Thread: New to site-problems with Spyware, please help
View Single Post
Old 07-10-2005, 08:57 PM   #1 (permalink)
Raym
Registered User
 
Join Date: Jul 2005
Posts: 19
OS: winXP


New to site-problems with Spyware, please help
Thanks in advance for those who can help! I believe my computer has been infested by some spyware.

After running Ad Aware, hijackthis and finally, the hijackthis analyzer, I have the following log:

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 6/3/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 7:44:05 PM, on 7/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\windows\System32\xpjava.exe
C:\windows\System32\mssetup32.exe
C:\windows\system32\1.tmp
c:\windows\system32\temp532.exe
D:\Backupfiles\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.douglas.bc.ca/
R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,xpjava.exe
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\windows\EliteToolBar\EliteToolBar version 60.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\windows\EliteToolBar\EliteToolBar version 60.dll
O4 - HKLM\..\Run: [Microsoft Auto Update Setup 32] mssetup32.exe
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler] C:\windows\system32\1.tmp
O4 - HKLM\..\Run: [checkrun] c:\windows\system32\elitezhy32.exe
O4 - HKLM\..\Run: [Microsoft Internet Explorer] C:\windows\System32\iexplore.exe
O4 - HKLM\..\RunServices: [Network Access] winssh.exe
O4 - HKLM\..\RunServices: [Microsoft Gaming Updater 32] msgame32.exe
O4 - HKLM\..\RunServices: [LOCAL INTERNET WEB DRIVERS FOR WIN32] phqghume.exe
O4 - HKLM\..\RunServices: [Microsoft Auto Update Setup 32] mssetup32.exe
O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe
O4 - HKLM\..\RunServices: [Wind0ws Sharing] ssprotecter.exe
O4 - HKCU\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Me...ridge-c139.cab
O23 - Service: Mouse Hardware Sync (mousehs) - Unknown owner - C:\WINDOWS\System32\mousehs.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


End of KRC HijackThis Analyzer Log.
====================================================================
Raym is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here