Swing
2006-01-14, 23:56
Hi
Since I installed SpyBoot 1.4 on my system, there are some items in System Startup that I dont recognize. I'm sure they weren't there because I check startup section often. Then I reinstalled SpyBoot 1.3 instead, and those entries are gone. Anyone knows what this might be?
Those items do not show in msconfig autostart or in a another application I have for checking startup programs. Bellow is my log. I'm talking about last 11 entries located in System.ini.
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2006-01-14 unins000.exe (51.41.0.0)
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-01-13 Includes\Cookies.sbi
2006-01-13 Includes\PUPS.sbi
2006-01-13 Includes\Dialer.sbi
2006-01-13 Includes\Hijackers.sbi
2006-01-13 Includes\Keyloggers.sbi
2006-01-13 Includes\Malware.sbi
2006-01-13 Includes\Revision.sbi
2006-01-13 Includes\Security.sbi
2006-01-13 Includes\Spybots.sbi
2006-01-13 Includes\Trojans.sbi
2005-02-17 Includes\Tracks.uti
Located: HK_LM:Run, EM_EXEC
command: C:\Program\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
file: C:\Program\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
size: 28672
MD5: bcdbcd110dae1abca8f3787c8fcd3166
Located: HK_LM:Run, MCAgentExe
command: c:\program\mcafee.com\agent\mcagent.exe
file: c:\program\mcafee.com\agent\mcagent.exe
size: 303104
MD5: e8d2dcece015f4558aa3853514664f15
Located: HK_LM:Run, MCUpdateExe
command: C:\program\mcafee.com\agent\McUpdate.exe
file: C:\program\mcafee.com\agent\McUpdate.exe
size: 212992
MD5: 612ecc8413abf6c2f8d57b8485535025
Located: HK_LM:Run, NeroFilterCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, VirusScan Online
command: "c:\program\mcafee.com\vso\mcvsshld.exe"
file: c:\program\mcafee.com\vso\mcvsshld.exe
size: 196608
MD5: 944982c9b57c8bcc58f4001a62cd503f
Located: HK_LM:Run, VSOCheckTask
command: "c:\program\mcafee.com\vso\mcmnhdlr.exe" /checktask
file: c:\program\mcafee.com\vso\mcmnhdlr.exe
size: 143360
MD5: ad209a764f19530ff7a4d4cfcf473055
Located: HK_LM:Run, zBrowser Launcher
command: C:\Program\Logitech\iTouch\iTouch.exe
file: C:\Program\Logitech\iTouch\iTouch.exe
size: 892928
MD5: 9aee9bcb32d82bcc36474eb921f3bb49
Located: HK_LM:Run, Zone Labs Client
command: C:\Program\Zone Labs\ZoneAlarm\zlclient.exe
file: C:\Program\Zone Labs\ZoneAlarm\zlclient.exe
size: 755472
MD5: e85c5dc2659f562c496e839649aa7200
Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "C:\Program\QuickTime\qttask.exe" -atboottime
file: C:\Program\QuickTime\qttask.exe
size: 77824
MD5: f8dbb32041336a94c676e6b70f759993
Located: HK_LM:Run, SoundMan (DISABLED)
command: SOUNDMAN.EXE
file: C:\WINDOWS\SOUNDMAN.EXE
size: 57344
MD5: 59bc3e1af9ccc7e7c06d61877ca0a138
Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
command: C:\Program\Java\j2re1.4.2_04\bin\jusched.exe
file: C:\Program\Java\j2re1.4.2_04\bin\jusched.exe
size: 32881
MD5: d7b9be63c406103ee1405fe473ac0697
Located: HK_LM:Run, TkBellExe (DISABLED)
command: "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
file: C:\Program\Delade filer\Real\Update_OB\realsched.exe
size: 180269
MD5: 7237366a57a26b7ed71c9b081fbdd6eb
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: febe82a289a6645e26b27f3a0a4d2b84
Located: HK_CU:Run, ctfmon.exe (DISABLED)
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: febe82a289a6645e26b27f3a0a4d2b84
Located: Startup (common), Logitech Desktop Messenger.lnk
command: C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 169472
MD5: 91291ca1490f952d977618544d540b87
Located: Startup (user), SpywareGuard.lnk
command: C:\Program\SpywareGuard\sgmain.exe
file: C:\Program\SpywareGuard\sgmain.exe
size: 360448
MD5: 61c028aba5e49573a6332f4a7c744e87
Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll
Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, WRNotifier
command: WRLogonNTF.dll
file: WRLogonNTF.dll
Since I installed SpyBoot 1.4 on my system, there are some items in System Startup that I dont recognize. I'm sure they weren't there because I check startup section often. Then I reinstalled SpyBoot 1.3 instead, and those entries are gone. Anyone knows what this might be?
Those items do not show in msconfig autostart or in a another application I have for checking startup programs. Bellow is my log. I'm talking about last 11 entries located in System.ini.
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2006-01-14 unins000.exe (51.41.0.0)
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-01-13 Includes\Cookies.sbi
2006-01-13 Includes\PUPS.sbi
2006-01-13 Includes\Dialer.sbi
2006-01-13 Includes\Hijackers.sbi
2006-01-13 Includes\Keyloggers.sbi
2006-01-13 Includes\Malware.sbi
2006-01-13 Includes\Revision.sbi
2006-01-13 Includes\Security.sbi
2006-01-13 Includes\Spybots.sbi
2006-01-13 Includes\Trojans.sbi
2005-02-17 Includes\Tracks.uti
Located: HK_LM:Run, EM_EXEC
command: C:\Program\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
file: C:\Program\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
size: 28672
MD5: bcdbcd110dae1abca8f3787c8fcd3166
Located: HK_LM:Run, MCAgentExe
command: c:\program\mcafee.com\agent\mcagent.exe
file: c:\program\mcafee.com\agent\mcagent.exe
size: 303104
MD5: e8d2dcece015f4558aa3853514664f15
Located: HK_LM:Run, MCUpdateExe
command: C:\program\mcafee.com\agent\McUpdate.exe
file: C:\program\mcafee.com\agent\McUpdate.exe
size: 212992
MD5: 612ecc8413abf6c2f8d57b8485535025
Located: HK_LM:Run, NeroFilterCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90
Located: HK_LM:Run, VirusScan Online
command: "c:\program\mcafee.com\vso\mcvsshld.exe"
file: c:\program\mcafee.com\vso\mcvsshld.exe
size: 196608
MD5: 944982c9b57c8bcc58f4001a62cd503f
Located: HK_LM:Run, VSOCheckTask
command: "c:\program\mcafee.com\vso\mcmnhdlr.exe" /checktask
file: c:\program\mcafee.com\vso\mcmnhdlr.exe
size: 143360
MD5: ad209a764f19530ff7a4d4cfcf473055
Located: HK_LM:Run, zBrowser Launcher
command: C:\Program\Logitech\iTouch\iTouch.exe
file: C:\Program\Logitech\iTouch\iTouch.exe
size: 892928
MD5: 9aee9bcb32d82bcc36474eb921f3bb49
Located: HK_LM:Run, Zone Labs Client
command: C:\Program\Zone Labs\ZoneAlarm\zlclient.exe
file: C:\Program\Zone Labs\ZoneAlarm\zlclient.exe
size: 755472
MD5: e85c5dc2659f562c496e839649aa7200
Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "C:\Program\QuickTime\qttask.exe" -atboottime
file: C:\Program\QuickTime\qttask.exe
size: 77824
MD5: f8dbb32041336a94c676e6b70f759993
Located: HK_LM:Run, SoundMan (DISABLED)
command: SOUNDMAN.EXE
file: C:\WINDOWS\SOUNDMAN.EXE
size: 57344
MD5: 59bc3e1af9ccc7e7c06d61877ca0a138
Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
command: C:\Program\Java\j2re1.4.2_04\bin\jusched.exe
file: C:\Program\Java\j2re1.4.2_04\bin\jusched.exe
size: 32881
MD5: d7b9be63c406103ee1405fe473ac0697
Located: HK_LM:Run, TkBellExe (DISABLED)
command: "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
file: C:\Program\Delade filer\Real\Update_OB\realsched.exe
size: 180269
MD5: 7237366a57a26b7ed71c9b081fbdd6eb
Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: febe82a289a6645e26b27f3a0a4d2b84
Located: HK_CU:Run, ctfmon.exe (DISABLED)
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: febe82a289a6645e26b27f3a0a4d2b84
Located: Startup (common), Logitech Desktop Messenger.lnk
command: C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
file: C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
size: 169472
MD5: 91291ca1490f952d977618544d540b87
Located: Startup (user), SpywareGuard.lnk
command: C:\Program\SpywareGuard\sgmain.exe
file: C:\Program\SpywareGuard\sgmain.exe
size: 360448
MD5: 61c028aba5e49573a6332f4a7c744e87
Located: System.ini, AtiExtEvent
command: Ati2evxx.dll
file: Ati2evxx.dll
Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll
Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll
Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll
Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll
Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll
Located: System.ini, WRNotifier
command: WRLogonNTF.dll
file: WRLogonNTF.dll