Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

oinadserve

Started by underdog , Apr 12 2005 09:16 PM

  • Please log in to reply

#1
underdog
Posted 12 April 2005 - 09:16 PM

underdog

    Member

  • Member
  • PipPip
  • 17 posts
Logfile of HijackThis v1.99.1
Scan saved at 8:59:53 PM, on 4/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\Iomega\System32\AppServices.exe
e:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Iomega\AutoDisk\ADService.exe
e:\PROGRA~1\mcafee.com\vso\mcshield.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Iomega\DriveIcons\ImgIcon.exe
E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
E:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
E:\PROGRA~1\mcafee.com\agent\mcagent.exe
E:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
e:\progra~1\mcafee.com\vso\mcvsescn.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
E:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
E:\WINDOWS\System32\hphmon04.exe
E:\program files\qttask.exe
E:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
E:\WINDOWS\SM1BG.EXE
E:\Program Files\Iomega\AutoDisk\ADUserMon.exe
E:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
E:\WINDOWS\system32\rundll32.exe
E:\WINDOWS\system32\rundll32.exe
E:\WINDOWS\System32\HPHipm11.exe
E:\Documents and Settings\Mark\Application Data\osoc.exe
E:\PROGRA~1\THEWEA~1\THEWEA~1.EXE
E:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor.exe
E:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
E:\Program Files\Traceless\tray.exe
e:\progra~1\mcafee.com\vso\mcvsftsn.exe
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\system32\winlogon.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13876628-E814-16F7-8601-615504A17541} - E:\WINDOWS\System32\aezhjpl.dll (file missing)
O2 - BHO: (no name) - {14DD337A-ED14-1BA6-D356-615504A1264A} - E:\WINDOWS\System32\blztxui.dll (file missing)
O2 - BHO: (no name) - {15856461-8FD8-9645-D2E8-F50A7B01A69D} - E:\WINDOWS\system32\exuvghjt.dll (file missing)
O2 - BHO: (no name) - {1589632E-BD1C-49FA-D356-615504A12E19} - E:\WINDOWS\System32\tvukrbg.dll (file missing)
O2 - BHO: (no name) - {18D0377E-EA16-1BF0-D356-615504AE7B4F} - E:\WINDOWS\System32\ueirxl.dll (file missing)
O2 - BHO: (no name) - {19886573-ED4E-42A5-D256-615504A07440} - E:\WINDOWS\System32\dkzkbuvr.dll (file missing)
O2 - BHO: (no name) - {1ADC3072-EA48-19A0-D256-615504F8214E} - E:\WINDOWS\System32\lfewikrf.dll (file missing)
O2 - BHO: (no name) - {1C8A312D-EC11-19F0-D356-615504A12F42} - E:\WINDOWS\System32\upbg.dll (file missing)
O2 - BHO: (no name) - {1D813572-EA48-19F3-D256-615504F8244D} - E:\WINDOWS\System32\aphf.dll (file missing)
O2 - BHO: (no name) - {1EDC3F2E-EC1C-4FA3-D256-615504F8234D} - E:\WINDOWS\System32\fcisnxbs.dll (file missing)
O2 - BHO: (no name) - {2429065B-EEC2-DF1F-BD1A-BAEE85FDBD9F} - E:\WINDOWS\system32\mgzy.dll
O2 - BHO: (no name) - {245B025B-EEC2-DF1F-BD1A-BAEE85FDBD9F} - E:\WINDOWS\system32\mgzy.dll
O2 - BHO: (no name) - {32886221-B366-19FF-D505-615504FA7346} - E:\WINDOWS\system32\cprdly.dll (file missing)
O2 - BHO: (no name) - {3B9ADF4D-15A8-286D-FD0B-1B9433928897} - E:\WINDOWS\system32\bmstvwu.dll (file missing)
O2 - BHO: (no name) - {40DB307D-E842-43A0-8005-615504AE2A4C} - E:\WINDOWS\System32\yhwma.dll (file missing)
O2 - BHO: (no name) - {48D93A25-BD10-1AA6-8552-615504F87F1B} - E:\WINDOWS\System32\ttq.dll (file missing)
O2 - BHO: (no name) - {4DDF6E2D-B513-10F4-8005-615504AE2B1D} - E:\WINDOWS\System32\nwhu.dll (file missing)
O2 - BHO: (no name) - {4E88632F-E01B-1DF2-DA56-615504A07641} - E:\WINDOWS\System32\zvzpvdn.dll (file missing)
O2 - BHO: (no name) - {4EAD370B-E24C-7F9B-8654-615504AF7E1A} - E:\WINDOWS\System32\ygixshvz.dll (file missing)
O2 - BHO: (no name) - {52B60DCB-912A-A5BE-7B66-9DDC4735BACC} - E:\WINDOWS\system32\guymv.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5B59055C-9BC3-9B6D-BD1A-BAEE85FDBD9F} - E:\WINDOWS\system32\mgzy.dll
O2 - BHO: (no name) - {65DD6D7A-E033-1AF2-D454-615504F8291A} - E:\WINDOWS\system32\esjrxtv.dll (file missing)
O2 - BHO: (no name) - {67DE302C-ED66-12AB-8254-615504FB7948} - E:\WINDOWS\system32\cebhoay.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - e:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Iomega Startup Options] E:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] E:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [VSOCheckTask] "e:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "e:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] E:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] E:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [CamMonitor] E:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] E:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHmon04] E:\WINDOWS\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "E:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\program files\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NqPv] E:\DOCUME~1\Mark\LOCALS~1\Temp\NqPv.exe
O4 - HKLM\..\Run: [tUTGAhI2] E:\documents and settings\mark\local settings\temp\tUTGAhI2.exe
O4 - HKLM\..\Run: [BzczDpYNN] E:\documents and settings\mark\local settings\temp\BzczDpYNN.exe
O4 - HKLM\..\Run: [LMvyDra54] E:\documents and settings\mark\local settings\temp\LMvyDra54.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "E:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SM1BG] E:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [gnWqs4] E:\documents and settings\mark\local settings\temp\gnWqs4.exe
O4 - HKLM\..\Run: [P] E:\DOCUME~1\Mark\LOCALS~1\Temp\P.exe
O4 - HKLM\..\Run: [ADUserMon] E:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Deskup] E:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [ViewMgr] E:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKCU\..\Run: [SpySweeper] E:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Traceless] E:\Program Files\Traceless\launch.exe
O4 - HKCU\..\Run: [Tsa2] E:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [Jtyedzva] E:\WINDOWS\system32\t?skmgr.exe
O4 - HKCU\..\Run: [Otee] E:\Documents and Settings\Mark\Application Data\osoc.exe
O4 - HKCU\..\Run: [Desktop Weather 3] E:\PROGRA~1\THEWEA~1\THEWEA~1.EXE
O4 - HKCU\..\Run: [DWHeartbeatMonitor] E:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://E:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://E:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://E:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - http://survey.otxres...m/Preloader.dll
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) - http://secure2.comne...iveSekurity.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-12.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by3fd.bay3.ho...es/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/...fault/shapo.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.game...aploader_v6.cab
O23 - Service: Iomega App Services - Iomega Corporation - E:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - e:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - E:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - e:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: Pml Driver HPH11 - HP - E:\WINDOWS\System32\HPHipm11.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - E:\Program Files\Iomega\AutoDisk\ADService.exe
  • 0

Advertisements

#2
Dragon
Posted 27 April 2005 - 12:03 PM

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,682 posts
hi sorry for the delayed response as we have been very busy here lately.

Since your original post is over a week old could you please post a fresh Hijack This log for review.

if you have already gotten your problem fixed please post here and let us know.

Thanks
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP