Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Spyhunter : malware or not ??

  1. #11
    Senior Member
    Join Date
    Oct 2005
    Location
    Germany
    Posts
    5,263

    Default

    Hello,

    Yes, and we detect SpyHunter also.
    So you have decide which program you like to use.
    The free Spybot Search & Destroy or the SpyHunter you need to pay for.

    Best regards
    Sandra
    Team Spybot

  2. #12
    Junior Member
    Join Date
    Dec 2006
    Posts
    14

    Default

    You were right...my security settings on both IE and FF were too loose. I tightened them and used the SpyHunter log to manually remove the trojans (were they really trojans?) from my registry. Best of both worlds!!

  3. #13
    Junior Member
    Join Date
    Sep 2007
    Posts
    2

    Question persistent problem that is frying my brain: Vondu

    I followed steps you have outlined in response to atribrune's quote, given here:

    Originally Posted by Atribune
    Toolbar888 is commonly seen with virtumonde(vundo) Should probably post logs

    Here is my log of spyhunter report:


    Edit: Removed log, this is the support forum for Spybot-S&D not Spyhunter.
    Last edited by tashi; 2008-12-29 at 07:28. Reason: log removed

  4. #14
    Junior Member
    Join Date
    Sep 2007
    Posts
    2

    Question part 2

    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2007-08-24 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2007-05-23 advcheck.dll (1.5.3.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2007-07-31 Tools.dll (2.1.2.0)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2007-08-29 Includes\Cookies.sbi (*)
    2007-07-25 Includes\Dialer.sbi (*)
    2007-08-29 Includes\DialerC.sbi (*)
    2007-08-29 Includes\Hijackers.sbi (*)
    2007-08-29 Includes\HijackersC.sbi (*)
    2007-07-25 Includes\Keyloggers.sbi (*)
    2007-08-29 Includes\KeyloggersC.sbi (*)
    2007-08-29 Includes\Malware.sbi (*)
    2007-08-29 Includes\MalwareC.sbi (*)
    2007-08-29 Includes\PUPS.sbi (*)
    2007-08-29 Includes\PUPSC.sbi (*)
    2007-08-29 Includes\Revision.sbi (*)
    2007-05-30 Includes\Security.sbi (*)
    2007-08-29 Includes\SecurityC.sbi (*)
    2007-08-01 Includes\Spybots.sbi (*)
    2007-08-29 Includes\SpybotsC.sbi (*)
    2007-08-21 Includes\Tracks.uti
    2007-08-29 Includes\Trojans.sbi (*)
    2007-08-29 Includes\TrojansC.sbi (*)
    2007-06-06 Plugins\TCPIPAddress.dll



    --- System information ---
    Windows XP (Build: 2600) Service Pack 2
    / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366) / .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1
    (KB867460)
    / MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2 / MSXML4SP2: Security update for MSXML4 SP2 (KB936181) / Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458) / Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723) / Windows Media Player 10: Security Update for Windows Media Player 10
    (KB911565)
    / Windows Media Player 10: Security Update for Windows Media Player 10
    (KB917734)
    / Windows Media Player 10: Security Update for Windows Media Player 10
    (KB936782)
    / Windows Media Player 6.4: Security Update for Windows Media Player
    6.4 (KB925398)
    / Windows XP: Security Update for Windows XP (KB923689) / Windows XP / SP3: Windows XP Hotfix - KB834707 / Windows XP / SP3: Windows XP Hotfix - KB873333 / Windows XP / SP3: Windows XP Hotfix - KB873339 / Windows XP / SP3: Security Update for Windows XP (KB883939) / Windows XP / SP3: Windows XP Hotfix - KB885250 / Windows XP / SP3: Windows XP Hotfix - KB885835 / Windows XP / SP3: Windows XP Hotfix - KB885836 / Windows XP / SP3: Windows XP Hotfix - KB886185 / Windows XP / SP3: Windows XP Hotfix - KB887472 / Windows XP / SP3: Windows XP Hotfix - KB887742 / Windows XP / SP3: Windows XP Hotfix - KB888113 / Windows XP / SP3: Windows XP Hotfix - KB888302 / Windows XP / SP3: Windows XP Hotfix - KB888310 / Windows XP / SP3: Security Update for Windows XP (KB890046) / Windows XP / SP3: Windows XP Hotfix - KB890175 / Windows XP / SP3: Windows XP Hotfix - KB890859 / Windows XP / SP3: Windows XP Hotfix - KB891781 / Windows XP / SP3: Security Update for Windows XP (KB893066) / Windows XP / SP3: Windows XP Hotfix - KB893086 / Windows XP / SP3: Security Update for Windows XP (KB893756) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Update for Windows XP (KB894391) / Windows XP / SP3: Security Update for Windows XP (KB896358) / Windows XP / SP3: Security Update for Windows XP (KB896422) / Windows XP / SP3: Security Update for Windows XP (KB896423) / Windows XP / SP3: Security Update for Windows XP (KB896424) / Windows XP / SP3: Security Update for Windows XP (KB896428) / Windows XP / SP3: Security Update for Windows XP (KB896688) / Windows XP / SP3: Update for Windows XP (KB896727) / Windows XP / SP3: Update for Windows XP (KB898461) / Windows XP / SP3: Security Update for Windows XP (KB899587) / Windows XP / SP3: Security Update for Windows XP (KB899588) / Windows XP / SP3: Security Update for Windows XP (KB899589) / Windows XP / SP3: Security Update for Windows XP (KB899591) / Windows XP / SP3: Update for Windows XP (KB900485) / Windows XP / SP3: Security Update for Windows XP (KB900725) / Windows XP / SP3: Security Update for Windows XP (KB901017) / Windows XP / SP3: Security Update for Windows XP (KB901214) / Windows XP / SP3: Security Update for Windows XP (KB902400) / Windows XP / SP3: Security Update for Windows XP (KB903235) / Windows XP / SP3: Security Update for Windows XP (KB904706) / Windows XP / SP3: Security Update for Windows XP (KB905414) / Windows XP / SP3: Security Update for Windows XP (KB905749) / Windows XP / SP3: Security Update for Windows XP (KB905915) / Windows XP / SP3: Security Update for Windows XP (KB908519) / Windows XP / SP3: Security Update for Windows XP (KB908531) / Windows XP / SP3: Update for Windows XP (KB910437) / Windows XP / SP3: Security Update for Windows XP (KB911280) / Windows XP / SP3: Security Update for Windows XP (KB911562) / Windows XP / SP3: Security Update for Windows XP (KB911567) / Windows XP / SP3: Security Update for Windows XP (KB911927) / Windows XP / SP3: Security Update for Windows XP (KB912812) / Windows XP / SP3: Security Update for Windows XP (KB912919) / Windows XP / SP3: Security Update for Windows XP (KB913446) / Windows XP / SP3: Security Update for Windows XP (KB913580) / Windows XP / SP3: Security Update for Windows XP (KB914388) / Windows XP / SP3: Security Update for Windows XP (KB914389) / Windows XP / SP3: Security Update for Windows XP (KB916281) / Windows XP / SP3: Update for Windows XP (KB916595) / Windows XP / SP3: Security Update for Windows XP (KB917159) / Windows XP / SP3: Security Update for Windows XP (KB917344) / Windows XP / SP3: Security Update for Windows XP (KB917422) / Windows XP / SP3: Security Update for Windows XP (KB917953) / Windows XP / SP3: Security Update for Windows XP (KB918118) / Windows XP / SP3: Security Update for Windows XP (KB918439) / Windows XP / SP3: Security Update for Windows XP (KB918899) / Windows XP / SP3: Security Update for Windows XP (KB919007) / Windows XP / SP3: Security Update for Windows XP (KB920213) / Windows XP / SP3: Security Update for Windows XP (KB920214) / Windows XP / SP3: Security Update for Windows XP (KB920670) / Windows XP / SP3: Security Update for Windows XP (KB920683) / Windows XP / SP3: Security Update for Windows XP (KB920685) / Windows XP / SP3: Update for Windows XP (KB920872) / Windows XP / SP3: Security Update for Windows XP (KB921398) / Windows XP / SP3: Security Update for Windows XP (KB921503) / Windows XP / SP3: Security Update for Windows XP (KB921883) / Windows XP / SP3: Update for Windows XP (KB922582) / Windows XP / SP3: Security Update for Windows XP (KB922616) / Windows XP / SP3: Security Update for Windows XP (KB922760) / Windows XP / SP3: Security Update for Windows XP (KB922819) / Windows XP / SP3: Security Update for Windows XP (KB923191) / Windows XP / SP3: Security Update for Windows XP (KB923414) / Windows XP / SP3: Security Update for Windows XP (KB923694) / Windows XP / SP3: Security Update for Windows XP (KB923980) / Windows XP / SP3: Security Update for Windows XP (KB924191) / Windows XP / SP3: Security Update for Windows XP (KB924270) / Windows XP / SP3: Security Update for Windows XP (KB924496) / Windows XP / SP3: Security Update for Windows XP (KB924667) / Windows XP / SP3: Security Update for Windows XP (KB925454) / Windows XP / SP3: Security Update for Windows XP (KB925486) / Windows XP / SP3: Security Update for Windows XP (KB925902) / Windows XP / SP3: Security Update for Windows XP (KB926255) / Windows XP / SP3: Security Update for Windows XP (KB926436) / Windows XP / SP3: Security Update for Windows XP (KB927779) / Windows XP / SP3: Security Update for Windows XP (KB927802) / Windows XP / SP3: Update for Windows XP (KB927891) / Windows XP / SP3: Security Update for Windows XP (KB928090) / Windows XP / SP3: Security Update for Windows XP (KB928255) / Windows XP / SP3: Security Update for Windows XP (KB928843) / Windows XP / SP3: Security Update for Windows XP (KB929123) / Windows XP / SP3: Update for Windows XP (KB929338) / Windows XP / SP3: Security Update for Windows XP (KB929969) / Windows XP / SP3: Security Update for Windows XP (KB930178) / Windows XP / SP3: Update for Windows XP (KB930916) / Windows XP / SP3: Security Update for Windows XP (KB931261) / Windows XP / SP3: Security Update for Windows XP (KB931784) / Windows XP / SP3: Update for Windows XP (KB931836) / Windows XP / SP3: Security Update for Windows XP (KB932168) / Windows XP / SP3: Update for Windows XP (KB933360) / Windows XP / SP3: Security Update for Windows XP (KB933566) / Windows XP / SP3: Security Update for Windows XP (KB935839) / Windows XP / SP3: Security Update for Windows XP (KB935840) / Windows XP / SP3: Security Update for Windows XP (KB936021) / Windows XP / SP3: Update for Windows XP (KB936357) / Windows XP / SP3: Security Update for Windows XP (KB937143) / Windows XP / SP3: Security Update for Windows XP (KB938127) / Windows XP / SP3: Update for Windows XP (KB938828) / Windows XP / SP3: Security Update for Windows XP (KB938829)


    --- Startup entries list ---
    Located: HK_LM:Run,
    command:
    file:

    Located: HK_LM:Run, AOLDialer
    command: C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    file: C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    size: 71216
    MD5: b9b78f0d9aebca8f717680fbabbb5ff4

    Located: HK_LM:Run, Apoint
    command: C:\Program Files\Apoint\Apoint.exe
    file: C:\Program Files\Apoint\Apoint.exe
    size: 155648
    MD5: a0b4823c28ad825728550796042c68a4

    Located: HK_LM:Run, ATIPTA
    command: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    file: C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    size: 339968
    MD5: e3288bbd172f6b5803b0cb7c4cdc5d1e

    Located: HK_LM:Run, Dell QuickSet
    command: C:\Program Files\Dell\QuickSet\quickset.exe
    file: C:\Program Files\Dell\QuickSet\quickset.exe
    size: 606208
    MD5: c67c916b6b43b4b092adeaf7adf285bf

    Located: HK_LM:Run, dla
    command: C:\WINDOWS\system32\dla\tfswctrl.exe
    file: C:\WINDOWS\system32\dla\tfswctrl.exe
    size: 127035
    MD5: 2ca827ba68d0cdb5437c40c6f53d7f20

    Located: HK_LM:Run, DLBTCATS
    command: rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3
    \DLBTtime.dll,_RunDLLEntry@16
    file:

    Located: HK_LM:Run, DMXLauncher
    command: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    file: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    size: 86016
    MD5: 526874efe8d1f0ec1b7bbb87d5c433e6

    Located: HK_LM:Run, DVDLauncher
    command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    size: 53248
    MD5: b3e3c57fd22e71ce20389372d972c6dc

    Located: HK_LM:Run, Google Desktop Search
    command: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    file: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    size: 1836544
    MD5: e3caea4c0864e9e0e05e4cd8e7432ebe

    Located: HK_LM:Run, HostManager
    command: C:\Program Files\Common Files\AOL\1124326005\ee\AOLSoftware.exe
    file: C:\Program Files\Common Files\AOL\1124326005\ee\AOLSoftware.exe
    size: 50736
    MD5: c482c535cbfefe722ec1eb7f11f680a3

    Located: HK_LM:Run, IntelWireless
    command: C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    file:

    Located: HK_LM:Run, ISUSPM Startup
    command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    file: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
    size: 221184
    MD5: fb9e5c251cf6c37749f296bacb34a69b

    Located: HK_LM:Run, ISUSScheduler
    command: "C:\Program Files\Common
    Files\InstallShield\UpdateService\issch.exe" -start
    file: C:\Program Files\Common
    Files\InstallShield\UpdateService\issch.exe
    size: 81920
    MD5: 763dab43bdab27316dbf3373192823d7

    Located: HK_LM:Run, iTunesHelper
    command: "C:\Program Files\iTunes\iTunesHelper.exe"
    file: C:\Program Files\iTunes\iTunesHelper.exe
    size: 271672
    MD5: 75e7851ce99ea8f9b74361f284666fe0

    Located: HK_LM:Run, MBkLogOnHook
    command: C:\Program Files\McAfee\MBK\LogOnHook.exe
    file: C:\Program Files\McAfee\MBK\LogOnHook.exe
    size: 20480
    MD5: ad32fdd7e1c04631da81b68f7072d29e

    Located: HK_LM:Run, McAfee Backup
    command: C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
    file: C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
    size: 4838952
    MD5: 1656f3bb44b202e3c34f73a3a6fca84a

    Located: HK_LM:Run, mcagent_exe
    command: C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    file:

    Located: HK_LM:Run, POINTER
    command: point32.exe
    file:

    Located: HK_LM:Run, QuickTime Task
    command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    file: C:\Program Files\QuickTime\QTTask.exe
    size: 286720
    MD5: 49ccfbe5d5225b9d3cc78c09dee147d0

    Located: HK_LM:Run, SiteAdvisor
    command: C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
    file: C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
    size: 35928
    MD5: 2ddbe7aadb02d797504f2dc7e7e685a2

    Located: HK_LM:Run, SpyHunter
    command:
    file:

    Located: HK_LM:Run, SunJavaUpdateSched
    command: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    file: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    size: 32881
    MD5: ed85b344e6edc30c1bc57ec1a2a56bf3

    Located: HK_LM:Run, TkBellExe
    command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" - osboot
    file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    size: 185784
    MD5: 8a71139a5cd86ac55cf0e4383ab4ae33

    Located: HK_LM:RunOnceEx,
    command:
    file:

    Located: HK_CU:Run, ctfmon.exe
    command: C:\WINDOWS\system32\ctfmon.exe
    file: C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 24232996a38c0b0cf151c2140ae29fc8

    Located: HK_CU:Run, DellSupport
    command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    file: C:\Program Files\DellSupport\DSAgnt.exe
    size: 460784
    MD5: b75fdbf14073d72c50624cc8338dd534

    Located: HK_CU:Run, MSMSGS
    command: "C:\Program Files\Messenger\msmsgs.exe" /background
    file: C:\Program Files\Messenger\msmsgs.exe
    size: 1694208
    MD5: 74e6e96c6f0e2eca4edbb7f7a468f259

    Located: Startup (common), Digital Line Detect.lnk
    command: C:\Program Files\Digital Line Detect\DLG.exe
    file: C:\Program Files\Digital Line Detect\DLG.exe
    size: 24576
    MD5: b66e56733e2cd6a10fda5919625fbf46

    Located: System.ini, AtiExtEvent
    command: Ati2evxx.dll
    file: Ati2evxx.dll

    Located: System.ini, crypt32chain
    command: crypt32.dll
    file: crypt32.dll

    Located: System.ini, cryptnet
    command: cryptnet.dll
    file: cryptnet.dll

    Located: System.ini, cscdll
    command: cscdll.dll
    file: cscdll.dll

    Located: System.ini, IntelWireless
    command: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
    file: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
    size: 110592
    MD5: e0305040e70be2ae657987ce0d7d14df

    Located: System.ini, ScCertProp
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, Schedule
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, sclgntfy
    command: sclgntfy.dll
    file: sclgntfy.dll

    Located: System.ini, SensLogn
    command: WlNotify.dll
    file: WlNotify.dll

    Located: System.ini, termsrv
    command: wlnotify.dll
    file: wlnotify.dll

    Located: System.ini, WgaLogon
    command: WgaLogon.dll
    file: WgaLogon.dll

    Located: System.ini, wlballoon
    command: wlnotify.dll
    file: wlnotify.dll




    --- Browser helper object list ---
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    BHO name:
    CLSID name: AcroIEHlprObj Class
    description: Adobe Acrobat reader
    classification: Legitimate
    known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll
    info link: http://www.adobe.com/products/acrobat/readstep2.html
    info source: TonyKlein
    Path: C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\
    Long name: AcroIEHelper.dll
    Short name: ACROIE~1.DLL
    Date (created): 11/3/2003 3:17:44 PM Date (last access): 9/3/2007 12:02:20 AM Date (last write): 11/3/2003 3:17:44 PM
    Filesize: 54248
    Attributes: archive
    MD5: FC7850324464E4D19A24A03D882B5CC4
    CRC32: 452E8571
    Version: 6.0.1.1091

    {089FD14D-132B-48FC-8861-0048AE113215} ()
    BHO name:
    CLSID name:
    Path: C:\Program Files\SiteAdvisor\6172\
    Long name: SiteAdv.dll
    Short name:
    Date (created): 9/1/2007 10:57:04 PM Date (last access): 9/3/2007 9:21:30 AM Date (last write): 8/24/2007 5:57:10 PM
    Filesize: 910624
    Attributes: archive
    MD5: 1AC5D9A611A3AC2CA3978689DD1B6D6F
    CRC32: 8A8AA088
    Version: 2.5.0.6172

    {243DD972-E201-4C9D-85EE-2CA11B1B8481} ()
    BHO name:
    CLSID name:
    Path: C:\WINDOWS\system32\
    Long name: ddaxw.dll

    {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} (McAntiPhishingBHO)
    BHO name: McAntiPhishingBHO
    CLSID name: McAfee Phishing Filter
    Path: C:\Program Files\McAfee\MSK\
    Long name: mcapbho.dll
    Short name:
    Date (created): 8/1/2007 2:22:50 AM
    Date (last access): 9/3/2007 12:02:50 AM Date (last write): 7/27/2007 6:20:22 AM
    Filesize: 324936
    Attributes: archive
    MD5: 66E25138FEF507F412F4C83C5F6A8C2B
    CRC32: 0DAD767F
    Version: 9.0.212.0

    {53707962-6F74-2D53-2644-206D7942484F} ()
    BHO name:
    CLSID name:
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDhelper.dll
    info link: http://spybot.eon.net.au/
    info source: Patrick M. Kolla
    Path: C:\PROGRA~1\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 8/24/2007 10:48:36 AM Date (last access): 9/3/2007 9:40:30 AM Date (last write): 5/31/2005 1:04:00 AM
    Filesize: 853672
    Attributes: archive
    MD5: 250D787A5712D7768DDC133B3E477759
    CRC32: D4589A41
    Version: 1.4.0.0

    {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
    BHO name:
    CLSID name: DriveLetterAccess
    description: Hewlett-Packard's DLA software
    classification: Unknown
    known filename: tfswshx.dll
    info link:
    info source: TonyKlein
    Path: C:\WINDOWS\system32\dla\
    Long name: tfswshx.dll
    Short name:
    Date (created): 6/10/2005 11:21:28 PM Date (last access): 9/3/2007 9:55:38 AM Date (last write): 12/6/2004 2:05:00 AM
    Filesize: 118842
    Attributes: archive
    MD5: 37943B990D318145D1EFCBEEF8F9566A
    CRC32: C6D87067
    Version: 1.4.8.0

    {7DB2D5A0-7241-4E79-B68D-6309F01C5231} (scriptproxy)
    BHO name: scriptproxy
    CLSID name: scriptproxy
    Path: C:\Program Files\McAfee\VirusScan\
    Long name: scriptsn.dll
    Short name:
    Date (created): 8/7/2007 7:22:02 PM
    Date (last access): 9/3/2007 12:02:26 AM Date (last write): 7/24/2007 12:02:40 PM
    Filesize: 66880
    Attributes: archive
    MD5: 7586AE543FCEEBC47892D112628B70A9
    CRC32: D1B86D73
    Version: 14.0.0.349



    --- ActiveX list ---
    {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control)
    DPF name:
    CLSID name: Facebook Photo Uploader Control
    Installer: C:\WINDOWS\Downloaded Program Files\FacebookPhotoUploader.inf
    Codebase:
    http://upload.facebook.com/controls/...toUploader.cab
    description:
    classification: Open for discussion
    known filename: FacebookPhotoUploader.ocx
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\Downloaded Program Files\
    Long name: FacebookPhotoUploader.ocx
    Short name: FACEBO~1.OCX
    Date (created): 11/3/2005 9:17:36 PM Date (last access): 9/3/2007 12:08:22 AM Date (last write): 11/3/2005 9:17:36 PM
    Filesize: 1935120
    Attributes: archive
    MD5: 5A39F109CB87893FD683F49699BCE2B4
    CRC32: 729D4EBC
    Version: 3.5.122.2

    {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
    DPF name:
    CLSID name: MUWebControl Class
    Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
    Codebase:
    http://www.update.microsoft.com/micr...ols/en/x86/cli
    ent/muweb_site.cab?1188826446755
    description:
    classification: Legitimate
    known filename: muweb.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\WINDOWS\system32\
    Long name: muweb.dll
    Short name:
    Date (created): 7/30/2007 7:18:34 PM Date (last access): 9/3/2007 9:34:12 AM Date (last write): 7/30/2007 7:18:34 PM
    Filesize: 207736
    Attributes: archive
    MD5: 8038B166CE79E58E193566150CE26465
    CRC32: 9137D395
    Version: 7.0.6000.381

    {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2)
    DPF name: Java Runtime Environment 1.4.2
    CLSID name: Java Plug-in 1.4.2_03
    Installer:
    Codebase: http://java.sun.com/products/plugin/autodl/jinstall-
    142-windows-i586.cab
    description: Sun Java
    classification: Legitimate
    known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
    info link:
    info source: Patrick M. Kolla
    Path: C:\Program Files\Java\j2re1.4.2_03\bin\
    Long name: NPJPI142_03.dll
    Short name: NPJPI1~1.DLL
    Date (created): 11/19/2003 6:48:18 PM Date (last access): 9/3/2007 12:13:06 AM Date (last write): 11/19/2003 6:48:12 PM
    Filesize: 65650
    Attributes: archive
    MD5: 2AD31341BE41AC9B086128AD86A2B53F
    CRC32: 081CFB35
    Version: 1.4.2.30

    {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
    DPF name: Java Runtime Environment 1.4.2
    CLSID name: Java Plug-in 1.4.2_03
    Installer:
    Codebase: http://java.sun.com/products/plugin/autodl/jinstall-
    142-windows-i586.cab
    description:
    classification: Legitimate
    known filename: npjpi142_03.dll
    info link:
    info source: Safer Networking Ltd.
    Path: C:\Program Files\Java\j2re1.4.2_03\bin\
    Long name: NPJPI142_03.dll
    Short name: NPJPI1~1.DLL
    Date (created): 11/19/2003 6:48:18 PM Date (last access): 9/3/2007 10:02:28 AM Date (last write): 11/19/2003 6:48:12 PM
    Filesize: 65650
    Attributes: archive
    MD5: 2AD31341BE41AC9B086128AD86A2B53F
    CRC32: 081CFB35
    Version: 1.4.2.30

    {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
    DPF name:
    CLSID name: Shockwave Flash Object
    Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
    Codebase:
    http://fpdownload.macromedia.com/pub...sh/swflash.cab
    description: Macromedia Shockwave Flash Player
    classification: Legitimate
    known filename:
    info link:
    info source: Patrick M. Kolla
    Path: C:\WINDOWS\system32\Macromed\Flash\
    Long name: Flash9b.ocx
    Short name:
    Date (created): 11/9/2006 3:46:28 PM Date (last access): 9/3/2007 9:29:20 AM Date (last write): 11/9/2006 3:46:28 PM
    Filesize: 2262648
    Attributes: readonly archive
    MD5: F3B3EE66CA76C94510555ABE9D00A353
    CRC32: A51F3CB4
    Version: 9.0.28.0



    --- Process list ---
    PID: 0 ( 0) [System]
    PID: 540 ( 4) \SystemRoot\System32\smss.exe
    PID: 908 ( 540) \??\C:\WINDOWS\system32\csrss.exe
    PID: 932 ( 540) \??\C:\WINDOWS\system32\winlogon.exe
    PID: 976 ( 932) C:\WINDOWS\system32\services.exe
    size: 108032
    MD5: C6CE6EEC82F187615D1002BB3BB50ED4
    PID: 988 ( 932) C:\WINDOWS\system32\lsass.exe
    size: 13312
    MD5: 84885F9B82F4D55C6146EBF6065D75D2
    PID: 1144 ( 976) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 1208 ( 976) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 1400 ( 976) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 1488 ( 976) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 1564 ( 976) C:\WINDOWS\system32\svchost.exe
    size: 14336
    MD5: 8F078AE4ED187AAABC0A305146DE6716
    PID: 1888 ( 976) C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    size: 566616
    MD5: 17AA6F937CFCDE9A7D464C7D53A8531F
    PID: 1920 ( 932) C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    size: 389120
    MD5: 17F5221A41F70386CD352AEE30CEA56F
    PID: 260 (2004) C:\WINDOWS\Explorer.EXE
    size: 1033216
    MD5: 97BD6515465659FF8F3B7BE375B2EA87
    PID: 536 ( 976) C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    size: 749904
    MD5: 6309670BF9BF87C05F2C68DE2B73BA9E
    PID: 620 ( 976) C:\Program Files\McAfee\MPF\MPFSrv.exe
    size: 856864
    MD5: 346F30F1FF73553AA466F4AE7948DA00
    PID: 904 (1144) C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
    size: 582992
    MD5: 9405B452064BFA6A0F78E2F177A988A4
    PID: 1944 (1580) C:\WINDOWS\system32\ctfmon.exe
    size: 15360
    MD5: 24232996A38C0B0CF151C2140AE29FC8
    PID: 472 (1144) C:\Program Files\McAfee\MSC\mcuimgr.exe
    size: 265040
    MD5: 02800372FA7F33E4042DA92D362D6573
    PID: 1544 ( 260) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4393096
    MD5: 09CA174A605B480318731E691DC98539
    PID: 4 ( 0) System


    --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 9/3/2007 10:02:28 AM

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\WINDOWS\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.google.com
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
    http://www.google.com/ie
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.thefacebook.com/
    HKEY_CURRENT_USER\Software\Microsoft\Internet
    Explorer\Main\Default_Page_URL
    http://www.dell4me.com/myway
    HKEY_CURRENT_USER\Software\Microsoft\Internet
    Explorer\Search\SearchAssistant
    http://www.google.com/ie
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
    http://www.google.com/search?q=%s
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://www.dell4me.com/myway
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
    Explorer\Main\Default_Page_URL
    http://www.dell4me.com/myway
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
    Explorer\Main\Default_Search_URL
    http://www.google.com/ie
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
    Explorer\Search\SearchAssistant
    http://www.google.com/ie
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet
    Explorer\Search\CustomizeSearch
    http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


    --- Winsock Layered Service Provider list --- Protocol 0: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip[*]

    Protocol 1: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip[*]

    Protocol 2: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip[*]

    Protocol 3: RSVP UDP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider

    Protocol 4: RSVP TCP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\rsvpsp.dll
    Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider

    Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{17F6A272-352D-42CE-
    BD47-3CD1EB615A08}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{17F6A272-352D-42CE-
    BD47-3CD1EB615A08}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{00B8E8A1-6BAF-4B96-
    B619-9F6A6E66DF30}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{00B8E8A1-6BAF-4B96-
    B619-9F6A6E66DF30}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA219350-B25F-4304-
    B0A7-CA6C15D25C3F}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA219350-B25F-4304-
    B0A7-CA6C15D25C3F}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C8FB8631-14EB-4BD0-
    9EBA-74664FE3AF1E}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C8FB8631-14EB-4BD0-
    9EBA-74664FE3AF1E}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9DDF534A-782E-4E4C-
    85D1-002DB44D4C23}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9DDF534A-782E-4E4C-
    85D1-002DB44D4C23}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 15: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A253742E-8EF2-40B9-
    AE69-87D5C50C4E0C}] SEQPACKET 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Protocol 16: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A253742E-8EF2-40B9-
    AE69-87D5C50C4E0C}] DATAGRAM 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Tcpip
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: TCP/IP

    Namespace Provider 1: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider DB filename: %SystemRoot%\system32\winrnr.dll DB protocol: NTDS

    Namespace Provider 2: Network Location Awareness (NLA) Namespace
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename: %SystemRoot%\System32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP name space provider DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: NLA-Namespace
    Last edited by tashi; 2008-12-29 at 07:35. Reason: Removed part two of Spyhunter log

  5. #15
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,548

    Default

    Hello sstites,

    You are running Spybot - Search & Destroy version: 1.4 which you have not updated since 2007. We are at version 1.6 and the latest definitions were released 2008-12-23.

    Also,
    Path: C:\Program Files\McAfee\VirusScan\
    Long name: scriptsn.dll
    Short name:
    Date (created): 8/7/2007 7:22:02 PM
    Date (last access): 9/3/2007 12:02:26 AM Date (last write): 7/24/2007

    Have you updated?


    Please see:
    Sun Microsystems~Java. Security vunerability in older versions left on system

    Regarding:
    (Java Runtime Environment 1.4.2)
    DPF name: Java Runtime Environment 1.4.2
    CLSID name: Java Plug-in 1.4.2_03

    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  6. #16
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,548

    Default

    Sigma675 your post has been split off to here: http://forums.spybot.info/showthread.php?t=42564
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  7. #17
    Retired
    Join Date
    Oct 2005
    Posts
    566

    Default

    1. Investigations of Spyhunter Version 3.9.25 of 18-03-2009 show,
    that the software does not comply with the ASCs
    (http://www.antispywarecoalition.org) definitions for
    classification as malware or spyware.

    2. Safer-Networking Ltd. will not give subsequent reviews of older
    versions of Spyhunter.

    3. Questions about data transfered to the web by Spyhunter should be
    addressed to Enigma.

    4. If you suspect Spyhunter (later than 3.9.25 of 18-03-2009) of
    complying with ASCs definitons for classification as malware,
    please send your information to detections@spybot.info
    Last edited by Buster; 2009-09-09 at 16:10.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •