miked55737
2008-04-29, 01:41
I have run Spybot numerous times to get rid of 19 threats it detects. It says it needs to run on reboot, which I allow it to do, but when it finishes and the computer boots into Windows again, a new scan shows that the problems remain. I tried doing it in Windows safe mode, but I get the same result. I have made sure that both Windows and Spybot are up-to-date with patches/updates.
PC Info:
Computer: Dell Dimension DM061
Processor: Pent-D 2.66 Ghz
RAM: 1 Gb
OS: WinXP Media Center Edition, SP2
Here's the SD scan log (in which it says it fixed the errors)
--- Report generated: 2008-04-28 14:25 ---
Zango: [SBI $DF8DAC14] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5929CD6E-2062-44a4-B2C5-2C7E78FBAB38}
180Solutions.SearchAssistant: [SBI $AB2A8735] Executable (File, fixed)
C:\WINDOWS\didduid.ini
180Solutions.SearchAssistant: [SBI $D1508A11] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}
2020Search: [SBI $1C86D773] Library (File, fixed)
C:\WINDOWS\2020search2.dll
2020Search: [SBI $524079D1] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-92C6-CE7EB590A94D}
CoolWWWSearch.Leftovers: [SBI $C5CA9532] Library (File, fixed)
C:\WINDOWS\2020search.dll
Smitfraud-C.: [SBI $DAFF8341] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}
Smitfraud-C.: [SBI $749A49D8] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}
Smitfraud-C.: [SBI $CA8B78D4] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}
Smitfraud-C.: [SBI $D738367D] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}
Smitfraud-C.: [SBI $8A7B2B35] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}
Smitfraud-C.: [SBI $A507ED05] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}
Smitfraud-C.: [SBI $81292234] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}
Smitfraud-C.: [SBI $73C55E9B] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}
Smitfraud-C.gp: [SBI $29222CE9] Web page (File, fixed)
C:\WINDOWS\default.htm
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-2455963964-3395364074-987033648-500\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $B2E55F62] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableTaskMgr
SecondThought.STCLoader: [SBI $CD09A67D] Executable (File, fixed)
C:\WINDOWS\stcloader.exe
Virtumonde: [SBI $3BE84E58] Settings (Registry key, fixed)
HKEY_USERS\S-1-5-21-2455963964-3395364074-987033648-500\Software\mwc
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-04-22 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-04-16 Includes\Adware.sbi (*)
2008-04-24 Includes\AdwareC.sbi (*)
2008-04-24 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-04-24 Includes\DialerC.sbi (*)
2008-04-24 Includes\HeavyDuty.sbi (*)
2008-03-19 Includes\Hijackers.sbi (*)
2008-04-24 Includes\HijackersC.sbi (*)
2008-02-27 Includes\Keyloggers.sbi (*)
2008-04-24 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-04-22 Includes\Malware.sbi (*)
2008-04-24 Includes\MalwareC.sbi (*)
2008-03-26 Includes\PUPS.sbi (*)
2008-04-24 Includes\PUPSC.sbi (*)
2008-04-24 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-04-24 Includes\SecurityC.sbi (*)
2008-04-16 Includes\Spybots.sbi (*)
2008-04-24 Includes\SpybotsC.sbi (*)
2008-04-16 Includes\Spyware.sbi (*)
2008-04-24 Includes\SpywareC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-04-24 Includes\Trojans.sbi (*)
2008-04-24 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Any help is greatly appreciated!
PC Info:
Computer: Dell Dimension DM061
Processor: Pent-D 2.66 Ghz
RAM: 1 Gb
OS: WinXP Media Center Edition, SP2
Here's the SD scan log (in which it says it fixed the errors)
--- Report generated: 2008-04-28 14:25 ---
Zango: [SBI $DF8DAC14] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5929CD6E-2062-44a4-B2C5-2C7E78FBAB38}
180Solutions.SearchAssistant: [SBI $AB2A8735] Executable (File, fixed)
C:\WINDOWS\didduid.ini
180Solutions.SearchAssistant: [SBI $D1508A11] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}
2020Search: [SBI $1C86D773] Library (File, fixed)
C:\WINDOWS\2020search2.dll
2020Search: [SBI $524079D1] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-92C6-CE7EB590A94D}
CoolWWWSearch.Leftovers: [SBI $C5CA9532] Library (File, fixed)
C:\WINDOWS\2020search.dll
Smitfraud-C.: [SBI $DAFF8341] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}
Smitfraud-C.: [SBI $749A49D8] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}
Smitfraud-C.: [SBI $CA8B78D4] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}
Smitfraud-C.: [SBI $D738367D] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}
Smitfraud-C.: [SBI $8A7B2B35] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}
Smitfraud-C.: [SBI $A507ED05] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}
Smitfraud-C.: [SBI $81292234] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}
Smitfraud-C.: [SBI $73C55E9B] Browser helper object (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}
Smitfraud-C.gp: [SBI $29222CE9] Web page (File, fixed)
C:\WINDOWS\default.htm
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, fixed)
HKEY_USERS\S-1-5-21-2455963964-3395364074-987033648-500\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
Microsoft.WindowsSecurityCenter.TaskManager: [SBI $B2E55F62] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableTaskMgr
SecondThought.STCLoader: [SBI $CD09A67D] Executable (File, fixed)
C:\WINDOWS\stcloader.exe
Virtumonde: [SBI $3BE84E58] Settings (Registry key, fixed)
HKEY_USERS\S-1-5-21-2455963964-3395364074-987033648-500\Software\mwc
--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---
2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-04-22 unins000.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2008-04-16 Includes\Adware.sbi (*)
2008-04-24 Includes\AdwareC.sbi (*)
2008-04-24 Includes\Cookies.sbi (*)
2007-12-26 Includes\Dialer.sbi (*)
2008-04-24 Includes\DialerC.sbi (*)
2008-04-24 Includes\HeavyDuty.sbi (*)
2008-03-19 Includes\Hijackers.sbi (*)
2008-04-24 Includes\HijackersC.sbi (*)
2008-02-27 Includes\Keyloggers.sbi (*)
2008-04-24 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-04-22 Includes\Malware.sbi (*)
2008-04-24 Includes\MalwareC.sbi (*)
2008-03-26 Includes\PUPS.sbi (*)
2008-04-24 Includes\PUPSC.sbi (*)
2008-04-24 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-04-24 Includes\SecurityC.sbi (*)
2008-04-16 Includes\Spybots.sbi (*)
2008-04-24 Includes\SpybotsC.sbi (*)
2008-04-16 Includes\Spyware.sbi (*)
2008-04-24 Includes\SpywareC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-04-24 Includes\Trojans.sbi (*)
2008-04-24 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Any help is greatly appreciated!