Post your Hijack This! Logs here (1 Viewer)

[IP_freely]

hey can sum1 help me remove this spyware stuff ,
ever since i uninstalled imesh ive kept on gettin pop up's its been like this for quite a few months now

ive tried ad-aware several times an it just keeps on comin back

heres the log from hi jack this

 

[MedNez]

Hi.

Please kill the following processes in your task manager. (hit ctrl+alt+del, go to task manager).

C:\WINDOWS\d3iz32.exe
C:\WINDOWS\d3sx.exe

Then check the following in Hijackthis:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\suekz.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\suekz.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\suekz.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\suekz.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\suekz.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\suekz.dll/sp.html#37049
O2 - BHO: (no name) - {4224B593-F6B1-9877-F203-0040429B324E} - C:\WINDOWS\msrc.dll
O2 - BHO: (no name) - {7AAF3478-4848-F0FA-FFA5-7A8EC00B8796} - C:\WINDOWS\system32\winfy.dll
O4 - HKLM\..\Run: [d3sx.exe] C:\WINDOWS\d3sx.exe
O4 - HKLM\..\RunOnce: [apigm.exe] C:\WINDOWS\apigm.exe
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://c:\MAIN.MHT!http://213.159.117.236/buka.chm::/x.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Program Files\Q330994.exe

When those are all checked, close any Internet Explorer/Windows Explorer windows, and hit fix checked.

Reboot your computer, and delete winfy.dll, if found in C:\WINDOWS\system32\

Then do another hjt scan and make sure all the above are gone =)

Regards.

Med