Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

have problem. with syssmss.exe and now please help [CLOSED]

Started by Scea , Nov 02 2005 08:45 AM

  • This topic is locked This topic is locked

#1
Scea
Posted 02 November 2005 - 08:45 AM

Scea

    New Member

  • Member
  • Pip
  • 1 posts
im sorry im not really computer savy, so you have to excuse any mistake i might make. i downloade hijack this. so i could post it here. i just hope i did it right. im a avid online gamer. and a computer virus magnet. i thought mcaffee got all this but my system is running really slow. web pages take forever to load up. and the game i play . i am freeze framing anywhere and every where i go in game. i dont know what else to do. i did change my password and user name for the game i play. and havet been log on since i found this. any help would be much appriceated
date/time : 2005-11-02, 07:14:57, 577ms
computer name : EVERCRAC-ZZOGST
user name : Annie
operating system : Windows XP build 2600
system language : English
system up time : 1 hour 49 minutes
program up time : 32 seconds
processor : Intel® Celeron® CPU 2.70GHz
physical memory : 281/479 MB (free/total)
free disk space : (C:) 12.60 GB
display mode : 1024x768, 32 bit
process id : $538
allocated memory : 27.71 MB
command line : "C:\Program Files\Spyware Doctor\swdoctor.exe" /FS
executable : swdoctor.exe
exec. date/time : 2005-10-12 09:06
version : 3.2.2.417
madExcept version : 2.7g
exception class : EAccessViolation
exception message : Access violation at address 0050AF53 in module 'swdoctor.exe'. Read of address 000002F8.

main thread ($4a8):
0050af53 +000 swdoctor.exe
016914d8 +064 vcl70.bpl Controls TControl.Click
016816d0 +01c vcl70.bpl Stdctrls TButton.Click
016817c4 +00c vcl70.bpl Stdctrls TButton.CNCommand
01691340 +188 vcl70.bpl Controls TControl.WndProc
0169452b +157 vcl70.bpl Controls TWinControl.WndProc
01691110 +024 vcl70.bpl Controls TControl.Perform
01691c8d +011 vcl70.bpl Controls TControl.CMMouseLeave
01691340 +188 vcl70.bpl Controls TControl.WndProc
0169452b +157 vcl70.bpl Controls TWinControl.WndProc
01681594 +06c vcl70.bpl Stdctrls TButtonControl.WndProc
01691110 +024 vcl70.bpl Controls TControl.Perform
01694d1b +00b vcl70.bpl Controls TWinControl.WMCommand
01691340 +188 vcl70.bpl Controls TControl.WndProc
01691110 +024 vcl70.bpl Controls TControl.Perform
01691c8d +011 vcl70.bpl Controls TControl.CMMouseLeave
01691340 +188 vcl70.bpl Controls TControl.WndProc
01691110 +024 vcl70.bpl Controls TControl.Perform
01696a39 +025 vcl70.bpl Controls TWinControl.CMInvalidate
01691340 +188 vcl70.bpl Controls TControl.WndProc
0169452b +157 vcl70.bpl Controls TWinControl.WndProc
016941a8 +02c vcl70.bpl Controls TWinControl.MainWndProc
77f5108c +010 ntdll.dll KiUserCallbackDispatcher
77d45e79 +042 USER32.dll SendMessageW
01691110 +024 vcl70.bpl Controls TControl.Perform
01691340 +188 vcl70.bpl Controls TControl.WndProc
77d5ba3a +014 USER32.dll CallWindowProcA
0169460f +0d7 vcl70.bpl Controls TWinControl.DefaultHandler
01691110 +024 vcl70.bpl Controls TControl.Perform
016918e0 +010 vcl70.bpl Controls TControl.WMLButtonUp
01691340 +188 vcl70.bpl Controls TControl.WndProc
0169452b +157 vcl70.bpl Controls TWinControl.WndProc
01681594 +06c vcl70.bpl Stdctrls TButtonControl.WndProc
016941a8 +02c vcl70.bpl Controls TWinControl.MainWndProc
77d441f8 +006 USER32.dll DispatchMessageA
033352e7 +0af keyloggerguard.dll InitTool
016ad139 +031 vcl70.bpl Forms TCustomForm.DoCreate
016ace19 +011 vcl70.bpl Forms TCustomForm.AfterConstruction
40005b9b +007 rtl70.bpl System @AfterConstruction
77f5108c +010 ntdll.dll KiUserCallbackDispatcher
40006124 +010 rtl70.bpl System @TryFinallyExit
4000291a +14a rtl70.bpl System SysGetMem
016b4f1d +031 vcl70.bpl Forms TApplication.CreateForm

thread $610:
7ffe0304 +4 ???
77f7effd +a ntdll.dll NtReplyWaitReceivePortEx
>> created by main thread ($4a8) at:
78018a17 +0 RPCRT4.dll

thread $444:
7ffe0304 +04 ???
77f7e76d +0a ntdll.dll NtDelayExecution
77e775b1 +4f kernel32.dll SleepEx
77e61bec +06 kernel32.dll Sleep
>> created by main thread ($4a8) at:
7721e6c6 +00 OLE32.DLL

thread $4f8:
7ffe0304 +04 ???
77d44239 +39 USER32.dll GetMessageA
77c37fb5 +9d msvcrt.dll _endthreadex
>> created by main thread ($4a8) at:
585adee2 +00 msscript.ocx

thread $4a4:
7ffe0304 +04 ???
77f7e76d +0a ntdll.dll NtDelayExecution
77e775b1 +4f kernel32.dll SleepEx
77e61bec +06 kernel32.dll Sleep

thread $354:
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
>> created by main thread ($4a8) at:
77ddc818 +00 ADVAPI32.dll

thread $74c (TSubscriptionThread): <priority:-1>
7ffe0304 +04 ???
77f7f4ad +0a ntdll.dll NtWaitForSingleObject
77e77885 +85 kernel32.dll WaitForSingleObjectEx
77e79d65 +0a kernel32.dll WaitForSingleObject
4003d801 +09 rtl70.bpl Syncobjs TEvent.WaitFor
>> created by main thread ($4a8) at:
00521128 +00 swdoctor.exe

thread $4cc (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $b4 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $660 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $578 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $670 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $668 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $6a0 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $6a8 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $308 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $714 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $4f0 (TRegMonitorThread): <suspended>
77e802f4 kernel32.dll
>> created by main thread ($4a8) at:
03280e21 immunizer.dll

thread $49c:
7ffe0304 +04 ???
77f7ef2d +0a ntdll.dll NtReadFile
77e78beb +69 kernel32.dll ReadFile

thread $614: <priority:15>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects

thread $20c: <priority:2>
7ffe0304 +04 ???
77d44239 +39 USER32.dll GetMessageA
>> created by main thread ($4a8) at:
76b47150 +00 WINMM.dll

modules:
00400000 swdoctor.exe 3.2.2.417 C:\Program Files\Spyware Doctor
01610000 vcl70.bpl 7.0.4.453 C:\Program Files\Spyware Doctor
017b0000 chilkatxml.dll 4.1.0.2 C:\Program Files\Spyware Doctor
02db0000 BAScanner.dll 3.0.0.55 C:\Program Files\Spyware Doctor\Tools
02dd0000 bhoscanner.dll 3.1.0.39 C:\Program Files\Spyware Doctor\Tools
02de0000 McVSSkt.dll 10.0.0.26 c:\progra~1\mcafee.com\vso
02e10000 actstartup.dll 3.1.1.107 C:\Program Files\Spyware Doctor\Tools
02e50000 browserscanner.dll 3.0.0.50 C:\Program Files\Spyware Doctor\Tools
02e70000 diskscanner.dll 3.0.0.64 C:\Program Files\Spyware Doctor\Tools
02e90000 genscanner.dll 3.0.0.2 C:\Program Files\Spyware Doctor\Tools
02ea0000 hostsscanner.dll 3.0.0.36 C:\Program Files\Spyware Doctor\Tools
02ec0000 iemonitor.dll 3.0.0.2651 C:\Program Files\Spyware Doctor\Tools
02f00000 iesdpb.dll 3.0.0.265 C:\Program Files\Spyware Doctor\Tools
030c0000 iesdsg.dll 3.0.0.58 C:\Program Files\Spyware Doctor\Tools
03270000 immunizer.dll 3.0.0.53 C:\Program Files\Spyware Doctor\Tools
032a0000 iSDhelp.dll 3.2.0.10 C:\Program Files\Spyware Doctor\Tools
032b0000 itoollib.dll 3.2.0.29 C:\Program Files\Spyware Doctor\Tools
032f0000 keyloggerguard.dll 3.0.0.33 C:\Program Files\Spyware Doctor\Tools
03350000 lspscanner.dll 3.0.0.50 C:\Program Files\Spyware Doctor\Tools
03360000 memory.dll 3.0.0.3 C:\Program Files\Spyware Doctor\Tools
043b0000 networkguard.dll 3.0.0.17 C:\Program Files\Spyware Doctor\Tools
043f0000 popupblocker.dll 3.0.0.265 C:\Program Files\Spyware Doctor\Tools
04430000 processguard.dll 3.0.0.38 C:\Program Files\Spyware Doctor\Tools
04490000 pscanner.dll 3.1.0.43 C:\Program Files\Spyware Doctor\Tools
044d0000 PWindow.dll 3.0.0.15 C:\Program Files\Spyware Doctor\Tools
04500000 regscanner.dll 3.0.0.26 C:\Program Files\Spyware Doctor\Tools
04510000 scheduler.dll 3.0.0.37 C:\Program Files\Spyware Doctor\Tools
04550000 sdn.dll 3.0.0.17 C:\Program Files\Spyware Doctor\Tools
045c0000 siteguard.dll 3.0.0.58 C:\Program Files\Spyware Doctor\Tools
10000000 nview.dll 6.14.10.11005 C:\WINDOWS\System32
40000000 rtl70.bpl 7.0.4.453 C:\Program Files\Spyware Doctor
585a0000 msscript.ocx 1.0.0.6626 C:\WINDOWS\System32
5a000000 klg.dat 3.0.0.33 C:\Program Files\Spyware Doctor\Tools
5ad70000 uxtheme.dll 6.0.2600.0 C:\WINDOWS\system32
5d300000 HHCTRL.OCX 5.2.3735.0 C:\WINDOWS\System32
5edd0000 olepro32.dll 5.0.5014.0 C:\WINDOWS\System32
63000000 WININET.dll 6.0.2737.800 C:\WINDOWS\system32
666f0000 inetmib1.dll 5.1.2600.0 C:\WINDOWS\System32
71950000 COMCTL32.dll 6.0.2600.0 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a
71aa0000 WS2HELP.dll 5.1.2600.0 C:\WINDOWS\System32
71ab0000 WS2_32.dll 5.1.2600.0 C:\WINDOWS\System32
71ad0000 WSOCK32.dll 5.1.2600.0 C:\WINDOWS\System32
71b20000 mpr.dll 5.1.2600.0 C:\WINDOWS\system32
71bf0000 SAMLIB.dll 5.1.2600.0 C:\WINDOWS\System32
71c20000 NETAPI32.dll 5.1.2600.122 C:\WINDOWS\System32
71f60000 snmpapi.dll 5.1.2600.0 C:\WINDOWS\System32
72d10000 msacm32.drv 5.1.2600.0 C:\WINDOWS\System32
72d20000 wdmaud.drv 5.1.2600.0 C:\WINDOWS\System32
73000000 winspool.drv 5.1.2600.0 C:\WINDOWS\System32
73300000 vbscript.dll 5.6.0.6626 C:\WINDOWS\System32
73420000 MSVBVM60.DLL 6.0.92.37 C:\WINDOWS\System32
73dc0000 LZ32.DLL 5.1.2600.0 C:\WINDOWS\system32
74d30000 oledlg.dll 5.1.2600.0 C:\WINDOWS\System32
75e90000 SXS.DLL 5.1.2600.0 C:\WINDOWS\System32
762a0000 MSASN1.dll 5.1.2600.137 C:\WINDOWS\system32
762c0000 CRYPT32.dll 5.131.2600.1123 C:\WINDOWS\system32
76360000 WINSTA.dll 5.1.2600.0 C:\WINDOWS\System32
763b0000 comdlg32.dll 6.0.2600.0 C:\WINDOWS\system32
76670000 SETUPAPI.dll 5.1.2600.0 C:\WINDOWS\System32
76b20000 ATL.DLL 3.0.9238.0 C:\WINDOWS\System32
76b40000 WINMM.dll 5.1.2600.0 C:\WINDOWS\System32
76bf0000 PSAPI.DLL 5.1.2600.0 C:\WINDOWS\System32
76ce0000 NTMARTA.DLL 5.1.2600.0 C:\WINDOWS\System32
76d30000 WMI.dll 5.1.2600.0 C:\WINDOWS\System32
76d40000 MPRAPI.dll 5.1.2600.0 C:\WINDOWS\System32
76d60000 iphlpapi.dll 5.1.2600.2 C:\WINDOWS\System32
76d80000 DHCPCSVC.DLL 5.1.2600.0 C:\WINDOWS\System32
76da0000 WZCSvc.DLL 5.1.2600.0 C:\WINDOWS\System32
76de0000 netman.dll 5.1.2600.0 C:\WINDOWS\System32
76e10000 adsldpc.dll 5.1.2600.0 C:\WINDOWS\System32
76e40000 ACTIVEDS.dll 5.1.2600.0 C:\WINDOWS\System32
76e80000 rtutils.dll 5.1.2600.0 C:\WINDOWS\System32
76e90000 rasman.dll 5.1.2600.0 C:\WINDOWS\System32
76eb0000 TAPI32.dll 5.1.2600.0 C:\WINDOWS\System32
76ee0000 RASAPI32.dll 5.1.2600.0 C:\WINDOWS\System32
76f20000 DNSAPI.dll 5.1.2600.0 C:\WINDOWS\System32
76f50000 WTSAPI32.dll 5.1.2600.0 C:\WINDOWS\System32
76f60000 WLDAP32.dll 5.1.2600.0 C:\WINDOWS\system32
76f90000 Secur32.dll 5.1.2600.0 C:\WINDOWS\System32
77050000 COMRes.dll 2001.12.4414.42 C:\WINDOWS\System32
77120000 OLEAUT32.dll 3.50.5014.0 C:\WINDOWS\system32
771b0000 OLE32.DLL 5.1.2600.136 C:\WINDOWS\system32
772d0000 SHLWAPI.dll 6.0.2750.167 C:\WINDOWS\system32
773d0000 SHELL32.dll 6.0.2600.0 C:\WINDOWS\system32
77bd0000 midimap.dll 5.1.2600.0 C:\WINDOWS\System32
77be0000 MSACM32.dll 5.1.2600.0 C:\WINDOWS\System32
77c00000 version.dll 5.1.2600.0 C:\WINDOWS\system32
77c10000 msvcrt.dll 7.0.2600.0 C:\WINDOWS\system32
77c70000 GDI32.dll 5.1.2600.132 C:\WINDOWS\system32
77d40000 USER32.dll 5.1.2600.0 C:\WINDOWS\system32
77dd0000 ADVAPI32.dll 5.1.2600.0 C:\WINDOWS\system32
77e60000 kernel32.dll 5.1.2600.0 C:\WINDOWS\system32
77f50000 ntdll.dll 5.1.2600.0 C:\WINDOWS\System32
78000000 RPCRT4.dll 5.1.2600.135 C:\WINDOWS\system32
7c620000 CLBCATQ.DLL 2001.12.4414.53 C:\WINDOWS\System32

hardware:
+ Computer
- ACPI Uniprocessor PC
+ Disk drives
- Maxtor 52049U4
+ Display adapters
- NVIDIA GeForce4 MX 420 (driver 8.1.8.5)
- S3 Graphics ProSavageDDR (driver 6.14.10.25)
+ DVD/CD-ROM drives
- COMPAQ CRD-8322B
+ Floppy disk controllers
- Standard floppy disk controller
+ Floppy disk drives
- Floppy disk drive
+ Human Interface Devices
- USB Human Interface Device
+ IDE ATA/ATAPI controllers
- Primary IDE Channel
- Secondary IDE Channel
- VIA Bus Master IDE Controller
+ Keyboards
- Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
+ Mice and other pointing devices
- HID-compliant mouse
+ Monitors
- Default Monitor
- Default Monitor
- Plug and Play Monitor
+ Network adapters
- 3Com EtherLink XL 10/100 PCI TX NIC (3C905B-TX)
- VIA Rhine II Fast Ethernet Adapter (driver 3.41.0.426)
+ Ports (COM & LPT)
- Communications Port (COM1)
- Communications Port (COM2)
- Printer Port (LPT1)
+ Processors
- Intel® Celeron® CPU 2.70GHz
+ Sound, video and game controllers
- Audio Codecs
- Legacy Audio Drivers
- Legacy Video Capture Devices
- Media Control Devices
- MPU-401 Compatible MIDI Device
- Standard Game Port
- Video Codecs
- Vinyl AC'97 Codec Combo Driver (WDM) (driver 6.14.1.4130)
+ System devices
- ACPI Fan
- ACPI Fixed Feature Button
- ACPI Power Button
- ACPI Sleep Button
- ACPI Thermal Zone
- Direct memory access controller
- ISAPNP Read Data Port
- Logical Disk Manager
- Microcode Update Device
- Microsoft ACPI-Compliant System
- Motherboard resources
- Motherboard resources
- Numeric data processor
- PCI bus
- PCI standard host CPU bridge
- PCI standard ISA bridge
- Plug and Play Software Device Enumerator
- Printer Port Logical Interface
- Programmable interrupt controller
- System board
- System CMOS/real time clock
- System speaker
- System timer
- Terminal Server Device Redirector
- Terminal Server Keyboard Driver
- Terminal Server Mouse Driver
- VIA Tech CPU to AGP Controllerdate/time : 2005-11-02, 07:14:57, 577ms
computer name : EVERCRAC-ZZOGST
user name : Annie
operating system : Windows XP build 2600
system language : English
system up time : 1 hour 49 minutes
program up time : 32 seconds
processor : Intel® Celeron® CPU 2.70GHz
physical memory : 281/479 MB (free/total)
free disk space : (C:) 12.60 GB
display mode : 1024x768, 32 bit
process id : $538
allocated memory : 27.71 MB
command line : "C:\Program Files\Spyware Doctor\swdoctor.exe" /FS
executable : swdoctor.exe
exec. date/time : 2005-10-12 09:06
version : 3.2.2.417
madExcept version : 2.7g
exception class : EAccessViolation
exception message : Access violation at address 0050AF53 in module 'swdoctor.exe'. Read of address 000002F8.

main thread ($4a8):
0050af53 +000 swdoctor.exe
016914d8 +064 vcl70.bpl Controls TControl.Click
016816d0 +01c vcl70.bpl Stdctrls TButton.Click
016817c4 +00c vcl70.bpl Stdctrls TButton.CNCommand
01691340 +188 vcl70.bpl Controls TControl.WndProc
0169452b +157 vcl70.bpl Controls TWinControl.WndProc
01691110 +024 vcl70.bpl Controls TControl.Perform
01691c8d +011 vcl70.bpl Controls TControl.CMMouseLeave
01691340 +188 vcl70.bpl Controls TControl.WndProc
0169452b +157 vcl70.bpl Controls TWinControl.WndProc
01681594 +06c vcl70.bpl Stdctrls TButtonControl.WndProc
01691110 +024 vcl70.bpl Controls TControl.Perform
01694d1b +00b vcl70.bpl Controls TWinControl.WMCommand
01691340 +188 vcl70.bpl Controls TControl.WndProc
01691110 +024 vcl70.bpl Controls TControl.Perform
01691c8d +011 vcl70.bpl Controls TControl.CMMouseLeave
01691340 +188 vcl70.bpl Controls TControl.WndProc
01691110 +024 vcl70.bpl Controls TControl.Perform
01696a39 +025 vcl70.bpl Controls TWinControl.CMInvalidate
01691340 +188 vcl70.bpl Controls TControl.WndProc
0169452b +157 vcl70.bpl Controls TWinControl.WndProc
016941a8 +02c vcl70.bpl Controls TWinControl.MainWndProc
77f5108c +010 ntdll.dll KiUserCallbackDispatcher
77d45e79 +042 USER32.dll SendMessageW
01691110 +024 vcl70.bpl Controls TControl.Perform
01691340 +188 vcl70.bpl Controls TControl.WndProc
77d5ba3a +014 USER32.dll CallWindowProcA
0169460f +0d7 vcl70.bpl Controls TWinControl.DefaultHandler
01691110 +024 vcl70.bpl Controls TControl.Perform
016918e0 +010 vcl70.bpl Controls TControl.WMLButtonUp
01691340 +188 vcl70.bpl Controls TControl.WndProc
0169452b +157 vcl70.bpl Controls TWinControl.WndProc
01681594 +06c vcl70.bpl Stdctrls TButtonControl.WndProc
016941a8 +02c vcl70.bpl Controls TWinControl.MainWndProc
77d441f8 +006 USER32.dll DispatchMessageA
033352e7 +0af keyloggerguard.dll InitTool
016ad139 +031 vcl70.bpl Forms TCustomForm.DoCreate
016ace19 +011 vcl70.bpl Forms TCustomForm.AfterConstruction
40005b9b +007 rtl70.bpl System @AfterConstruction
77f5108c +010 ntdll.dll KiUserCallbackDispatcher
40006124 +010 rtl70.bpl System @TryFinallyExit
4000291a +14a rtl70.bpl System SysGetMem
016b4f1d +031 vcl70.bpl Forms TApplication.CreateForm

thread $610:
7ffe0304 +4 ???
77f7effd +a ntdll.dll NtReplyWaitReceivePortEx
>> created by main thread ($4a8) at:
78018a17 +0 RPCRT4.dll

thread $444:
7ffe0304 +04 ???
77f7e76d +0a ntdll.dll NtDelayExecution
77e775b1 +4f kernel32.dll SleepEx
77e61bec +06 kernel32.dll Sleep
>> created by main thread ($4a8) at:
7721e6c6 +00 OLE32.DLL

thread $4f8:
7ffe0304 +04 ???
77d44239 +39 USER32.dll GetMessageA
77c37fb5 +9d msvcrt.dll _endthreadex
>> created by main thread ($4a8) at:
585adee2 +00 msscript.ocx

thread $4a4:
7ffe0304 +04 ???
77f7e76d +0a ntdll.dll NtDelayExecution
77e775b1 +4f kernel32.dll SleepEx
77e61bec +06 kernel32.dll Sleep

thread $354:
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
>> created by main thread ($4a8) at:
77ddc818 +00 ADVAPI32.dll

thread $74c (TSubscriptionThread): <priority:-1>
7ffe0304 +04 ???
77f7f4ad +0a ntdll.dll NtWaitForSingleObject
77e77885 +85 kernel32.dll WaitForSingleObjectEx
77e79d65 +0a kernel32.dll WaitForSingleObject
4003d801 +09 rtl70.bpl Syncobjs TEvent.WaitFor
>> created by main thread ($4a8) at:
00521128 +00 swdoctor.exe

thread $4cc (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $b4 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $660 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $578 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $670 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $668 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $6a0 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $6a8 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $308 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $714 (TRegistryHook): <priority:-2>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects
>> created by main thread ($4a8) at:
02e32ca0 +00 actstartup.dll

thread $4f0 (TRegMonitorThread): <suspended>
77e802f4 kernel32.dll
>> created by main thread ($4a8) at:
03280e21 immunizer.dll

thread $49c:
7ffe0304 +04 ???
77f7ef2d +0a ntdll.dll NtReadFile
77e78beb +69 kernel32.dll ReadFile

thread $614: <priority:15>
7ffe0304 +04 ???
77f7f49d +0a ntdll.dll NtWaitForMultipleObjects
77e74bd2 +89 kernel32.dll WaitForMultipleObjectsEx
77e74c6b +12 kernel32.dll WaitForMultipleObjects

thread $20c: <priority:2>
7ffe0304 +04 ???
77d44239 +39 USER32.dll GetMessageA
>> created by main thread ($4a8) at:
76b47150 +00 WINMM.dll

modules:
00400000 swdoctor.exe 3.2.2.417 C:\Program Files\Spyware Doctor
01610000 vcl70.bpl 7.0.4.453 C:\Program Files\Spyware Doctor
017b0000 chilkatxml.dll 4.1.0.2 C:\Program Files\Spyware Doctor
02db0000 BAScanner.dll 3.0.0.55 C:\Program Files\Spyware Doctor\Tools
02dd0000 bhoscanner.dll 3.1.0.39 C:\Program Files\Spyware Doctor\Tools
02de0000 McVSSkt.dll 10.0.0.26 c:\progra~1\mcafee.com\vso
02e10000 actstartup.dll 3.1.1.107 C:\Program Files\Spyware Doctor\Tools
02e50000 browserscanner.dll 3.0.0.50 C:\Program Files\Spyware Doctor\Tools
02e70000 diskscanner.dll 3.0.0.64 C:\Program Files\Spyware Doctor\Tools
02e90000 genscanner.dll 3.0.0.2 C:\Program Files\Spyware Doctor\Tools
02ea0000 hostsscanner.dll 3.0.0.36 C:\Program Files\Spyware Doctor\Tools
02ec0000 iemonitor.dll 3.0.0.2651 C:\Program Files\Spyware Doctor\Tools
02f00000 iesdpb.dll 3.0.0.265 C:\Program Files\Spyware Doctor\Tools
030c0000 iesdsg.dll 3.0.0.58 C:\Program Files\Spyware Doctor\Tools
03270000 immunizer.dll 3.0.0.53 C:\Program Files\Spyware Doctor\Tools
032a0000 iSDhelp.dll 3.2.0.10 C:\Program Files\Spyware Doctor\Tools
032b0000 itoollib.dll 3.2.0.29 C:\Program Files\Spyware Doctor\Tools
032f0000 keyloggerguard.dll 3.0.0.33 C:\Program Files\Spyware Doctor\Tools
03350000 lspscanner.dll 3.0.0.50 C:\Program Files\Spyware Doctor\Tools
03360000 memory.dll 3.0.0.3 C:\Program Files\Spyware Doctor\Tools
043b0000 networkguard.dll 3.0.0.17 C:\Program Files\Spyware Doctor\Tools
043f0000 popupblocker.dll 3.0.0.265 C:\Program Files\Spyware Doctor\Tools
04430000 processguard.dll 3.0.0.38 C:\Program Files\Spyware Doctor\Tools
04490000 pscanner.dll 3.1.0.43 C:\Program Files\Spyware Doctor\Tools
044d0000 PWindow.dll 3.0.0.15 C:\Program Files\Spyware Doctor\Tools
04500000 regscanner.dll 3.0.0.26 C:\Program Files\Spyware Doctor\Tools
04510000 scheduler.dll 3.0.0.37 C:\Program Files\Spyware Doctor\Tools
04550000 sdn.dll 3.0.0.17 C:\Program Files\Spyware Doctor\Tools
045c0000 siteguard.dll 3.0.0.58 C:\Program Files\Spyware Doctor\Tools
10000000 nview.dll 6.14.10.11005 C:\WINDOWS\System32
40000000 rtl70.bpl 7.0.4.453 C:\Program Files\Spyware Doctor
585a0000 msscript.ocx 1.0.0.6626 C:\WINDOWS\System32
5a000000 klg.dat 3.0.0.33 C:\Program Files\Spyware Doctor\Tools
5ad70000 uxtheme.dll 6.0.2600.0 C:\WINDOWS\system32
5d300000 HHCTRL.OCX 5.2.3735.0 C:\WINDOWS\System32
5edd0000 olepro32.dll 5.0.5014.0 C:\WINDOWS\System32
63000000 WININET.dll 6.0.2737.800 C:\WINDOWS\system32
666f0000 inetmib1.dll 5.1.2600.0 C:\WINDOWS\System32
71950000 COMCTL32.dll 6.0.2600.0 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a
71aa0000 WS2HELP.dll 5.1.2600.0 C:\WINDOWS\System32
71ab0000 WS2_32.dll 5.1.2600.0 C:\WINDOWS\System32
71ad0000 WSOCK32.dll 5.1.2600.0 C:\WINDOWS\System32
71b20000 mpr.dll 5.1.2600.0 C:\WINDOWS\system32
71bf0000 SAMLIB.dll 5.1.2600.0 C:\WINDOWS\System32
71c20000 NETAPI32.dll 5.1.2600.122 C:\WINDOWS\System32
71f60000 snmpapi.dll 5.1.2600.0 C:\WINDOWS\System32
72d10000 msacm32.drv 5.1.2600.0 C:\WINDOWS\System32
72d20000 wdmaud.drv 5.1.2600.0 C:\WINDOWS\System32
73000000 winspool.drv 5.1.2600.0 C:\WINDOWS\System32
73300000 vbscript.dll 5.6.0.6626 C:\WINDOWS\System32
73420000 MSVBVM60.DLL 6.0.92.37 C:\WINDOWS\System32
73dc0000 LZ32.DLL 5.1.2600.0 C:\WINDOWS\system32
74d30000 oledlg.dll 5.1.2600.0 C:\WINDOWS\System32
75e90000 SXS.DLL 5.1.2600.0 C:\WINDOWS\System32
762a0000 MSASN1.dll 5.1.2600.137 C:\WINDOWS\system32
762c0000 CRYPT32.dll 5.131.2600.1123 C:\WINDOWS\system32
76360000 WINSTA.dll 5.1.2600.0 C:\WINDOWS\System32
763b0000 comdlg32.dll 6.0.2600.0 C:\WINDOWS\system32
76670000 SETUPAPI.dll 5.1.2600.0 C:\WINDOWS\System32
76b20000 ATL.DLL 3.0.9238.0 C:\WINDOWS\System32
76b40000 WINMM.dll 5.1.2600.0 C:\WINDOWS\System32
76bf0000 PSAPI.DLL 5.1.2600.0 C:\WINDOWS\System32
76ce0000 NTMARTA.DLL 5.1.2600.0 C:\WINDOWS\System32
76d30000 WMI.dll 5.1.2600.0 C:\WINDOWS\System32
76d40000 MPRAPI.dll 5.1.2600.0 C:\WINDOWS\System32
76d60000 iphlpapi.dll 5.1.2600.2 C:\WINDOWS\System32
76d80000 DHCPCSVC.DLL 5.1.2600.0 C:\WINDOWS\System32
76da0000 WZCSvc.DLL 5.1.2600.0 C:\WINDOWS\System32
76de0000 netman.dll 5.1.2600.0 C:\WINDOWS\System32
76e10000 adsldpc.dll 5.1.2600.0 C:\WINDOWS\System32
76e40000 ACTIVEDS.dll 5.1.2600.0 C:\WINDOWS\System32
76e80000 rtutils.dll 5.1.2600.0 C:\WINDOWS\System32
76e90000 rasman.dll 5.1.2600.0 C:\WINDOWS\System32
76eb0000 TAPI32.dll 5.1.2600.0 C:\WINDOWS\System32
76ee0000 RASAPI32.dll 5.1.2600.0 C:\WINDOWS\System32
76f20000 DNSAPI.dll 5.1.2600.0 C:\WINDOWS\System32
76f50000 WTSAPI32.dll 5.1.2600.0 C:\WINDOWS\System32
76f60000 WLDAP32.dll 5.1.2600.0 C:\WINDOWS\system32
76f90000 Secur32.dll 5.1.2600.0 C:\WINDOWS\System32
77050000 COMRes.dll 2001.12.4414.42 C:\WINDOWS\System32
77120000 OLEAUT32.dll 3.50.5014.0 C:\WINDOWS\system32
771b0000 OLE32.DLL 5.1.2600.136 C:\WINDOWS\system32
772d0000 SHLWAPI.dll 6.0.2750.167 C:\WINDOWS\system32
773d0000 SHELL32.dll 6.0.2600.0 C:\WINDOWS\system32
77bd0000 midimap.dll 5.1.2600.0 C:\WINDOWS\System32
77be0000 MSACM32.dll 5.1.2600.0 C:\WINDOWS\System32
77c00000 version.dll 5.1.2600.0 C:\WINDOWS\system32
77c10000 msvcrt.dll 7.0.2600.0 C:\WINDOWS\system32
77c70000 GDI32.dll 5.1.2600.132 C:\WINDOWS\system32
77d40000 USER32.dll 5.1.2600.0 C:\WINDOWS\system32
77dd0000 ADVAPI32.dll 5.1.2600.0 C:\WINDOWS\system32
77e60000 kernel32.dll 5.1.2600.0 C:\WINDOWS\system32
77f50000 ntdll.dll 5.1.2600.0 C:\WINDOWS\System32
78000000 RPCRT4.dll 5.1.2600.135 C:\WINDOWS\system32
7c620000 CLBCATQ.DLL 2001.12.4414.53 C:\WINDOWS\System32

hardware:
+ Computer
- ACPI Uniprocessor PC
+ Disk drives
- Maxtor 52049U4
+ Display adapters
- NVIDIA GeForce4 MX 420 (driver 8.1.8.5)
- S3 Graphics ProSavageDDR (driver 6.14.10.25)
+ DVD/CD-ROM drives
- COMPAQ CRD-8322B
+ Floppy disk controllers
- Standard floppy disk controller
+ Floppy disk drives
- Floppy disk drive
+ Human Interface Devices
- USB Human Interface Device
+ IDE ATA/ATAPI controllers
- Primary IDE Channel
- Secondary IDE Channel
- VIA Bus Master IDE Controller
+ Keyboards
- Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
+ Mice and other pointing devices
- HID-compliant mouse
+ Monitors
- Default Monitor
- Default Monitor
- Plug and Play Monitor
+ Network adapters
- 3Com EtherLink XL 10/100 PCI TX NIC (3C905B-TX)
- VIA Rhine II Fast Ethernet Adapter (driver 3.41.0.426)
+ Ports (COM & LPT)
- Communications Port (COM1)
- Communications Port (COM2)
- Printer Port (LPT1)
+ Processors
- Intel® Celeron® CPU 2.70GHz
+ Sound, video and game controllers
- Audio Codecs
- Legacy Audio Drivers
- Legacy Video Capture Devices
- Media Control Devices
- MPU-401 Compatible MIDI Device
- Standard Game Port
- Video Codecs
- Vinyl AC'97 Codec Combo Driver (WDM) (driver 6.14.1.4130)
+ System devices
- ACPI Fan
- ACPI Fixed Feature Button
- ACPI Power Button
- ACPI Sleep Button
- ACPI Thermal Zone
- Direct memory access controller
- ISAPNP Read Data Port
- Logical Disk Manager
- Microcode Update Device
- Microsoft ACPI-Compliant System
- Motherboard resources
- Motherboard resources
- Numeric data processor
- PCI bus
- PCI standard host CPU bridge
- PCI standard ISA bridge
- Plug and Play Software Device Enumerator
- Printer Port Logical Interface
- Programmable interrupt controller
- System board
- System CMOS/real time clock
- System speaker
- System timer
- Terminal Server Device Redirector
- Terminal Server Keyboard Driver
- Terminal Server Mouse Driver
- VIA Tech CPU to AGP Controller
- Volume Manager
+ Universal Serial Bus controllers
- Unknown Device
- USB Root Hub
- USB Root Hub
- USB Root Hub
- VIA Rev 5 or later USB Universal Host Controller
- VIA Rev 5 or later USB Universal Host Controller
- VIA Rev 5 or later USB Universal Host Controller

disassembling:
0050af53 sub_50af53: ; function entry point
0050af53 > mov edx, [eax+$2f8]
0050af59 mov eax, [ebp-4]
0050af5c call -$945 ($50a61c)
0050af5c
0050af61 mov eax, [ebp-4]
0050af64 call +$198f ($50c8f8)
0050af64
0050af69 pop ecx
0050af6a pop ecx
0050af6b pop ebp
0050af6c ret
- Volume Manager
+ Universal Serial Bus controllers
- Unknown Device
- USB Root Hub
- USB Root Hub
- USB Root Hub
- VIA Rev 5 or later USB Universal Host Controller
- VIA Rev 5 or later USB Universal Host Controller
- VIA Rev 5 or later USB Universal Host Controller

disassembling:
0050af53 sub_50af53: ; function entry point
0050af53 > mov edx, [eax+$2f8]
0050af59 mov eax, [ebp-4]
0050af5c call -$945 ($50a61c)
0050af5c
0050af61 mov eax, [ebp-4]
0050af64 call +$198f ($50c8f8)
0050af64
0050af69 pop ecx
0050af6a pop ecx
0050af6b pop ebp
0050af6c ret
  • 0

Advertisements

#2
OwNt
Posted 04 November 2005 - 11:08 PM

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Hello, Scea.

Download and run the following HijackThis autoinstall program from Here . Please choose the default location of C:\Program Files\ as the destination. HJT needs to be in its own folder so that the program itself isn't deleted by accident

Run HijackThis

Click SCAN and SAVE LOG. (a notepad window will open with the log in it when you click Save Log) (Ctrl-A to'select all', Ctrl-C to 'copy')

POST the log into this thread using 'Add Reply' (Ctrl-V to 'paste')
  • 0

#3
OwNt
Posted 23 March 2006 - 12:00 AM

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP