Spyware slowing me down

Discussion in 'other security issues & news' started by SuperMom, Aug 16, 2004.

Thread Status:
Not open for further replies.
  1. SuperMom

    SuperMom Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    1
    I use Adaware on my computer. When I open my homepage, it is different , pop-ups (warning me of spyware) or just other advertisements are everywhere, and my computer functions much slower than it should. Here is my latest HiJackThis log: Could you please helpo_O?
    Logfile of HijackThis v1.97.7
    Scan saved at 1:28:33 PM, on 8/16/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\system32\ietn.exe
    C:\Program Files\Softex\OmniPass\Omniserv.exe
    C:\Program Files\Softex\OmniPass\OPXPApp.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\WildTangent\Apps\GameChannel.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
    C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\WINDOWS\system32\javaju.exe
    c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\AWS\WeatherBug\Weather.exe
    C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
    C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
    C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 2 for hijackthis1977[1].zip\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\iukoe.dll/sp.html#12802
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://iukoe.dll/index.html#12802
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://iukoe.dll/index.html#12802
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\iukoe.dll/sp.html#12802
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iukoe.dll/index.html#12802
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\iukoe.dll/sp.html#12802
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: (no name) - {9ACA1819-E278-D81D-4318-5EBA73955C06} - C:\WINDOWS\ieiz32.dll
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
    O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [javaju.exe] C:\WINDOWS\system32\javaju.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
    O4 - HKLM\..\RunOnce: [mscs.exe] C:\WINDOWS\system32\mscs.exe
    O4 - HKLM\..\RunOnce: [ntpu.exe] C:\WINDOWS\system32\ntpu.exe
    O4 - HKLM\..\RunOnce: [winwy.exe] C:\WINDOWS\winwy.exe
    O4 - HKLM\..\RunOnce: [apisu32.exe] C:\WINDOWS\apisu32.exe
    O4 - HKLM\..\RunOnce: [mfced32.exe] C:\WINDOWS\mfced32.exe
    O4 - HKLM\..\RunOnce: [addmm32.exe] C:\WINDOWS\addmm32.exe
    O4 - HKLM\..\RunOnce: [ntcz32.exe] C:\WINDOWS\ntcz32.exe
    O4 - HKLM\..\RunOnce: [d3gl32.exe] C:\WINDOWS\system32\d3gl32.exe
    O4 - HKLM\..\RunOnce: [d3lw.exe] C:\WINDOWS\d3lw.exe
    O4 - HKLM\..\RunOnce: [addkk32.exe] C:\WINDOWS\addkk32.exe
    O4 - HKLM\..\RunOnce: [appyd32.exe] C:\WINDOWS\system32\appyd32.exe
    O4 - HKLM\..\RunOnce: [msql32.exe] C:\WINDOWS\msql32.exe
    O4 - HKLM\..\RunOnce: [addth32.exe] C:\WINDOWS\system32\addth32.exe
    O4 - HKLM\..\RunOnce: [ntxh32.exe] C:\WINDOWS\system32\ntxh32.exe
    O4 - HKLM\..\RunOnce: [sdkke.exe] C:\WINDOWS\system32\sdkke.exe
    O4 - HKLM\..\RunOnce: [criy32.exe] C:\WINDOWS\system32\criy32.exe
    O4 - HKLM\..\RunOnce: [javaac.exe] C:\WINDOWS\system32\javaac.exe
    O4 - HKLM\..\RunOnce: [atlue32.exe] C:\WINDOWS\atlue32.exe
    O4 - HKLM\..\RunOnce: [sysak32.exe] C:\WINDOWS\system32\sysak32.exe
    O4 - HKLM\..\RunOnce: [msiw.exe] C:\WINDOWS\system32\msiw.exe
    O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
    O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
    O4 - Global Startup: Image Transfer.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://active.macromedia.com/flash2/cabs/swflash.cab

    Thank you for the help!
    SuperMom
     
  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Unfortunately Wilders no longer provides one-on-one HijackThis log analysis and system cleaning services.

    Please visit the below link for the Announcement and info on other sites that may be of help.

    This link---> Stopping HijackThis Log Cleaning Services!
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.