Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

HELP SPAM

Started by hilario , May 16 2005 09:09 AM

Please log in to reply

#1
hilario

Posted 16 May 2005 - 09:09 AM

Member

Member
20 posts

hi all:

need yr advice:

Receiving all the time same e-mail from geeks to go on my e-mail box !!! why ???
the message is always the same :seems like a spam to me as everytime I enter my box mail I have always 6 or 7 messages like this:

PLS HELP.

De: Geeks To Go - Free Computer Help
Data: 05/16/05 16:00:02
Para: [email protected]
Assunto: Forum Subscription New Topic Notification ( From Geeks To Go - Free Computer Help )

hilario,

johnmcd2 has just posted a new topic entitled "Please help with Trojan Smitfraud infection" in forum "Malware Removal - HiJackThis Logs Go Here".

----------------------------------------------------------------------
Have serious Trojan Smitfraud infection. Including latest Hijackthis log. Would appreciate any help in getting rid this.......Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 10:47:40 AM, on 05/16/2005
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESCOMMON FILESAOLACSAOLACSD.EXE
C:PROGRAM FILESCOMMON FILESAOLTOPSPEED2.0AOLTSMON.EXE
C:PROGRAM FILESCOMMON FILESAOLTOPSPEED2.0AOLTPSPD.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSSYSTEMQTTASK.EXE
C:PROGRAM FILESREALREALPLAYERREALPLAY.EXE
C:PROGRAM FILESSONYIMAGESTATIONUSB DIRECT CONNECTSONYC2W.EXE
C:PROGRAM FILESTROJANHUNTER 4.2THGUARD.EXE
C:PROGRAM FILESCOMMON FILESFOTONATIONEVLSTNR.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:WINDOWSSYSTEMDH9FW43GY4ZX.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESCOMMON FILESAOL1108082981EEAOLHOSTMANAGER.EXE
C:PROGRAM FILESCOMMON FILESAOL1108082981EEAOLSERVICEHOST.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:PROGRAM FILESNETSCAPENETSCAPENETSCP.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSMY BRIEFCASEHIJACKTHISHIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL = http://letgohome.com...=31130123321003
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://letgohome.com...=31130123321003
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://letgohome.com...=31130123321003
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://letgohome.com...=31130123321003
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.presar...&s=search&i=enu
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://letgohome.com...=31130123321003
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://search.presar...&query=%s&i=enu
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = ;enroll.prodigy.net;www.prodigy.net;<local>
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:WINDOWSApplication DataMozillaProfilesdefault8tkmh2wh.sltprefs.js)
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:WINDOWSSYSTEMZLYL3Z~1.DLL (file missing)
O2 - BHO: (no name) - {0388EC16-BA98-416f-9D9B-B9A031E427AF} - C:WINDOWSSYSTEMf8svmdbs5ith6.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:PROGRAM FILESYAHOO!COMPANIONYCOMP5_0_2_3.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:PROGRAM FILESAOL TOOLBARTOOLBAR.DLL (file missing)
O4 - HKLM..Run: [CriticalUpdate] c:windowsSYSTEMwucrtupd.exe -startup
O4 - HKLM..Run: [ScanRegistry] c:windowsscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] c:windowstaskmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" -atboottime
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [SonyC2W] C:Program FilesSonyImageStationUSB Direct ConnectSonyC2W.exe
O4 - HKLM..Run: [HostManager] C:Program FilesCommon FilesAOL1108082981EEAOLHostManager.exe
O4 - HKLM..Run: [AOLDialer] C:Program FilesCommon FilesAOLACSAOLDial.exe
O4 - HKLM..Run: [Control handler] C:WINDOWSSYSTEMI32IRMEJIN2ETHD.EXE
O4 - HKLM..Run: [AOL Spyware Protection] "C:PROGRA~1COMMON~1AOLAOLSPY~1AOLSP Scheduler.exe"
O4 - HKLM..Run: [Security iGuard] C:PROGRAM FILESSECURITY IGUARDSECURITY IGUARD.EXE
O4 - HKLM..Run: [THGuard] "C:PROGRAM FILESTROJANHUNTER 4.2THGUARD.EXE"
O4 - HKLM..Run: [FX] C:WINDOWSSYSTEMMTAS60F7J2XYE.EXE
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [AolAcsDaemon1] "C:PROGRAM FILESCOMMON FILESAOLACSAOLACSD.EXE"
O4 - HKLM..RunServices: [AOL TopSpeedMonitor] C:Program FilesCommon FilesAOLTopSpeed2.0aoltsmon.exe
O4 - HKCU..Run: [Weather] C:PROGRAM FILESAWSWEATHERBUGWEATHER.EXE 1
O4 - HKCU..Run: [romahere3] C:WINDOWSSYSTEMDH9FW43GY4ZX.EXE
O4 - HKCU..Run: [WindowsFY] C:WP.EXE
O4 - Startup: Push Client.LNK = C:InterwiseStudentpull.exe
O8 - Extra context menu item: AltaVista Home - http://jump.altavista.com/avie5/home
O8 - Extra context menu item: AV Search This Term - http://jump.altavista.com/avie5/search
O8 - Extra context menu item: AV Translate this Web Page - http://jump.altavist...avie5/babelfish
O8 - Extra context menu item: AV Translate Selection - http://jump.altavist...avie5/babelfish
O8 - Extra context menu item: &AOL Toolbar search - res://C:PROGRAM FILESAOL TOOLBARTOOLBAR.DLL/SEARCH.HTML
O9 - Extra button: (no name) - {06FE5D00-8F11-11d2-804F-00105A133818} - http://jump.altavista.com/avie5/home (file missing)
O9 - Extra 'Tools' menuitem: &AltaVista Home - {06FE5D00-8F11-11d2-804F-00105A133818} - http://jump.altavista.com/avie5/home (file missing)
O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://jump.altavist...avie5/babelfish (file missing)
O9 - Extra 'Tools' menuitem: AV &Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://jump.altavist...avie5/babelfish (file missing)
O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://jump.altavist...vie5/linksearch (file missing)
O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL - {06FE5D02-8F11-11d2-804F-00105A133818} - http://jump.altavist...vie5/linksearch (file missing)
O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - http://jump.altavist...vie5/hostsearch (file missing)
O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host - {06FE5D03-8F11-11d2-804F-00105A133818} - http://jump.altavist...vie5/hostsearch (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSYSTEMShdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: MS&N Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:WINDOWSDOWNLOADED PROGRAM FILESSBCIE026.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:PROGRAM FILESYAHOO!MESSENGERYHEXBMES0819.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:PROGRAM FILESYAHOO!MESSENGERYHEXBMES0819.DLL
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:PROGRAM FILESAOL TOOLBARTOOLBAR.DLL (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:PROGRAM FILESAOL TOOLBARTOOLBAR.DLL (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:PROGRA~1AWSWEATHE~1Weather.exe (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {54B59260-BBE9-11D9-BD2E-00036D13E2AB} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {54B59260-BBE9-11D9-BD2E-00036D13E2AB} - (no file) (HKCU)
O12 - Plugin for .pcm: C:PROGRA~1INTERN~1PLUGINSNpCurMem.dll
O16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) - http://www.msnbc.com...load/nm1228.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://www.installsh...ll/iftwclix.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} (Surround Video V3.0 Control Object) - http://www.sunterra....svh/svideo3.cab
O16 - DPF: {7142BA01-8BDF-11CF-9E23-0000E8A37440} (Surround Video Control Object) - http://www.pleasanth...gins/svideo.cab
O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} (SideStep IE Inst) - http://download.side...00719/sb01f.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) - http://carpoint.msn....id/MSSurVid.cab
O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.hiltonwai...bcam/camera.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (&Yahoo! Companion) - http://us.dl1.yimg.c.../yiebio4023.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! WebCam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {0122955E-1FB0-11D2-A238-006097FAEE8B} (CscClnt Class) - http://central.cleve...everContent.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installen...gine/isetup.cab
O16 - DPF: {5E943D9C-F8DC-4258-8E3F-A61BB3405A33} (ZingBatchAXDwnl Class) - http://www.imagestat...ion=4,3,2,20802
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.bitstream...er/tdserver.cab
O16 - DPF: {6B1B6D11-E497-11D3-BE0C-005004AD2E83} (ImageStation Home Printing Control) - http://www.imagestat...rintActiveX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150...ip/RdxIE601.cab
O16 - DPF: {5763F8E8-0DD7-4A0F-ADB0-9F64C8F2C349} (Pixami/Snapfish Upload UI Control) - http://www.yorkphoto...orkUploader.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://www.webex.co...bex/ieatgpc.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weat...Transporter.cab?
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.amazon.of..._1/axofupld.cab
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://www-3.ibm.co...en/IbmEgath.cab
O16 - DPF: {1C562431-DD06-11D5-B2A8-0050DAD8C3A0} (printQuick Browser Add In (Ver3)) - http://www.pqvalet.c...ntQuick1300.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...322/mcfscan.cab
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) - http://aerial.leepa....plugins/ncs.cab
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www.snapfish....tlookImport.cab
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) - http://www.snapfish....pfishUpload.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:foo.mht!http://vparivalka.co...::/ieloader.exe
O17 - HKLMSystemCCSServicesVxDMSTCP: Domain = aoldsl.net

----------------------------------------------------------------------

The topic can be found here:
http://www.geekstogo...showtopic=25896

Please note that if you wish to get email notification of any replies to this topic, you will have to click on the
"Track this Topic" link shown on the topic page, or by visiting the link below:
http://www.geekstogo...ck&f=37&t=25896

Unsubscribing:
--------------

You can unsubscribe at any time by logging into your control panel and clicking on the "View Subscriptions" link.
If you are not subscribed to any forums and wish to stop receiving notification, uncheck the setting
"Send me any updates sent by the board administrator" found in 'My Controls' under 'Email Settings'.

Regards,

The Geeks To Go - Free Computer Help team.
http://www.geekstogo...forum/index.php

--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.10 - Release Date: 05/13/2005

.

#2
hilario

Posted 16 May 2005 - 09:10 AM

Member

Topic Starter
Member
20 posts

#3
ScHwErV

Posted 16 May 2005 - 10:28 AM

Member 5k

Retired Staff
21,285 posts

It seems as if you are subscribed to the forum. Click My controls, top of the page, then click Email settings and change things there as desired.

Moving this out of malware removal.

ScHwErV :tazz:

#4
hilario

Posted 18 May 2005 - 05:34 AM

Member

Topic Starter
Member
20 posts

It seems as if you are subscribed to the forum. Click My controls, top of the page, then click Email settings and change things there as desired.

Moving this out of malware removal.

ScHwErV

hi ScHwErV:

did that but still receiving lots of mails (always same as my previous post )

there must be something wrong.

pls help.
rgds.hilario.

#5
Guest_jake6535_*

Posted 18 May 2005 - 06:12 AM

Guest

Make sure you are unsubscribed to all topics as well.

#6
hilario

Posted 19 May 2005 - 01:01 PM

Member

Topic Starter
Member
20 posts

hi ScHwErV:

did that but still receiving lots of mails (always same as my previous post )

there must be something wrong.

pls help.
rgds.hilario.

SOMEONE PLS STOP THOSE E-MAILS COMING FROM THIS FORUM TO MY MAIL BOX !!!!!
RECEIVED TODAY MORE THAN 50 MAILS !!!!!!!

THIS IS DRIVING ME CRAZY. ... PLS HELP.......

DID EVERYTHING CHANGED MY E-MAIL SETTINGS - CHANGED NY E-MAIL AND NO RESULTS... STILL RECEIVING LOTS OF MAILS....

RGDS.HILARIO.

Edited by hilario, 19 May 2005 - 01:06 PM.