Blizzard SectorGeneral CommunityTech Forum v
Urgent Spyware Help!!!!!

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Linear Mode
Urgent Spyware Help!!!!!
hellsing293 Offline
Posting Freak
*****
Posts: 2,814
Threads: 316
Joined: Aug 2005
Reputation: 0
#18
05-30-2006, 01:24 PM
Logfile of HijackThis v1.99.1
Scan saved at 11:41:53 PM, on 5/29/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\RWxpemFiZXRoIEpvYW5uIEJhcm9uZQ\command.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\svhost.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\System32\slk8x2peu.exe
C:\WINDOWS\System32\swintqag.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\sys034649047-99.exe
C:\WINDOWS\CCZoop05.exe
C:\WINDOWS\xload.exe
C:\Program Files\ipwins\ipwins.exe
C:\WINDOWS\win3207047-994649.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\m?dtc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\CURITY~1\regsvr32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\System32\msrnsv.exe
C:\PROGRA~1\COMMON~1\zrqi\zrqim.exe
C:\PROGRA~1\COMMON~1\AOL\112937~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\112937~1\EE\AOLServiceHost.exe
C:\DOCUME~1\BETTYJ~1\LOCALS~1\Temp\9baf0efc2eaa4321a8640582d58881ec.exe
C:\WINDOWS\System32\msrnsv.exe
C:\DOCUME~1\BETTYJ~1\LOCALS~1\Temp\60a932763f5a40ab8d3d6150924ac996.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\PROGRA~1\MOZILL~1\FIREFOXX.EXE
C:\Documents and Settings\Betty Jo\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oso.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
F2 - REGConfusedystem.ini: Shell=Explorer.exe, C:\WINDOWS\System32\cgajc.exe
F3 - REG:win.ini: run=C:\WINDOWS\System32\svhost.exe
F2 - REGConfusedystem.ini: UserInit=C:\WINDOWS\system32\userinit.exe,mchnmej.exe
O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll
O2 - BHO: Yvakt Class - {98B9F201-C701-41F1-B338-7E5E0E6D768F} - C:\WINDOWS\System32\ejrwx8drl.dll
O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [System backup] C:\WINDOWS\System32\msxmidi.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Dinst] C:\WINDOWS\dinst.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1129373351\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [gjZC2XV] "C:\WINDOWS\System32\slk8x2peu.exe"
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\System32\swintqag.exe FI002
O4 - HKLM\..\Run: [{6D-DC-C2-29-ZN}] c:\windows\system32\dwdsregt.exe FI002
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [w0c34d7f.dll] RUNDLL32.EXE w0c34d7f.dll,I2 000436f800c34d7f
O4 - HKLM\..\Run: [sys034649047-99] C:\WINDOWS\sys034649047-99.exe
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\CCZoop05.exe
O4 - HKLM\..\Run: [xload] "C:\WINDOWS\xload.exe"
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [defender] C:\\defender24.exe
O4 - HKLM\..\Run: [win3207047-994649] C:\WINDOWS\win3207047-994649.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [System backup] C:\WINDOWS\System32\msxmidi.exe
O4 - HKCU\..\Run: [Fmdgrv] C:\WINDOWS\System32\m?dtc.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Ltho] "C:\PROGRA~1\CURITY~1\regsvr32.exe" -vt mt
O4 - HKCU\..\Run: [EPSON Stylus C60 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "C:\WINDOWS\System32\E_S209.tmp"
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [msrnsv] C:\WINDOWS\System32\msrnsv.exe
O4 - HKCU\..\Run: [zrqi] C:\PROGRA~1\COMMON~1\zrqi\zrqim.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\RunOnce: [msrnsv] C:\WINDOWS\System32\msrnsv.exe
O4 - Startup: Z_Start.lnk = C:\WINDOWS\system32\psdsregp.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\swintqag.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredit...xdm020YYUS
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: *.sxload.com
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.2.5.28/ma...assets.cab
O16 - DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} (Web Browser Applet Control) - http://whackdown.pogo.com/applet-5.8.5.21/jvmtest
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/t...porter.cab?
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {37C0D091-EDEB-4701-8873-B358A4368210} - http://media.euniverse.com/cursorzone/fi..._td035.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/...0-3-30.cab
O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab
O16 - DPF: {539DA0E0-74A7-11D9-9669-0800200C9A66} - http://www.ouchvideo.com/mmviewer_ic13.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.gamehouse.com/games/mjolauncher.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures04.aim.com/ygp/aol/plugin....5.1.8.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMes...loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIn...b34246.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bun...eRdxIE.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/include...reQual.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://goldenriviera.microgaming.com/go...lashAX.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {FDCC1518-6A63-11D9-AAC8-91EC5E497716} - http://www.ouchvideo.com/mmviewer_emg11.cab
O18 - Filter: text/html - {0FA7FD6B-47C3-425B-AE30-36383F1C4503} - C:\WINDOWS\System32\ejrwx8drl.dll
O20 - AppInit_DLLs: repairs303169587.dll
O20 - Winlogon Notify: MCD - C:\WINDOWS\system32\u0ru0a99ed.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - C:\WINDOWS\System32\vbsys2.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\RWxpemFiZXRoIEpvYW5uIEJhcm9uZQ\command.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe







well here it is couldn't pm it though
As long as darkness flows through my veins, I will never cease, As long as my dreams still haunt me, I will never show mercy, and as long as evil lives I will never die.....
 [SIGPIC][/SIGPIC]
Find
Reply


Messages In This Thread
Urgent Spyware Help!!!!! - by hellsing293 - 05-30-2006, 11:09 AM
Urgent Spyware Help!!!!! - by Shift - 05-30-2006, 11:16 AM
Urgent Spyware Help!!!!! - by Arc - 05-30-2006, 11:48 AM
Urgent Spyware Help!!!!! - by hellsing293 - 05-30-2006, 12:16 PM
Urgent Spyware Help!!!!! - by modulus - 05-30-2006, 12:48 PM
Urgent Spyware Help!!!!! - by hellsing293 - 05-30-2006, 12:49 PM
Urgent Spyware Help!!!!! - by tigeroip - 05-30-2006, 12:51 PM
Urgent Spyware Help!!!!! - by yes.interesting - 05-30-2006, 12:51 PM
Urgent Spyware Help!!!!! - by hellsing293 - 05-30-2006, 12:54 PM
Urgent Spyware Help!!!!! - by modulus - 05-30-2006, 12:58 PM
Urgent Spyware Help!!!!! - by jedimaster86 - 05-30-2006, 01:01 PM
Urgent Spyware Help!!!!! - by killerelf4 - 05-30-2006, 01:04 PM
Urgent Spyware Help!!!!! - by hellsing293 - 05-30-2006, 01:07 PM
Urgent Spyware Help!!!!! - by wm_hunter - 05-30-2006, 01:09 PM
Urgent Spyware Help!!!!! - by killerelf4 - 05-30-2006, 01:11 PM
Urgent Spyware Help!!!!! - by hellsing293 - 05-30-2006, 01:20 PM
Urgent Spyware Help!!!!! - by killerelf4 - 05-30-2006, 01:23 PM
Urgent Spyware Help!!!!! - by hellsing293 - 05-30-2006, 01:24 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Help Im infected with spyware Jammer74 4 341 02-23-2008, 12:11 PM
Last Post: The Mob
  Spyware?? HELP Nbega 9 231 11-18-2006, 05:51 PM
Last Post: trayne
  Help With Spyware Problem WooT 6 213 07-14-2006, 11:46 PM
Last Post: WooT
  Urgent Question georgepotter1 7 184 05-30-2006, 01:23 PM
Last Post: hellsing293
  Best spyware/adware remover? GodandRock 17 301 04-07-2006, 02:38 PM
Last Post: GodandRock
  Weird spyware - need help Nubli 16 341 01-03-2006, 12:58 PM
Last Post: goldentorch22
  Keep Spyware Away Karant 3 216 05-16-2005, 01:05 PM
Last Post: Karant
  How to help against some Virus', Spyware/Adware, and Junk Files etc. TMP 8 921 01-31-2005, 10:25 AM
Last Post: Shihan
  How to protect yourself from viruses/trojans/spyware Muderman24 93 3,622 12-15-2004, 02:11 PM
Last Post: Karant

Forum Jump:


Users browsing this thread: