Spyware slowing me down

Discussion in 'other security issues & news' started by SuperMom, Aug 16, 2004.

Thread Status:
Not open for further replies.
  1. SuperMom

    SuperMom Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    1
    I use Adaware on my computer. When I open my homepage, it is different , pop-ups (warning me of spyware) or just other advertisements are everywhere, and my computer functions much slower than it should. Here is my latest HiJackThis log: Could you please helpo_O?
    Logfile of HijackThis v1.97.7
    Scan saved at 1:28:33 PM, on 8/16/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\system32\ietn.exe
    C:\Program Files\Softex\OmniPass\Omniserv.exe
    C:\Program Files\Softex\OmniPass\OPXPApp.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\WildTangent\Apps\GameChannel.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\WINDOWS\system32\javaju.exe
    c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\AWS\WeatherBug\Weather.exe
    C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
    C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
    C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 2 for hijackthis1977[1].zip\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\iukoe.dll/sp.html#12802
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://iukoe.dll/index.html#12802
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://iukoe.dll/index.html#12802
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\iukoe.dll/sp.html#12802
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iukoe.dll/index.html#12802
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\iukoe.dll/sp.html#12802
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: (no name) - {9ACA1819-E278-D81D-4318-5EBA73955C06} - C:\WINDOWS\ieiz32.dll
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [javaju.exe] C:\WINDOWS\system32\javaju.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
    O4 - HKLM\..\RunOnce: [mscs.exe] C:\WINDOWS\system32\mscs.exe
    O4 - HKLM\..\RunOnce: [ntpu.exe] C:\WINDOWS\system32\ntpu.exe
    O4 - HKLM\..\RunOnce: [winwy.exe] C:\WINDOWS\winwy.exe
    O4 - HKLM\..\RunOnce: [apisu32.exe] C:\WINDOWS\apisu32.exe
    O4 - HKLM\..\RunOnce: [mfced32.exe] C:\WINDOWS\mfced32.exe
    O4 - HKLM\..\RunOnce: [addmm32.exe] C:\WINDOWS\addmm32.exe
    O4 - HKLM\..\RunOnce: [ntcz32.exe] C:\WINDOWS\ntcz32.exe
    O4 - HKLM\..\RunOnce: [d3gl32.exe] C:\WINDOWS\system32\d3gl32.exe
    O4 - HKLM\..\RunOnce: [d3lw.exe] C:\WINDOWS\d3lw.exe
    O4 - HKLM\..\RunOnce: [addkk32.exe] C:\WINDOWS\addkk32.exe
    O4 - HKLM\..\RunOnce: [appyd32.exe] C:\WINDOWS\system32\appyd32.exe
    O4 - HKLM\..\RunOnce: [msql32.exe] C:\WINDOWS\msql32.exe
    O4 - HKLM\..\RunOnce: [addth32.exe] C:\WINDOWS\system32\addth32.exe
    O4 - HKLM\..\RunOnce: [ntxh32.exe] C:\WINDOWS\system32\ntxh32.exe
    O4 - HKLM\..\RunOnce: [sdkke.exe] C:\WINDOWS\system32\sdkke.exe
    O4 - HKLM\..\RunOnce: [criy32.exe] C:\WINDOWS\system32\criy32.exe
    O4 - HKLM\..\RunOnce: [javaac.exe] C:\WINDOWS\system32\javaac.exe
    O4 - HKLM\..\RunOnce: [atlue32.exe] C:\WINDOWS\atlue32.exe
    O4 - HKLM\..\RunOnce: [sysak32.exe] C:\WINDOWS\system32\sysak32.exe
    O4 - HKLM\..\RunOnce: [msiw.exe] C:\WINDOWS\system32\msiw.exe
    O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
    O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
    O4 - Global Startup: Image Transfer.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://active.macromedia.com/flash2/cabs/swflash.cab

    Thank you for the help!
    SuperMom
     
  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Unfortunately Wilders no longer provides one-on-one HijackThis log analysis and system cleaning services.

    Please visit the below link for the Announcement and info on other sites that may be of help.

    This link---> Stopping HijackThis Log Cleaning Services!
     
Loading...
Thread Status:
Not open for further replies.