prep for HijackThis Log posting

Status
Not open for further replies.
P

paulmars

Baseband Member
Messages
26
I m following Spyware Removal Guide By Osiris: Updated 1/12/2009 and wheni running combofix I get a warning to shutdown * AVG Anti-Virus Free otherwise damage may occur. Since AVG will not shutdown from win task mgr, I unclicked all AVE items in msconfig startup and services and rebooted. Well, AVG started again and is listed in task mgr, but in msconfig all AVG check boxes are still unchecked. Now what?

Please help. Its now 3:38am and I m so tired, I go bed now and hopefully continue with this tomorrow. My computer is so slow and takes minutes to open some apps and to even show the start menu programs takes 5-15 seconds.
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58, on 2009-01-27
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4527 bytes
 
Remove

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

your log looks ok

Can you run ccleaner and cleanup as well?

Can you try combofix again?
 
I ran ccleaner and cleanup last night, should I run again?

Running combofix, what about AVG. Why cant I stop it from loading at startup?

Should I do everything else on Spyware Removal Guide By Osiris: Updated 1/12/2009, that I had not yet done?
 
Try uninstalling AVG, run thru the guide and then reinstall AVG from their website to make sure you have the latest copy
 
ok, but before I do. When I ran vundofix it found C:\Windows\system32\hauppauge\DivX.dll BUT I did not "fix" it, since I think this is for my hauppauge TV card.

I was supposed to post this to, right:

Malwarebytes' Anti-Malware 1.33
Database version: 1695
Windows 5.1.2600 Service Pack 3

1/25/2009 10:51:35 PM
mbam-log-2009-01-25 (22-51-35).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 81444
Time elapsed: 22 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\pa ma\Application Data\QNVW601P.dll

(Trojan.Agent) -> Quarantined and deleted successfully.


and
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3799 (20090125)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=3c9fe02a7e049e45a6a2f758578da1b2
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2009-01-26 04:17:52
# local_time=2009-01-25 11:17:52 (-0500, Eastern Standard Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 3
# scanned=165526
# found=0
# scan_time=1169

and
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Aspell English Dictionary-0.50-2
Audacity 1.2.6
AVG Free 8.0
Canon PowerShot A40 WIA Driver
DivX Codec
DivX Converter
DivX Player
dvdSanta 4.50
Easy Thumbnails (Remove only)
ESET Online Scanner
Express Burn
Foxit Reader
GetCanon! 1.6
GNU Aspell 0.50-3
GOM Player
GTK+ Runtime 2.12.12 rev a (remove only)
Hauppauge WinTV Scheduler
Hauppauge WinTV Soft PVR
Hauppauge WinTV2000
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
ICQ6
ImgBurn
InterVideo WinDVD Creator 3
IsoBuster 2.4
Java(TM) 6 Update 11
LADSPA_plugins-win-0.4.15
Magic ISO Maker v5.5 (build 0273)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Visual C++ 2005 Redistributable
Microtek FineReader OCR Engine
Mozilla Firefox (3.0.5)
Mozilla Thunderbird (2.0.0.19)
MSXML 4.0 SP2 (KB954430)
NCH Toolbox
Nero Digital
Nero OEM
neroxml
Nic's XviD Decoder
NVIDIA Drivers
OpenOffice.org 3.0
Pidgin
Real Alternative 1.8.0
ScanWizard 5
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB952069)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Spybot - Search & Destroy
The Kinemorphic 3D Screen Saver
The Weather Channel Desktop 6
Trillian
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VC 9.0 Runtime
VLC media player 0.9.6
WavePad Sound Editor
Windows Internet Explorer 7
Windows Media Format Runtime
Windows XP Service Pack 3
ZoneAlarm
ZoneAlarm Spy Blocker Toolbar
 
Spyware terminator

says found 3 threats, buts says one is "unclassified treats" and two are "remaining items of unclassified treats" What does this mean?

Logfile of Spyware Terminator v2.3.0.507 (db:3.001.027.000)
Scan Time: 2009-01-27 18:04:57 length: 409 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 85339 (Critical:4)
Filter: No System items, No Safe items, No Invalid items



to be continued
 
Running Processes
trillian.exe [Cerulean Studios] : C:\Program Files\Trillian\trillian.exe
swriter.exe : C:\Program Files\OpenOffice.org 3\program\swriter.exe
soffice.exe [OpenOffice.org] : C:\Program Files\OpenOffice.org 3\program\soffice.exe
soffice.bin [OpenOffice.org] : C:\Program Files\OpenOffice.org 3\program\soffice.bin

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = MSN.com
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\bin\jp2ssv.dll
02 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, TrojanScanner : [Simply Super Software] : C:\Program Files\TROJAN REMOVER\TRJSCAN.EXE
04 - HKLM\System\CurrentControlSet\Control\Session Manager, BootExecute : : C:\WINDOWS\system32\lsdelete.exe

Shell Extensions
- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} - [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
- {087B3AE3-E237-4467-B8DB-5A38AB959AC9} - [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
- {63542C48-9552-494A-84F7-73AA6A7C99C1} - [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
- {3B092F0C-7696-40E3-A80F-68D74DA84210} - [Sun Microsystems, Inc.] : C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
Trojan Remover Shell Extension - {52B87208-9CCF-42C9-B88E-069281105805} - [Simply Super Software] : C:\Program Files\Trojan Remover\Trshlex.dll

Services
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23 - [Hauppauge Computer Works] : C:\WINDOWS\system32\drivers\HCWBT8XX.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvatabus.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvcchflt.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23 - [S3 Incorporated] : C:\WINDOWS\system32\DRIVERS\s3m.sys

Threat Files
<SPR/Tool.Hide.A> : C:\Documents and Settings\pa ma\Desktop\ComboFix.exe
<SPR/Tool.Hide.A> : C:\ComboFix\hidec.exe
<APPL/PsExec.E> : C:\ComboFix\psexec.cfexe
<SPR/Tool.PV> : C:\ComboFix\pv.cfexe

Advanced Files Report
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Sun Microsystems, Inc.] MD5=3F12BDFC669499DAE6B0FBA152C94390 SIZE=357888
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll [STLport Consulting, Inc.] [STLport Standard ANSI C++ Libarary] MD5=AA59C4C6B7CC91479DEB47A40BEE96E7 SIZE=596480
%PROGRAMFILES%\Trillian\events.dll [Cerulean Studios] [Trillian] MD5=F5697D4DCF5F9390C78446AF1A90345C SIZE=169344
%PROGRAMFILES%\MagicISO\misosh.dll [MagicISO, Inc.] [MagicISO Shell Extension Module] MD5=83026F9F60F32EFB2CE74B71C0CAE054 SIZE=20992
%PROGRAMFILES%\Trojan Remover\Trshlex.dll [Simply Super Software] [Trojan Remover] MD5=B76FDC3CDB2580405FE8100D248B4821 SIZE=467552
%PROGRAMFILES%\AVG\AVG8\Firefox\components\avgssff.dll [AVG Technologies CZ, s.r.o.] [AVG Internet Security] MD5=22FC736FB16896E9B71D7CBB3EE4F9AB SIZE=1045784
%PROGRAMFILES%\VideoLAN\VLC\libvlccore.dll [the VideoLAN Team] MD5=C40577979CD7C11F949259D999DA0E28 SIZE=844800
%PROGRAMFILES%\VideoLAN\VLC\libgcrypt-11.dll [g10 Code GmbH] [libgcrypt] MD5=736F7C4822CC50D590D9D4825455014A SIZE=278016
%PROGRAMFILES%\VideoLAN\VLC\libgpg-error-0.dll [g10 Code GmbH] [libgpg-error] MD5=EC8ACE94DD479DD879C061845DB22938 SIZE=43008
%PROGRAMFILES%\VideoLAN\VLC\libiconv-2.dll MD5=FFCC115C15361CAF99BB4D16A4B7AF3D SIZE=892928
%PROGRAMFILES%\VideoLAN\VLC\plugins\libvout_directx_plugin.dll MD5=9BC329AD4B614B8114F1FC90D5843E0B SIZE=37888
%PROGRAMFILES%\Trillian\trillian.exe [Cerulean Studios] [Trillian] MD5=B197468AD32EDEBB8242FC0FE36EE91D SIZE=1873280
%PROGRAMFILES%\Trillian\zlib1.dll [zlib] MD5=80E41408F6D641DC1C0F5353A0CC8125 SIZE=59904
%PROGRAMFILES%\trillian\languages\en\trillian.dll MD5=EBA3ADB0956CF599D213AD6A19EA4DB1 SIZE=16896
%PROGRAMFILES%\Trillian\expatxml.dll [Cerulean Studios] [Trillian] MD5=F0A24E7CCD477244D8F65002DC011AA8 SIZE=152960
%PROGRAMFILES%\Trillian\crypto.dll [Cerulean Studios] [Trillian] MD5=B501F129FF5D7796BF20DCD8E6605D65 SIZE=128384
%PROGRAMFILES%\Trillian\proxy.dll [Cerulean Studios] [Trillian] MD5=8BB2D3AD538A44A54B28DD344FCE639C SIZE=103808
%PROGRAMFILES%\Trillian\list.dll [Cerulean Studios] [Trillian] MD5=F137467BEA2201A185F8E3FE93EDBCBA SIZE=222592
%PROGRAMFILES%\Trillian\toolkit.dll [Cerulean Studios] [Trillian] MD5=0E2D10AB8BAF25A6BF399FBDDC78A9D3 SIZE=505216
%PROGRAMFILES%\Trillian\kdu_v43R.dll [The University of New South Wales] [Kakadu Software Tools for JPEG2000] MD5=6404E799CED9819293B9346480A38148 SIZE=315392
%PROGRAMFILES%\Trillian\libpng13.dll [libpng] MD5=D60E2B68F2688D15BCD6131695ADD800 SIZE=122880
%PROGRAMFILES%\Trillian\jpeg62.dll [Independent JPEG Group <www.ijg.org>] [Jpeg] MD5=96995DE4513551D49808B34B40FFB26A SIZE=127488
%PROGRAMFILES%\Trillian\libungif.dll [libungif Library] MD5=2BBBBAF96647B3E78835367D10778B41 SIZE=65536
%PROGRAMFILES%\Trillian\buddy.dll [Cerulean Studios] [Trillian] MD5=0728A74DA304160F3952392C8F91735F SIZE=361856
%PROGRAMFILES%\Trillian\talk.dll [Cerulean Studios] [Trillian] MD5=18120CD6D4C5888E8744CE6518ED4C70 SIZE=1123712
%PROGRAMFILES%\trillian\languages\en\events.dll MD5=E17B8D0FCA914041C2697232BCA13B1F SIZE=11264
%PROGRAMFILES%\trillian\languages\en\proxy.dll MD5=D16E13496B9ED6BB026C903262CDDD26 SIZE=5632
%PROGRAMFILES%\trillian\languages\en\toolkit.dll MD5=E5D38042764E54DD65D4021CF3523F67 SIZE=4096
%PROGRAMFILES%\trillian\languages\en\buddy.dll MD5=A1F8DA30F489A276748FAB83CEFAEA2F SIZE=11264
%PROGRAMFILES%\trillian\languages\en\talk.dll MD5=D2E563D37D607A48E5AC7C83805AD64B SIZE=8192
%PROGRAMFILES%\Trillian\plugins\upnp.dll [Cerulean Studios] [Trillian] MD5=CBE67B5076F7FBA576D9195956854F9A SIZE=20864
%PROGRAMFILES%\Trillian\plugins\http.dll [Cerulean Studios] [Trillian] MD5=BC54889E5D145DF7C2C49A5778059025 SIZE=62848
%PROGRAMFILES%\Trillian\plugins\at.dll [Cerulean Studios] [Trillian] MD5=80B1CC33FF0F235B9EB93ECF4D582341 SIZE=230784
%PROGRAMFILES%\Trillian\LIBEAY32.dll [The OpenSSL Project, http://www.openssl.org/] [The OpenSSL Toolkit] MD5=2F73BB944511C61E1709D47034A6F306 SIZE=1032192
%PROGRAMFILES%\Trillian\SSLEAY32.dll [The OpenSSL Project, http://www.openssl.org/] [The OpenSSL Toolkit] MD5=88C69252691FBD8C8090C28FC5983305 SIZE=196608
%PROGRAMFILES%\Trillian\plugins\yahoo.dll [Cerulean Studios] [Trillian] MD5=401BBFDA8DA2B9FC9171EEE50B2BDB5D SIZE=562560
%PROGRAMFILES%\trillian\languages\en\yahoo.dll MD5=5A86A4A70D056944A65EF13A9B1E016B SIZE=18944
%PROGRAMFILES%\Trillian\plugins\msn.dll [Cerulean Studios] [Trillian] MD5=76027AB90FDF8AF013165921296495D9 SIZE=501120
%PROGRAMFILES%\trillian\languages\en\msn.dll MD5=3758431E511EEA3EB0CECA9F72474DC6 SIZE=14336
%PROGRAMFILES%\Trillian\plugins\aim.dll [Cerulean Studios] [Trillian] MD5=33F18FAF5DF9D3366AE681488BFE41B9 SIZE=877952
%PROGRAMFILES%\trillian\languages\en\aim.dll MD5=1632E1F17612F8B18079FC7471AEA686 SIZE=53248
%PROGRAMFILES%\Trillian\plugins\av.dll [Cerulean Studios] [Trillian] MD5=CFBA4198F82B27DC1B98510835A065CB SIZE=488832
%PROGRAMFILES%\OpenOffice.org 3\program\swriter.exe MD5=4A63AE435D1D267852B6961D89719DA4 SIZE=304128
%PROGRAMFILES%\OpenOffice.org 3\program\soffice.exe [OpenOffice.org] MD5=D9F39EB720E2E171AD1D1CE0BE1DEF2B SIZE=7424000
%PROGRAMFILES%\OpenOffice.org 3\program\soffice.bin [OpenOffice.org] MD5=42E40CE6501819320F6282AC6A9D97D3 SIZE=7418368
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\sal3.dll [Sun Microsystems, Inc.] MD5=DCEB9A1D9A8836920238BE653EB7625F SIZE=1732096
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\uwinapi.dll [Sun Microsystems, Inc.] MD5=AD5108BF47AD88E1DC370080F4982519 SIZE=86016
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\sofficeapp.dll [Sun Microsystems, Inc.] MD5=66BCBA11098FF4DDE5B0D93E6D99AA2C SIZE=330752
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\comphelp4MSC.dll [Sun Microsystems, Inc.] MD5=7E8A9801C9A8AD17A5569CC8D2BA3F60 SIZE=935424
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll [Sun Microsystems, Inc.] MD5=07EE63CEEE45D53E242EF39B78E6BE21 SIZE=431104
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\salhelper3MSC.dll [Sun Microsystems, Inc.] MD5=40938A90B49AD43ED60D1673175C9F74 SIZE=13824
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\cppu3.dll [Sun Microsystems, Inc.] MD5=20FCDB767A4D97C1998A69D6B2548B8E SIZE=143360
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\stlport_vc7145.dll [STLport Consulting, Inc.] [STLport Standard ANSI C++ Libarary] MD5=AA59C4C6B7CC91479DEB47A40BEE96E7 SIZE=596480
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\ucbhelper4MSC.dll [Sun Microsystems, Inc.] MD5=560A66DBEAB424D07B85A8C45D65741B SIZE=356864
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\vos3MSC.dll [Sun Microsystems, Inc.] MD5=204A4143A490DFAF09502B48AA6CAEC7 SIZE=94208
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\i18nisolang1MSC.dll [Sun Microsystems, Inc.] MD5=EA3929E17DCD738E0FD1CF463BF035E7 SIZE=24576
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\sfxmi.dll [Sun Microsystems, Inc.] MD5=EE35BF75C752C5C8659DE640ACE848AF SIZE=3029504
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\fwemi.dll [Sun Microsystems, Inc.] MD5=0CD49ECE56265FBA2FDD0C56181C3D53 SIZE=843776
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\fwimi.dll [Sun Microsystems, Inc.] MD5=D272487D6F34715878DEE22E576B8AC7 SIZE=299008
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\utlmi.dll [Sun Microsystems, Inc.] MD5=56F4813259A39267A3871FF23497F1EB SIZE=464896
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\tlmi.dll [Sun Microsystems, Inc.] MD5=679EFAF0A4698D5E2CAB292CC0BF8200 SIZE=509952
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\basegfxmi.dll [Sun Microsystems, Inc.] MD5=1596DD0797B03CC9AD433854E69C42BD SIZE=419328
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\vclmi.dll [Sun Microsystems, Inc.] MD5=25E52B92EAF87759CF57012F7304D807 SIZE=3051008
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\sotmi.dll [Sun Microsystems, Inc.] MD5=4D746326946046B8012FA21F4E2B728C SIZE=257024
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\icuuc36.dll [IBM Corporation and others] [International Components for Unicode] MD5=21CBD06348FE06F92238B169C08CD183 SIZE=884224
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\icudt36l.dll [IBM Corporation and others] [International Components for Unicode] MD5=EAF4FFAB3652097BAB885EB7D1555833 SIZE=10154496
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\svlmi.dll [Sun Microsystems, Inc.] MD5=176B8822835F130BAF5C2C03315E990D SIZE=737280
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\svtmi.dll [Sun Microsystems, Inc.] MD5=4B3A9B181CB2F92930F560955E7CC98E SIZE=2822144
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\tkmi.dll [Sun Microsystems, Inc.] MD5=AC2469E7573BCF7E73FE9F08EBCB47C0 SIZE=1495040
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\i18nutilMSC.dll [Sun Microsystems, Inc.] MD5=751C54C073F5AD6EBD516ADBFCFF9655 SIZE=67072
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\jvmfwk3.dll [Sun Microsystems, Inc.] MD5=BB91B4F408FDBC6F03E71087BED41259 SIZE=89088
%PROGRAMFILES%\OpenOffice.org 3\program\libxml2.dll MD5=81D368A22E1EEE704EB323C8389B6480 SIZE=969728
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\sbmi.dll [Sun Microsystems, Inc.] MD5=837BE8E4CFFB7D3D787395825F9DF617 SIZE=1314816
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\xcrmi.dll [Sun Microsystems, Inc.] MD5=50CF1F568E4BA2655922A95AC3818C5E SIZE=527360
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\saxmi.dll [Sun Microsystems, Inc.] MD5=2994BF54F30A154BE86BECD6EF0E06CE SIZE=26624
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\jmi_g.dll [Sun Microsystems, Inc.] MD5=BAE0648482E8E607F7FA999207FFDDEC SIZE=32768
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\jvmaccess3MSC.dll [Sun Microsystems, Inc.] MD5=7544E88DFA4AA1509B7CB8D158EA23F8 SIZE=25600
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\msci_uno.dll [Sun Microsystems, Inc.] MD5=19D4000F1B4E4809921D35E186F16769 SIZE=52224
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\bootstrap.uno.dll [Sun Microsystems, Inc.] MD5=74C9596C6B822A6A37794BDE33108C4B SIZE=455680
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\reg3.dll [Sun Microsystems, Inc.] MD5=575C2DC5B3852725937BF662AF212712 SIZE=101888
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\store3.dll [Sun Microsystems, Inc.] MD5=C58CE8FA88608062B9B3A53323A54CAB SIZE=78336
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\unsafe_uno_uno.dll [Sun Microsystems, Inc.] MD5=FCEA4A2487414051C7995A5C3B467471 SIZE=12800
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\purpenvhelper3MSC.dll [Sun Microsystems, Inc.] MD5=B3912CB73EADCE76A8713F7734B5A146 SIZE=18432
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\configmgr2.uno.dll [Sun Microsystems, Inc.] MD5=7B778AF1FE1F7588DD44BFE0488AA105 SIZE=1480704
%PROGRAMFILES%\OpenOffice.org 3\URE\bin\stocservices.uno.dll [Sun Microsystems, Inc.] MD5=9FA111E3ED2EAC2152E6461EA38FB3D8 SIZE=92672
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\sysmgr1.uno.dll [Sun Microsystems, Inc.] MD5=6C8254922359669FBFBBAB7BE748D6F3 SIZE=37888
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\sax.uno.dll [Sun Microsystems, Inc.] MD5=B0B79509D1902049621B95201F2DB76C SIZE=137216
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\localebe1.uno.dll [Sun Microsystems, Inc.] MD5=28DA401A5D15DCF9F757AD19A73DC86B SIZE=30208
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\behelper.uno.dll [Sun Microsystems, Inc.] MD5=C6FE580E370B9E09FF85729FDAF9F7DB SIZE=31232
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\splmi.dll [Sun Microsystems, Inc.] MD5=79C35150610438186DB46DB629F5A6D6 SIZE=147968
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\ucb1.dll [Sun Microsystems, Inc.] MD5=10E0567102ACE912AA8D380C43C3A1AF SIZE=197632
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\fwlmi.dll [Sun Microsystems, Inc.] MD5=DAA2408B2BF51E8FC26D1950F480525F SIZE=106496
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\ucpfile1.dll [Sun Microsystems, Inc.] MD5=B315AA6BA75E1C9395E70213C32E467A SIZE=245248
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\fwkmi.dll [Sun Microsystems, Inc.] MD5=B0A04721EA43C4A11A997239D3CF448A SIZE=1830912
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\uuimi.dll [Sun Microsystems, Inc.] MD5=63243DF94D7EAADF4F744425E3E693CC SIZE=173568
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\filterconfig1.dll [Sun Microsystems, Inc.] MD5=4D08050B7FF7BC80B8E5814DCE7D56E2 SIZE=187392
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\swdmi.dll [Sun Microsystems, Inc.] MD5=9C91C97A535EC26F86FF79983BD6817B SIZE=54272
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\i18npool.uno.dll [Sun Microsystems, Inc.] MD5=3ED44D498FD249A87740EC2F26627806 SIZE=1190912
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\icuin36.dll [IBM Corporation and others] [International Components for Unicode] MD5=BB30AE93B39C051A5ADF90B694EA2119 SIZE=820224
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\dnd.dll [Sun Microsystems, Inc.] MD5=29CB498062A623E76CB1F76CAE160536 SIZE=115200
%PROGRAMFILES%\OpenOffice.org 3\Basis\program\swmi.dll [Sun Microsystems, Inc.] MD5=884184FEABAEB7D61A081FC47A50E72F SIZE=7801344
 
Status
Not open for further replies.

Similar threads

4
hijackthis log, please analyze, possible keylogger
Replies
3
Views
6K
KSoD
KSoD
F
  • Locked
Introduction and Hijackthis log
Replies
1
Views
6K
KSoD
KSoD
35g700
  • Locked
HiJackThis log.
Replies
1
Views
2K
KSoD
KSoD
H
  • Locked
Log for analysis, please
Replies
1
Views
6K
KSoD
KSoD
F
  • Locked
Log submitted for analysis
Replies
3
Views
6K
Frumious
F
Back
Top Bottom