whenever i try to log into
www.macauslot.com, i'm redirected to this site:
http://www.errorplace.com/red.php?c={5DDF6F73-2423-4A5A-BC93-302204A1784A}&aff=trinsic2&q=macauslot
it's been a week now, and i couldn't fix it. i've tried everything, i've downloaded and run AdAware, Spybot, SpywareGuard, SpywareBlaster, CWShredder and HijackThis... but it's not fixing it... now, even my friendster is corrupted with it.
please help...
here's the log from the hijackthis:
Logfile of HijackThis v1.97.7
Scan saved at 3:49:15 PM, on 5/28/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
e:\progra~1\mcafee.com\vso\mcvsescn.exe
E:\PROGRA~1\mcafee.com\agent\mcregwiz.exe
E:\PROGRA~1\mcafee.com\agent\mcagent.exe
E:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
E:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
E:\WINDOWS\ockksz.exe
E:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Yahoo!\Messenger\ypager.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
E:\Program Files\SpywareGuard\sgmain.exe
e:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\MsPMSPSv.exe
E:\Program Files\SpywareGuard\sgbhp.exe
e:\progra~1\mcafee.com\vso\mcvsftsn.exe
E:\WINDOWS\System32\devldr32.exe
E:\Program Files\Yahoo!\Messenger\yupdater.exe
e:\PROGRA~1\mcafee.com\vso\mcshield.exe
E:\WINDOWS\System32\wuauclt.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Documents and Settings\D5\My Documents\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://mail.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://mail.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4A13BB06-7F96-441B-A2F0-FE273C3F30FA} - E:\WINDOWS\jxmdkj.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - E:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - e:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [VSOCheckTask] "e:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "e:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [McRegWiz] E:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MCAgentExe] e:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [LVCOMS] E:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] E:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "E:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [MCUpdateExe] E:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSPY2002] E:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [kvrege] E:\WINDOWS\ockksz.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "E:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] E:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpySweeper] E:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - Startup: SpywareGuard.lnk = E:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.6.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38078.9921759259
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Stumble It!
Tweet This
Bookmark on Delicious
Share on Facebook
Share on MySpace