Jump to content

Hotmail account hijacked..NOW I need advice


sunbleach
 Share

Recommended Posts

hi all Ive had my hotmail account hijacked......Numerous email s were sent to my contacts with a money scam...

So Ive done all of the obvious like changed password and set folder permissions etc

Ive done a full malbyte scan and nothing detected

My cpu seems to be running like mad ... Now what ? I have vaio laptop with XP sp3

Link to post
Share on other sites

Hello sunbleach! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Download DDS and save it to your desktop from here or here or here.

Double click dds.scr to run the tool.

  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt

    [*]Save both reports to your desktop. Post them back to your topic.

Link to post
Share on other sites

Hello Borislav ,

well ive tried DSS several times, but there is a problem being it freezes the computer. It runs ok at the start ,until the progress bar is about 3/4 ( about 2 minutes) . Ive tried it a few times now and also tried disabling script blockers to the best of my knowledge. Ive got eset NOD32 and Malwarebytes' Anti-Malware. I also have SpywareBlaster. but im not to sure about script blockers in general.

Link to post
Share on other sites

Click here to download HJTInstall.exe

  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Link to post
Share on other sites

hi borislav THANKS for such a quick reply ..

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 2:57:56 PM, on 11/16/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Eset\nod32krn.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Eset\nod32kui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Apoint\Apvfb.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Join Me\JoinMe.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\osk.exe

C:\WINDOWS\system32\MSSWCHX.EXE

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://co120w.col120.mail.live.com/default...x?wa=wsignin1.0

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (disabled by BHODemon)

O2 - BHO: Mouse Gestures - {A6A49249-57AE-4295-8D4D-18A9502C7D8E} - C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)

O3 - Toolbar: Visolve - {01C692BF-FF95-4583-91B6-23F8568749B7} - C:\Program Files\Visolve\controlbar.dll (file missing)

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: E-Flyer.lnk = C:\Program Files\Sony\E-Flyer\E-Flyer.exe (User 'Default user')

O9 - Extra button: (no name) - {4E660F19-E91E-41E1-88EF-D1DFAB118F67} - C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll

O9 - Extra 'Tools' menuitem: Mouse Gestures... - {4E660F19-E91E-41E1-88EF-D1DFAB118F67} - C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1188720249375

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{3CADEBC4-3F36-4CF2-92D4-98E7A90B5E2B}: NameServer = 139.130.4.4 203.50.2.71

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe

O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (file missing)

O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe

O24 - Desktop Component 0: (no name) - http://c1.oasisactive.com/MemberMediaImage...1b4e27b37_f.jpg

--

End of file - 7327 bytes

Link to post
Share on other sites

Step 1

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Step 2

Also, I would like you to generate a "Add/Remove Software list" log using the HijackThis application. Here is how you can do this:

To get an Uninstall List from HijackThis:

  • Open HijackThis, click Config, click Misc Tools
  • Click "Open Uninstall Manager"
  • Click "Save List" (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.

In your next reply, please include these log(s):

  1. Malwarebytes' Anti-Malware log
  2. Add or Remove Programs list

Link to post
Share on other sites

well it never detected any threats ,does this mean its all ok? Ive heard that some can hide or cannot

be detected... im fairly concerned as i do alot of banking etc online..

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 5124

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

11/16/2010 5:33:48 PM

mbam-log-2010-11-16 (17-33-48).txt

Scan type: Quick scan

Objects scanned: 155151

Time elapsed: 19 minute(s), 46 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 7.0

Apple Application Support

Apple Software Update

AutoStreamer

BoneTown

Bonjour

ClearType Tuning Control Panel Applet

Critical Update for Windows Media Player 11 (KB959772)

DNTV Live! Decoders

e-tax 2010

GIMP 2.6.8

Google Update Helper

HDAUDIO SoftV92 Data Fax Modem with SmartCP

High Definition Audio Driver Package - KB835221

HighMAT Extension to Microsoft Windows XP CD Writing Wizard

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Format SDK (KB902344)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB915800-v4)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Image Resizer Powertoy for Windows XP

Intel® PRO Network Connections Drivers

Intel® PROSet/Wireless Software

iTunes

Join Me

Macromedia Flash Player

Magnifier Powertoy for Windows XP

Malwarebytes' Anti-Malware

mCore

mDriver

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.5

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Windows Journal Viewer

mMHouse

Mouse Gestures for Internet Explorer (x86)

mPfMgr

MSXML 4.0 SP2 (KB925672)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser

mXML

neroxml

NOD32 antivirus system

NOD32 Update Viewer 3.02

Nokia Connectivity Cable Driver

novaPDF Professional Desktop 7.0 printer

NVIDIA Drivers

OGA Notifier 1.7.0105.35.0

OLYMPUS ib

OLYMPUS ib

OpenAL

PC Connectivity Solution

PerfectDisk

QuickTime

Realtek High Definition Audio Driver

SAPI 5.1 Speech Recognition Engine Redistribution by CoolSoft

Security Update for CAPICOM (KB931906)

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB931768)

Security Update for Windows Internet Explorer 7 (KB933566)

Security Update for Windows Internet Explorer 7 (KB937143)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB939653)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Search 4 - KB963093

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2124261)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2290570)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953155)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB970483)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Slideshow Generator Powertoy for Windows XP

SpeakToText v2

SpywareBlaster 4.4

System Requirements Lab

TSFileSource Filter

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2362765)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Media Player 10 (KB912452)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VAIO Update

Visolve 4.2.0

Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)

Windows Driver Package - Nokia Modem (02/15/2007 3.1)

Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)

Windows Genuine Advantage v1.3.0254.0

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Format 11 runtime

Windows Media Format SDK Hotfix - KB891122

Windows Media Hotfix - KB895181

Windows Media Player 10 Hotfix - KB888656

Windows Media Player 11

Windows Media Player 11

Windows XP Service Pack 3

WinRAR archiver

XP Royale Theme

Link to post
Share on other sites

well it never detected any threats ,does this mean its all ok? Ive heard that some can hide or cannot

be detected... im fairly concerned as i do alot of banking etc online.

You use online banking and you have pirated antivirus software. You do not follow basic rules to protect your system! When complete I will tell you what to do to you well protected.

Now:

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go here then click on: EOLS1.gif
  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Now click on Advanced Settings and select the following:

    • Remove found threats
    • Scan archives
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

[*]Now click on: EOLS3.gif

[*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

[*]When completed the Online Scan will begin automatically.

[*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

[*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

[*]Now click on: EOLS4.gif

[*]Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

[*]Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

reply to;

Maniac "You use online banking and you have pirated antivirus software. You do not follow basic rules to protect your system! When complete I will tell you what to do to you well protected."

sunbleach Hello Borislav I respect the need for me to follow some basic rules.. im using a second hand laptop, please advise on steps to certify my software and or removing pirated versions.. Can you recommend an antivirus that uses paypal

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6211

# api_version=3.0.2

# EOSSerial=a0013d55485cd1448b4035409161069e

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2010-11-26 06:37:55

# local_time=2010-11-27 02:37:55 (+0800, W. Australia Standard Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 58416 58416 0 0

# compatibility_mode=8194 67108181 100 100 5302 14674962 0 0

# scanned=106897

# found=5

# cleaned=5

# scan_time=12469

# nod_component=NOD32MOD_WINNT_ENGLISH_BASE Build:0x1108031a

# nod_component=NOD32MOD_WINNT_ENGLISH_INET Build:0x1108031a

# nod_component=NOD32MOD_WINNT_ENGLISH_STANDARD Build:0x1108031a

C:\Documents and Settings\Ron\My Documents\My Pictures\QT crack\QuickTime_Pro_7.6.8.rar a variant of Win32/Keygen.AR application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Program Files\ESET_NOD32_3.0.657_Antivirus_Business_Edition_x32bit\Downloads\install(6).zip a variant of Win32/Adware.WinWebSecurity application (deleted - quarantined) 00000000000000000000000000000000 C

C:\Program Files\ESET_NOD32_3.0.657_Antivirus_Business_Edition_x32bit\Downloads\install(8).zip a variant of Win32/Adware.WinWebSecurity application (deleted - quarantined) 00000000000000000000000000000000 C

D:\New Folder\Common Files\cbaffregistrybooster.exe a variant of Win32/RegistryBooster application (deleted - quarantined) 00000000000000000000000000000000 C

D:\programs\windvd\Corel_WinDVD_v9-max-Enjoy\Corel WinDVD v9-max-Enjoy\Keygen.exe a variant of Win32/Keygen.AF application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Link to post
Share on other sites

I'm sorry about! It happens when instead of sleeping, I'm standing on the computer.

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

hi borislav , theres a problem with combofix...It started off ok , and automatically installed Windows Recovery console...

but ended up freezing on the screen below...

post-59269-1291128255_thumb.jpg

So I waited about an hour..when I had enough I went to move mouse and it was frozen too..I then had to force a reboot.

Now windows starts with splash screen for recovery console..

I disabled antivirus ESET ... Malwarebytes' Anti-Malware.... SpywareBlaster 4.4.... and Windows firewall prior to scan

Link to post
Share on other sites

hi borislav , theres a problem with combofix...It started off ok , and automatically installed Windows Recovery console...

but ended up freezing on the screen below...

post-59269-1291128255_thumb.jpg

So I waited about an hour..when I had enough I went to move mouse and it was frozen too..I then had to force a reboot.

Now windows starts with splash screen for recovery console..

I disabled antivirus ESET ... Malwarebytes' Anti-Malware.... SpywareBlaster 4.4.... and Windows firewall prior to scan

My computer definately has some problems now ...Slow boot ..programs open slowly..Sometimes cursor is in slow/eratic motion and cpu is going nuts...

Link to post
Share on other sites

Well this also hasnt worked.... this time I waited 2 HOURS...Is it normal for the scan to run for so long combofix states "typically ten minutes easily double for infected computers" You said to run "Safe Mode with Networking" does this mean I should be connected to internet during scan???......I also disabled antivirus etc etc..

Link to post
Share on other sites

I followed your instructions and again combofix froze...this time it didnt progress past the scanning dialog box...

Ive asked questions in my previous posts and I kindly request some answers...brief answers are fine...Im not sure if Im contributing to the failure of combofix, so please state all steps i need to follow...

kind regards sunbleach

Link to post
Share on other sites

We have alternative of ComboFix - OTL.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Once OTL has completed its first scan it will save notepad copies of the scans in the folder that OTL was started from. Unless set to produce an Extras log it will only produce OTL.txt in subsequent scans.

A copy of an OTL fix log is saved in a text file at

  • :\_OTL\Moved Files
    • in most cases this will be C:\_OTL\Moved Files

Link to post
Share on other sites

hi maniac i finally have some results... Ron is my dad...if you were wondering about the user name, he gave this computer to me;

I also disabled antivirus etc etc ...not sure if I was supposed to

OTL logfile created on: 12/3/2010 4:40:58 AM - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ron\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 622.00 Mb Available Physical Memory | 61.00% Memory free

2.00 Gb Paging File | 2.00 Gb Available in Paging File | 89.00% Paging File free

Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 13.97 Gb Total Space | 3.19 Gb Free Space | 22.86% Space Free | Partition Type: NTFS

Drive D: | 37.26 Gb Total Space | 17.14 Gb Free Space | 45.99% Space Free | Partition Type: NTFS

Computer Name: RONS | User Name: Ron | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Ron\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files\ESET\nod32krn.exe (Eset )

PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)

PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)

PRC - C:\Program Files\Apoint\Apvfb.exe (ALPS)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Ron\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe File not found

SRV - (PEVSystemStart) -- C:\Combo-Fix24098C\PEV.cfx File not found

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found

SRV - (gupdate) Google Update Service (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe File not found

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (NOD32krn) -- C:\Program Files\Eset\nod32krn.exe (Eset )

SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)

SRV - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)

SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)

SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)

SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)

SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

SRV - (PDSched) -- C:\Program Files\Raxco\PerfectDisk\PDSched.exe (Raxco Software, Inc.)

SRV - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)

SRV - (S24EventMonitor) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )

SRV - (RegSrvc) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)

========== Driver Services (SafeList) ==========

DRV - (VcommMgr) -- C:\WINDOWS\System32\Drivers\VcommMgr.sys File not found

DRV - (VComm) -- C:\WINDOWS\System32\DRIVERS\VComm.sys File not found

DRV - (USBCamera) DSC Still Image Capture (CA100) -- C:\WINDOWS\System32\Drivers\Bulk533.sys File not found

DRV - (USBAAPL) -- C:\WINDOWS\System32\Drivers\usbaapl.sys File not found

DRV - (catchme) -- C:\DOCUME~1\Ron\LOCALS~1\Temp\catchme.sys File not found

DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys File not found

DRV - (BTHidEnum) -- C:\WINDOWS\System32\DRIVERS\vbtenum.sys File not found

DRV - (Btcsrusb) -- C:\WINDOWS\System32\Drivers\btcusb.sys File not found

DRV - (BT) -- C:\WINDOWS\System32\DRIVERS\btnetdrv.sys File not found

DRV - (BlueletSCOAudio) -- C:\WINDOWS\System32\DRIVERS\BlueletSCOAudio.sys File not found

DRV - (BlueletAudio) -- C:\WINDOWS\System32\DRIVERS\blueletaudio.sys File not found

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (AMON) -- C:\WINDOWS\system32\drivers\amon.sys (Eset )

DRV - (MOBIOLA_Wave) Mobiola Wave Audio Device (WDM) -- C:\WINDOWS\system32\drivers\mobiolawave.sys (SHAPE Services)

DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)

DRV - (zgwhsmdm) -- C:\WINDOWS\system32\drivers\zgwhsmdm.sys (ZTE Incorporated)

DRV - (zgwhsdiag) -- C:\WINDOWS\system32\drivers\zgwhsdiag.sys (ZTE Incorporated)

DRV - (OlyCamComm) -- C:\WINDOWS\system32\drivers\OlyCamComm.sys (OLYMPUS IMAGING CORP.)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)

DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (MBLAUDRVOUT) -- C:\WINDOWS\system32\drivers\BTCamAudioDrvOut.sys (Windows ® 2000 DDK provider)

DRV - (MBLAUDRV) -- C:\WINDOWS\system32\drivers\BTCamAudioDrv.sys (Windows ® 2000 DDK provider)

DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()

DRV - (AF15BDA) -- C:\WINDOWS\system32\drivers\AF15BDA.sys (AfaTech )

DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)

DRV - (nmwcdcm) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia)

DRV - (nmwcdcj) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia)

DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia)

DRV - (Defrag32b) -- C:\WINDOWS\System32\drivers\defrag32b.sys (Raxco Software, Inc.)

DRV - (Defrag32) -- C:\WINDOWS\System32\drivers\defrag32.sys (Raxco Software, Inc.)

DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)

DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)

DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)

DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)

DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)

DRV - (w29n51) Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel

Link to post
Share on other sites

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.

File name: BASSMOD.dll

Submission date: 2010-12-02 21:47:52 (UTC)

Current status: queued queued analysing finished

Result: 1/ 43 (2.3%)

VT Community

not reviewed

Safety score: -

Compact Print results Antivirus Version Last Update Result

AhnLab-V3 2010.12.02.07 2010.12.02 -

AntiVir 7.10.14.171 2010.12.02 -

Antiy-AVL 2.0.3.7 2010.12.02 -

Avast 4.8.1351.0 2010.12.02 -

Avast5 5.0.677.0 2010.12.02 -

AVG 9.0.0.851 2010.12.02 -

BitDefender 7.2 2010.12.02 -

CAT-QuickHeal 11.00 2010.12.02 -

ClamAV 0.96.4.0 2010.12.02 -

Command 5.2.11.5 2010.12.02 -

Comodo 6929 2010.12.02 -

DrWeb 5.0.2.03300 2010.12.02 -

Emsisoft 5.0.0.50 2010.12.02 -

eSafe 7.0.17.0 2010.12.02 Suspicious File

eTrust-Vet 36.1.8015 2010.12.02 -

F-Prot 4.6.2.117 2010.12.01 -

F-Secure 9.0.16160.0 2010.12.02 -

Fortinet 4.2.254.0 2010.12.02 -

GData 21 2010.12.02 -

Ikarus T3.1.1.90.0 2010.12.02 -

Jiangmin 13.0.900 2010.12.02 -

K7AntiVirus 9.70.3146 2010.12.02 -

Kaspersky 7.0.0.125 2010.12.02 -

McAfee 5.400.0.1158 2010.12.02 -

McAfee-GW-Edition 2010.1C 2010.12.02 -

Microsoft 1.6402 2010.12.02 -

NOD32 5668 2010.12.02 -

Norman 6.06.10 2010.12.02 -

nProtect 2010-12-02.01 2010.12.02 -

Panda 10.0.2.7 2010.12.02 -

PCTools 7.0.3.5 2010.12.02 -

Prevx 3.0 2010.12.02 -

Rising 22.76.02.04 2010.12.02 -

Sophos 4.60.0 2010.12.02 -

SUPERAntiSpyware 4.40.0.1006 2010.12.02 -

Symantec 20101.2.0.161 2010.12.02 -

TheHacker 6.7.0.1.094 2010.12.01 -

TrendMicro 9.120.0.1004 2010.12.02 -

TrendMicro-HouseCall 9.120.0.1004 2010.12.02 -

VBA32 3.12.14.2 2010.12.02 -

VIPRE 7481 2010.12.02 -

ViRobot 2010.12.2.4181 2010.12.02 -

VirusBuster 13.6.71.0 2010.12.02 -

Additional informationShow all

MD5 : e4ec57e8508c5c4040383ebe6d367928

SHA1 : b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06

SHA256: 8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f

ssdeep: 768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0

File size : 34308 bytes

First seen: 2006-10-13 11:46:55

Last seen : 2010-12-02 21:47:52

TrID:

Win32 Dynamic Link Library (generic) (55.7%)

Clipper DOS Executable (14.8%)

Generic Win/DOS Executable (14.7%)

DOS Executable Generic (14.6%)

Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

PEiD: Petite v1.4

PEInfo: PE structure information

[[ basic data ]]

entrypointaddress: 0x12043

timedatestamp....: 0x40D588F5 (Sun Jun 20 12:54:13 2004)

machinetype......: 0x14c (I386)

[[ 2 section(s) ]]

name, viradd, virsiz, rawdsiz, ntropy, md5

, 0x1000, 0x11000, 0x7C04, 7.98, f28dcca6060f98ffe80ecdc0af70864b

, 0x12000, 0x688, 0x800, 5.01, c357226474d4e89456724075d6bdb097

[[ 4 import(s) ]]

KERNEL32.dll: ExitProcess, LoadLibraryA, GetProcAddress, VirtualProtect, GlobalAlloc, GlobalFree

WINMM.dll: timeGetTime

MSVCRT.dll: -

user32.dll: MessageBoxA, wsprintfA

[[ 27 export(s) ]]

BASSMOD_ErrorGetCode, BASSMOD_Free, BASSMOD_GetCPU, BASSMOD_GetDeviceDescription, BASSMOD_GetVersion, BASSMOD_GetVolume, BASSMOD_Init, BASSMOD_MusicDecode, BASSMOD_MusicFree, BASSMOD_MusicGetLength, BASSMOD_MusicGetName, BASSMOD_MusicGetPosition, BASSMOD_MusicGetVolume, BASSMOD_MusicIsActive, BASSMOD_MusicLoad, BASSMOD_MusicPause, BASSMOD_MusicPlay, BASSMOD_MusicPlayEx, BASSMOD_MusicRemoveSync, BASSMOD_MusicSetAmplify, BASSMOD_MusicSetPanSep, BASSMOD_MusicSetPosition, BASSMOD_MusicSetPositionScaler, BASSMOD_MusicSetSync, BASSMOD_MusicSetVolume, BASSMOD_MusicStop, BASSMOD_SetVolume

ExifTool:

file metadata

CodeSize: 71304

EntryPoint: 0x12043

FileSize: 34 kB

FileType: Win32 DLL

ImageVersion: 2.0

InitializedDataSize: 71304

LinkerVersion: 6.0

MIMEType: application/octet-stream

MachineType: Intel 386 or later, and compatibles

OSVersion: 4.0

PEType: PE32

Subsystem: Windows GUI

SubsystemVersion: 4.0

TimeStamp: 2004:06:20 14:54:13+02:00

UninitializedDataSize: 0

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.