| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 92879 | 2008-08-26 20:55:00 | desktop hijacked, help! | punisher129 (14126) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 700746 | 2008-08-26 21:52:00 | Logfile of Spyware Terminator v2.3.0.488 (db : #444444; font-style : italic; "> : 1.000.000.000) Scan Time : #444444; font-style : italic; "> : 8/26/2008 1 : #444444; font-style : italic; "> : 57 : #444444; font-style : italic; "> : 13 PM length : #444444; font-style : italic; "> : 1012 s Platform : #444444; font-style : italic; "> : WXP (5.1.0.2600) User : #444444; font-style : italic; "> : Admin Boot Mode : #444444; font-style : italic; "> : Normal Scan type : #444444; font-style : italic; "> : Fast_Spyware_Scan Scanned Objects : #444444; font-style : italic; "> : 18538 (Critical : #444444; font-style : italic; "> : 0) Filter : #444444; font-style : italic; "> : No System items, No Safe items, No Invalid items Running Processes Ati2evxx.exe [ATI Technologies Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Ati2evxx.exe ccSetMgr.exe [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\ccSetMgr.exe ccProxy.exe [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\ccProxy.exe PIFSvc.exe [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe SNDSrvc.exe [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\SNDSrvc.exe SPBBCSvc.exe [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe symlcsvc.exe [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe wltrysvc.exe : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\wltrysvc.exe bcmwltry.exe [Broadcom Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\bcmwltry.exe ALUSchedulerSvc.exe [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe Ati2evxx.exe [ATI Technologies Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Ati2evxx.exe navapsvc.exe [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe PRISMXL.SYS [New Boundary Technologies, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS jusched.exe [Sun Microsystems, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Java\jre1.6.0_05\bin\jusched.exe NSCSRVCE.EXE [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE jucheck.exe [Sun Microsystems, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Java\jre1.6.0_05\bin\jucheck.exe PSFree.exe [Panicware, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe aawservice.exe [Lavasoft] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Lavasoft\Ad-Aware\aawservice.exe Ad-Aware.exe [Lavasoft AB] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe Internet Settings R - HKCU\Software\Microsoft\Internet Explorer\Main, Search Bar = : #444444; font-style : italic; "> : //www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6441" target="_blank">www.gateway.com R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = : #444444; font-style : italic; "> : //go.microsoft.com/fwlink/?LinkId=69157" target="_blank">go.microsoft.com R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = : #444444; font-style : italic; "> : //www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6441" target="_blank">www.gateway.com R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = : #444444; font-style : italic; "> : //ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" target="_blank">ie.search.msn.com R - HKLM\System\CurrentControlSet\Services\Tcpip\Param eters, Domain = R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Tel ephony, DomainName = BHO 02 - BHO : #444444; font-style : italic; "> : AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - [Adobe Systems Incorporated] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 02 - BHO : #444444; font-style : italic; "> : - {53707962-6F74-2D53-2644-206D7942484F} - [Safer Networking Limited] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Spybot - Search & Destroy\SDHelper.dll 02 - BHO : #444444; font-style : italic; "> : SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - [Sun Microsystems, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Java\jre1.6.0_05\bin\ssv.dll 02 - BHO : #444444; font-style : italic; "> : CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll 02 - BHO : #444444; font-style : italic; "> : CNavExtBho Class - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll 02 - BHO : #444444; font-style : italic; "> : Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - [Google Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\google\googletoolbar2.dll 02 - BHO : #444444; font-style : italic; "> : CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - [Gateway Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\BAE.dll Toolbars 03 - Toolbar : #444444; font-style : italic; "> : Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll 03 - Toolbar : #444444; font-style : italic; "> : Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll 03 - Toolbar : #444444; font-style : italic; "> : &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - [Google Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\google\googletoolbar2.dll StartUps 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , Symantec PIF AlertEng : #444444; font-style : italic; "> : [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , SunJavaUpdateSched : #444444; font-style : italic; "> : [Sun Microsystems, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Java\jre1.6.0_05\bin\jusched.exe 04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run , lphca7hj0evb9 : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\lphca7hj0evb9.exe 04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\lsdelete.exe Shell Extensions - {2F603045-309F-11CF-9774-0020AFD0CFF6} - [Synaptics, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Synaptics\SynTP\SynTPCpl.dll SampleView - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\ShellvRTF.dll WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\WinRAR\rarext.dll My Sharing Folders - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} - [Microsoft Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\MSN Messenger\fsshext.8.0.0812.00.dll RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Real\RealPlayer\rpshell.dll iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - [Apple Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\iTunes\iTunesMiniPlayer.dll 7-Zip Shell Extension - {23170F69-40C1-278A-1000-000100020000} - [Igor Pavlov] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\7-Zip\7-zip.dll Wireless Property Page - {20082881-FC36-4E47-9A7A-644C95FF749F} - [Microsoft Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL Wheel Property Page - {AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} - [Microsoft Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL Activities Property Page - {653DCCC2-13DB-45B2-A389-427885776CFE} - [Microsoft Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\MICROSOFT INTELLIPOINT\IPCPLACT.DLL Buttons Property Page - {124597D8-850A-41AE-849C-017A4FA99CA2} - [Microsoft Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL NeroCoverEdLiveIcons Class - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - [Nero AG] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll NeroDigitalIconHandler Class - {B327765E-D724-4347-8B16-78AE18552FC3} - [Nero AG] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll NeroDigitalPropSheetHandler Class - {7F1CF152-04F8-453A-B34C-E609530A9DC8} - [Nero AG] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll Protocol Handler - {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\MSN Messenger\msgrapp.8.0.0812.00.dll - {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\MSN Messenger\msgrapp.8.0.0812.00.dll Services 23 - [Meetinghouse Data Communications] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\AegisP.sys 23 - [ATI Technologies Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Ati2evxx.exe 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe 23 - [Broadcom Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\bcmwl5.sys 23 - [Conexant Systems Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\drivers\camc6aud.sys 23 - [Conexant Systems Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\drivers\camc6hal.sys 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\ccProxy.exe 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\ccSetMgr.exe 23 - [Conexant Systems, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\HSFHWATI.sys 23 - [Conexant Systems, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\HSF_DPV.sys 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\VirusDefs\20070909.017\NAVENG.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\VirusDefs\20070909.017\NAVEX15.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE 23 - [VSO Software] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\pcouffin.sys 23 - [New Boundary Technologies, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\SNDSrvc.exe 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\SYMDNS.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\SYMEVENT.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\SYMFW.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\SYMIDS.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20080825.001\SymIDSCo.sys 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\drivers\symlcbrd.sys 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\SYMNDIS.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\SYMREDRV.SYS 23 - [Symantec Corporation] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Drivers\SYMTDI.SYS 23 - [Synaptics, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\SynTP.sys 23 - [Texas Instruments] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\drivers\tifm21.sys 23 - [Promise Technology, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\ultra.sys 23 - [Conexant Systems, Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\HSF_CNXT.sys 23 - [Exent Technologies Ltd.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\GameTap\bin\Release\X4HSX32.Sys 23 - [Marvell] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\DRIVERS\yk51x86.sys 23 - [Lavasoft] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \Program Files\Lavasoft\Ad-Aware\aawservice.exe Winlogon Notify HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : #444444; font-style : italic; "> : [ATI Technologies Inc.] : #444444; font-style : italic; "> : C : #444444; font-style : italic; "> : \WINDOWS\system32\Ati2evxx.dll System Policies HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, NoDispBackgroundPage : #444444; font-style : italic; "> : : #444444; font-style : italic; "> : Advanced Files Report %SYSDIR%\Ati2evxx.dll [ATI Technologies Inc.] [ATI External Event Utility for NT, W2K and W9X] MD5=9C70BFD3629D9A9ECE0D3D7BCB89195E SIZE=46080 %SYSDIR%\BCMLogon.dll [Broadcom Corporation] [Wireless Network Logon Provider] MD5=F20F2E33497C7656AC0D66975D19921E SIZE=172032 %SYSDIR%\Ati2evxx.exe [ATI Technologies Inc.] [ATI External Event Utility for WindowsNT and Windows9X] MD5=97F0D1CFEE7CCD1F3302F393BA3481FC SIZE=364544 %SYSDIR%\Ati2edxx.dll [ATI Technologies, Inc.] [ATI External Device Utility] MD5=5122C4E2B0E93FAAAD08082121389E46 SIZE=39936 %COMMONFILES%\Symantec Shared\ccSetMgr.exe [Symantec Corporation] [Client and Host Security Platform] MD5=13488A6AF50A151D4802897C185E83FA SIZE=169576 %COMMONFILES%\Symantec Shared\ccL40.dll [Symantec Corporation] [Client and Host Security Platform] MD5=148D39E7671E67B950070464150E0E6F SIZE=377960 %COMMONFILES%\Symantec Shared\ccVrTrst.dll [Symantec Corporation] [Client and Host Security Platform] MD5=FF68BBB51E9B3125030DD16BC839AAAC SIZE=99944 %COMMONFILES%\Symantec Shared\ccSetEvt.dll [Symantec Corporation] [Client and Host Security Platform] MD5=7867B12FD7C7C2B73AFD045DE2CCD08F SIZE=87656 %COMMONFILES%\Symantec Shared\ccSet.dll [Symantec Corporation] [Client and Host Security Platform] MD5=AB2344BECED0DCE41969E38B3FE34A9F SIZE=91752 %COMMONFILES%\Symantec Shared\AntiSpam\asSpmEvt.dll [Symantec Corporation] [Norton AntiSpam] MD5=C42A2442652F946E006C047103962C7A SIZE=130144 %COMMONFILES%\Symantec Shared\SPBBC\SPBBCEvt.dll [Symantec Corporation] [SPBBC] MD5=FB03EC27C977DF34CFAE7DAEC24DDB31 SIZE=714384 %COMMONFILES%\Symantec Shared\CCLOGIN.DLL [Symantec Corporation] [Client and Host Security Platform] MD5=076EFD8C41C1C01FCABDC6A7E00A5351 SIZE=112232 %COMMONFILES%\Symantec Shared\CCPXYEVT.DLL [Symantec Corporation] [Client and Host Security Platform] MD5=ACF90909394ED33B8B9E85C22AEDD3D5 SIZE=276128 %PROGRAMFILES%\Norton Internet Security\ISSVC.DLL [Symantec Corporation] [Internet Security] MD5=EA46BE6214BEFC46443DC9BAEAE31DB4 SIZE=91776 %SYSDIR%\SymNeti.DLL [Symantec Corporation] [Symantec Security Drivers] MD5=4E4EED4EEC58308EB74FB88D5962E032 SIZE=537992 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\HPPEVT32.DLL [Symantec Corporation] [Norton AntiVirus] MD5=80A039A02060954B4F418698DE7467D8 SIZE=145008 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\HPPRES32.LOC [Symantec Corporation] [Norton AntiVirus] MD5=14FB681910F7D8C0397504EFB8F9554D SIZE=71280 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVEVENT.DLL [Symantec Corporation] [Norton AntiVirus] MD5=AF5E7FE474631AE9A55F26A93422A468 SIZE=169584 %PROGRAMFILES%\Norton Internet Security\ObrkData.dll [Symantec Corporation] [Internet Security] MD5=875FFAC52BB3DD282B351A3DDE7CDB44 SIZE=278144 %COMMONFILES%\Symantec Shared\ccProxy.exe [Symantec Corporation] [Client and Host Security Platform] MD5=F4CBCA2089A8419BF3397A1BC248C54D SIZE=202400 %SYSDIR%\SYMREDIR.dll [Symantec Corporation] [Symantec Security Drivers] MD5=0C057831571940AB4834D98B54AFDD89 SIZE=161160 %COMMONFILES%\Symantec Shared\DPHTML.dll [Symantec Corporation] [Client and Host Security Platform] MD5=C8DF3145817CD73037FD4AB1D28BF2F8 SIZE=136864 %COMMONFILES%\Symantec Shared\DPJS.dll [Symantec Corporation] [Client and Host Security Platform] MD5=A5F149648A301A98E7A80BCCA96A6256 SIZE=59040 %COMMONFILES%\Symantec Shared\DPVBS.dll [Symantec Corporation] [Client and Host Security Platform] MD5=8BF5A7C014F48FFB2F52D4840F05D3A1 SIZE=54944 %COMMONFILES%\Symantec Shared\PFPriv.dll [Symantec Corporation] [Client and Host Security Platform] MD5=1166734E4ED207FF95A45BE3F1A55629 SIZE=99944 %COMMONFILES%\Symantec Shared\PFSec.dll [Symantec Corporation] [Client and Host Security Platform] MD5=F0CC197D0917197A09522D90C7FD3926 SIZE=54888 %COMMONFILES%\Symantec Shared\PFAdBlk.dll [Symantec Corporation] [Client and Host Security Platform] MD5=70B12DEC21639D36C4600D32DD0F8C8E SIZE=87664 %COMMONFILES%\Symantec Shared\PFMisc.dll [Symantec Corporation] [Client and Host Security Platform] MD5=35D400B91D85DBCCFF1C45AF23A3760A SIZE=44136 %COMMONFILES%\Symantec Shared\PxyHTTP.dll [Symantec Corporation] [Client and Host Security Platform] MD5=01F862E5BEAFF1573CF97ED960663F57 SIZE=83616 %COMMONFILES%\Symantec Shared\DPHTTP.dll [Symantec Corporation] [Client and Host Security Platform] MD5=D3716CBB9F526DB2B0C7E11F9464C596 SIZE=91808 %COMMONFILES%\Symantec Shared\PxyIM.dll [Symantec Corporation] [Client and Host Security Platform] MD5=56E09769E08D63BDE1771D3BF0E9C2DB SIZE=26728 %COMMONFILES%\Symantec Shared\ccProSub.dll [Symantec Corporation] [Client and Host Security Platform] MD5=BB2C447C439B98FD4CF4E63FCC330EC6 SIZE=67176 %COMMONFILES%\Symantec Shared\ccCharCv.dll [Symantec Corporation] [Client and Host Security Platform] MD5=5547545C1CBFBD4F8FAC266B91FDE65E SIZE=2598560 %COMMONFILES%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollMgr.dll [Symantec Corporation] [LiveUpdate Notice] MD5=144D153F4164645C894FA6196AE4876B SIZE=1062536 %COMMONFILES%\Symantec Shared\SNDSrvc.exe [Symantec Corporation] [Symantec Security Drivers] MD5=213C7EB70A762AFDBB095E3535E8545C SIZE=214408 %COMMONFILES%\Symantec Shared\SPBBC\SPBBCSvc.exe [Symantec Corporation] [SPBBC] MD5=1567D41313BB856FE150CF6DECC80174 SIZE=1160848 %COMMONFILES%\Symantec Shared\SPBBC\bbRGen.dll [Symantec Corporation] [SPBBC] MD5=DC3923C3D464E25A661DA7CB8AC815E5 SIZE=444048 %COMMONFILES%\Symantec Shared\CCPD-LC\symlcsvc.exe [Symantec Corporation] [Symantec Core Component] MD5=477A47C10C4B2E79DD52D74BAA9ED716 SIZE=1247600 %COMMONFILES%\Symantec Shared\CCPD-LC\symlcnet.dll [Symantec Corporation] [Symantec Core Component] MD5=9598BCA4FDBBD75142EE254E6023E9A6 SIZE=361328 %SYSDIR%\wltrysvc.exe MD5=3B2122844B8A31F16E786FC8EC4EF8E0 SIZE=65536 %SYSDIR%\bcmwltry.exe [Broadcom Corporation] [Broadcom 802.11 Network Adapter Wireless Network Controller] MD5=79E425D4AF8E92689AA9FEFF8273712B SIZE=847983 %SYSDIR%\AegisE5.dll [Meetinghouse Data Communications] [AEGIS Client API] MD5=82519DCB6F4F0C346F393911CF892E16 SIZE=1396831 %SYSDIR%\wltrynt.dll [Broadcom Corporation] [Wireless Notification Provider] MD5=B64FCA8C661217D3E8B32CD2F30C909F SIZE=86016 %PROGRAMFILES%\Symantec\LiveUpdate\ALUSchedulerSvc .exe [Symantec Corporation] [LiveUpdate] MD5=45DAAB5A2B1815E6A0FD6F2165A13F17 SIZE=100032 %COMMONFILES%\Symantec Shared\AntiSpam\asOEHook.dll [Symantec Corporation] [Norton AntiSpam] MD5=558176FF5BC01F7C2B4F6B3E7B8E3800 SIZE=123488 %COMMONFILES%\Symantec Shared\Security Console\NSCEXT.DLL [Symantec Corporation] [Norton Security Console] MD5=F7ABFEE3F7E7F353414A1297530D58B1 SIZE=382640 %COMMONFILES%\Symantec Shared\Security Console\NSCEXT.LOC [Symantec Corporation] [Norton Security Console] MD5=39DD0A033A03B2CE8C38FBECC7F1064B SIZE=9392 %PROGRAMFILES%\Panicware\Pop-Up Stopper Free Edition\XAHook.dll [Panicware, Inc.] [XAHook Dynamic Link Library] MD5=2D20891061917BA9BCAE019FEFF311C4 SIZE=34816 %COMMONFILES%\Ahead\Lib\NeroDigitalExt.dll [Nero AG] [Nero Digital Tools] MD5=BB4D75F836F2BEBC229E609257B8494F SIZE=1807656 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\navapsvc.exe [Symantec Corporation] [Norton AntiVirus] MD5=606C21D97649E5C44B94763380F07B7C SIZE=139888 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\SAVRT32.DLL [Symantec Corporation] [Symantec AntiVirus AutoProtect] MD5=D91BF8C0523A6D84503902F40252CB7C SIZE=231184 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\navapsvc.loc [Symantec Corporation] [Norton AntiVirus] MD5=8A9E7544265D1A12E4CDD155C465E7C5 SIZE=11376 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\N32Exclu.dll [Symantec Corporation] [Norton AntiVirus] MD5=049D615D8E6D49C484FD7E7FBF802A2A SIZE=267888 %COMMONFILES%\New Boundary\PrismXL\PRISMXL.SYS [New Boundary Technologies, Inc.] [PrismXL Software Family] MD5=33D7285F12D934268A34206DFC4AD1B3 SIZE=172032 %COMMONFILES%\Symantec Shared\CCALERT.DLL [Symantec Corporation] [Client and Host Security Platform] MD5=F0B938B00B953E19DEFD80E04BDF868C SIZE=222824 %COMMONFILES%\Symantec Shared\CCEMLPXY.DLL [Symantec Corporation] [Client and Host Security Platform] MD5=631D98B2F560D1B4882C8B3E087BB4A0 SIZE=259688 %COMMONFILES%\Symantec Shared\Options\symDynLd.dll [Symantec Corporation] [Norton AntiSpam] MD5=4ED998FAAD0CAA24B2413D0CCAD9029B SIZE=140384 %COMMONFILES%\Symantec Shared\Security Console\NSCTRAY.DLL [Symantec Corporation] [Norton Security Console] MD5=363E8C03EDA1960E66BE3D6ADEEF487A SIZE=210608 %COMMONFILES%\Symantec Shared\Security Console\NSCTRAY.LOC [Symantec Corporation] [Norton Security Console] MD5=27E97B22C048A0A93DCFD46388207D84 SIZE=8880 %PROGRAMFILES%\Norton Internet Security\ISLALERT.DLL [Symantec Corporation] [Internet Security] MD5=7F86DCD55FD3FFFBABD4219EB5F0F37B SIZE=329856 %PROGRAMFILES%\Norton Internet Security\AlertRes.dll [Symantec Corporation] [Internet Security] MD5=18F5B14F6902AA38B1E745E1FD1912BE SIZE=250032 %PROGRAMFILES%\Norton Internet Security\NISTRAY.DLL [Symantec Corporation] [Internet Security] MD5=710E7515FE6049BD4AF252E8D980B489 SIZE=315520 %COMMONFILES%\Symantec Shared\Security Console\NSCUICOR.DLL [Symantec Corporation] [Norton Security Console] MD5=54BF220FED1250FC8D84C5A93BF5606A SIZE=689840 %COMMONFILES%\Symantec Shared\Security Console\NSCUICOR.LOC [Symantec Corporation] [Norton Security Console] MD5=D641FB81D00661103AB4445AE2264576 SIZE=231088 %COMMONFILES%\Symantec Shared\AntiSpam\asFilter.dll [Symantec Corporation] [Norton AntiSpam] MD5=639450DEEA7DEFB9D38025E135934952 SIZE=237664 %COMMONFILES%\Symantec Shared\Security Console\NSC_Hlpr.dll [Symantec Corporation] [Norton Security Console] MD5=0D0281703B2D9E272B6E40C594DEA2CD SIZE=79536 %PROGRAMFILES%\Norton Internet Security\NISTrRes.dll [Symantec Corporation] [Internet Security] MD5=EC3CAC472A82E4E7A940FD854E6565A6 SIZE=22192 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\CCIMSCAN.DLL [Symantec Corporation] [Client and Host Security Platform] MD5=58CF3590CCAB448C578D5E28D6C42756 SIZE=132768 %COMMONFILES%\Symantec Shared\AntiSpam\asUniPlg.dll [Symantec Corporation] [Norton AntiSpam] MD5=3158B328C6295DDB36D5AC569ADFDC21 SIZE=97376 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\DEFALERT.DLL [Symantec Corporation] [Norton AntiVirus] MD5=7B3D423B135B03B7753A92A55EE42FF0 SIZE=300656 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\HPP32.DLL [Symantec Corporation] [Norton AntiVirus] MD5=3AB34DCAEDF1FC58097A3565545C7BAB SIZE=255600 %PROGRAMFILES%\Norton Internet Security\CCFWSETG.DLL [Symantec Corporation] [Client and Host Security Platform] MD5=92F3CABD6D5DF7E1A6957888B0D03B9B SIZE=476776 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVAPW32.DLL [Symantec Corporation] [Norton AntiVirus] MD5=8F129F76DE1378D2C5344F7DE35DCD76 SIZE=218736 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\APWUTIL.DLL [Symantec Corporation] [Norton AntiVirus] MD5=52309E8FB19D0A1096B106C92F6F0F9A SIZE=124528 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVAPW32.LOC [Symantec Corporation] [Norton AntiVirus] MD5=73D649497A9887E2E7A643E128B719AB SIZE=71280 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVOptRF.dll [Symantec Corporation] [Norton AntiVirus] MD5=23DAC95DAC0401DDE4861A474FF96864 SIZE=456352 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\ccAVMail.dll [Symantec Corporation] [Client and Host Security Platform] MD5=B94DF7EE6F09829B8C766A9871D82412 SIZE=108192 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\STATUSHP.DLL [Symantec Corporation] [Norton AntiVirus] MD5=2DBF9013684FD7FF4B48758A82FC4D94 SIZE=140912 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\Navlcom.dll [Symantec Corporation] [Norton AntiVirus] MD5=DFED853F722EC1B590E1C7BB5578C8E4 SIZE=181872 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVError.dll [Symantec Corporation] [Norton AntiVirus] MD5=1865CDB57AA35304B5BB763B9443C660 SIZE=79472 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\APWUTIL.LOC [Symantec Corporation] [Norton AntiVirus] MD5=DE953C6E40A268D91A228AE767E55483 SIZE=10352 %PROGRAMFILES%\Norton Internet Security\ccEmlflt.dll [Symantec Corporation] [Client and Host Security Platform] MD5=449AFFCBD0C2EC388C451100E6494CA5 SIZE=145000 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\apwcmdnt.dll [Symantec Corporation] [Norton AntiVirus] MD5=32A6AC48ED10D9AC26959B4872C5729C SIZE=247408 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\apwcmdNT.loc [Symantec Corporation] [Norton AntiVirus] MD5=810746E0A89390B0000AC6ED8124A4F4 SIZE=14960 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\naverror.loc [Symantec Corporation] [Norton AntiVirus] MD5=D7D5E9A616A5EF8D4755AE709416ADCC SIZE=11888 %PROGRAMFILES%\Norton Internet Security\ObrkAV.dll [Symantec Corporation] [Internet Security] MD5=EC8CB4B412270D85EF96F644C99E0555 SIZE=49792 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVSTATS.DLL [Symantec Corporation] [Norton AntiVirus] MD5=B8C82C0A31984480B7ACC15D30C1DB34 SIZE=132720 %PROGRAMFILES%\Norton Internet Security\ObrkIDS.dll [Symantec Corporation] [Internet Security] MD5=1E7967E276EFC14A6246CCC66B7572C2 SIZE=80000 %PROGRAMFILES%\Norton Internet Security\SymFWAgt.dll [Symantec Corporation] [Client and Host Security Platform] MD5=E0A8A2AA3586B34E9A0EE3802461BC86 SIZE=165480 %COMMONFILES%\Symantec Shared\Security Console\NSCSRVPS.DLL [Symantec Corporation] [Norton Security Console] MD5=6B841F93886F6F2711C948EC60A890BB SIZE=30896 %COMMONFILES%\Symantec Shared\Security Console\NSCUIBL.DLL [Symantec Corporation] [Norton Security Console] MD5=289FF369E47711962598EDA6DB82C013 SIZE=448176 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVOpts.dll [Symantec Corporation] [Norton AntiVirus] MD5=2C2C15365CE13A557470EEF7E88BD474 SIZE=370288 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\navopts.loc [Symantec Corporation] [Norton AntiVirus] MD5=EDEEC0D10FABDF2B8306E5AD0B6BF74C SIZE=566896 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVAPSCR.dll [Symantec Corporation] [Norton AntiVirus] MD5=1647965D73194F932EEBD6A8CE73CE2F SIZE=87664 %PROGRAMFILES%\Symantec\LiveUpdate\ProductRegCom_3 _0.DLL [Symantec Corporation] [LiveUpdate] MD5=74D323C1240D280EBF1602AC8203AAA4 SIZE=255680 %PROGRAMFILES%\Symantec\LiveUpdate\NetDetectContro ller_3_0.DLL [Symantec Corporation] [LiveUpdate] MD5=FDA2C5917BAA808183F82B0DA0441959 SIZE=75456 %PROGRAMFILES%\Norton Internet Security\NISAlert.dll [Symantec Corporation] [Internet Security] MD5=626A209181B4D3D2968A998C62B9C297 SIZE=263808 %PROGRAMFILES%\Norton Internet Security\NISRes.dll [Symantec Corporation] [Internet Security] MD5=5036998AFE9489D4B5F7674D021CA76D SIZE=881840 %PROGRAMFILES%\Norton Internet Security\TLevel.dll [Symantec Corporation] [Client and Host Security Platform] MD5=694D3F30232736D57291978E5136DBE0 SIZE=108136 %COMMONFILES%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertUi.dll [Symantec Corporation] [LiveUpdate Notice] MD5=17FDC376B63BF61B5BE5EC2353C59412 SIZE=218760 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVTASKS.DLL [Symantec Corporation] [Norton AntiVirus] MD5=C8C774C8F6D863C05B938F225A5C5365 SIZE=194160 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\NAVTASKS.LOC [Symantec Corporation] [Norton AntiVirus] MD5=730D5D9FE4A234FC1F5147E8BD087DC6 SIZE=108144 %COMMONFILES%\Symantec Shared\DefUtDCD.dll [Symantec Corporation] [Symantec Definition Utilities] MD5=3CBBA49D8BF1D1F0F3B73375CBDE2289 SIZE=628312 %COMMONFILES%\Symantec Shared\VirusDefs\20070909.017\CCERASER.DLL [Symantec Corporation] [ERASER ENGINE] MD5=6005D249A36CE4996927C00EAC5FD9C1 SIZE=2454576 %COMMONFILES%\Symantec Shared\Security Console\NSCSRVCE.EXE [Symantec Corporation] [Norton Security Console] MD5=24A7C31963943E9CF453C043648E6E4D SIZE=750768 %COMMONFILES%\Symantec Shared\Security Console\NSCJSBL.DLL [Symantec Corporation] [Norton Security Console] MD5=76280D4B84394E79BCB6EDAD2316BAE0 SIZE=128688 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\avFPXY.dll [Symantec Corporation] [Norton Security Console] MD5=1B1E38513F5C9230FAC24A762AE6EFF5 SIZE=41584 %PROGRAMFILES%\Norton Internet Security\isFtMst.dll [Symantec Corporation] [Norton Security Console] MD5=9B4FF672902BC0D31A41C6666815799B SIZE=95872 %PROGRAMFILES%\Norton Internet Security\nscNISpi.dll [Symantec Corporation] [Internet Security] MD5=BC2B1C03D1392317D04EE1545719E978 SIZE=167040 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\AVNSCPLG.DLL [Symantec Corporation] [Norton AntiVirus] MD5=4552C02F7B687C7798568CAA97EA3135 SIZE=181872 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\AVNSCPLG.LOC [Symantec Corporation] [Norton AntiVirus] MD5=429BED9CC62AA9A78FD376482A82C02E SIZE=18032 %COMMONFILES%\Symantec Shared\Security Console\NSC_WSCR.DLL [Symantec Corporation] [Norton Security Console] MD5=7F7965E670C9AC4F010B436C58701FC8 SIZE=313008 %COMMONFILES%\Symantec Shared\Security Console\NSC_WSCR.LOC [Symantec Corporation] [Norton Security Console] MD5=669D03DCA2C17693C70613D9D340EF70 SIZE=12464 %PROGRAMFILES%\Norton Internet Security\isFtPxy.dll [Symantec Corporation] [Norton Security Console] MD5=FCAC6C987B88B36A141012D488FE30F9 SIZE=41600 %PROGRAMFILES%\Norton Internet Security\nisProd.dll [Symantec Corporation] [Internet Security] MD5=3997E31C57F920357906B8F64FA62A57 SIZE=521904 %COMMONFILES%\Symantec Shared\AntiSpam\asFtPxy.dll [Symantec Corporation] [Norton Security Console] MD5=CC5D0E949ABE24C8A56E366BA89B67F5 SIZE=41568 %COMMONFILES%\Symantec Shared\AntiSpam\asNSCPlg.dll [Symantec Corporation] [Norton AntiSpam] MD5=BA252928F4F6AC04BE798A52FC3C53EB SIZE=48224 %COMMONFILES%\Symantec Shared\Options\asOpts.dll [Symantec Corporation] [Norton AntiSpam] MD5=CA77836E7762EF48B4A533A2160BD555 SIZE=414304 %COMMONFILES%\Symantec Shared\AdBlocking\adFtPxy.dll [Symantec Corporation] [Norton Security Console] MD5=523374F7CB05EEB5882481982E5212BE SIZE=41568 %COMMONFILES%\Symantec Shared\AdBlocking\adNscPlg.dll [Symantec Corporation] [Ad Blocking] MD5=12E4F6DDDE44222BF43364E864C9BC27 SIZE=75360 %COMMONFILES%\Symantec Shared\Options\SymAd.dll [Symantec Corporation] [Ad Blocking] MD5=02EE088E83F96CDEE53B1EE1C327A639 SIZE=222816 %PROGRAMFILES%\Java\jre1.6.0_05\bin\jucheck.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U5] MD5=649CCB2E5CB4634BE1E535062EF54860 SIZE=329104 %SystemDiskRoot%\DOCUME~1\MICHAE~1\LOCALS~1\Temp\b aKy.exe %SYSDIR%\blphca7hj0evb9.scr [Sysinternals] [Sysinternals Blue Screen] MD5=B10A43B9044B488DC8C7D33B250CFEBB SIZE=118784 %PROGRAMFILES%\Panicware\Pop-Up Stopper Free Edition\PSFree.exe [Panicware, Inc.] [Pop-Up Stopper Free Edition] MD5=FD8AA90A78160E4374EE44D892E0DE3A SIZE=536576 %PROGRAMFILES%\Panicware\Pop-Up Stopper Free Edition\XA\psie6.dll [Panicware] [Panicware psie6] MD5=CFE94EED87D1DBF01770BB037BC8AD21 SIZE=49152 %PROGRAMFILES%\Panicware\Pop-Up Stopper Free Edition\XA\pswmsg.dll [Panicware] [Panicware pswmsg] MD5=6512A7DD8AB13CD24D89FDE39BD777F2 SIZE=49152 %PROGRAMFILES%\Panicware\Pop-Up Stopper Free Edition\XA\psgain3.dll [Panicware] [Panicware psgain3] MD5=8ABFC776B307813D365751250356C988 SIZE=49152 %PROGRAMFILES%\Panicware\Pop-Up Stopper Free Edition\XA\psns7.dll [Panicware] [Panicware PSNS7] MD5=2405FECC290EABDA2FFE64A14FAF3C0B SIZE=49152 %PROGRAMFILES%\Panicware\Pop-Up Stopper Free Edition\XA\psns4.dll [Panicware] [Panicware psns4] MD5=C5771CD79B86E94A8FDD57B6AEFE0381 SIZE=49152 %PROGRAMFILES%\Lavasoft\Ad-Aware\aawservice.exe [Lavasoft] [Ad-Aware Service] MD5=10A1C82D74BF6B4CECFF4C303469A75F SIZE=611664 %PROGRAMFILES%\Lavasoft\Ad-Aware\CEAPI.dll [Lavasoft] [CEAPI Dynamic Link Library] MD5=A2FE193BA0C37D70235367B43FAA17B9 SIZE=804200 %PROGRAMFILES%\Lavasoft\Ad-Aware\PKArchive85u.dll [PKWARE, Inc.] [PKWARE Archive API] MD5=46374252AFA0A37F4F7AF528F6F16B96 SIZE=907096 %PROGRAMFILES%\Lavasoft\Ad-Aware\Ad-Aware.exe [Lavasoft AB] [Ad-Aware] MD5=E723CF33C4913510F3E6FFAF3D084B72 SIZE=3203912 %PROGRAMFILES%\Lavasoft\Ad-Aware\lavalicense.dll [Lavasoft] [LavaLicense Desktop] MD5=023285CBC1CBED4790F3C57860630436 SIZE=435536 %PROGRAMFILES%\Lavasoft\Ad-Aware\lavamessage.dll [Lavasoft] [Lavasoft LavaMessage] MD5=9A052360C1CC64692C2D2756A3A5E3C6 SIZE=243032 %PROGRAMFILES%\Mozilla Firefox\xul.dll [Mozilla Foundation] [Firefox] MD5=4F3D7B16B09CF113E0FA5BEE29678C96 SIZE=9704960 %PROGRAMFILES%\Mozilla Firefox\sqlite3.dll [sqlite.org] [SQLite Database Library] MD5=9F14161DFABD767A434546FD04C89266 SIZE=395776 %PROGRAMFILES%\Mozilla Firefox\MOZCRT19.dll [Mozilla Foundation] [Mozilla Custom C Runtime] MD5=0C8EAD42625A5366810108F36D7FF05A SIZE=710144 %PROGRAMFILES%\Mozilla Firefox\nssutil3.dll [Mozilla Foundation] [Network Security Services] MD5=5ECE7A78CE82CD36F2ED503409C5FB46 SIZE=87552 %PROGRAMFILES%\Mozilla Firefox\components\browserdirprovider.dll [Mozilla Foundation] [Firefox] MD5=F5285C4F9F4983FF66525E0F395C1853 SIZE=23040 %PROGRAMFILES%\Mozilla Firefox\nssdbm3.dll [Mozilla Foundation] [Network Security Services] MD5=2068440D40C39785CAEA0D5AFC219042 SIZE=103936 %PROGRAMFILES%\Mozilla Firefox\components\brwsrcmp.dll [Mozilla Foundation] [Firefox] MD5=4DD8D60F7053FFEAA4BCE0846E359937 SIZE=134144 %APPDATA%\Mozilla\Firefox\Profiles\p2j34bfg.defaul t\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes. dll MD5=92E8390E444C9510DEFAB7AF9508DE35 SIZE=335872 %PROGRAMFILES%\google\googletoolbar2.dll [Google Inc.] [Google Toolbar for IE] MD5=6319F2D4708DBCAE37CFA03DA10782C0 SIZE=2403392 deskpan.dll %PROGRAMFILES%\Synaptics\SynTP\SynTPCpl.dll [Synaptics, Inc.] [Synaptics Pointing Device Driver] MD5=8C7EE29A6EF959CE3BECC63AD65D30E5 SIZE=5947482 %SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=8305E5132173A9E9CE591CAD4EB5C9B4 SIZE=122880 %PROGRAMFILES%\WinRAR\rarext.dll MD5=D4BFC7A4F040ABB08F8015C15D0A42BE SIZE=126464 %PROGRAMFILES%\MSN Messenger\fsshext.8.0.0812.00.dll [Microsoft Corporation] [Messenger] MD5=68B7927F172AC2C129502164E5FF0DFE SIZE=186664 %PROGRAMFILES%\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.] [RealPlayer] MD5=5101CD4FB9A3D290549434B8A3D385A8 SIZE=54736 %PROGRAMFILES%\iTunes\iTunesMiniPlayer.dll [Apple Inc.] [iTunes] MD5=3C25F7710D8C138B7B34FCDBBDB372BA SIZE=132672 %PROGRAMFILES%\7-Zip\7-zip.dll [Igor Pavlov] [7-Zip] MD5=328C110EC057C7E058471E4B274CD6A2 SIZE=138752 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWIR.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=17412817CCA4D5CF610ADFF3FFC9E341 SIZE=777048 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLWHL.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=24B70851DDF6D620E8680C6BC69FD020 SIZE=416600 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLACT.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=E6B021E49A1027CA6CAF953128ABFFD2 SIZE=363352 %PROGRAMFILES%\MICROSOFT INTELLIPOINT\IPCPLBTN.DLL [Microsoft Corporation] [Microsoft IntelliPoint] MD5=949B4467D13E025E0B0672C042673FC7 SIZE=629592 %PROGRAMFILES%\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] [Cover Designer] MD5=B08BE238F67339373207C29E12EDDF4C SIZE=1967400 %SYSDIR%\DRIVERS\AegisP.sys [Meetinghouse Data Communications] [AEGIS Client 3.2.0.3] MD5=2C5C22990156A1063E19AD162191DC1D SIZE=17801 %SYSDIR%\svchost.exe -k netsvcs %SYSDIR%\DRIVERS\bcmwl5.sys [Broadcom Corporation] [Broadcom 802.11 Network Adapter wireless driver] MD5=E7DEBB46B9EF1F28932E533BE4A3D1A9 SIZE=371712 %SYSDIR%\drivers\camc6aud.sys [Conexant Systems Inc.] [Conexant Audio Driver] MD5=80EB55B615ED0F669A28A96FEFD4603F SIZE=38016 %SYSDIR%\drivers\camc6hal.sys [Conexant Systems Inc.] [Conexant AmcHal Driver] MD5=AD1D8DEBDB1DF8682E374E0CD1638C1B SIZE=350080 %SYSDIR%\dllhost.exe \Processid : #444444; font-style : italic; "> : {02D4B3F1-FD88-11D1-960D-00805FC79235} %SYSDIR%\svchost -k DcomLaunch %SYSDIR%\svchost.exe -k NetworkService %SYSDIR%\DRIVERS\HSFHWATI.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=A32F20830996D61D862311F138870A0C SIZE=200576 %SYSDIR%\DRIVERS\HSF_DPV.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=822C60F2ABEE73A0E089230D94064F39 SIZE=1038208 %SYSDIR%\svchost.exe -k LocalService %COMMONFILES%\Symantec Shared\VirusDefs\20070909.017\NAVENG.SYS [Symantec Corporation] [Symantec Antivirus Engine] MD5=A6F5AB84104412CD9742E7EE942EA08D SIZE=81232 %COMMONFILES%\Symantec Shared\VirusDefs\20070909.017\NAVEX15.SYS [Symantec Corporation] [Symantec Antivirus Engine] MD5=C8069BF95363A58441CB33E4B989DD4F SIZE=865904 %SYSDIR%\Drivers\pcouffin.sys [VSO Software] [Patin couffin engine] MD5=5B6C11DE7E839C05248CED8825470FEF SIZE=47360 %SYSDIR%\svchost -k rpcss %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\SAVRT.SYS [Symantec Corporation] [Symantec AntiVirus AutoProtect] MD5=CDB565C093B0105086CC630B32F9E6E6 SIZE=337592 %PROGRAMFILES%\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS [Symantec Corporation] [Symantec AntiVirus AutoProtect] MD5=1042CB5A003F9AED8D6CEC56A0FC6C49 SIZE=54968 %COMMONFILES%\Symantec Shared\SPBBC\SPBBCDrv.sys [Symantec Corporation] [SPBBC] MD5=AD312DAF605152576530DC916F7227B7 SIZE=391256 %SYSDIR%\Drivers\SYMDNS.SYS [Symantec Corporation] [Symantec Security Drivers] MD5=4BB2650C21AFDE8ED0F62E99631AE3AF SIZE=12680 %SYSDIR%\Drivers\SYMEVENT.SYS [Symantec Corporation] [SYMEVENT] MD5=9E4188476848B2EF86F9C44D5164E724 SIZE=123952 %SYSDIR%\Drivers\SYMFW.SYS [Symantec Corporation] [Symantec Security Drivers] MD5=DBBB6661E0950DB4FC9CBC74F579EE96 SIZE=97672 %SYSDIR%\Drivers\SYMIDS.SYS [Symantec Corporation] [Symantec Security Drivers] MD5=B6A34050D093A0274FFCA9491C9C3C7F SIZE=31624 %COMMONFILES%\Symantec Shared\SymcData\idsdefs\20080825.001\SymIDSCo.sys [Symantec Corporation] [Symantec Intrusion Detection] MD5=1DB45C243188F7B4C51DD7305D7E5CBB SIZE=240496 %SYSDIR%\drivers\symlcbrd.sys [Symantec Corporation] [Symantec Core Component] MD5=B226F8A4D780ACDF76145B58BB791D5B SIZE=10344 %SYSDIR%\Drivers\SYMNDIS.SYS [Symantec Corporation] [Symantec Security Drivers] MD5=1D064D62AB3DC621E9796CF470779901 SIZE=28040 %SYSDIR%\Drivers\SYMREDRV.SYS [Symantec Corporation] [Symantec Security Drivers] MD5=E919F0922248A826964428F479A3DC24 SIZE=23944 %SYSDIR%\Drivers\SYMTDI.SYS [Symantec Corporation] [Symantec Security Drivers] MD5=C177D5A655AF572C456EC977582B9BC0 SIZE=189320 %SYSDIR%\DRIVERS\SynTP.sys [Synaptics, Inc.] [Synaptics Pointing Device Driver] MD5=EB363DDFBE8B6D51003CCAB29D93D744 SIZE=185824 %SYSDIR%\drivers\tifm21.sys [Texas Instruments] [Texas Instruments PCIxx21/PCIxx12 Integrated FlashMedia Controller] MD5=9179E07503630D6FB2E4162FF0196191 SIZE=162432 %SYSDIR%\DRIVERS\ultra.sys [Promise Technology, Inc.] [Promise ultra66 Miniport Driver for WindowsNT] MD5=1B698A51CD528D8DA4FFAED66DFC51B9 SIZE=36736 %SYSDIR%\DRIVERS\HSF_CNXT.sys [Conexant Systems, Inc.] [SoftK56 Modem Driver] MD5=5EA185425BFCBC2D4B96D673D8C4DEAF SIZE=703616 %SYSDIR%\wltrysvc.exe C : #444444; font-style : italic; "> : \WINDOWS\System32\bcmwltry.exe %SYSDIR%\svchost.exe -k WudfServiceGroup %PROGRAMFILES%\GameTap\bin\Release\X4HSX32.Sys [Exent Technologies Ltd.] [Exent EXETender® for Win2K] MD5=D627BCD83E97F491BCB598B20206B04A SIZE=31400 %SYSDIR%\DRIVERS\yk51x86.sys [Marvell] [Marvell Yukon Ethernet Controller] MD5=9A916F4354EEF85C535DD792754EDC1D SIZE=230912 %PROGRAMFILES%\MSN Messenger\msgrapp.8.0.0812.00.dll [Microsoft Corporation] [Messenger] MD5=63B9431B6785172D85812D187E11D944 SIZE=53032 %COMMONFILES%\Symantec Shared\Security Center\UsrPrmpt.exe [Symantec Corporation] [Norton Security Center] MD5=B96C81BE7B8D11710496787E5859D768 SIZE=218240 End of Report any help? |
punisher129 (14126) | ||
| 700747 | 2008-08-26 21:57:00 | adaware found win.32trojandropper whats this? says its level 10 threat | punisher129 (14126) | ||
| 700748 | 2008-08-26 22:00:00 | Have you ticked the entries in the log as well? | Speedy Gonzales (78) | ||
| 700749 | 2008-08-26 22:02:00 | Just run the usual antispywares in addition to HJT. Its WinAntivirus 2008 or 2009. Not hard to get rid off, then change your wallpaper back. I was just thinking that while driving back from dropping someone off. O4 - HKLM\..\Run: [lphca7hj0evb9] C:\WINDOWS\system32\lphca7hj0evb9.exe Go into the program files, Double click My computer/ Program files - Look for a folder called lphca7hj0evb9 if its there delete it, other wise it will reinfect again. |
wainuitech (129) | ||
| 700750 | 2008-08-26 22:03:00 | sorry im new to this what does ticked mean? which log you want me to do it to? and how do you do it? | punisher129 (14126) | ||
| 700751 | 2008-08-26 22:06:00 | I was just thinking that while driving back from dropping someone off. O4 - HKLM\..\Run: [lphca7hj0evb9] C:\WINDOWS\system32\lphca7hj0evb9.exe Go into the program files, Double click My computer/ Program files - Look for a folder called lphca7hj0evb9 if its there delete it, other wise it will reinfect again. nope not in program files. |
punisher129 (14126) | ||
| 700752 | 2008-08-26 22:08:00 | The log you posted, run hijackthis tick the entries I posted then tick fix checked Close browsers, after you've done the above Reboot Then get malwarebytes in my sig below intsall and update it. Then click on scan |
Speedy Gonzales (78) | ||
| 700753 | 2008-08-26 22:09:00 | Scan type: Fast_Spyware_Scan As per post 5 , do a FULL scan, not a fast one . When you do a scan with hijackthis - you will get a box with LOTS of entries, they will have a square on the left, put ticks in the boxes that are advised,( ONLY the ones that are advised, no others) then down the bottom, clcik on " Fixed Checked", you will get a warning - agree and it will remove the entries . Cant advice any more at the moment - got work to do - customers expecting me at their place . :nerd: If speedy or Pctek are about - listen to them - they are both know what they are talking about . |
wainuitech (129) | ||
| 700754 | 2008-08-26 22:13:00 | Scan type: Fast_Spyware_Scan As per post 5 , do a FULL scan, not a fast one . When you do a scan with hijackthis - you will get a box with LOTS of entries, they will have a square on the left, put ticks in the boxes that are advised,( ONLY the ones that are advised, no others) then down the bottom, clcik on " Fixed Checked", you will get a warning - agree and it will remove the entries . Cant advice any more at the moment - got work to do - customers expecting me at their place . :nerd: If speedy or Pctek are about - listen to them - they are both know what they are talking about . ok ill try thank you, also what the hell is this this baKy . exe running in background norton warned me of it |
punisher129 (14126) | ||
| 700755 | 2008-08-26 22:15:00 | After you tick the entries I posted and reboot delete baky.exe | Speedy Gonzales (78) | ||
| 1 2 3 4 | |||||