View Full Version : Smitfraud-C.Toolbar888
Not So Technical
2007-05-15, 07:36
I have no idea as to what I am doing. I have had this problem for weeks and I have tried everything I know how to do. When I scan my system Smitfraud always shows up. SpyBot tells me it cannot remove the problem because it is in use in the systems memory. It asks if I want to run a scan upon my next startup, I tell it yes, and when it does the scan the same prompts come up. The same thing happens in safe mode and debugging mode. I don't know what else to try.
I ran this scan and told Spybot to save a copy of the scan report on file, then I copy pasted it here; The only thing that wont go away is the Smitfraud:
--- Search result list ---
Smitfraud-C.Toolbar888: Library (File, fixing failed)
C:\WINDOWS\system32\geebc.dll
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
SystemDoctor2006: Tracking cookie (Firefox: default) (Cookie, fixed)
SystemDoctor2006: Tracking cookie (Firefox: default) (Cookie, fixed)
SystemDoctor2006: Tracking cookie (Firefox: default) (Cookie, fixed)
SystemDoctor2006: Tracking cookie (Firefox: default) (Cookie, fixed)
SystemDoctor2006: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
AdRevolver: Tracking cookie (Firefox: default) (Cookie, fixed)
ReliableStats: Tracking cookie (Firefox: default) (Cookie, fixed)
ReliableStats: Tracking cookie (Firefox: default) (Cookie, fixed)
ReliableStats: Tracking cookie (Firefox: default) (Cookie, fixed)
ReliableStats: Tracking cookie (Firefox: default) (Cookie, fixed)
ReliableStats: Tracking cookie (Firefox: default) (Cookie, fixed)
SystemDoctor2006: Tracking cookie (Firefox: default) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
To Be Continued
Not So Technical
2007-05-15, 07:44
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-07-24 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-04-18 advcheck.dll (1.5.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-05-09 Includes\Cookies.sbi (*)
2006-12-08 Includes\Dialer.sbi (*)
2007-05-09 Includes\DialerC.sbi (*)
2007-04-04 Includes\Hijackers.sbi (*)
2007-05-09 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-05-09 Includes\KeyloggersC.sbi (*)
2007-03-21 Includes\Malware.sbi (*)
2007-05-09 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-05-09 Includes\PUPSC.sbi (*)
2007-05-09 Includes\Revision.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-05-09 Includes\SecurityC.sbi (*)
2007-03-21 Includes\Spybots.sbi (*)
2007-05-09 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-05-02 Includes\Trojans.sbi (*)
2007-05-09 Includes\TrojansC.sbi (*)
--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB916281
/ Internet Explorer 6 / SP1: Windows XP Hotfix - KB918439
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/917283
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/922770
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Outlook Express 6 / SP1: Windows XP Hotfix - KB911567
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows Media Player 8: Security Update for Windows Media Player 8 (KB917734)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB931768)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Update for Windows XP (KB900930)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Update for Windows XP (KB904942)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Hotfix for Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918118)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920213)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB922760)
/ Windows XP / SP3: Security Update for Windows XP (KB922819)
/ Windows XP / SP3: Security Update for Windows XP (KB923191)
/ Windows XP / SP3: Security Update for Windows XP (KB923414)
/ Windows XP / SP3: Security Update for Windows XP (KB923694)
/ Windows XP / SP3: Security Update for Windows XP (KB923980)
/ Windows XP / SP3: Security Update for Windows XP (KB924191)
/ Windows XP / SP3: Security Update for Windows XP (KB924270)
/ Windows XP / SP3: Security Update for Windows XP (KB924496)
/ Windows XP / SP3: Security Update for Windows XP (KB924667)
/ Windows XP / SP3: Security Update for Windows XP (KB925454)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)
/ Windows XP / SP3: Security Update for Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Security Update for Windows XP (KB926255)
/ Windows XP / SP3: Security Update for Windows XP (KB926436)
/ Windows XP / SP3: Security Update for Windows XP (KB927779)
/ Windows XP / SP3: Security Update for Windows XP (KB927802)
/ Windows XP / SP3: Security Update for Windows XP (KB928090)
/ Windows XP / SP3: Security Update for Windows XP (KB928255)
/ Windows XP / SP3: Security Update for Windows XP (KB928843)
/ Windows XP / SP3: Update for Windows XP (KB929338)
/ Windows XP / SP3: Security Update for Windows XP (KB929969)
/ Windows XP / SP3: Security Update for Windows XP (KB930178)
/ Windows XP / SP3: Update for Windows XP (KB930916)
/ Windows XP / SP3: Security Update for Windows XP (KB931261)
/ Windows XP / SP3: Security Update for Windows XP (KB931768)
/ Windows XP / SP3: Security Update for Windows XP (KB931784)
/ Windows XP / SP3: Update for Windows XP (KB931836)
/ Windows XP / SP3: Security Update for Windows XP (KB932168)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221
--- Startup entries list ---
Located: HK_LM:Run, avast!
command: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
file: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 75392
MD5: 41b88784128c1eb3a24a928ce58b2455
Located: HK_LM:Run, Broadcom Wireless Manager UI
command: C:\WINDOWS\system32\WLTRAY.exe
file: C:\WINDOWS\system32\WLTRAY.exe
size: 1347584
MD5: 234c29a211817b5c69c2e4c4c4f71750
Located: HK_LM:Run, DLA
command: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
file: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
size: 122940
MD5: 5b1d53e352db12e14987decde1b17906
Located: HK_LM:Run, HP Component Manager
command: "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
file: C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: e91cde1b706189c03904a901a1ca1832
Located: HK_LM:Run, HP Software Update
command: "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
file: C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 821f73b833c4daebc33c1a9a4b16bb5a
Located: HK_LM:Run, igfxhkcmd
command: C:\WINDOWS\System32\hkcmd.exe
file: C:\WINDOWS\System32\hkcmd.exe
size: 77824
MD5: 6ccda2be86943e8f1180a99cb85fbcee
Located: HK_LM:Run, igfxpers
command: C:\WINDOWS\System32\igfxpers.exe
file: C:\WINDOWS\System32\igfxpers.exe
size: 118784
MD5: 8621e27bb6a718a9b6f9c95c03be5bc2
Located: HK_LM:Run, igfxtray
command: C:\WINDOWS\System32\igfxtray.exe
file: C:\WINDOWS\System32\igfxtray.exe
size: 94208
MD5: 3f5b2146a6f1e651e593ebdd7b1cc7ff
Located: HK_LM:Run, LanguageShortcut
command: "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
file: C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
size: 49152
MD5: 4377ddc405d4569530962138eee20f83
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: 30e1f03dcc8825988528d9058312ede2
Located: HK_LM:Run, RemoteControl
command: "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
file: C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
size: 30208
MD5: 6ccbe90d8eae1a5a613b0777ed7e96ec
Located: HK_LM:Run, SigmatelSysTrayApp
command: stsystra.exe
file: C:\WINDOWS\stsystra.exe
size: 282624
MD5: ad2506958de1937c16c553c0a1be0572
Located: HK_LM:Run, SynTPEnh
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 761947
MD5: abb85828c394ceacacbc90373c59c529
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185784
MD5: 8a71139a5cd86ac55cf0e4383ab4ae33
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8
Located: Startup (common), Adobe Gamma Loader.exe.lnk
command: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
file: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
size: 113664
MD5: c2ff17734176cd15221c10044ef0ba1a
Located: Startup (common), Google Updater.lnk
command: C:\Program Files\Google\Google Updater\GoogleUpdater.exe
file: C:\Program Files\Google\Google Updater\GoogleUpdater.exe
size: 125176
MD5: 8164468421dc9b0cf122721f3936ba0b
Located: Startup (common), Microsoft Office.lnk
command: C:\Program Files\Microsoft Office\Office\OSA9.EXE
file: C:\Program Files\Microsoft Office\Office\OSA9.EXE
size: 65588
MD5: b70fa5fea34b4f803e543f92b6c206be
Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll
Located: System.ini, geebc
command: C:\WINDOWS\system32\geebc.dll
file: C:\WINDOWS\system32\geebc.dll
size: 281172
MD5: 80af236b34ad38d9d49a2ae8544049a4
Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, WRNotifier
command: WRLogonNTF.dll
file: WRLogonNTF.dll
Not So Technical
2007-05-15, 07:45
--- Browser helper object list ---
{521FCE7B-2257-4D0B-9E6C-CCCCC232C172} ()
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: geebc.dll
Short name:
Date (created): 4/26/2007 10:14:38 AM
Date (last access): 5/15/2007 12:06:30 AM
Date (last write): 4/26/2007 10:14:42 AM
Filesize: 281172
Attributes:
MD5: 80AF236B34AD38D9D49A2AE8544049A4
CRC32: 0BFC30FB
{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\System32\DLA\
Long name: DLASHX_W.DLL
Short name:
Date (created): 7/24/2006 4:59:32 PM
Date (last access): 5/14/2007 11:53:10 PM
Date (last write): 11/7/2005 5:20:00 AM
Filesize: 110652
Attributes: archive
MD5: A68BD98A43710FE5D19C92158E341F0C
CRC32: A34F395A
Version: 5.20.12.0
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\
Long name: swg.dll
Short name:
Date (created): 5/14/2007 12:51:14 AM
Date (last access): 5/15/2007 12:07:12 AM
Date (last write): 5/14/2007 12:51:14 AM
Filesize: 324536
Attributes: archive
MD5: 556604B2B55CC09F353C422D2AC6AD4C
CRC32: F3CEAA98
Version: 2.0.301.5672
--- ActiveX list ---
--- Process list ---
PID: 0 ( 0) [System]
PID: 732 ( 4) \SystemRoot\System32\smss.exe
PID: 780 ( 732) \??\C:\WINDOWS\system32\csrss.exe
PID: 804 ( 732) \??\C:\WINDOWS\system32\winlogon.exe
PID: 848 ( 804) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 860 ( 804) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1024 ( 848) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1100 ( 848) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1140 ( 848) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1180 ( 848) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1224 ( 848) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1592 ( 848) C:\WINDOWS\System32\WLTRYSVC.EXE
size: 18944
MD5: 8E12ADCD26A2AC8006E52B74463E9DD1
PID: 1604 (1592) C:\WINDOWS\System32\bcmwltry.exe
size: 1200128
MD5: 3118A7345A5C28E8D5C6BE7A90AEA0A6
PID: 1616 ( 848) C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
size: 16512
MD5: 0BAB87DB7DAC336B52ADA529CF472B74
PID: 1688 ( 848) C:\Program Files\Alwil Software\Avast4\ashServ.exe
size: 132736
MD5: 4C2D6F51F2A1943EF24E8C3E55267F04
PID: 1972 ( 848) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 468 ( 352) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 652 ( 848) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
size: 138680
MD5: D213C2B1CE0FAEAB59EC0C55B4493F94
PID: 712 ( 848) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
size: 270336
MD5: 5B7E6A2FF397E3521F02A9B7AD93A900
PID: 120 ( 848) C:\Program Files\CyberLink\Shared files\RichVideo.exe
size: 167936
MD5: BD517C7FB119997EFFBE39D5E4B37B05
PID: 1204 ( 848) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1500 ( 468) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 761947
MD5: ABB85828C394CEACACBC90373C59C529
PID: 1512 ( 468) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
size: 30208
MD5: 6CCBE90D8EAE1A5A613B0777ED7E96EC
PID: 1544 ( 468) C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 821F73B833C4DAEBC33C1A9A4B16BB5A
PID: 1772 ( 468) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
size: 241664
MD5: E91CDE1B706189C03904A901A1CA1832
PID: 1780 ( 468) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 185784
MD5: 8A71139A5CD86AC55CF0E4383AB4AE33
PID: 1788 ( 468) C:\WINDOWS\stsystra.exe
size: 282624
MD5: AD2506958DE1937C16C553C0A1BE0572
PID: 1904 ( 468) C:\WINDOWS\System32\igfxpers.exe
size: 118784
MD5: 8621E27BB6A718A9B6F9C95C03BE5BC2
PID: 1912 ( 468) C:\WINDOWS\System32\hkcmd.exe
size: 77824
MD5: 6CCDA2BE86943E8F1180A99CB85FBCEE
PID: 1920 ( 468) C:\WINDOWS\System32\DLA\DLACTRLW.EXE
size: 122940
MD5: 5B1D53E352DB12E14987DECDE1B17906
PID: 192 ( 468) C:\WINDOWS\system32\WLTRAY.exe
size: 1347584
MD5: 234C29A211817B5C69C2E4C4C4F71750
PID: 232 ( 468) C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
size: 75392
MD5: 41B88784128C1EB3A24A928CE58B2455
PID: 244 ( 468) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 436 ( 468) C:\Program Files\Google\Google Updater\GoogleUpdater.exe
size: 125176
MD5: 8164468421DC9B0CF122721F3936BA0B
PID: 2240 ( 848) C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
size: 243328
MD5: 0005DB55986F3B014FBA24C2356476B7
PID: 2268 ( 848) C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
size: 345728
MD5: D1C26F6B1AA7BA597F435CB136E998D4
PID: 2636 ( 848) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 264 (1024) C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
size: 135168
MD5: 6B9492CEE2E71371104CBD0A725F5A4C
PID: 172 ( 468) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System
PID: 560 ( 468) C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
size: 10586440
MD5: 3C6D8B1D5DB146DDB0F651E247AAE2D2
PID: 3780 (1024) C:\Program Files\Microsoft Works\WkDStore.exe
size: 86016
MD5: C2D7DAF2EA5CC3D2EE91E5E5F47BC8B5
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 5/15/2007 12:12:37 AM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.yahoo.com/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
--- Uninstall list ---
(AddressBook)
Adobe Photoshop 6.0 6.0 (Adobe Photoshop 6.0)
version (major): 6
install location: C:\Program Files\Adobe\Photoshop 6.0
install source: D:\photoshop6\
uninstall cmd: C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
publisher: Adobe Systems, Inc.
Adobe SVG Viewer 1.0 (Adobe SVG Viewer)
version (major): 1
install location: C:\WINDOWS\system32\Adobe\SVG Viewer
install source: D:\photoshop6\SVG\
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
publisher: Adobe Systems, Inc.
AOL Instant Messenger (AOL Instant Messenger)
uninstall cmd: C:\Documents and Settings\JessiS\My Documents\filelib\AIM Logs\uninstll.exe -LOG= C:\Documents and Settings\JessiS\My Documents\filelib\AIM Logs\install.log -OEM=
Not So Technical
2007-05-15, 07:51
The report is too long, and I've lost my place - and I don't think its the right thing anyway. What do I do to give you the right report?
pskelley
2007-05-19, 14:28
Welcome to Safer Networking, if you still need help and are not receiving it elsewhere, it appears you have missed some important instructions our administrator has posted at the top of the forum, especially this: "BEFORE you POST" Mandatory Steps Before Requesting Assistance http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please read and follow all instructions and post all required logs or reports, anything less will slow your process.
Use "Post Reply" to post the information in the instructions and stay in the same topic.
I do not know if I can help or not but if you will take the time to read the instructions I posted and provide me with the correct HJT log, I will take a look. Post nothing except what I request and if the issues are resolved I would appreciate you letting me know so I can close the topic.
Thanks
This topic has been archived.
If you need it re-opened, please send me a private message (pm) and provide a link to the thread.
Applies only to the original poster, anyone else with similar problems please start a new topic.