Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: It knows that he is this?

  1. #1
    Junior Member
    Join Date
    Dec 2005
    Posts
    10

    Default It knows that he is this?

    To pardon but not ingles much. This translated by google. The question is that I have in beginning this: HK_LM:Run PCDrProfiler and nobody can say to me that it is.

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,956

    Default

    Hello srxo1978.
    Where are you seeing HK_LM:Run PCDrProfiler; in Spybot-S&D after a scan?

    What is your operating system please and which security programs do you have installed.

    Please open Spybot>Help>About
    Let us know the version and latest detection update.

    Cheers.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Dec 2005
    Posts
    10

    Default

    Hello. This in beginning of system, the option that teneis in advanced. HK_LM:Run PCDrProfiler
    the version of the program yours is the 1,4 and it completes update is of the 02/12/2005

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,956

    Default

    Hi.
    What is your operating system please and which security programs do you have installed.
    We should see a log so that we can try to get to the bottom of this.

    Please go here and follow instructions.
    Before you post a log

    Start a topic here:
    Malware Forum
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  5. #5
    Junior Member
    Join Date
    Dec 2005
    Posts
    10

    Default

    Hi
    System operating system is XP home
    Security Programs is Bitdefender Internet Security
    Lavasoft Adware
    Spybot

    It is a capture of which I say, in case it serves to you.

    Logfile of HijackThis v1.99.1
    Scan saved at 0:24:19, on 07/12/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\archiv~1\softwin\bitdef~1\bdswitch.exe
    C:\Archivos de programa\Softwin\BitDefender9\bdoesrv.exe
    C:\archiv~1\softwin\bitdef~1\bdnagent.exe
    C:\HP\KBD\KBD.EXE
    C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
    C:\Archivos de programa\Jazztel\Jazztel ADSL USB\dslmon.exe
    C:\emule\emule.exe
    C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Update Service\livesrv.exe
    C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Scan Server\bdss.exe
    C:\Archivos de programa\Softwin\BitDefender9\vsserv.exe
    c:\archiv~1\softwin\bitdef~1\bdmcon.exe
    C:\ARCHIVOS DE PROGRAMA\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE
    C:\ARCHIV~1\MOZILL~2\FIREFOX.EXE
    C:\Documents and Settings\HP_Propietario\Escritorio\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://70.86.190.202/~spsnews/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARCHIV~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [BDSwitchAgent] "c:\archiv~1\softwin\bitdef~1\bdswitch.exe"
    O4 - HKLM\..\Run: [BDMCon] c:\archiv~1\softwin\bitdef~1\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] "C:\Archivos de programa\Softwin\BitDefender9\bdoesrv.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "c:\archiv~1\softwin\bitdef~1\bdnagent.exe"
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Archivos de programa\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Global Startup: DSLMON.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Descargar con Free Download Manager - file://C:\Archivos de programa\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Descargar seleccionados con Free Download Manager - file://C:\Archivos de programa\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Descargar sitio web con Free Download Manager - file://C:\Archivos de programa\Free Download Manager\dlpage.htm
    O8 - Extra context menu item: Descargar todo con Free Download Manager - file://C:\Archivos de programa\Free Download Manager\dlall.htm
    O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Ayuda para la conexión - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Ayuda para la conexión - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4887B444-E5AA-4449-B314-ED2C13E1710F}: NameServer = 62.14.63.145,62.14.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8E2E31D4-B803-405F-A1E4-EF59E8873279}: NameServer = 62.14.63.145 62.14.2.1
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Archivos de programa\Archivos comunes\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Archivos de programa\Archivos comunes\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Archivos de programa\Softwin\BitDefender9\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

  6. #6
    Emeritus
    Join Date
    Nov 2005
    Location
    Texas
    Posts
    1,144

    Default

    Disable it in spybot startups looks like you know how to do that
    I really don't think it is any thing you need.

    Please download Ewido Security Suite it is a trial version of the program.
    • Install ewido security suite
    • Launch ewido, there should be an icon on your desktop double-click it.
    • The program will now go to the main screen
    You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update
    • Then click on Start Update
    The update will start and a progress bar will show the updates being installed.
    If you are having problems with the updater, you can use this link to manually update Ewido.
    Ewido manual updates

    Once the updates are installed do the following:
    • Click on scanner
    • Click on Complete System Scan and the scan will begin.
    • NOTE: During some scans with ewido it is finding cases of false positives.**
      • You will need to step through the process of cleaning files one-by-one.
      • If ewido detects a file you KNOW to be legitimate, select none as the action.
      • DO NOT select "Perform action on all infections"
      • If you are unsure of any entry found select none for now.
    • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
    • Click Save report.
    • Save the report .txt file to your desktop.
    Now close ewido security suite.
    **(Ewido for example has been flagging parts of AVG Anti-Virus, pcAnywhere and the game "Risk") Post a log from the scan please.

  7. #7
    Junior Member
    Join Date
    Dec 2005
    Posts
    10

    Default

    Hello Sight I leave log you that to I throw Complete Scan. By the way conoceis program PC doctor? I believe that it is of, since I have contacted with HP and dirian (What not me an assured) that he is of PC doctor
    ---------------------------------------------------------
    ewido security suite - Report de exploración
    ---------------------------------------------------------

    + Creado en: 9:19:31, 07/12/2005
    + Report-Checksum: 576356C9

    + Scan result:

    :mozilla.95:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Statcounter : Limpio con backup
    :mozilla.96:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Statcounter : Limpio con backup
    :mozilla.98:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Masterstats : Limpio con backup
    :mozilla.99:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
    :mozilla.100:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
    :mozilla.101:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup
    :mozilla.102:C:\Documents and Settings\HP_Propietario\Datos de programa\Mozilla\Firefox\Profiles\4ivz5k5y.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpio con backup


    ::Fin Report

  8. #8
    Emeritus
    Join Date
    Nov 2005
    Location
    Texas
    Posts
    1,144

    Default

    What language do you speek ?

  9. #9
    Junior Member
    Join Date
    Dec 2005
    Posts
    10

    Default

    Hi
    What language do you speek ?
    SPanish

  10. #10
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,956

    Default

    Hello.
    I have pmed a helper who speaks Spanish and asked him please to take a look at your topic and assist you.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •