Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice

What is BlazeFind?

1875 Views 5 Replies 3 Participants Last post by  .16787
OK, I know what it is, the thing I don't know is how I got it to begin with. I have it cleaned out, I keep a good HiJack log in my machine and update it every couple of days so I don't need help after adaware and spybot.
I have been blasted by this menace twice in the last couple of weeks. I have active x set for permission only, I have adaware pro and run adwatch, I run spyware blaster and have spybot set to immunize.
I am updated with all the latest criticals and service packs and these sob's still get here.
Is this stuff coming packaged with shareware? I scan everything with norton 2004 before it is installed. I am lost as to where it is coming from.
Maybe I didn't get it cleaned out correctly in the first place so I'll post a HiJack log. But my machine looks clean to me.

Logfile of HijackThis v1.97.7
Scan saved at 9:50:26 PM, on 3/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Scott\My Documents\HiJack This\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Innernet Splorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Open Image in New Window - res://C:\Program Files\PopUpCop\popupcop.dll/imagenew
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
See less See more
Not open for further replies.
1 - 3 of 6 Posts
Thanks Ty, Maybe I didn't get it the first time. I do have a tendancy to shut down adwatch when I am installing something. It gets pretty annoying if I don't. Scott
Nah, I am clean. I think I did a shabby job of cleaning it out and it CAAAAAAAME back.
I'll learn to live with AdWatches complaining, man this spyware and hijacker routine is getting serious.
Hell, these jerks are even launching dos attacks against some of the better known security sites.
The government needs to makes some rules about this crap, and then ENFORCE them.
1 - 3 of 6 Posts
Not open for further replies.