Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Live Tag Cloud
PC Forum PC Help Forum » Operating Systems » Windows XP/2000 » can some one take a look

Windows XP/2000 - can some one take a look posted in the Operating Systems forums; somthing is still wrong after running several scans can someone help me out here i keep getting all this spyware **** --- Spybot - Search & Destroy version: 1.4 (build: ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 05-27-2007
g2064's Avatar
New Poster
  
Join Date: Feb 2007
Posts: 2
g2064 - See this Members User comments on their Profile page
Default can some one take a look
somthing is still wrong after running several scans
can someone help me out here i keep getting all this spyware ****


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-03-08 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-04-18 advcheck.dll (1.5.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-05-23 Includes\Cookies.sbi
2006-12-08 Includes\Dialer.sbi
2007-05-23 Includes\DialerC.sbi
2007-04-04 Includes\Hijackers.sbi
2007-05-23 Includes\HijackersC.sbi
2006-10-27 Includes\Keyloggers.sbi
2007-05-23 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2007-05-16 Includes\Malware.sbi
2007-05-23 Includes\MalwareC.sbi
2007-03-21 Includes\PUPS.sbi
2007-05-23 Includes\PUPSC.sbi
2007-05-23 Includes\Revision.sbi
2007-05-24 Includes\Security.sbi
2007-05-23 Includes\SecurityC.sbi
2007-05-23 Includes\Spybots.sbi
2007-05-23 Includes\SpybotsC.sbi
2005-02-17 Includes\Tracks.uti
2007-05-16 Includes\Trojans.sbi
2007-05-23 Includes\TrojansC.sbi

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 115816
MD5: 25be770865658cb79100117112819a7c

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 122941
MD5: 352fbf618066d0ceb7dc8ecabeb1a8d7

Located: HK_LM:Run, igfxhkcmd
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 01018f75f3f18ce629fac9689954a2ae

Located: HK_LM:Run, IntelMeM
command: "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
file: C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
size: 221184
MD5: bc02e491e88492b02363ce1b384ff7a7

Located: HK_LM:Run, ISUSPM Startup
command: "c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe " -startup
file: c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
size: 221184
MD5: fb9e5c251cf6c37749f296bacb34a69b

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763dab43bdab27316dbf3373192823d7

Located: HK_LM:Run, KernelFaultCheck
command: C:\WINDOWS\system32\dumprep 0 -k
file: C:\WINDOWS\system32\dumprep.exe
size: 10752
MD5: 13922eb54890c77005268882629a31fe

Located: HK_LM:Run, Lexmark 1200 Series
command: "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
file: C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
size: 57344
MD5: cbda2d5f8338812923b92d80f410ad5e

Located: HK_LM:Run, NvCplDaemon
command: "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, NvMediaCenter
command: "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, SoundMAXPnP
command: "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
file: C:\Program Files\Analog Devices\Core\smax4pnp.exe
size: 1404928
MD5: 10247c15d999cc116c87da36bd0ad64d

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
size: 83608
MD5: 9c1c80bbf8e6044980890e2d2d91091c

Located: HK_LM:Run, zBrowser Launcher
command: C:\Program Files\Logitech\iTouch\iTouch.exe
file: C:\Program Files\Logitech\iTouch\iTouch.exe
size: 631362
MD5: 535defd797d14dbc6edc4d746dc23d41

Located: HK_LM:Run, Adobe Photo Downloader (DISABLED)
command: "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
file: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
size: 57344
MD5: 617fa5be646b5e8d6670fd4710acd2d3

Located: HK_LM:Run, IntelMeM (DISABLED)
command: "C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe"
file: C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
size: 221184
MD5: bc02e491e88492b02363ce1b384ff7a7

Located: HK_LM:Run, ISUSPM Startup (DISABLED)
command: "c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe " -startup
file: c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
size: 221184
MD5: fb9e5c251cf6c37749f296bacb34a69b

Located: HK_LM:Run, ISUSScheduler (DISABLED)
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: 763dab43bdab27316dbf3373192823d7

Located: HK_LM:Run, NeroFilterCheck (DISABLED)
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90

Located: HK_LM:Run, NvCplDaemon (DISABLED)
command: "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, NvMediaCenter (DISABLED)
command: "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, nwiz (DISABLED)
command: "nwiz.exe" /install
file: C:\WINDOWS\SYSTEM32\nwiz.exe
size: 1519616
MD5: 0033ce6494554e47514d3487c9a8f93d

Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: 30e1f03dcc8825988528d9058312ede2

Located: HK_LM:Run, SoundMAXPnP (DISABLED)
command: "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
file: C:\Program Files\Analog Devices\Core\smax4pnp.exe
size: 1404928
MD5: 10247c15d999cc116c87da36bd0ad64d

Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
command: "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
file: C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
size: 75520
MD5: edf5d27c6d244740418903626df5741a

Located: HK_LM:Run, Windows Defender (DISABLED)
command: "C:\Program Files\Windows Defender\MSASCui.exe" -hide
file:

Located: HK_CU:Run, BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
command: "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
file: C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
size: 94208
MD5: 9d46a24e3029fd901c63d27897516286

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: HK_CU:Run, DellSupport
command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
file: C:\Program Files\DellSupport\DSAgnt.exe
size: 460784
MD5: b75fdbf14073d72c50624cc8338dd534

Located: HK_CU:Run, mySI
command: "C:\Program Files\mySI\mySI.exe" -tb
file: C:\Program Files\mySI\mySI.exe
size: 5958965
MD5: 73c39a5f52a8d70863ae085519b5c2f8

Located: HK_CU:Run, mySISvc
command: "C:\Program Files\mySI\mySI.exe" /svc
file: C:\Program Files\mySI\mySI.exe
size: 5958965
MD5: 73c39a5f52a8d70863ae085519b5c2f8

Located: HK_CU:Run, SpybotSD TeaTimer
command: "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1415824
MD5: 70496eee0ddbe485f658693826f44d38

Located: HK_CU:Run, Yahoo! Pager (DISABLED)
command: "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
file: C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
size: 4670968
MD5: 81bcd9b9a86c3559f5bcfe56519a9a19

Located: Startup (common), Adobe Reader Speed Launch.lnk (DISABLED)
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (common), Kodak EasyShare software.lnk (DISABLED)
command: C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
file: C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
size: 180224
MD5: 24db02dd193c408d735cd237efe4b048

Located: Startup (common), KODAK Software Updater.lnk (DISABLED)
command: C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
file: C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
size: 16423
MD5: db9012564169875f5b2aa7f5fc4905e4

Located: Startup (common), Logitech Desktop Messenger.lnk (DISABLED)
command: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 169472
MD5: 91291ca1490f952d977618544d540b87

Located: System.ini, !SASWinLogon
command:
file:

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, igfxcui
command: igfxdev.dll
file: igfxdev.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
  #2  
Old 05-27-2007
GaRHaR's Avatar
Tech Support Team
My PC
 
Join Date: Jul 2006
Location: Western Australia
Posts: 6,095
PC Experience: Elite PC Guru
GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page GaRHaR - See this Members User comments on their Profile page
Send a message via ICQ to GaRHaR Send a message via MSN to GaRHaR Send a message via Yahoo to GaRHaR
Default
Hi g2064,

Can you please follow the Prework link in my signiture and post the resulting logs? One of the security team will check it them out for you


__________________


"Study without desire spoils the memory, and it retains nothing that it takes in."
- Leonardo da Vinci

"I believe in Christianity as I believe that the sun has risen: not only because I see it, but because by it I see everything else."
- C. S. Lewis

Reply
New! Norton Internet Security 2008 – Download Now Click Here

Bookmarks

« Mic and soundcard not working | no sound »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 06:02 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top