Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Spyware Detector

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics
View previous topic :: View next topic  
Author Message
hello_world
Newbie


Joined: 03 Dec 2008
Last Visit: 03 Dec 2008
Posts: 1

PostPosted: Wed Dec 03, 2008 11:24 am    Post subject: Spyware Detector Reply with quote

Hi there, I have windows XP SP2, when I booted it up, the window security center system warning pops up with alert details, file {hiddn_system_process} threat: AdWare.Win32.Virtumonde.agco. To remove detected threat you need to update windows antispyware protection, click here to visit Windows security center web site...

I am afraid this is a part of the virus, so I did not click on anything. I downloaded Spyware Detector 2.0, did a scan, found the following threats, but in order to clean them, I have to purchase the software. I don't mind purchasing the software if it will really do the job as it claims. Most of the threats are in the registery. Also anyone could recommend a freeware can do the job. Is there any other option there that I could clean all these threats? My data is still safe to transfer to a different PC?


SCANNED ->> c:\documents and settings\i805392\cookies\i805392@ad.yieldmanager[2].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@85.17.166[2].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@83.149.75[2].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@baidu[1].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@tumri[1].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@doubleclick[1].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@www.sogou[1].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@sogou[1].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@sohu[2].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\documents and settings\i805392\cookies\i805392@www.sohu[1].txt >> Tracking.Cookie >> Cookie
SCANNED ->> c:\windows\system32\srvany.exe >> Spyware.RemoteAdmin >> Process
SCANNED ->> c:\windows\system32\srvany.exe#@#F3CA8234F60EBA24604B5A9390D2FED5 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\install\gs_start\instsrv.exe#@#7CC38C37ECB5995EAB18A3884C0FCBB4 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\install\gs_start\srvany.exe#@#F3CA8234F60EBA24604B5A9390D2FED5 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\install\rs_start\amer\raccount\instsrv.exe#@#7CC38C37ECB5995EAB18A3884C0FCBB4 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\install\rs_start\amer\raccount\srvany.exe#@#F3CA8234F60EBA24604B5A9390D2FED5 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\install\rs_start\apa\raccount\instsrv.exe#@#7CC38C37ECB5995EAB18A3884C0FCBB4 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\install\rs_start\apa\raccount\srvany.exe#@#F3CA8234F60EBA24604B5A9390D2FED5 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\program files\sap\img\scripts\amerr\raccount\instsrv.exe#@#7CC38C37ECB5995EAB18A3884C0FCBB4 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\program files\sap\img\scripts\amerr\raccount\srvany.exe#@#F3CA8234F60EBA24604B5A9390D2FED5 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\system volume information\_restore{b0ef36e3-7ffa-4626-9243-875625199156}\rp8\a0001394.exe#@#F3CA8234F60EBA24604B5A9390D2FED5 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\system volume information\_restore{b0ef36e3-7ffa-4626-9243-875625199156}\rp8\a0001395.exe#@#7CC38C37ECB5995EAB18A3884C0FCBB4 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\windows\system32\ccm\cache\cm10003f.6.system\source\instsrv.exe#@#7CC38C37ECB5995EAB18A3884C0FCBB4 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\windows\system32\ccm\cache\cm10003f.6.system\source\srvany.exe#@#F3CA8234F60EBA24604B5A9390D2FED5 >> Spyware.RemoteAdmin >> File
SCANNED ->> c:\windows\default.htm#@#5408FC8C08CBC7109020AA84D0C1901F >> Fake Anti Spyware.Internet Antivirus >> File
SCANNED ->> c:\windows\system32\instsrv.exe#@#7CC38C37ECB5995EAB18A3884C0FCBB4 >> Adware.BargainBuddy >> File
SCANNED ->> c:\windows\system32\tdssosvd.dat#@#E9AD80D5A1328BF5B48B2226DA1ECBDE >> Downloader.Zlob >> File
SCANNED ->> c:\windows\system32\tdsslxwp.dll#@#1EDE35839010EDD6EBF8ECD068F13EEF >> Downloader.Zlob >> File
SCANNED ->> hkey_local_machine\system\currentcontrolset\services\tdssserv.sys >> Downloader.Zlob >> Services
SCANNED ->> hkey_local_machine\system\currentcontrolset\enum\root\legacy_tdssserv.sys >> Downloader.Zlob >> Services
SCANNED ->> hkey_local_machine\system\controlset001\services\tdssserv.sys >> Downloader.Zlob >> Services
SCANNED ->> hkey_local_machine\system\controlset001\enum\root\legacy_tdssserv.sys >> Downloader.Zlob >> Services
SCANNED ->> hkey_local_machine\system\controlset002\services\tdssserv.sys >> Downloader.Zlob >> Services
SCANNED ->> hkey_local_machine\system\controlset002\enum\root\legacy_tdssserv.sys >> Downloader.Zlob >> Services
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks\"{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}" >> Trojan.ConHook >> Registry Value
SCANNED ->> hkey_local_machine\software\microsoft\ms juan >> Trojan.Zapchast >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\ms juan\djzero >> Trojan.Zapchast >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\ms juan\metajuan >> Trojan.Zapchast >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\ms juan\meta_mg >> Trojan.Zapchast >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\ms juan\profiling4 >> Trojan.Zapchast >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\ms juan\superjuan >> Trojan.Zapchast >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\ms juan\trackdjuan >> Trojan.Zapchast >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\fcovm >> Trojan.Random >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\contim >> Trojan.Random >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\rdfa >> Trojan.Random >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\removerp >> Trojan.Random >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\instkey >> Trojan.Agent >> Registry Key
SCANNED ->> hkey_local_machine\software\tdss >> Trojan.Agent >> Registry Key
SCANNED ->> hkey_local_machine\software\tdss\"build" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\build\:standart >> Trojan.Agent >> Registry Data
SCANNED ->> hkey_local_machine\software\tdss\"type" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\type\:clicker >> Trojan.Agent >> Registry Data
SCANNED ->> hkey_local_machine\software\tdss\"affid" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\affid\:5 >> Trojan.Agent >> Registry Data
SCANNED ->> hkey_local_machine\software\tdss\"subid" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\subid\:1 >> Trojan.Agent >> Registry Data
SCANNED ->> hkey_local_machine\software\tdss\"cmddelay" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\cmddelay\:86400 >> Trojan.Agent >> Registry Data
SCANNED ->> hkey_local_machine\software\tdss\connections >> Trojan.Agent >> Registry Key
SCANNED ->> hkey_local_machine\software\tdss\disallowed >> Trojan.Agent >> Registry Key
SCANNED ->> hkey_local_machine\software\tdss\disallowed\"trsetup.exe" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\disallowed\"viewpointservice.exe" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\disallowed\"viewmgr.exe" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\disallowed\"spysweeper.exe" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\disallowed\"superantispyware.exe" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\disallowed\"spysub.exe" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\tdss\injector >> Trojan.Agent >> Registry Key
SCANNED ->> hkey_local_machine\software\tdss\versions >> Trojan.Agent >> Registry Key
SCANNED ->> c:\program files\installshield installation information\{d9eebce0-5208-11d2-abba-0000e81be828}\setup.exe#@#AAF22A09BEF136DB6EB0A3D56C42B4A1 >> Trojan.Agent >> File
SCANNED ->> hkey_local_machine\software\classes\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5}\inprocserver32\"(default)" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\classes\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5}\inprocserver32\threadingmodel >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\classes\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5}\inprocserver32\threadingmodel\:both >> Trojan.Agent >> Registry Data
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\"(default)" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\classes\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\inprocserver32\"(default)" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\classes\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\inprocserver32\threadingmodel >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\classes\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\inprocserver32\threadingmodel\:free >> Trojan.Agent >> Registry Data
SCANNED ->> hkey_local_machine\software\classes\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f}\inprocserver32\"(default)" >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\classes\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f}\inprocserver32\threadingmodel >> Trojan.Agent >> Registry Value
SCANNED ->> hkey_local_machine\software\classes\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f}\inprocserver32\threadingmodel\:both >> Trojan.Agent >> Registry Data
SCANNED ->> hkey_local_machine\software\xpre >> Downloader.Agent >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\ime\china\imepy >> Backdoor.Poison >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\ime\china\imepy\directories >> Backdoor.Poison >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\ime\china\imepy\tipmig >> Backdoor.Poison >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\ime\china\imepy\tipmig\"migrated" >> Backdoor.Poison >> Registry Value
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\ime\china\imepy\tipmig\migrated\:
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\ime\china\imepy\tipmig\"s-1-5-18" >> Backdoor.Poison >> Registry Value
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\ime\china\imepy\tipmig\"s-1-5-21-3429006865-436469223-3800630532-1006" >> Backdoor.Poison >> Registry Value
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\ime\china\imepy\tipmig\"s-1-5-21-3429006865-436469223-3800630532-500" >> Backdoor.Poison >> Registry Value
SCANNED ->> hkey_local_machine\software\classes\clsid\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} >> Trojan.Monder >> Registry Key
SCANNED ->> hkey_classes_root\clsid\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} >> Trojan.Monder >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}\inprocserver32 >> Trojan.Monder >> Registry Key
SCANNED ->> hkey_classes_root\clsid\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}\inprocserver32 >> Trojan.Monder >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}\inprocserver32\(default)\:c:\windows\system32\ddcypmmk.dll >> Trojan.Monder >> Registry Data
SCANNED ->> hkey_classes_root\clsid\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}\inprocserver32\(default)\:c:\windows\system32\ddcypmmk.dll >> Trojan.Monder >> Registry Data
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} >> Trojan.Monder >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}\iexplore >> Trojan.Monder >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}\iexplore\"type" >> Trojan.Monder >> Registry Value
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}\iexplore\type\:3 >> Trojan.Monder >> Registry Data
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} >> Trojan.Monder >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Key
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\(default)\:{91c48cbf-43c0-f8eb-8184-42c8156aa8f8} >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Data
SCANNED ->> hkey_local_machine\software\classes\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Key
SCANNED ->> hkey_classes_root\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\inprocserver32 >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Key
SCANNED ->> hkey_classes_root\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\inprocserver32 >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\inprocserver32\(default)\:c:\windows\system32\istcfo.dll >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Data
SCANNED ->> hkey_classes_root\clsid\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\inprocserver32\(default)\:c:\windows\system32\istcfo.dll >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Data
SCANNED ->> c:\windows\system32\istcfo.dll#@#335E61439DE822FE4672496AAD1E9F63 >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> File
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\iexplore >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\iexplore\"type" >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Value
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{8f8aa651-8c24-4818-be8f-0c34fbc84c19}\iexplore\type\:3 >> GenBHO.{8f8aa651-8c24-4818-be8f-0c34fbc84c19} >> Registry Data
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d0d4da1b-6b94-479c-a97d-267603cc719f} >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f} >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Key
SCANNED ->> hkey_classes_root\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f} >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f}\inprocserver32 >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Key
SCANNED ->> hkey_classes_root\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f}\inprocserver32 >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f}\inprocserver32\(default)\:c:\windows\system32\bohotute.dll >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Data
SCANNED ->> hkey_classes_root\clsid\{d0d4da1b-6b94-479c-a97d-267603cc719f}\inprocserver32\(default)\:c:\windows\system32\bohotute.dll >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Data
SCANNED ->> c:\windows\system32\bohotute.dll#@#571A58A11E6555DE76E4C353FB4DF824 >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> File
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{d0d4da1b-6b94-479c-a97d-267603cc719f} >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{d0d4da1b-6b94-479c-a97d-267603cc719f}\iexplore >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{d0d4da1b-6b94-479c-a97d-267603cc719f}\iexplore\"type" >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Value
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{d0d4da1b-6b94-479c-a97d-267603cc719f}\iexplore\type\:3 >> GenBHO.{d0d4da1b-6b94-479c-a97d-267603cc719f} >> Registry Data
SCANNED ->> hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{8b944233-f9fb-41ec-9e2f-b391420404f5} >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5} >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Key
SCANNED ->> hkey_classes_root\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5} >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5}\inprocserver32 >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Key
SCANNED ->> hkey_classes_root\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5}\inprocserver32 >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Key
SCANNED ->> hkey_local_machine\software\classes\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5}\inprocserver32\(default)\:c:\windows\system32\ddcdssja.dll >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Data
SCANNED ->> hkey_classes_root\clsid\{8b944233-f9fb-41ec-9e2f-b391420404f5}\inprocserver32\(default)\:c:\windows\system32\ddcdssja.dll >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Data
SCANNED ->> c:\windows\system32\ddcdssja.dll#@#47D1339A615615C5C2B3E8C63435D4E6 >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> File
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{8b944233-f9fb-41ec-9e2f-b391420404f5} >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{8b944233-f9fb-41ec-9e2f-b391420404f5}\iexplore >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Key
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{8b944233-f9fb-41ec-9e2f-b391420404f5}\iexplore\"type" >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Value
SCANNED ->> hkey_users\s-1-5-21-42933632-2124368392-1501187911-269785\software\microsoft\windows\currentversion\ext\stats\{8b944233-f9fb-41ec-9e2f-b391420404f5}\iexplore\type\:3 >> GenBHO.{8B944233-F9FB-41EC-9E2F-B391420404F5} >> Registry Data
SCANNED ->> hkey_local_machine\software\microsoft\windows nt\currentversion\windows\appinit_dlls\",c:\windows\system32\hezigotu.dll istcfo.dll"|c:\windows\system32\hezigotu.dll >> Trojan.AppInit_Dlls >> AppInit_Dlls
SCANNED ->> c:\windows\system32\hezigotu.dll#@#571A58A11E6555DE76E4C353FB4DF824 >> Trojan.AppInit_Dlls >> File
SCANNED ->> hkey_local_machine\software\microsoft\windows nt\currentversion\windows\appinit_dlls\",istcfo.dll"|istcfo.dll >> Trojan.AppInit_Dlls >> AppInit_Dlls
SCANNED ->> hkey_local_machine\system\currentcontrolset\services\blackice >> Backdoor.Dsklite >> Services
SCANNED ->> hkey_local_machine\system\currentcontrolset\enum\root\legacy_blackice >> Backdoor.Dsklite >> Services
SCANNED ->> hkey_local_machine\system\controlset001\services\blackice >> Backdoor.Dsklite >> Services
SCANNED ->> hkey_local_machine\system\controlset001\enum\root\legacy_blackice >> Backdoor.Dsklite >> Services
SCANNED ->> hkey_local_machine\system\controlset002\services\blackice >> Backdoor.Dsklite >> Services
SCANNED ->> hkey_local_machine\system\controlset002\enum\root\legacy_blackice >> Backdoor.Dsklite >> Services
SCANNED ->> c:\program files\iss\isssensors\desktopprotection\blackd.exe#@#650D1E7588014D67DDE5A38FFC7DED0A >> Backdoor.Dsklite >> File
SCANNED ->> hkey_local_machine\system\currentcontrolset\services\cn >> Backdoor.Hupigon >> Services
SCANNED ->> hkey_local_machine\system\currentcontrolset\enum\root\legacy_cn >> Backdoor.Hupigon >> Services
SCANNED ->> hkey_local_machine\system\controlset001\services\cn >> Backdoor.Hupigon >> Services
SCANNED ->> hkey_local_machine\system\controlset001\enum\root\legacy_cn >> Backdoor.Hupigon >> Services
SCANNED ->> hkey_local_machine\system\controlset002\services\cn >> Backdoor.Hupigon >> Services
SCANNED ->> hkey_local_machine\system\controlset002\enum\root\legacy_cn >> Backdoor.Hupigon >> Services
SCANNED ->> c:\program files\sap\cn\cn.exe#@#07D5F37A04E8F3D274038822C70780A6 >> Backdoor.Hupigon >> File
SCANNED ->> c:\install\gs_start\sc.exe#@#0C264A329931469DD50EDB6AE446C45A >> Adware.DollarRevenue >> File
SCANNED ->> c:\install\rs_start\amer\raccount\sc.exe#@#0C264A329931469DD50EDB6AE446C45A >> Adware.DollarRevenue >> File
SCANNED ->> c:\install\rs_start\apa\raccount\sc.exe#@#0C264A329931469DD50EDB6AE446C45A >> Adware.DollarRevenue >> File
SCANNED ->> c:\program files\sap\img\scripts\amerr\raccount\sc.exe#@#0C264A329931469DD50EDB6AE446C45A >> Adware.DollarRevenue >> File
SCANNED ->> c:\system volume information\_restore{b0ef36e3-7ffa-4626-9243-875625199156}\rp8\a0001393.exe#@#0C264A329931469DD50EDB6AE446C45A >> Adware.DollarRevenue >> File
SCANNED ->> c:\windows\system32\ccm\cache\cm10003f.6.system\source\sc.exe#@#0C264A329931469DD50EDB6AE446C45A >> Adware.DollarRevenue >> File
SCANNED ->> c:\program files\sap\frontend\sapgui\vvcp\pvunzip.exe#@#D45AC76AFF1438925578BBAEFF0A07A9 >> Trojan.Server-FTP >> File
SCANNED ->> c:\sappcadm\perl56.dll#@#2184020026A3E938CE08F97AE86FB4AE >> Trojan.Gamunkul >> File
SCANNED ->> c:\windows\system32\bohotute.dll#@#571A58A11E6555DE76E4C353FB4DF824 >> GenKeylogger.Generic >> File
SCANNED ->> c:\windows\system32\vumefesa.dll#@#571A58A11E6555DE76E4C353FB4DF824 >> GenKeylogger.Generic >> File
SCANNED ->> c:\windows\system32\jgkxobjo.dll#@#A759CC1AC8316EBAE11541A288CFF522 >> GenKeylogger.Generic >> File
SCANNED ->> c:\windows\system32\istcfo.dll#@#335E61439DE822FE4672496AAD1E9F63 >> GenKeylogger.Generic >> File
SCANNED ->> c:\windows\system32\hezigotu.dll#@#571A58A11E6555DE76E4C353FB4DF824 >> GenKeylogger.Generic >> File

Please advise, thanks so much in advance.
Back to top
View user's profile Send private message
nx42qr7
Warrior


Joined: 22 Apr 2007
Last Visit: 02 Jul 2011
Posts: 86

PostPosted: Wed Dec 24, 2008 2:39 pm    Post subject: A Friend in Need! Reply with quote

To whom this may concern:I posted a review of the Spyware Detector only last evening(Dec.23,2008) and a short while upon returning found the review had been removed.The above post was as well removed however the above post was returned but as yet I'am unable to find the review as this comment above asked for.To be certain it was merely an opinion however a person with administrative access privledges removed the review when they removed the above request for assisstance.There is merely an opinion at stake at this time however it is undaunting not to believe that something more culpable may in fact be worth a mention.I saw no cause to have so believed that there was cause to enter into such conduct whereby either of these two mentions were worth much more than merely a look see.Please return the comment as posted here Dec.23,2008 by the above nx42qr7.
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 21 Jul 2014
Posts: 10319
Location: sunny California

PostPosted: Wed Dec 24, 2008 3:19 pm    Post subject: Reply with quote

nx42qr7,

Please review the rules here. They are posted in several places.

http://www.spywarewarrior.com/viewtopic.php?t=1892

Your post was removed because you are not allowed to post in this forum. I recall tell you that sometime in the past. Perhaps you forgot. ONLY HijackThis helpers are allowed to post replies in here.

You are welcome to post your review in the appropriate forum, but it does not belong in this one.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
nx42qr7
Warrior


Joined: 22 Apr 2007
Last Visit: 02 Jul 2011
Posts: 86

PostPosted: Wed Dec 24, 2008 4:24 pm    Post subject: A Friend in Need! Reply with quote

It is not to foolhardy for me to require that you would need to show me what you suggest.I wish for this to go further as I do not recall any such suggestion by you or anyone else.That you allow old to merely get older hardly means not much of anything other than old happens to get older.I do not enjoy the wilful attempt to mix apple and oranges so to confuse matters. No such claim put forward by you had ever been established.Though this is indeed entered into after the fact this particular mention is made because this responce was made to a comment posted at other locations,at least three other locations which one of course was the Hijackthis logs directory.It was to be truthful confusing as the only means to identify the comment was by its author.I want not to be treated unfairly and will abide by the rules however this comment which I responded to was in fact as confusing as its place was in its information.The motivation at least was to provide as much as correct information as to spywaredetector as it was to render an opinion as it appeared was requested.I perhaps was in the wrong to have responded at all in the Hijackthis directory and will not provide any further comment in this or any other posted comment appearing in a Hijackthis posting.This is meant as much as a defense as it is a worthy care for this very respected web site.Thank You suzie for your help and care.
Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group