Tech Support Forum - View Single Post - New to site-problems with Spyware, please help

Raym · 07-11-2005, 07:39 AM

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 6/3/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 6:35:41 AM, on 7/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\windows\System32\mssetup32.exe
C:\windows\System32\iexplore.exe
C:\windows\system32\1.tmp
C:\windows\System32\wuamk032.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.douglas.bc.ca/
R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [Microsoft Auto Update Setup 32] mssetup32.exe
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler] C:\windows\system32\1.tmp
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitezhy32.exe
O4 - HKLM\..\Run: [Microsoft Internet Explorer] C:\windows\System32\iexplore.exe
O4 - HKLM\..\Run: [Microsoft Update] wuamk032.exe
O4 - HKLM\..\RunServices: [Network Access] winssh.exe
O4 - HKLM\..\RunServices: [Microsoft Gaming Updater 32] msgame32.exe
O4 - HKLM\..\RunServices: [LOCAL INTERNET WEB DRIVERS FOR WIN32] phqghume.exe
O4 - HKLM\..\RunServices: [Microsoft Auto Update Setup 32] mssetup32.exe
O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe
O4 - HKLM\..\RunServices: [Wind0ws Sharing] ssprotecter.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuamk032.exe
O4 - HKCU\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Me...ridge-c139.cab
O23 - Service: Mouse Hardware Sync (mousehs) - Unknown owner - C:\WINDOWS\System32\mousehs.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

End of KRC HijackThis Analyzer Log.
====================================================================

07-11-2005, 07:39 AM	#3 (permalink)
Raym Registered User Join Date: Jul 2005 Posts: 19 OS: winXP	here is the next log as instructed without reboot ==================================================================== Log was analyzed using KRC HijackThis Analyzer - Updated on 6/3/05 Get updates at http://www.greyknight17.com/download.htm#programs *Security Programs Detected* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Logfile of HijackThis v1.99.1 Scan saved at 6:35:41 AM, on 7/11/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\mssetup32.exe C:\windows\System32\iexplore.exe C:\windows\system32\1.tmp C:\windows\System32\wuamk032.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.douglas.bc.ca/ R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O4 - HKLM\..\Run: [Microsoft Auto Update Setup 32] mssetup32.exe O4 - HKLM\..\Run: [Anti-Virus Update Scheduler] C:\windows\system32\1.tmp O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitezhy32.exe O4 - HKLM\..\Run: [Microsoft Internet Explorer] C:\windows\System32\iexplore.exe O4 - HKLM\..\Run: [Microsoft Update] wuamk032.exe O4 - HKLM\..\RunServices: [Network Access] winssh.exe O4 - HKLM\..\RunServices: [Microsoft Gaming Updater 32] msgame32.exe O4 - HKLM\..\RunServices: [LOCAL INTERNET WEB DRIVERS FOR WIN32] phqghume.exe O4 - HKLM\..\RunServices: [Microsoft Auto Update Setup 32] mssetup32.exe O4 - HKLM\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe O4 - HKLM\..\RunServices: [Wind0ws Sharing] ssprotecter.exe O4 - HKLM\..\RunServices: [Microsoft Update] wuamk032.exe O4 - HKCU\..\RunServices: [Compaq32 Service Drivers] msconfig32.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Me...ridge-c139.cab O23 - Service: Mouse Hardware Sync (mousehs) - Unknown owner - C:\WINDOWS\System32\mousehs.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe End of KRC HijackThis Analyzer Log. ====================================================================