Guys...Ive been hosed !!! My #&^% is tore up. Please review and assist in anyway possible. Win 98 SE, P4 2.8, 1 gb PC3200, Radeon 9200 Review and assist... Also having trouble booting up in safe mode. Also, I am running Iopus Starr PC Monitor so ignore that, however I have noticed that I have Ispynow running also...That is not by choice ! Thanks, Ray
Logfile of HijackThis v1.99.1
Scan saved at 07:30:32 PM, on 4/23/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\WSYS.EXE
C:\PROGRAM FILES\GRISOFT\AVG7\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\SMARTBRIDGE\MOTIVESB.EXE
C:\PROGRAM FILES\GRISOFT\AVG7\AVGEMC.EXE
C:\PROGRAM FILES\ANTI-SPYWARE BLOCKER\ANTI-VIRUS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 300\APP\ENTERNET.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\NOTEPAD.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\HIJACK THIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_1/home.html"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\ptktzkxk.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_02.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\ptktzkxk.slt\prefs.js)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~3\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~3\TOOLS\IESDSG.DLL
O2 - BHO: DLMaxObj Class - {00000000-59D4-4008-9058-080011001200} - C:\WINDOWS\DLMAX.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVG7\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVG7\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\GRISOFT\AVG7\AVGREGCL.EXE /BOOT
O4 - HKLM\..\RunServices: [windll] C:\WINDOWS\SYSTEM\wsys.exe
O4 - HKLM\..\RunServices: [avgamsvr.exe] C:\PROGRA~1\GRISOFT\AVG7\AVGAMSVR.EXE
O4 - Startup: Anti-Spyware Blocker.lnk = C:\Program Files\Anti-Spyware Blocker\Anti-Virus.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~3\TOOLS\IESDPB.DLL
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {01020304-0506-0708-090A-0B0C0D0E0F08} - http://messenger.yahoo.com/maintenance/patch.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
PANDA SCAN 04-23-05
Adware:Adware/Transponder No disinfected C:\WINDOWS\DLMAX.DLL Adware:Adware/SaveNow No disinfected
Windowsregistry
Adware:Adware/nCase No disinfected C:\Temp\FLEOK
Spyware:Spyware/BetterInet No disinfected Windows Registry
Adware:Adware/BookedSpace No disinfected C:\WINDOWS\bsx32
Adware:Adware/AdDestroyer No disinfected C:\WINDOWS\All Users\Application Data\AdDestroyer
Adware:Adware/IPInsight No disinfected C:\WINDOWS\farmmext.ini
Adware:Adware/NavHelper No disinfected C:\Program Files\Ares
Spyware:Spyware/LZIO-Media No disinfected C:\WINDOWS\io2uns.exe
Adware:Adware/WUpd No disinfected Windows Registry
Adware:Adware/EliteBar No disinfected C:\WINDOWS\Favorites\Casino & Carrers
Adware:Adware/HuntBar No disinfected C:\WINDOWS\SYSTEM\EDOW_AS2.EXE
Adware:Adware/Beginto No disinfected C:\WINDOWS\SYSTEM\NSM10D0.DLL
Adware:Adware/Transponder No disinfected C:\WINDOWS\dlmax.dll
Adware:Adware/Pacimedia No disinfected C:\WINDOWS\SYSTEM\pacis.exe
Adware:Adware/eZula No disinfected C:\WINDOWS\SYSTEM\topsys.exe
Adware:Adware/Beginto No disinfected C:\WINDOWS\SYSTEM\nsm10D0.dll
Adware:Adware/HuntBar No disinfected C:\WINDOWS\SYSTEM\EDow_AS2.exe
Adware:Adware/Apropos No disinfected C:\WINDOWS\SYSTEM\cxtpls_loader.exe
Adware:Adware/StartPage.DD No disinfected C:\WINDOWS\SYSTEM\temperror32.dat
Adware:Adware/Transponder No disinfected C:\WINDOWS\INF\PYNIX.INF
Adware:Adware/Transponder No disinfected C:\WINDOWS\INF\DLMAX.INF
Adware:Adware/Transponder No disinfected C:\WINDOWS\DLMAX.DLL
Adware:Adware/WUpd No disinfected C:\Program Files\Hijack This\backups\backup-20041014-203655-511.inf
Adware:Adware/Transponder No disinfected C:\Program Files\Hijack This\backups\backup-20050419-190921-532.dll
Adware:Adware/Transponder No disinfected C:\Program Files\Hijack This\backups\backup-20050420-192839-370.dll
Spyware:Spyware/pcAudit No disinfected C:\My Downloads\pcaudit.exe
Adware:Adware/HuntBar No disinfected C:\NULL
Logfile of HijackThis v1.99.1
Scan saved at 07:30:32 PM, on 4/23/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\WSYS.EXE
C:\PROGRAM FILES\GRISOFT\AVG7\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\SMARTBRIDGE\MOTIVESB.EXE
C:\PROGRAM FILES\GRISOFT\AVG7\AVGEMC.EXE
C:\PROGRAM FILES\ANTI-SPYWARE BLOCKER\ANTI-VIRUS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\EFFICIENT NETWORKS\ENTERNET 300\APP\ENTERNET.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\NOTEPAD.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\HIJACK THIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_1/home.html"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\ptktzkxk.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_02.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\ptktzkxk.slt\prefs.js)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~3\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~3\TOOLS\IESDSG.DLL
O2 - BHO: DLMaxObj Class - {00000000-59D4-4008-9058-080011001200} - C:\WINDOWS\DLMAX.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVG7\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVG7\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\GRISOFT\AVG7\AVGREGCL.EXE /BOOT
O4 - HKLM\..\RunServices: [windll] C:\WINDOWS\SYSTEM\wsys.exe
O4 - HKLM\..\RunServices: [avgamsvr.exe] C:\PROGRA~1\GRISOFT\AVG7\AVGAMSVR.EXE
O4 - Startup: Anti-Spyware Blocker.lnk = C:\Program Files\Anti-Spyware Blocker\Anti-Virus.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~3\TOOLS\IESDPB.DLL
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {01020304-0506-0708-090A-0B0C0D0E0F08} - http://messenger.yahoo.com/maintenance/patch.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
PANDA SCAN 04-23-05
Adware:Adware/Transponder No disinfected C:\WINDOWS\DLMAX.DLL Adware:Adware/SaveNow No disinfected
Windowsregistry
Adware:Adware/nCase No disinfected C:\Temp\FLEOK
Spyware:Spyware/BetterInet No disinfected Windows Registry
Adware:Adware/BookedSpace No disinfected C:\WINDOWS\bsx32
Adware:Adware/AdDestroyer No disinfected C:\WINDOWS\All Users\Application Data\AdDestroyer
Adware:Adware/IPInsight No disinfected C:\WINDOWS\farmmext.ini
Adware:Adware/NavHelper No disinfected C:\Program Files\Ares
Spyware:Spyware/LZIO-Media No disinfected C:\WINDOWS\io2uns.exe
Adware:Adware/WUpd No disinfected Windows Registry
Adware:Adware/EliteBar No disinfected C:\WINDOWS\Favorites\Casino & Carrers
Adware:Adware/HuntBar No disinfected C:\WINDOWS\SYSTEM\EDOW_AS2.EXE
Adware:Adware/Beginto No disinfected C:\WINDOWS\SYSTEM\NSM10D0.DLL
Adware:Adware/Transponder No disinfected C:\WINDOWS\dlmax.dll
Adware:Adware/Pacimedia No disinfected C:\WINDOWS\SYSTEM\pacis.exe
Adware:Adware/eZula No disinfected C:\WINDOWS\SYSTEM\topsys.exe
Adware:Adware/Beginto No disinfected C:\WINDOWS\SYSTEM\nsm10D0.dll
Adware:Adware/HuntBar No disinfected C:\WINDOWS\SYSTEM\EDow_AS2.exe
Adware:Adware/Apropos No disinfected C:\WINDOWS\SYSTEM\cxtpls_loader.exe
Adware:Adware/StartPage.DD No disinfected C:\WINDOWS\SYSTEM\temperror32.dat
Adware:Adware/Transponder No disinfected C:\WINDOWS\INF\PYNIX.INF
Adware:Adware/Transponder No disinfected C:\WINDOWS\INF\DLMAX.INF
Adware:Adware/Transponder No disinfected C:\WINDOWS\DLMAX.DLL
Adware:Adware/WUpd No disinfected C:\Program Files\Hijack This\backups\backup-20041014-203655-511.inf
Adware:Adware/Transponder No disinfected C:\Program Files\Hijack This\backups\backup-20050419-190921-532.dll
Adware:Adware/Transponder No disinfected C:\Program Files\Hijack This\backups\backup-20050420-192839-370.dll
Spyware:Spyware/pcAudit No disinfected C:\My Downloads\pcaudit.exe
Adware:Adware/HuntBar No disinfected C:\NULL