems > Viruses, Spyware and Malware > HijackThis Logs (finished)
Click Here to Login
 
 
Thread Tools Display Modes
 
Old 03-29-2005, 01:11 AM   #1 (permalink)
Newb Techie
 
Join Date: Mar 2005
Posts: 2
Send a message via Yahoo to chuckles
Default analyze

Please analze attached. I picked up Magic ps v1.5 se ++. I followed directions given, however when I log on to my yahoo messenger. My password is continually hacked. Am I doing something wrong?
Attached Files
File Type: txt log.txt (6.2 KB, 65 views)
__________________

__________________
chuckles is offline  
Old 03-30-2005, 03:10 PM   #2 (permalink)
True Techie
 
Join Date: Mar 2005
Posts: 138
Default

These look suspicious:

C:\PROGRAM FILES\PARTYPOKER\PARTYPOKER.EXE
C:\WINDOWS\STARTER.EXE
C:\VEXPLITE\MONLITE.EXE

And I think this has hijacked your IE:

C:\PROGRAM FILES\BLUELIGHT INTERNET\EXEC.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mybluelight.com/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mybluelight.com/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mybluelight.com/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mybluelight.com/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mybluelight.com/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.mybluelight.com/s/search?r=minisearch
__________________

z3phyr04 is offline  
Old 03-30-2005, 03:37 PM   #3 (permalink)
Newb Techie
 
Join Date: Mar 2005
Posts: 2
Send a message via Yahoo to chuckles
Default

Blue light is my ISP and start page so isnt that possible it will show up some where in there like it does?

Party poker is where I go to play poker.

This happened just recently when I sighned into yahoo messenger....I checked my archives as what appeared to be an offline msg and this is what I received......This ID Hacked by : Magic-PS v1.5 SE++ ===> USER=.....with my name and password here........up til this time.....I had no problems at all......I followed instructions from another of your threads to the letter....but each time I log into messenger I get this message.....anything else you can suggest.....or anything else I can try and install to remove wherever it has attached itself to?
__________________
chuckles is offline  
Old 05-20-2005, 07:04 PM   #4 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Re: analyze

Quote:
Originally posted by chuckles
Please analze attached. I picked up Magic ps v1.5 se ++. I followed directions given, however when I log on to my yahoo messenger. My password is continually hacked. Am I doing something wrong?
Post your log on the forum, not as an attachment
__________________
Osiris is offline  
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 03:08 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2018, vBulletin Solutions, Inc.