Go Back   Cyber Tech Help Support Forums > Operating Systems > Older Windows Versions > Windows XP
Reload this Page Mass-Mailer
Register FAQ Calendar Today's Active Topics Search

Notices

Windows XP Problem solving for the Windows XP Operating System

Closed Topic
 
Topic Tools
  #1  
Old February 13th, 2007, 03:36 PM
sohi09 sohi09 is offline
New Member
  
Join Date: Feb 2007
Posts: 12
Mass-Mailer
Heyy.... I've always been able to solve my own malware/spyware/spam issues... however this one has got me handcuffed!
I had norton internet security installed and it would report random emails that couldn't be delievered (that were being sent from my machine), these messages would come up rapidly. However it would never find a virus. I switched to Kaspersky Internet Security to see if it could detect an issue, sure enough it has detected my "explorer.exe file as a mass-mailer" and detected: Running process: C:\WINDOWS\system32\winlogon.exe as a "Riskware Invader". It offers no solution to these issues and I have tried anythign and everything to correct the issue but no luck.
The mass-mailer issue is my real concern because when those Norton messages would come up high levels of internet activity were apparent and clearly would slow my network down extremely.

Any help would be greatful.... Thanks.


Here is my log...

Logfile of HijackThis v1.99.1
Scan saved at 10:39:43 AM, on 2/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\DC++\DCPlusPlus.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mainplate.com/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,vxwrxkr. exe
O2 - BHO: (no name) - {B619AB62-B1EA-48EE-84A3-BB5F984ADD15} - C:\WINDOWS\system32\jmscb.dll
O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKCU\..\Run: [Raur] "C:\PROGRA~1\COMMON~1\WNSXS~1\winword.exe" -vt yazr
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Chinese Checkers - http://download.games.yahoo.com/game...s/y/cct0_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/game...ts/y/zt3_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/game...ts/y/pt3_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) - http://install.wildtangent.com/Activ...veLauncher.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://www.viidoo.tv/TVUAx.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1162242861896
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1166313331906
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~2\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: qcyrpxuj - C:\WINDOWS\SYSTEM32\jmscb.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBackMonitor - Unknown owner - C:\Program Files\McAfee\MBK\MBackMonitor.exe (file missing)
Last edited by sohi09; February 13th, 2007 at 04:43 PM.
  #2  
Old February 13th, 2007, 09:58 PM
gimpy530 gimpy530 is offline
Senior Member
  
Join Date: Apr 2006
O/S: Windows Vista 64-bit
Location: Pittsburgh, PA
Age: 36
Posts: 2,086
Post that into the cyber safety forum (be patient as they are busy)
  #3  
Old February 13th, 2007, 11:17 PM
Miz's Avatar
Miz Miz is offline
Cyber Tech Help Moderator
  
Join Date: Mar 2003
O/S: Windows 10 Home
Location: Kansas
Age: 78
Posts: 12,129
Reposted in Cyber Safety.
Closed Topic

Bookmarks

« Previous Topic | Next Topic »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Mass-Mailer sohi09 Malware Removal 17 February 17th, 2007 11:19 PM
mass-mailer doublecaps Windows NT, 2000, 2003, 2008, 2012 9 November 4th, 2006 07:53 AM
mass mailer doublecaps Windows NT, 2000, 2003, 2008, 2012 2 November 1st, 2006 12:44 AM
Mass Mailer Worm? Bulldog24 Windows XP 1 August 8th, 2006 08:58 PM
Mass mailer help meanman Malware Removal 0 July 26th, 2004 04:20 PM


All times are GMT +1. The time now is 10:13 PM.