View Full Version : Request for HJT help... Split from other topic...
zeffren
01-15-2006, 11:26 PM
Hoping i can get some help with this computer ive been useing. To my knowlage its never been checked for viruses or spywear. ive done some virus scans and run adaware and about blaster and followed some sudjestions ive seen posted. now am up to useing HijackThis. Hope ive followed the instructions correctly and posted whats required. This computer is slow and my browser is doing diffrent things just about everytime i run it. thanks for the help
Logfile of HijackThis v1.99.1
Scan saved at 9:23:34 PM, on 3/01/00
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\PRIMESOFT\ASWNK\ASWNK.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\MOBILE PHONETOOLS\WATCHDOG.EXE
C:\WINDOWS\SYSTEM\UWPDNMRAZ.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
There are a ton of files listed here that its said are missing....post would be to large to include them so i'll include them in my following post.
O2 - BHO: PrimeSoft - {44A23DAB-8D31-43AE-9F68-5AC24CF7CE8C} - C:\WINDOWS\SYSTEM\MSINFOSYS.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: PrimeSoft - {44A23DAB-8D31-43AE-9F68-5AC24CF7CE8C} - C:\WINDOWS\SYSTEM\MSINFOSYS.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [ASWnk] c:\program files\primesoft\aswnk\aswnk.exe /noconnect
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [rb32 ml071e] "c:\program files\RapidBlaster\rb32.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\Run: [uwpdnmraz] c:\windows\system\uwpdnmraz.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1059.dll,InstantAccess
O4 - HKCU\..\Run: [SpyElim] lpt.exe
O4 - HKCU\..\Run: [progmen] ssweeper.exe
O4 - HKCU\..\Run: [AppMasterCenter] TemplateDongle.exe
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_AddToList.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O9 - Extra button: Big Pond - {C3FE1580-10ED-11D5-A3A2-D8EA4E107E34} - [url]http://www.bigpond.com/[/url] (file missing) (HKCU)
O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab[/url]
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {47779CB3-13A1-17D8-46BC-130F22435F52} - [url]http://69.50.173.166/1/gdnAU1862.exe[/url]
O16 - DPF: {0F756AA7-07CF-15BA-C97E-7E192779C5C8} - [url]http://69.50.173.166/1/gdnAU1862.exe[/url]
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 195.95.218.1,85.255.112.7
Budfred
01-15-2006, 11:31 PM
Welcome to http://www.pcguide.com/ubb/pcgubb.gif
Please do not post your issues in someone else's thread... Start your own thread... I have split this one off to its own thread and I will be back later to help if no one else has yet...
zeffren
01-16-2006, 12:05 AM
Sorry bout that kinda knew to alot of this. and well i'm kinda happy if i can get any web page up at all at the moment. anyway attached (i hope) is the middle part to the HJT log.
hockey man
01-16-2006, 12:18 AM
zeffren, to keep his pc safe Budfred does not open attached files. Please copy and past the log as you did before. If it is too long, break it into 2 posts.
Budfred
01-16-2006, 12:28 AM
Also, please don't sort the log... Just post the first half in one post and the second half in another post....
zeffren
01-16-2006, 12:37 AM
Ok here goes
Logfile of HijackThis v1.99.1
Scan saved at 9:23:34 PM, on 3/01/00
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\PRIMESOFT\ASWNK\ASWNK.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\MOBILE PHONETOOLS\WATCHDOG.EXE
C:\WINDOWS\SYSTEM\UWPDNMRAZ.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.au/
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {D6CBD3AB-30EF-1CBB-4E37-94C9041EB792} - **C:\WINDOWS\MFCZX32.DLL (file missing)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - **C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL (file missing)
O2 - BHO: Class - {2D55C509-99FC-6760-309D-C2CF4E04A212} - **C:\WINDOWS\NETPD32.DLL (file missing)
O2 - BHO: Class - {6FB5DEB7-2A9C-BB26-7F96-602FCAE5C701} - **C:\WINDOWS\ATLLZ.DLL (file missing)
O2 - BHO: Class - {FA38A758-CFC4-D24D-B315-464B349FD577} - **C:\WINDOWS\WINCQ.DLL (file missing)
O2 - BHO: Class - {16A81DEB-538D-83DB-0432-869B70CF2787} - **C:\WINDOWS\NETGC.DLL (file missing)
O2 - BHO: Class - {C452088F-C45A-0FD0-E6B2-351678AE738C} - **C:\WINDOWS\NTSN32.DLL (file missing)
O2 - BHO: Class - {2D9D861E-98A3-0B1C-3F29-346F846EE2B6} - **C:\WINDOWS\APPOF.DLL (file missing)
O2 - BHO: Class - {E66F4233-2A70-2CDE-18E8-550B593208D5} - **C:\WINDOWS\WINWL.DLL (file missing)
O2 - BHO: Class - {53C75AC7-7AB9-572E-41FB-3A21083C2145} - **C:\WINDOWS\MFCMU.DLL (file missing)
O2 - BHO: Class - {AB823769-50B5-A011-5941-89A925428705} - **C:\WINDOWS\ATLSL.DLL (file missing)
O2 - BHO: Class - {0D77B60B-F9B8-DEB6-F8BC-A4507B4AA22E} - **C:\WINDOWS\APPWB.DLL (file missing)
O2 - BHO: Class - {D77CC508-D635-4696-3365-3202DB071395} - **C:\WINDOWS\NTBO32.DLL (file missing)
O2 - BHO: Class - {EC2F99C8-253A-4787-97F0-763D0A18D31C} - **C:\WINDOWS\D3RY32.DLL (file missing)
O2 - BHO: Class - {E4D4B616-89E8-88E1-E615-3C4F7690DC70} - **C:\WINDOWS\JAVAXO32.DLL (file missing)
O2 - BHO: Class - {5137BF38-80A6-A0E2-1A5F-FD3152E8B8F4} - **C:\WINDOWS\IPNE32.DLL (file missing)
O2 - BHO: Class - {B550E44A-A371-83DE-2CDF-619537449A87} - **C:\WINDOWS\CRTC32.DLL (file missing)
O2 - BHO: Class - {C59001C0-74ED-343F-CEAD-557D78E0B56C} - **C:\WINDOWS\JAVAFP32.DLL (file missing)
O2 - BHO: Class - {E8983D00-0142-A0FE-63A0-D9E1F3C04A6B} - **C:\WINDOWS\SDKXD.DLL (file missing)
O2 - BHO: Class - {0FD58A22-5C44-FB03-1D4D-5C4F484499A9} - **C:\WINDOWS\IECL32.DLL (file missing)
O2 - BHO: Class - {F2407144-991F-536B-0211-1DBA5D9A5AD3} - **C:\WINDOWS\MSMX32.DLL (file missing)
O2 - BHO: Class - {70BB8727-300B-1A42-4786-61E94EB4FBA5} - **C:\WINDOWS\NETQS32.DLL (file missing)
O2 - BHO: Class - {DD35522C-E086-2B5A-7652-36886F75C9C3} - **C:\WINDOWS\WINBZ32.DLL (file missing)
O2 - BHO: Class - {5924C00A-80E3-71E7-FA17-AEE58A1B0A00} - **C:\WINDOWS\APPJQ.DLL (file missing)
O2 - BHO: Class - {7DBD6986-1C5E-5F61-5CDC-F5402DB34848} - **C:\WINDOWS\MFCGU32.DLL (file missing)
O2 - BHO: Class - {347CF0FD-5E7D-8D1B-57E2-27841B120F68} - **C:\WINDOWS\JAVAGQ32.DLL (file missing)
O2 - BHO: Class - {7205A0FB-03A3-29B0-F193-EEC35EB9D77B} - **C:\WINDOWS\APIID32.DLL (file missing)
O2 - BHO: Class - {6839647D-EE2D-EC37-AA49-65E2C173122E} - **C:\WINDOWS\JAVABV32.DLL (file missing)
O2 - BHO: Class - {906797F2-8B34-E847-8C8D-3155F09D9D9E} - **C:\WINDOWS\NETOF.DLL (file missing)
O2 - BHO: Class - {372F8931-D513-1387-33C0-8D1E94346E23} - **C:\WINDOWS\CRVG32.DLL (file missing)
O2 - BHO: Class - {BFB28430-59F9-E148-CE91-EFEF55BB49E2} - **C:\WINDOWS\NETUU32.DLL (file missing)
O2 - BHO: Class - {6201197D-F194-EB0E-6E22-4FB1F228325A} - **C:\WINDOWS\MSZX.DLL (file missing)
O2 - BHO: Class - {4D0ED6BF-D64D-884B-351B-E924C175C0E1} - **C:\WINDOWS\ATLQA32.DLL (file missing)
O2 - BHO: Class - {B4CF1A3D-BFA2-5C15-720D-3E33706227F0} - **C:\WINDOWS\WINYN32.DLL (file missing)
O2 - BHO: Class - {C7740E13-92B5-82AE-4558-C0D7C2086D6E} - **C:\WINDOWS\SYSJX32.DLL (file missing)
O2 - BHO: Class - {E4BEFDF9-74F5-B18C-CEA3-C73983BCD030} - **C:\WINDOWS\ADDBE32.DLL (file missing)
O2 - BHO: Class - {2E0DA8F3-D533-C35F-86F9-7941DD3B56CB} - **C:\WINDOWS\SDKFE.DLL (file missing)
O2 - BHO: Class - {FE0C1535-D258-E58A-1983-206574280E88} - **C:\WINDOWS\D3JB.DLL (file missing)
O2 - BHO: Class - {01295AD0-0541-D9B9-7631-E16A07785229} - **C:\WINDOWS\ADDJF32.DLL (file missing)
O2 - BHO: Class - {ABEE3A3C-3CE2-A44C-7A71-FE55BCC44985} - **C:\WINDOWS\NTOI.DLL (file missing)
O2 - BHO: Class - {CC50F262-92DD-4E46-0B27-72B31A44B010} - **C:\WINDOWS\WINRH.DLL (file missing)
O2 - BHO: Class - {B6F5FC8C-8EB9-1EA0-C3C9-D9121C64B33B} - **C:\WINDOWS\JAVASR32.DLL (file missing)
O2 - BHO: Class - {71F3E61A-9FC2-684B-270A-33AEBC0E2EC0} - **C:\WINDOWS\CRVO32.DLL (file missing)
O2 - BHO: Class - {A22E1013-83C1-DCC1-C0B0-A96565205F55} - **C:\WINDOWS\SYSQW32.DLL (file missing)
O2 - BHO: Class - {D9EE2F1D-DFCC-D9C2-15FF-E71DFED7AE32} - **C:\WINDOWS\CRNG.DLL (file missing)
O2 - BHO: Class - {739AE0E3-FDD3-67B8-26B9-4E38D1D1C7F1} - **C:\WINDOWS\JAVAYQ32.DLL (file missing)
zeffren
01-16-2006, 12:38 AM
part 2
O2 - BHO: Class - {CB868F46-633A-4D25-2B7C-44B2B654D1C7} - **C:\WINDOWS\SDKXM32.DLL (file missing)
O2 - BHO: Class - {723A508C-C0DA-A207-D99C-49CB499D8E4B} - **C:\WINDOWS\MFCOU32.DLL (file missing)
O2 - BHO: Class - {3C8C2A81-D559-BABE-3341-29CC47C68F76} - **C:\WINDOWS\ADDVL.DLL (file missing)
O2 - BHO: Class - {604133F1-BF83-5ACA-2FE2-2B601C6A7458} - **C:\WINDOWS\MFCKW.DLL (file missing)
O2 - BHO: Class - {92606481-D877-8991-1150-67646D27BA88} - **C:\WINDOWS\SYSTE32.DLL (file missing)
O2 - BHO: Class - {2CC0ABDB-DFA2-1611-30E4-69D3C2CBA817} - **C:\WINDOWS\IPCK.DLL (file missing)
O2 - BHO: Class - {EE7112D3-1177-DB4C-A4E9-BFD51182AB83} - **C:\WINDOWS\D3YV.DLL (file missing)
O2 - BHO: Class - {FE0CDA20-90B7-D50A-955C-F9DCBB23210C} - **C:\WINDOWS\NETPX32.DLL (file missing)
O2 - BHO: Class - {5FF22AB0-0EE0-256A-46F7-FB091D282278} - **C:\WINDOWS\APIFG.DLL (file missing)
O2 - BHO: Class - {26565460-D3FF-D0D6-C07D-1F260FA16CC8} - **C:\WINDOWS\IPWX32.DLL (file missing)
O2 - BHO: Class - {DD33C16A-8227-DD45-058A-1DF494007B24} - **C:\WINDOWS\SYSUU32.DLL (file missing)
O2 - BHO: Class - {CF55FDE9-BA43-BE10-5455-CE366744EC0C} - **C:\WINDOWS\MFCMV.DLL (file missing)
O2 - BHO: Class - {32FF8C5C-41E5-A5C0-32CF-7ACBCBCF2846} - **C:\WINDOWS\IPAV32.DLL (file missing)
O2 - BHO: Class - {7FBC95AC-6D1C-802E-7EA2-D15AD4E37E39} - **C:\WINDOWS\CRKG32.DLL (file missing)
O2 - BHO: Class - {A6057CDC-1A44-B785-D52C-CD80DA986801} - **C:\WINDOWS\APIFT32.DLL (file missing)
O2 - BHO: Class - {02B1DD18-286C-7339-2831-1E97FFBF8C58} - **C:\WINDOWS\SYSZK.DLL (file missing)
O2 - BHO: Class - {C115F510-9F8B-F5E1-1C70-1979342788EE} - **C:\WINDOWS\MSYR32.DLL (file missing)
O2 - BHO: Class - {3C738991-6CD4-D82F-99CD-F2904D7BABCC} - **C:\WINDOWS\SYSQH32.DLL (file missing)
O2 - BHO: Class - {A72AA2FE-E26C-B9E0-B909-4EC233716D29} - **C:\WINDOWS\MFCUR32.DLL (file missing)
O2 - BHO: Class - {7F0FD938-6921-7913-8F78-2E42633C1214} - **C:\WINDOWS\APPDV.DLL (file missing)
O2 - BHO: Class - {50E5E338-454D-30A7-675B-80436CB61895} - **C:\WINDOWS\IEWA.DLL (file missing)
O2 - BHO: Class - {3F168309-460C-3C13-633D-8B2D81732BD0} - **C:\WINDOWS\APIGE.DLL (file missing)
O2 - BHO: Class - {E4F78A3B-E4C9-A50B-F62B-9CD76792AA50} - **C:\WINDOWS\IENY.DLL (file missing)
O2 - BHO: Class - {14C0C92B-4F51-C5C2-4A37-E127B1EDA99C} - **C:\WINDOWS\SDKZB32.DLL (file missing)
O2 - BHO: Class - {22570C43-713B-4D31-B7C3-D3DD8240926C} - **C:\WINDOWS\D3OO32.DLL (file missing)
O2 - BHO: Class - {36791C41-EE2D-4A40-AF45-24A5ABA6D46E} - **C:\WINDOWS\D3EN32.DLL (file missing)
O2 - BHO: Class - {DA458D02-1419-894A-16C7-153D1EAF27E4} - **C:\WINDOWS\IPNC32.DLL (file missing)
O2 - BHO: Class - {4DB64B88-0933-55E1-5343-261A238D2B60} - **C:\WINDOWS\NTFK32.DLL (file missing)
O2 - BHO: Class - {E2429EFB-A680-A214-04EF-B9DA6791395B} - **C:\WINDOWS\WINUH.DLL (file missing)
O2 - BHO: Class - {24BEDA2B-D9AB-6792-94E3-F0090B7CF569} - **C:\WINDOWS\IEQX32.DLL (file missing)
O2 - BHO: Class - {3698678C-C5F1-2B0F-7784-86A3A0B91EC5} - **C:\WINDOWS\MFCKE32.DLL (file missing)
O2 - BHO: Class - {6D1EBC15-FDF8-ABE4-9FF6-9D847E8A31CB} - **C:\WINDOWS\APPBX.DLL (file missing)
O2 - BHO: Class - {2BD33DBA-721E-D558-0E65-D0D8544B3508} - **C:\WINDOWS\APPDO32.DLL (file missing)
O2 - BHO: Class - {883EDD1C-FC42-B1BC-75A1-920AD1D28523} - **C:\WINDOWS\ADDRX32.DLL (file missing)
O2 - BHO: Class - {8BD0FF9B-9B7E-0F04-16C4-8198CD27EA1A} - **C:\WINDOWS\MFCBK.DLL (file missing)
O2 - BHO: Class - {4AAFEDF6-1929-789B-05C6-5C1430ADEC3B} - **C:\WINDOWS\SDKEO.DLL (file missing)
O2 - BHO: Class - {6235CB4A-32D8-6210-E971-19318E79D781} - **C:\WINDOWS\SDKWY32.DLL (file missing)
O2 - BHO: Class - {4618F47A-1690-B92B-1C12-67DC8F9B1E95} - **C:\WINDOWS\NTLV32.DLL (file missing)
O2 - BHO: Class - {CF175BA3-5E1E-3DA5-CADB-A16A0DD61E83} - **C:\WINDOWS\NETJW.DLL (file missing)
O2 - BHO: Class - {D6A3B473-D7BB-A3AE-64E4-E0A97A92906E} - **C:\WINDOWS\D3TN32.DLL (file missing)
O2 - BHO: Class - {B84772EE-BD55-4F77-792C-55150F27E278} - **C:\WINDOWS\JAVAAL.DLL (file missing)
O2 - BHO: Class - {75DF767A-8F98-D240-FB11-406F16816D6D} - **C:\WINDOWS\JAVADY32.DLL (file missing)
O2 - BHO: Class - {0C3BE5FF-F7BB-5B86-8527-1802CE2A40FD} - **C:\WINDOWS\MFCDE32.DLL (file missing)
O2 - BHO: Class - {5E2DD815-A676-7CB5-1698-B2A5ABA388C5} - **C:\WINDOWS\IPEN32.DLL (file missing)
O2 - BHO: Class - {11789B6E-0CE2-3E42-3520-6CBCC0A64936} - **C:\WINDOWS\SYSDP.DLL (file missing)
O2 - BHO: Class - {C7710D45-C73D-61A5-9D49-3C396EE9411B} - **C:\WINDOWS\MSIT.DLL (file missing)
zeffren
01-16-2006, 12:40 AM
part 3
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - **c:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O2 - BHO: Class - {FD02D80E-B824-8992-2F9B-E9F9A96F5081} - **C:\WINDOWS\NETMM32.DLL (file missing)
O2 - BHO: Class - {A8D016D1-738B-8D46-1677-E4A2EE58A205} - **C:\WINDOWS\SYSSL.DLL (file missing)
O2 - BHO: Class - {14697B9D-80B3-6F3E-5DD5-6A207F1EB529} - **C:\WINDOWS\ATLRR32.DLL (file missing)
O2 - BHO: Class - {0C18E623-72CC-830F-C73A-DD00A95B5062} - **C:\WINDOWS\JAVAME32.DLL (file missing)
O2 - BHO: Class - {932D21BB-436A-AA18-7EFE-9D87C425742E} - **C:\WINDOWS\MSFL32.DLL (file missing)
O2 - BHO: Class - {C6515C08-028F-7E34-837C-D5405B542821} - **C:\WINDOWS\IEZW.DLL (file missing)
O2 - BHO: Class - {4E13D08B-8C7F-2D80-572A-D6E907D83EB5} - **C:\WINDOWS\D3GR32.DLL (file missing)
O2 - BHO: Class - {7661973A-4117-72F9-F0EE-CF54843DB10D} - **C:\WINDOWS\IPTU.DLL (file missing)
O2 - BHO: Class - {75C24E0C-0403-C210-CD2D-6A22C0B4D482} - **C:\WINDOWS\MFCFW32.DLL (file missing)
O2 - BHO: Class - {84B658EB-29F0-B010-66F5-E418F9AAFDC6} - **C:\WINDOWS\NTOV.DLL (file missing)
O2 - BHO: Class - {1543D985-30C4-833D-0C16-5C0B34868EDC} - **C:\WINDOWS\APPJF.DLL (file missing)
O2 - BHO: Class - {2CC1F27E-9D52-7F02-7CDE-B6567A968820} - **C:\WINDOWS\D3CS.DLL (file missing)
O2 - BHO: Class - {08BE22CD-C122-B80D-DF7B-507913C3706E} - **C:\WINDOWS\IEWJ.DLL (file missing)
O2 - BHO: Class - {0B29CD35-B345-BA44-5153-A961F2065431} - **C:\WINDOWS\ADDCU32.DLL (file missing)
O2 - BHO: Class - {5E928233-1DF4-9645-2126-AF9BED9815F0} - **C:\WINDOWS\D3QK.DLL (file missing)
O2 - BHO: Class - {F9F0D49F-C740-D5E3-0FCC-BE0B70DE122C} - **C:\WINDOWS\NTWX32.DLL (file missing)
O2 - BHO: Class - {B6FBF6C9-510D-F04F-75C4-47B77E2085E8} - **C:\WINDOWS\WINDZ32.DLL (file missing)
O2 - BHO: Class - {93587622-0E15-2933-A432-4FC8AFF51981} - **C:\WINDOWS\IEOQ32.DLL (file missing)
O2 - BHO: Class - {CC3BA8EE-0F8E-BB35-0653-B020878669DC} - **C:\WINDOWS\APPOU32.DLL (file missing)
O2 - BHO: Class - {013F1D00-32FB-D06B-1419-6480DD6E1239} - **C:\WINDOWS\WINSY.DLL (file missing)
O2 - BHO: Class - {FB1FF3C6-0115-2FD6-315D-8C97AEC3A3E5} - **C:\WINDOWS\APPQA.DLL (file missing)
O2 - BHO: Class - {890A94EB-5589-BE5C-9376-880D77A957A8} - **C:\WINDOWS\APIGL32.DLL (file missing)
O2 - BHO: Class - {2AE9109E-80F1-35DD-394F-6BD77DC00A7F} - **C:\WINDOWS\JAVAKV32.DLL (file missing)
O2 - BHO: Class - {38F537F9-6CEA-E67D-2480-710B480D7D06} - **C:\WINDOWS\SDKMB32.DLL (file missing)
O2 - BHO: Class - {7432FB40-2792-013E-0818-99CBAC8DFA5F} - **C:\WINDOWS\ADDJE.DLL (file missing)
O2 - BHO: Class - {D5656802-6E90-5AEE-E0B5-D63166B32D47} - **C:\WINDOWS\NTRI32.DLL (file missing)
O2 - BHO: Class - {4D9CE41C-F169-3AB5-2399-DFE137EE149D} - **C:\WINDOWS\ADDXX32.DLL (file missing)
O2 - BHO: Class - {EB6001B8-1A36-C97A-4453-F11D00A0FF6B} - **C:\WINDOWS\D3OG.DLL (file missing)
O2 - BHO: Class - {8E615C3C-F769-DC70-D84B-F21ECCE41EE6} - **C:\WINDOWS\ATLQQ32.DLL (file missing)
O2 - BHO: Class - {35A97E16-015F-25C6-446B-7F8EDA6A99B0} - **C:\WINDOWS\IPWI.DLL (file missing)
O2 - BHO: Class - {AC4257E2-6DD2-AEC4-FFD6-D5E44CC39DBE} - **C:\WINDOWS\D3AK.DLL (file missing)
O2 - BHO: Class - {F4B038DE-77A5-45A4-0B4D-EEBA715F1EA7} - **C:\WINDOWS\APIPN.DLL (file missing)
O2 - BHO: Class - {DB10DB35-D3E5-1249-9B78-4ABD815D81BC} - **C:\WINDOWS\IEGP32.DLL (file missing)
O2 - BHO: Class - {D30AC97E-6571-1DC7-4A47-4FD27E4BC8A4} - **C:\WINDOWS\SDKZF.DLL (file missing)
O2 - BHO: Class - {27DA8E89-35E8-CB93-C196-AEA15F3DBE14} - **C:\WINDOWS\APPFK.DLL (file missing)
O2 - BHO: Class - {D4793234-BFA2-CB53-14AD-E13E5955ABD7} - **C:\WINDOWS\JAVAZV.DLL (file missing)
O2 - BHO: Class - {D3E658EA-D131-DCCF-DC18-81C5D9AD1C73} - **C:\WINDOWS\APPFS.DLL (file missing)
O2 - BHO: Class - {3C69B1A3-D6E3-9B58-A742-1A46F3BDB7CE} - **C:\WINDOWS\WINQW.DLL (file missing)
O2 - BHO: Class - {9D3007CE-B2C2-20A0-77AB-340FC4EDB2B3} - **C:\WINDOWS\ADDPI.DLL (file missing)
O2 - BHO: Class - {7352369D-E1F3-CA22-BCF3-2F9837B1EDCF} - **C:\WINDOWS\CRBS32.DLL (file missing)
O2 - BHO: Class - {93FD03BB-BE2C-90D0-AFDC-EEA007E4254F} - **C:\WINDOWS\APIFP.DLL (file missing)
O2 - BHO: Class - {0A5B4A8F-A91D-601F-5D8F-5341B9B56791} - **C:\WINDOWS\D3MD32.DLL (file missing)
O2 - BHO: Class - {FED80FE1-0881-76EA-AF03-58D3E618C89A} - **C:\WINDOWS\ATLVK.DLL (file missing)
O2 - BHO: Class - {143CE5E6-B0AC-4914-AA2E-624EF574EB4D} - **C:\WINDOWS\IPOI.DLL (file missing)
O2 - BHO: Class - {FEDB5C70-C8D3-5CE0-5433-3BFBF961AF4B} - **C:\WINDOWS\ADDFK.DLL (file missing)
O2 - BHO: Class - {50ACA513-4D51-10EF-EF4A-7898C868E93A} - **C:\WINDOWS\D3VE32.DLL (file missing)
O2 - BHO: Class - {825B9DA9-55C1-9D20-C225-18C7281BF681} - **C:\WINDOWS\WINZI.DLL (file missing)
O2 - BHO: Class - {BFCC120F-4F3A-3A0B-9B4E-FB277CCFD06A} - **C:\WINDOWS\IEXB32.DLL (file missing)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - **C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL (file missing)
O2 - BHO: Class - {9F72DDA9-92C8-7963-92B5-CC229A714587} - **C:\WINDOWS\CRSW.DLL (file missing)
O2 - BHO: Class - {2B6EC21E-CA49-C0FD-8F90-B7E4F4625626} - **C:\WINDOWS\WINAL32.DLL (file missing)
O2 - BHO: Class - {98080AA2-59AE-6225-7B5A-2D623E4CA49F} - **C:\WINDOWS\NETZF32.DLL (file missing)
O2 - BHO: Class - {94059374-9687-2B88-4C00-22E2FF8039AE} - **C:\WINDOWS\WINSE.DLL (file missing)
O2 - BHO: Class - {3E674149-0E42-9847-49E1-A9DB0541FE7F} - **C:\WINDOWS\SYSIF32.DLL (file missing)
O2 - BHO: Class - {EF497844-7B90-4822-A898-12306EB83DD2} - **C:\WINDOWS\WINLW32.DLL (file missing)
O2 - BHO: Class - {345A2686-3958-CD0F-8965-C10B010F97E8} - **C:\WINDOWS\ADDUA.DLL (file missing)
O2 - BHO: Class - {B11E0DA4-6126-6F77-EBB6-7AC45A2249AA} - **C:\WINDOWS\NETQC32.DLL (file missing)
O2 - BHO: Class - {793E35F2-B88F-15B6-3AEC-CEADED9E2A95} - **C:\WINDOWS\MFCMO32.DLL (file missing)
O2 - BHO: Class - {BE45C8F6-4291-04FB-430F-30AC5CCF0057} - **C:\WINDOWS\D3KN.DLL (file missing)
O2 - BHO: Class - {4A5ABB53-102D-C19C-B368-482572DCB536} - **C:\WINDOWS\APIUW32.DLL (file missing)
O2 - BHO: Class - {3C522CEC-1650-20FB-9085-E404FE236831} - **C:\WINDOWS\NETEE32.DLL (file missing)
O2 - BHO: Class - {B37338CB-DC89-F6A6-BA8B-AEF4D740566E} - **C:\WINDOWS\MSVI32.DLL (file missing)
O2 - BHO: Class - {E904118E-1B8F-F317-ED73-F02C7E6CF6EE} - **C:\WINDOWS\WINCY32.DLL (file missing)
O2 - BHO: Class - {8D55C478-729E-7713-EE3C-56A6BA3A3DD4} - **C:\WINDOWS\MSFU32.DLL (file missing)
O2 - BHO: Class - {15E32CB6-95A0-5363-B55E-CF4CDA121F27} - **C:\WINDOWS\MSAT32.DLL (file missing)
O2 - BHO: Class - {92CF0BF6-52CF-8484-194F-C4240574233B} - **C:\WINDOWS\SDKAK.DLL (file missing)
O2 - BHO: Class - {3168C6A7-F7C4-AEBD-339B-6A3D02B3F4A9} - **C:\WINDOWS\ADDYI32.DLL (file missing)
O2 - BHO: Class - {F0E43199-5174-F601-B6ED-5BE690BB4830} - **C:\WINDOWS\APPCD.DLL (file missing)
O2 - BHO: Class - {347AF52A-7597-E937-0808-2A8D1263EAAD} - **C:\WINDOWS\NTTC32.DLL (file missing)
O2 - BHO: Class - {628389AE-FDE9-F181-ABB4-DB08BD5345BC} - **C:\WINDOWS\D3SP.DLL (file missing)
O2 - BHO: Class - {449A7E20-4C65-8EF1-906A-FD7C0AA09E3A} - **C:\WINDOWS\IEMG.DLL (file missing)
O2 - BHO: Class - {63F1A1BF-6292-25D0-A3BA-12D30D817406} - **C:\WINDOWS\JAVAQI32.DLL (file missing)
O2 - BHO: Class - {F802FEC2-BF51-3198-4339-747CCF253651} - **C:\WINDOWS\MSCH32.DLL (file missing)
O2 - BHO: Class - {A2D6BD90-8482-2594-C882-F74F6D3CE341} - **C:\WINDOWS\WINJV.DLL (file missing)
O2 - BHO: Class - {F3AE5B8F-570D-9630-AF9D-BB9359426ED8} - **C:\WINDOWS\MFCCT.DLL (file missing)
O2 - BHO: Class - {10123428-A96D-94DF-C71E-72AD4E1826F7} - **C:\WINDOWS\D3AQ.DLL (file missing)
O2 - BHO: Class - {9FE7DEEF-D8F3-5B9A-63B8-39936AA6BF41} - **C:\WINDOWS\APIKX32.DLL (file missing)
zeffren
01-16-2006, 12:42 AM
part 4
: CO2 - BHOlass - {A66B11D1-6292-26F4-404E-061A0C5235AE} - **C:\WINDOWS\MSDH32.DLL (file missing)
O2 - BHO: Class - {A6A63A0E-EAB8-DFAA-6C65-1535AF6EE089} - **C:\WINDOWS\WINTP.DLL (file missing)
O2 - BHO: Class - {39C21146-72F9-C00B-D47C-F100644447AE} - **C:\WINDOWS\MSJC32.DLL (file missing)
O2 - BHO: Class - {18BA6790-DA50-1A1A-0E2C-FC6CDFD533BF} - **C:\WINDOWS\ADDYF.DLL (file missing)
O2 - BHO: Class - {5B9DD78B-6805-11A5-818B-723A508CBC0D} - **C:\WINDOWS\CRBA.DLL (file missing)
O2 - BHO: Class - {6BF8EBD9-CE8E-58F9-81EE-D2CE5B18BBD3} - **C:\WINDOWS\ATLHH.DLL (file missing)
O2 - BHO: Class - {DC705B9C-10EE-C7FA-E8A5-3F1A19A1C962} - **C:\WINDOWS\ATLCW32.DLL (file missing)
O2 - BHO: Class - {AF541E89-0348-E944-E5A1-B4A93FF77CF0} - **C:\WINDOWS\MSHC.DLL (file missing)
O2 - BHO: Class - {5952B661-A49F-07C2-2FD6-A5C20926F8DF} - **C:\WINDOWS\IEKQ32.DLL (file missing)
O2 - BHO: Class - {46EC430B-2D7B-C7B4-BA64-849FD035210F} - **C:\WINDOWS\JAVALE32.DLL (file missing)
O2 - BHO: Class - {20043697-EF16-80E8-D345-5DC1961EAEAD} - **C:\WINDOWS\IPCX.DLL (file missing)
O2 - BHO: Class - {EE738B8F-CBE3-4FED-4E0D-706844AA234F} - **C:\WINDOWS\NTJZ32.DLL (file missing)
O2 - BHO: Class - {F3264A95-EA02-5435-7C3B-CC1A6BECFC5B} - **C:\WINDOWS\ATLNO.DLL (file missing)
O2 - BHO: Class - {C432091F-3F6D-C8A2-AC3B-D61C7E6A758B} - **C:\WINDOWS\APPDJ32.DLL (file missing)
O2 - BHO: Class - {4CF3F22B-5DA9-5DE0-5DEB-EE4100912572} - **C:\WINDOWS\NETKA32.DLL (file missing)
O2 - BHO: Class - {7B4A1389-49FB-707C-A673-D7AF81767AD4} - **C:\WINDOWS\CRPC32.DLL (file missing)
O2 - BHO: Class - {38EC14CC-C206-2CC6-4F50-92CDF97CCE41} - **C:\WINDOWS\IPQZ32.DLL (file missing)
O2 - BHO: Class - {427B0070-6125-1D12-0821-13CFF8EAB8E9} - **C:\WINDOWS\SDKQK.DLL (file missing)
O2 - BHO: Class - {36CC50DE-E932-3435-B11B-709E3AFE8849} - **C:\WINDOWS\SDKEB.DLL (file missing)
O2 - BHO: Class - {2B30ADFB-5DE0-2F1C-A0FE-9A8F9A66BE0C} - **C:\WINDOWS\ADDGL32.DLL (file missing)
O2 - BHO: Class - {CC15449D-564B-BFBD-010F-5C0D90856CC3} - **C:\WINDOWS\IEQJ.DLL (file missing)
O2 - BHO: Class - {EC3AF539-7EA4-B36C-D296-F984ABDB6170} - **C:\WINDOWS\ADDYV.DLL (file missing)
O2 - BHO: Class - {6477E0AE-C44A-D3CD-6823-CC6538DFBFEE} - **C:\WINDOWS\IELA.DLL (file missing)
O2 - BHO: Class - {CBF1F509-4631-D544-B318-1452FEE2A371} - **C:\WINDOWS\SYSRX32.DLL (file missing)
O2 - BHO: Class - {41A0091F-BE0B-897D-16F8-5BD81668DD3F} - **C:\WINDOWS\IEQT32.DLL (file missing)
O2 - BHO: Class - {604E2F81-9FD1-78C7-9F8F-144A3CBBFA2D} - **C:\WINDOWS\WINZD32.DLL (file missing)
O2 - BHO: Class - {B64CDD57-7D96-5C6B-FBD6-F71DA48862A9} - **C:\WINDOWS\SYSKK32.DLL (file missing)
O2 - BHO: Class - {3901E8B9-569B-50AA-35AC-D0FC976E91F1} - **C:\WINDOWS\JAVADB.DLL (file missing)
O2 - BHO: Class - {D4BBFCAF-3F30-7E69-4762-58A3BA736796} - **C:\WINDOWS\IEOA32.DLL (file missing)
O2 - BHO: Class - {69AE91F3-D01C-5A46-D800-3C6A772FC742} - **C:\WINDOWS\SYSGK.DLL (file missing)
O2 - BHO: Class - {B1B856A8-E2CF-6D0D-E2E2-6F519F010848} - **C:\WINDOWS\WINGX32.DLL (file missing)
O2 - BHO: Class - {C713F792-9B34-C3C7-0713-07FE90101606} - **C:\WINDOWS\MFCFL.DLL (file missing)
O2 - BHO: Class - {5C3A213E-C516-2035-30D7-EB54F97A970D} - **C:\WINDOWS\NTDS.DLL (file missing)
O2 - BHO: Class - {396EC13B-FBD5-7CB6-FBE2-8F3EF6279037} - **C:\WINDOWS\CRHZ.DLL (file missing)
O2 - BHO: Class - {2C0B32E0-295D-9D74-A736-2C89A04196F2} - **C:\WINDOWS\NTMH.DLL (file missing)
O2 - BHO: Class - {EFF80E42-AC7D-BE18-E98A-B6EDE16CC5AB} - **C:\WINDOWS\ATLZR.DLL (file missing)
O2 - BHO: Class - {1764636F-D6F6-5B3E-2615-46A13A0FF858} - **C:\WINDOWS\MFCTC.DLL (file missing)
O2 - BHO: Class - {C35F786F-B794-DD3B-6CB7-09E465737D74} - **C:\WINDOWS\CRXS.DLL (file missing)
O2 - BHO: Class - {B4B27E7C-52CC-3941-AAF3-655B30E66312} - **C:\WINDOWS\CRSQ32.DLL (file missing)
O2 - BHO: Class - {E955CE5B-D11D-CF53-13E8-21A0155210FB} - **C:\WINDOWS\NTBV32.DLL (file missing)
O2 - BHO: Class - {FEEB74BD-0EE1-8D2A-3A47-85E6B36D5479} - **C:\WINDOWS\WINWE.DLL (file missing)
O2 - BHO: Class - {5E91AF47-A91F-4F5C-7463-E89DA2D22602} - **C:\WINDOWS\ATLZZ32.DLL (file missing)
O2 - BHO: Class - {6F8FA771-74ED-EABB-5DE2-9E2B3143177C} - **C:\WINDOWS\NTYM32.DLL (file missing)
O2 - BHO: Class - {566A7648-21AD-C5B2-6784-38BED7933A1C} - **C:\WINDOWS\ATLIZ.DLL (file missing)
O2 - BHO: Class - {0344CEB6-B012-24BE-3F3D-83F27868C75C} - **C:\WINDOWS\IEZJ32.DLL (file missing)
O2 - BHO: Class - {B9B03493-3AB7-1458-DC72-1757D8B6955D} - **C:\WINDOWS\WINWX32.DLL (file missing)
O2 - BHO: Class - {68E94B11-0682-EC6A-AC8C-7410CF035DD0} - **C:\WINDOWS\JAVANR.DLL (file missing)
O2 - BHO: Class - {AA1485D7-515B-7E22-9DA5-B4E151317124} - **C:\WINDOWS\ATLHS.DLL (file missing)
O2 - BHO: Class - {678424CF-8EE5-95C3-F7AE-93825805B537} - **C:\WINDOWS\APIAY.DLL (file missing)
O2 - BHO: Class - {9CAC6CAF-4B28-F4D4-DF8D-838894CDCC14} - **C:\WINDOWS\MSOX.DLL (file missing)
O2 - BHO: Class - {2FA30FBE-52D6-760C-819A-ECC0872CC2F6} - **C:\WINDOWS\MFCRH.DLL (file missing)
O2 - BHO: Class - {64DB3205-CF7B-15DD-E402-9DCF486A44CC} - **C:\WINDOWS\NETOV.DLL (file missing)
O2 - BHO: Class - {58BE2EE0-27B6-C905-F9B4-65D8FE8B1DC9} - **C:\WINDOWS\ADDOJ.DLL (file missing)
O2 - BHO: Class - {1A53E9E2-4A89-992E-61C3-DDF211A2FDE8} - **C:\WINDOWS\CROU32.DLL (file missing)
O2 - BHO: Class - {196013AC-492D-B718-321E-13C707FC652A} - **C:\WINDOWS\MSJL32.DLL (file missing)
O2 - BHO: Class - {07E3A13B-657F-5210-C8A4-A2F729B41F82} - **C:\WINDOWS\NTJH.DLL (file missing)
O2 - BHO: Class - {A8BFD3DC-9F9D-1255-4C88-0ABE6CF3DC96} - **C:\WINDOWS\JAVAGT32.DLL (file missing)
O2 - BHO: Class - {EDA47566-FF22-C6CB-022E-9E5BA4649C49} - **C:\WINDOWS\IEZS32.DLL (file missing)
O2 - BHO: Class - {A818BD85-2B41-49E4-B9F9-80D9FBF83E60} - **C:\WINDOWS\MFCZO32.DLL (file missing)
O2 - BHO: Class - {63F55AAB-207A-4070-C941-3AF6DF73213B} - **C:\WINDOWS\SDKYF32.DLL (file missing)
O2 - BHO: Class - {C7593148-738E-F18C-0FD1-179344BFCC46} - **C:\WINDOWS\ADDWG32.DLL (file missing)
O2 - BHO: Class - {5369BF71-4D46-FEDA-2B2C-49E20A1CBCC5} - **C:\WINDOWS\MFCMP32.DLL (file missing)
O2 - BHO: Class - {FA6BD27F-288F-002A-F4A9-ABCF232371D9} - **C:\WINDOWS\SDKTG.DLL (file missing)
O2 - BHO: Class - {EA18C985-9D47-72A6-0895-62594F8F22B3} - **C:\WINDOWS\SYSLD32.DLL (file missing)
O2 - BHO: Class - {AB6E0FF3-5C24-433E-F0F0-97AEB24D486A} - **C:\WINDOWS\SDKOQ32.DLL (file missing)
O2 - BHO: Class - {319AAF29-5AF7-424D-A2BF-652F766BFD22} - **C:\WINDOWS\MSEF.DLL (file missing)
O2 - BHO: Class - {1487B770-6A12-97D9-7B4A-24F6E0B7B61F} - **C:\WINDOWS\APIBY.DLL (file missing)
O2 - BHO: Class - {ABDA69CA-252A-681A-53BE-11365742DA6D} - **C:\WINDOWS\APIYB32.DLL (file missing)
O2 - BHO: Class - {0FF8D353-F31C-0E63-FF78-664C927DC714} - **C:\WINDOWS\JAVAKJ32.DLL (file missing)
O2 - BHO: Class - {27627E61-8828-2E5B-F537-73A167A007E5} - **C:\WINDOWS\SDKWQ32.DLL (file missing)
O2 - BHO: Class - {7685710F-9FD1-9639-83BB-63EC2279E46F} - **C:\WINDOWS\APPUN32.DLL (file missing)
O2 - BHO: Class - {6ED53C74-1798-E174-098B-249E7116B03B} - **C:\WINDOWS\MSIV.DLL (file missing)
O2 - BHO: Class - {C5F5427C-DCE7-C0B2-B193-1EE590567C6A} - **C:\WINDOWS\CRET.DLL (file missing)
O2 - BHO: Class - {4D9FE0E6-8C41-FA15-C0CC-2760D6F9B85F} - **C:\WINDOWS\SYSDM.DLL (file missing)
O2 - BHO: Class - {DBFC5A92-4FA4-C151-1D59-8CA0FBBFD49C} - **C:\WINDOWS\ATLBW.DLL (file missing)
O2 - BHO: Class - {75E70B31-4E2B-4CAC-01CF-66A22B2AADFA} - **C:\WINDOWS\APPHX32.DLL (file missing)
O2 - BHO: Class - {B796386A-3A52-4CE4-BD8A-3662ABFFA8E6} - **C:\WINDOWS\MFCVH.DLL (file missing)
O2 - BHO: Class - {9037343E-6802-1EC2-D767-E57CC2D9D83C} - **C:\WINDOWS\SYSHW.DLL (file missing)
O2 - BHO: Class - {6033BABE-1F75-24D4-E9EF-DA8A524EA88F} - **C:\WINDOWS\IEOV32.DLL (file missing)
O2 - BHO: Class - {1C5174EF-6CDC-A9A8-CDD4-8E97F25B77D9} - **C:\WINDOWS\NETKB32.DLL (file missing)
zeffren
01-16-2006, 12:46 AM
part 5
O2 - BHO: Class - {4D910CC2-32E4-A9B9-5CCF-A97959F766CD} - **C:\WINDOWS\APIIW32.DLL (file missing)
O2 - BHO: Class - {CBE39AD0-E431-83E2-2ECC-68F48F7B78A0} - **C:\WINDOWS\SYSTEM\ATLNJ32.DLL (file missing)
O2 - BHO: Class - {3D05588C-F9DA-4223-979C-F6EC47E8BC7D} - **C:\WINDOWS\SYSTEM\MSZO32.DLL (file missing)
O2 - BHO: Class - {19B907F0-A6CA-BB49-9C14-FD51E9541ECD} - **C:\WINDOWS\D3JM32.DLL (file missing)
O2 - BHO: Class - {3A3C9967-8EA1-CE8A-DDF7-C35F20372D9D} - **C:\WINDOWS\SDKYB32.DLL (file missing)
O2 - BHO: Class - {19899FD2-72DC-ADED-A735-6279FA695369} - **C:\WINDOWS\JAVAEQ.DLL (file missing)
O2 - BHO: Class - {538A2EE1-35F1-4C8A-BD4E-6F604088DD21} - **C:\WINDOWS\SDKYV.DLL (file missing)
O2 - BHO: Class - {5D2B4CF3-E79E-88F3-CE8A-6A736BC87410} - **C:\WINDOWS\SYSTEM\APIWI32.DLL (file missing)
O2 - BHO: Class - {AD021167-9E16-9AC5-53ED-2D2255D2B3E4} - **C:\WINDOWS\MFCXL32.DLL (file missing)
O2 - BHO: Class - {869AC35F-5F1A-ABC7-04D4-AA0D80E2EF03} - **C:\WINDOWS\SYSTEM\SYSNA32.DLL (file missing)
O2 - BHO: Class - {D5E3743E-61E0-9905-147C-8EE66A30E179} - **C:\WINDOWS\SYSTEM\MFCUR32.DLL (file missing)
O2 - BHO: Class - {36BF72B5-8177-6FEF-B654-6A4C197C3C4F} - **C:\WINDOWS\APPPV.DLL (file missing)
O2 - BHO: Class - {5B7B91DD-E674-53C5-4007-CBAEA8704D54} - **C:\WINDOWS\SYSTEM\ATLOF32.DLL (file missing)
O2 - BHO: Class - {D4D550CF-B4EC-8BDA-E4C5-405405A480F2} - **C:\WINDOWS\WINDU32.DLL (file missing)
O2 - BHO: Class - {B1E8457D-0E36-B49E-109D-60340CBABC61} - **C:\WINDOWS\SYSTEM\APPDA.DLL (file missing)
O2 - BHO: Class - {341DF854-7083-B4B0-6261-96D2A8EE655C} - **C:\WINDOWS\SDKXO32.DLL (file missing)
O2 - BHO: Class - {1C985E57-9285-2572-376B-C6B0706F7BB7} - **C:\WINDOWS\SDKBD32.DLL (file missing)
O2 - BHO: Class - {53A4910B-08BB-4D8F-0B48-FC9AF55E8696} - **C:\WINDOWS\SYSTEM\ADDFW.DLL (file missing)
O2 - BHO: Class - {85201BB6-388D-DCC6-C89B-AA43E4FA80F7} - **C:\WINDOWS\SYSTEM\D3FH.DLL (file missing)
O2 - BHO: Class - {18C80351-3736-3DEE-D635-D5341F52F69C} - **C:\WINDOWS\SYSTEM\SYSVR.DLL (file missing)
O2 - BHO: Class - {8EA62F82-B845-955F-DA3B-A0A8DED84AD1} - **C:\WINDOWS\SYSTEM\ATLPQ.DLL (file missing)
O2 - BHO: Class - {88F37E34-F9B5-6983-E453-194FBD483C76} - **C:\WINDOWS\SYSTEM\JAVATY32.DLL (file missing)
O2 - BHO: Class - {82407DA2-3014-242A-30C3-D0FA4B70B30A} - **C:\WINDOWS\SYSTEM\NETUV32.DLL (file missing)
O2 - BHO: Class - {DE9FBD9F-312E-4200-618D-E3C65130FD10} - **C:\WINDOWS\MSYC.DLL (file missing)
O2 - BHO: Class - {C8BD4A98-45A5-E2AA-83C5-0A9AB8F19874} - **C:\WINDOWS\WINIP32.DLL (file missing)
O2 - BHO: Class - {FA991F0E-1BD9-6EAD-EFEC-2317207D5E37} - **C:\WINDOWS\APIVF32.DLL (file missing)
O2 - BHO: Class - {5E10A9C2-5735-AE8B-C0E6-1DC92ADF9B6C} - **C:\WINDOWS\SYSTEM\NTRL.DLL (file missing)
O2 - BHO: Class - {2B2B9399-F46A-8B4F-99FA-F166FCAC8F73} - **C:\WINDOWS\APPEF.DLL (file missing)
O2 - BHO: Class - {3F3BCE8D-C95B-CF24-6801-4DCF14318324} - **C:\WINDOWS\SYSTEM\CRFL.DLL (file missing)
O2 - BHO: Class - {800B9048-A1BD-B338-E9D4-71396483AE60} - **C:\WINDOWS\SYSTEM\JAVAEQ32.DLL (file missing)
O2 - BHO: Class - {AAC47DD1-3ADC-5093-D3E6-D6005AC41C47} - **C:\WINDOWS\SYSTEM\APIEB32.DLL (file missing)
O2 - BHO: Class - {AA0B70B4-0585-98FF-591D-792B7C365368} - **C:\WINDOWS\MFCPJ32.DLL (file missing)
O2 - BHO: Class - {F37BF454-6236-AE4D-1BCB-FD1EA474B063} - **C:\WINDOWS\SYSTEM\SDKTL32.DLL (file missing)
O2 - BHO: Class - {DACC5AF0-CB53-4D9E-964B-C1A3A6FB2CB3} - **C:\WINDOWS\SYSTEM\WINIZ.DLL (file missing)
O2 - BHO: Class - {24A99FB0-A46A-B915-30B6-E2EFD2532E2E} - **C:\WINDOWS\ADDCQ.DLL (file missing)
O2 - BHO: Class - {823178A5-58EC-4476-B53A-FE092D7277DB} - **C:\WINDOWS\SYSXS.DLL (file missing)
O2 - BHO: Class - {D84A7684-8628-9145-92B3-232369DD4B89} - **C:\WINDOWS\SYSTEM\ATLBW32.DLL (file missing)
O2 - BHO: Class - {83EC5F1F-B4D6-9257-9AE8-9C92AD5995AF} - **C:\WINDOWS\SYSTEM\JAVACQ32.DLL (file missing)
O2 - BHO: Class - {8E0ABAA2-710A-F824-37FC-490315FBCDC5} - **C:\WINDOWS\SYSTEM\MFCHV32.DLL (file missing)
O2 - BHO: Class - {455F474F-574E-C406-1699-5DC9F701D2B7} - **C:\WINDOWS\SYSTEM\SDKGG32.DLL (file missing)
O2 - BHO: Class - {65FE79E2-49CB-CDA5-40C9-35E3986828A6} - **C:\WINDOWS\JAVACG32.DLL (file missing)
O2 - BHO: Class - {EFF77B34-BB10-6259-D56C-2FE1758999B5} - **C:\WINDOWS\MFCEV.DLL (file missing)
O2 - BHO: Class - {EC35B82F-DE5F-4C0D-A8E0-4A646DF69845} - **C:\WINDOWS\MSGL.DLL (file missing)
O2 - BHO: Class - {15DA490B-44B0-30C2-B573-B1F1C72C8988} - **C:\WINDOWS\SYSTEM\MSJU32.DLL (file missing)
O2 - BHO: Class - {2340FD3F-B793-52D4-1F14-EFC67354939C} - **C:\WINDOWS\SYSDL32.DLL (file missing)
O2 - BHO: Class - {1F9CE5DA-289C-2E20-1D11-2FA0CC12FBA6} - **C:\WINDOWS\APIFV32.DLL (file missing)
O2 - BHO: Class - {00001E9D-B879-35AF-C94E-AA3B109CDF81} - **C:\WINDOWS\SYSTEM\CRTB32.DLL (file missing)
O2 - BHO: Class - {92094EB4-60D8-A1B1-E7FC-AADFCB9E2065} - **C:\WINDOWS\SYSTEM\SYSYC32.DLL (file missing)
O2 - BHO: Class - {D02FAF17-CBFC-366B-3800-802ABB60B4EB} - **C:\WINDOWS\NETMR.DLL (file missing)
O2 - BHO: Class - {CFE63210-C122-AAC2-5CE6-9CFFB33BFC5E} - **C:\WINDOWS\ADDZY32.DLL (file missing)
O2 - BHO: Class - {2E518040-BD55-4065-A41A-BE4557B24FEF} - **C:\WINDOWS\SYSTEM\NETJW.DLL (file missing)
O2 - BHO: Class - {D0E04D53-A8CB-6CF6-83EA-25418CADEF98} - **C:\WINDOWS\SYSJC.DLL (file missing)
O2 - BHO: Class - {D61CBA3A-4C88-78C7-C449-55202A768452} - **C:\WINDOWS\SYSTEM\MSPN32.DLL (file missing)
O2 - BHO: Class - {2F8C43D7-9152-5DC8-F181-CA137FA22D8D} - **C:\WINDOWS\NTIE.DLL (file missing)
O2 - BHO: Class - {0626FB36-55DE-5711-F3FF-52CF01546287} - **C:\WINDOWS\SYSTEM\APPWE32.DLL (file missing)
O2 - BHO: Class - {0D986CF8-2CE9-4F81-C868-236758D1D348} - **C:\WINDOWS\SYSTEM\CRZM32.DLL (file missing)
O2 - BHO: Class - {0A66CBAA-236D-B89D-CD83-DE127147DC70} - **C:\WINDOWS\ATLKA32.DLL (file missing)
O2 - BHO: Class - {802A960C-EFED-AD57-E2D2-D63477D85711} - **C:\WINDOWS\IENM32.DLL (file missing)
O2 - BHO: Class - {9ADF5FEC-10AD-9935-70A8-9DD47AD25683} - **C:\WINDOWS\SYSTEM\CRHC.DLL (file missing)
O2 - BHO: Class - {7C5F07FA-EE61-E2CA-7AC9-845516B1F196} - **C:\WINDOWS\NETHH.DLL (file missing)
O2 - BHO: Class - {F270B941-9343-7283-F730-9F296792FC8B} - **C:\WINDOWS\SYSTEM\NETPL32.DLL (file missing)
O2 - BHO: Class - {F29410C9-B2AD-CEAB-4F52-9AADB08954D1} - **C:\WINDOWS\CRWX32.DLL (file missing)
O2 - BHO: Class - {EDBBFA7A-B405-F9B5-00AF-537E29B2B284} - **C:\WINDOWS\SYSTEM\ATLWX.DLL (file missing)
O2 - BHO: Class - {9116D601-6EE4-BB1A-CE95-A02EF05F7C37} - **C:\WINDOWS\NETEI32.DLL (file missing)
O2 - BHO: Class - {A8F818F5-31A4-2D4C-AE8C-5FD1A39AC827} - **C:\WINDOWS\SYSTEM\NTDO.DLL (file missing)
O2 - BHO: Class - {980A69FC-BB18-FEB7-A964-277C38BA5911} - **C:\WINDOWS\SYSTEM\APITD.DLL (file missing)
O2 - BHO: Class - {81CBE43F-6CA2-AEDA-1180-5775F175AC3D} - **C:\WINDOWS\SYSTEM\NTUS32.DLL (file missing)
O2 - BHO: Class - {6B4EE7B2-A794-244F-ADD0-EE44131BFC5D} - **C:\WINDOWS\WINDW32.DLL (file missing)
O2 - BHO: Class - {5B8830DA-C759-6454-BB67-13FE8A6BFF98} - **C:\WINDOWS\SYSTEM\APPAM.DLL (file missing)
O2 - BHO: Class - {FAA5E42B-0DBE-4E13-C396-77F104596567} - **C:\WINDOWS\APPXH.DLL (file missing)
O2 - BHO: Class - {213B7C36-822A-1976-BFD3-D6ECC22A97B4} - **C:\WINDOWS\SYSTEM\IENU32.DLL (file missing)
O2 - BHO: Class - {A8C5B6C8-2405-150C-A544-936B1CCA46D2} - **C:\WINDOWS\SYSTEM\APPCG32.DLL (file missing)
O2 - BHO: Class - {81EDCC5B-FEB9-6F3B-4CB7-4D767A1A3655} - **C:\WINDOWS\NTSY32.DLL (file missing)
O2 - BHO: Class - {5BA8A7A3-1A3A-9F72-6A59-8AE57E433C9C} - **C:\WINDOWS\IPME32.DLL (file missing)
O2 - BHO: Class - {F4A8D1EE-5FEE-CBC1-5009-627AB04BF96E} - **C:\WINDOWS\SYSTEM\SYSVK.DLL (file missing)
O2 - BHO: Class - {410E69E0-7AA3-2B6F-C2FC-5C1507DC66CA} - **C:\WINDOWS\SYSTEM\IEHQ32.DLL (file missing)
O2 - BHO: Class - {8C7D53BF-2F81-F6A2-202A-C13B9FDF7854} - **C:\WINDOWS\ADDMU.DLL (file missing)
O2 - BHO: Class - {5E57D46E-D171-07CD-270E-88E564D9C1A3} - **C:\WINDOWS\SYSTEM\MFCQK.DLL (file missing)
O2 - BHO: Class - {AEC3B74A-20AE-E2E2-80E6-80E178A3D4FA} - **C:\WINDOWS\SYSTEM\SDKJR32.DLL (file missing)
O2 - BHO: Class - {A9899399-7308-4C1A-F3B7-762295ABD727} - **C:\WINDOWS\SYSTEM\ADDGE32.DLL (file missing)
O2 - BHO: Class - {F322A8AF-EF0E-13F8-1E57-1BF7314624F9} - **C:\WINDOWS\MFCFR.DLL (file missing)
O2 - BHO: Class - {601B6BCA-6D83-BFD1-54C9-01D1DEE2E71F} - **C:\WINDOWS\SYSTEM\D3FR32.DLL (file missing)
O2 - BHO: Class - {71174595-4847-AF83-480E-8CBAC65E423D} - **C:\WINDOWS\SYSTEM\MSYK.DLL (file missing)
O2 - BHO: Class - {07D9FD4D-6D4C-4A65-72AC-9B3400AF232F} - **C:\WINDOWS\SDKXY.DLL (file missing)
O2 - BHO: Class - {7916CA4C-9CF2-5B4A-64B1-00EA267B9130} - **C:\WINDOWS\SYSTEM\IETC.DLL (file missing)
O2 - BHO: Class - {260FEF22-2189-742C-5F54-452E119822E3} - **C:\WINDOWS\MFCXJ32.DLL (file missing)
O2 - BHO: Class - {EA708A76-AA37-90B9-0FCB-1DFCF447ADBE} - **C:\WINDOWS\ADDLU32.DLL (file missing)
zeffren
01-16-2006, 01:00 AM
part 6
O2 - BHO: Class - {3E5624CA-8224-4EE7-712D-74E1267DFBD2} - **C:\WINDOWS\SYSTEM\MSWT32.DLL (file missing)
O2 - BHO: Class - {7B197E28-9E40-E13E-D193-C6BD227A9291} - **C:\WINDOWS\APIFR.DLL (file missing)
O2 - BHO: Class - {22A97394-EB34-0653-AF9D-BCB8831CBDCC} - **C:\WINDOWS\D3LI32.DLL (file missing)
O2 - BHO: Class - {44DB187E-DF49-EDD3-EFD3-F05E8699B29C} - **C:\WINDOWS\SYSTEM\MFCGR.DLL (file missing)
O2 - BHO: Class - {2A678BA3-53C6-44B1-C740-E707AAB611A1} - **C:\WINDOWS\SYSTEM\NETQM32.DLL (file missing)
O2 - BHO: Class - {C88013BA-3513-9B4C-2B49-D54368D01189} - **C:\WINDOWS\SYSTEM\ADDYY.DLL (file missing)
O2 - BHO: Class - {B33F83DC-A24F-678F-2E71-E2F1C42B655E} - **C:\WINDOWS\SYSTEM\APIGH.DLL (file missing)
O2 - BHO: Class - {001C0628-4726-F204-3F0F-77067AD8EEC5} - **C:\WINDOWS\SYSTEM\APITE.DLL (file missing)
O2 - BHO: Class - {7EFD2AAF-EF34-BB29-7E43-A52C9FA5AC8A} - **C:\WINDOWS\SYSNV32.DLL (file missing)
O2 - BHO: Class - {093680F4-6D7A-144A-D33E-DC9B538D581B} - **C:\WINDOWS\SYSTEM\JAVASR32.DLL (file missing)
O2 - BHO: Class - {95AF0ED6-C5F7-060D-D454-9070ABC0FF5F} - **C:\WINDOWS\SYSCQ.DLL (file missing)
O2 - BHO: Class - {EE71F47C-9AD5-9285-3F03-BD4E23A370B8} - **C:\WINDOWS\JAVAMJ32.DLL (file missing)
O2 - BHO: Class - {2AC39ADF-29E6-5C76-A2E4-8EC2005D0652} - **C:\WINDOWS\WINND32.DLL (file missing)
O2 - BHO: Class - {D4DB5654-7123-6004-6034-D008447594E0} - **C:\WINDOWS\SYSTEM\CRGU.DLL (file missing)
O2 - BHO: Class - {DEE94005-1C44-5C08-22FF-9E5E64B4E3BB} - **C:\WINDOWS\IPFH.DLL (file missing)
O2 - BHO: Class - {C46F47AE-21B7-2625-A77E-5E647AC452D9} - **C:\WINDOWS\D3BL.DLL (file missing)
O2 - BHO: Class - {150E4300-73A1-8F6B-0647-0DFBD1CD1D3E} - **C:\WINDOWS\CRUR.DLL (file missing)
O2 - BHO: Class - {AF9E47E5-DA5F-2D53-4855-D3DBCC67B6EF} - **C:\WINDOWS\MSQI.DLL (file missing)
O2 - BHO: Class - {45BE5D9D-A13A-9FA6-68C3-7E04D9D89E5B} - **C:\WINDOWS\NTVK32.DLL (file missing)
O2 - BHO: Class - {513B883E-9D9B-A016-D18E-B9CD8E70E622} - **C:\WINDOWS\SYSTEM\MFCZM.DLL (file missing)
O2 - BHO: Class - {3E36BD01-2F42-13C9-C23B-0DFA2194BFEF} - **C:\WINDOWS\SYSTEM\NTSN.DLL (file missing)
O2 - BHO: Class - {9A75B655-BEB2-41EA-F2F8-2042CFD11D56} - **C:\WINDOWS\ATLDE32.DLL (file missing)
O2 - BHO: Class - {877B27CD-4126-146C-7367-E13D2AC8CA3B} - **C:\WINDOWS\SYSTEM\ATLRB32.DLL (file missing)
O2 - BHO: Class - {87ED4484-67AC-6172-0910-23077C45430B} - **C:\WINDOWS\APIRO.DLL (file missing)
O2 - BHO: Class - {63C2F5DC-BFB1-5647-D8C6-FBF8BC23512E} - **C:\WINDOWS\MSLX32.DLL (file missing)
O2 - BHO: Class - {AC458677-DF16-AF47-F26F-1483F477E465} - **C:\WINDOWS\SYSTEM\APITX.DLL (file missing)
O2 - BHO: Class - {FC5B8832-6D4A-7962-EE5E-DA72761BD8DE} - **C:\WINDOWS\NETRW.DLL (file missing)
O2 - BHO: Class - {76B4D012-4EE8-90C5-518E-4B4BD4BD4BF9} - **C:\WINDOWS\ADDJP32.DLL (file missing)
O2 - BHO: Class - {55BAD282-E431-E0E7-8744-33717ADD7958} - **C:\WINDOWS\SYSTEM\ATLJS.DLL (file missing)
O2 - BHO: Class - {09D4B4EC-89B6-4830-5D2C-6D4CE5AD4CA1} - **C:\WINDOWS\SYSTEM\ATLJV32.DLL (file missing)
O2 - BHO: Class - {C0ABA3B1-1D31-5501-C7B5-68D02849D3DC} - **C:\WINDOWS\IENZ32.DLL (file missing)
O2 - BHO: Class - {EE64C95D-CA16-A16C-29CA-648731569905} - **C:\WINDOWS\SYSZK32.DLL (file missing)
O2 - BHO: Class - {41C43085-B29C-E651-7F49-3DE3897C2CDA} - **C:\WINDOWS\SYSTEM\MFCDM32.DLL (file missing)
O2 - BHO: Class - {2B89CF06-5148-04D7-657E-2F1AC15391F3} - **C:\WINDOWS\SYSTEM\MFCIL32.DLL (file missing)
O2 - BHO: Class - {F576B28C-39AB-F4A3-AD18-7C1423153A0E} - **C:\WINDOWS\SYSTEM\SYSNH32.DLL (file missing)
O2 - BHO: Class - {1E8977C2-F792-063C-E030-797E33369E31} - **C:\WINDOWS\MFCXF.DLL (file missing)
O2 - BHO: Class - {44E48825-9CDA-8A48-8D27-1A169942AC4E} - **C:\WINDOWS\MSXF32.DLL (file missing)
O2 - BHO: Class - {8BCAECE1-BD48-E057-0435-F351137FC682} - **C:\WINDOWS\SYSTEM\SDKQW32.DLL (file missing)
O2 - BHO: Class - {D30E97DE-8322-41D2-604F-4B7E5C0AECE3} - **C:\WINDOWS\MFCDW.DLL (file missing)
O2 - BHO: Class - {DDE910E3-F27B-7DD4-232E-74D58EC1CA0F} - **C:\WINDOWS\ADDPE.DLL (file missing)
O2 - BHO: Class - {DCB7AA47-29E8-5669-EB30-7BCD8254F742} - **C:\WINDOWS\IPQY.DLL (file missing)
O2 - BHO: Class - {E633D08B-D817-2BD0-02B4-2DC0FF513593} - **C:\WINDOWS\SYSTEM\ATLBX32.DLL (file missing)
O2 - BHO: Class - {798A115F-4CDC-085F-69E2-7E5DD1711A21} - **C:\WINDOWS\SDKBR32.DLL (file missing)
O2 - BHO: Class - {E5DE847E-2095-F990-2879-44A97175C77F} - **C:\WINDOWS\SYSTEM\IETQ.DLL (file missing)
O2 - BHO: Class - {CC175C14-BC23-55E7-BD92-FA8DF8B7A227} - **C:\WINDOWS\SYSTEM\APIDW32.DLL (file missing)
O2 - BHO: Class - {CA2119A8-938E-177E-2620-0DBF72794E15} - **C:\WINDOWS\SYSTEM\IETA32.DLL (file missing)
O2 - BHO: Class - {E8A9E4E1-61A2-BCEA-4EC3-0DEFD026EDE5} - **C:\WINDOWS\ADDTD.DLL (file missing)
O2 - BHO: Class - {621C772A-BD1C-569E-4C0E-31803458AF26} - **C:\WINDOWS\IPTA.DLL (file missing)
O2 - BHO: Class - {D8183F1C-9C01-D1D3-181E-D6CC335BB647} - **C:\WINDOWS\SYSTEM\MSXP.DLL (file missing)
O2 - BHO: Class - {1706490A-46E4-DD57-A8BB-9E0DE0B66E7B} - **C:\WINDOWS\CRST32.DLL (file missing)
Budfred
01-16-2006, 01:04 AM
Before you post any more of those... Use HJT to fix all O2 and O3 items that say (file missing)... Do NOT fix anything else.... Then reboot and post a fresh log...
zeffren
01-16-2006, 01:04 AM
part 7
O2 - BHO: Class - {0F8C2FF8-B84B-1234-32EF-FBA2FFCC592C} - **C:\WINDOWS\APIID.DLL (file missing)
O2 - BHO: Class - {BB5C7027-3BE4-9149-A99E-2401E8977C2C} - **C:\WINDOWS\NETWS32.DLL (file missing)
O2 - BHO: Class - {7AD04E0B-D534-84CD-5E99-9EFA09A699CC} - **C:\WINDOWS\SYSTEM\ADDHQ.DLL (file missing)
O2 - BHO: Class - {08460DA7-3C2B-3C21-9883-34880E388D10} - **C:\WINDOWS\SYSTEM\CRGQ32.DLL (file missing)
O2 - BHO: Class - {EE7F9874-6C5C-2039-02A8-8C435F1D1985} - **C:\WINDOWS\SYSTEM\APPVF32.DLL (file missing)
O2 - BHO: Class - {B513F19C-5C67-40E1-6FA7-165FFCD035F2} - **C:\WINDOWS\IPFB.DLL (file missing)
O2 - BHO: Class - {05F56680-4D3E-5B22-1A6A-A34FAA420FB1} - **C:\WINDOWS\SYSTEM\IEWA32.DLL (file missing)
O2 - BHO: Class - {624EE8C6-E9D4-2590-3AEA-B66F21D010E4} - **C:\WINDOWS\SYSTEM\APPPW.DLL (file missing)
O2 - BHO: Class - {FD267ABA-2820-E44A-FBD3-2C16BA6C9655} - **C:\WINDOWS\SYSTEM\SYSFL.DLL (file missing)
O2 - BHO: Class - {C8500B7A-84AC-8829-D0FE-6A6D58C9292D} - **C:\WINDOWS\SYSTEM\MFCJN.DLL (file missing)
O2 - BHO: Class - {75D06771-318B-0DBD-597B-9BF6BBECDD63} - **C:\WINDOWS\SYSTEM\D3UV.DLL (file missing)
O2 - BHO: Class - {21AF2959-35E4-E153-6267-3C5AF309FEB3} - **C:\WINDOWS\SYSTEM\NETLC32.DLL (file missing)
O2 - BHO: Class - {80D3DFA3-37F2-47BA-15DF-7EA3197E6CDC} - **C:\WINDOWS\JAVAPE32.DLL (file missing)
O2 - BHO: Class - {E5ACFBDC-30E9-4F3A-61EA-68B9DCA181EE} - **C:\WINDOWS\SYSTEM\MSZR.DLL (file missing)
O2 - BHO: Class - {4516ED6C-8451-CE75-8028-102D999C00AA} - **C:\WINDOWS\D3JP32.DLL (file missing)
O2 - BHO: Class - {8B069FBC-397A-C089-0939-34266353A170} - **C:\WINDOWS\SYSTEM\ADDTM.DLL (file missing)
O2 - BHO: Class - {A395BB3F-04D5-A500-478A-FF80D3C2FF6C} - **C:\WINDOWS\SYSTEM\NTHD32.DLL (file missing)
O2 - BHO: Class - {07D9E430-F766-4595-5B90-E8BCC2F8EF55} - **C:\WINDOWS\SYSTEM\IPTI32.DLL (file missing)
O2 - BHO: Class - {8D0E2CDC-2340-2D6B-DBFC-F49D56B0FCEC} - **C:\WINDOWS\WINCM.DLL (file missing)
O2 - BHO: Class - {A75A967A-15FF-0CD7-2E50-2DA6E204EF11} - **C:\WINDOWS\SYSTEM\APPYN32.DLL (file missing)
O2 - BHO: Class - {B4C95C6B-FF0C-7C45-8825-0C18C2CE913F} - **C:\WINDOWS\SYSTEM\APIRJ.DLL (file missing)
O2 - BHO: Class - {0155DC89-58A9-DAA7-8C65-19B56169147B} - **C:\WINDOWS\SYSTEM\ATLHQ.DLL (file missing)
O2 - BHO: Class - {7F1DF9FD-5957-0313-B9F9-EABDB4F680EE} - **C:\WINDOWS\JAVACA32.DLL (file missing)
O2 - BHO: Class - {25AF4569-BD8E-E75D-973D-8A48519B2603} - **C:\WINDOWS\SYSTEM\NTTY32.DLL (file missing)
O2 - BHO: Class - {0FC8D7C0-1C96-C119-B27D-2F675B9E7049} - **C:\WINDOWS\IERJ32.DLL (file missing)
O2 - BHO: Class - {4C622816-D07F-C94A-B1FB-BA8ED10155C0} - **C:\WINDOWS\IPKK.DLL (file missing)
O2 - BHO: Class - {3C0786CD-7F98-C405-789C-7CE5B6F8E94C} - **C:\WINDOWS\SYSTEM\APPPE32.DLL (file missing)
O2 - BHO: Class - {DE13E5F5-995A-E41F-BCEA-4BB12255DCB6} - **C:\WINDOWS\SYSTEM\IPXZ.DLL (file missing)
O2 - BHO: Class - {36FBD4AB-D820-286B-B35B-3177E411D54F} - **C:\WINDOWS\SYSTEM\IESC.DLL (file missing)
O2 - BHO: Class - {017630A0-5651-24CC-5524-1D24D9B10396} - **C:\WINDOWS\SYSTEM\IPTW.DLL (file missing)
O2 - BHO: Class - {C970DB1E-CFEB-B341-5FA1-C2EE692D7DE2} - **C:\WINDOWS\JAVAFM32.DLL (file missing)
O2 - BHO: Class - {C0B52B25-F1C7-7AED-5588-35199E367342} - **C:\WINDOWS\ADDTB.DLL (file missing)
O2 - BHO: Class - {1DEE67AF-CC14-9785-4A91-02D49DC88247} - **C:\WINDOWS\SYSTEM\SDKUH.DLL (file missing)
O2 - BHO: Class - {94F50C5F-7EE4-2B92-1BB2-F47C0C0B407F} - **C:\WINDOWS\SYSTEM\IEDH.DLL (file missing)
O2 - BHO: Class - {E7040714-7DF8-77D6-5597-2B05BD509ECF} - **C:\WINDOWS\SYSTEM\APIMQ.DLL (file missing)
O2 - BHO: Class - {19A5B83B-535E-8F7E-D984-1650B56B67C1} - **C:\WINDOWS\SYSTEM\APPRS32.DLL (file missing)
O2 - BHO: Class - {302FCDF6-C3B8-FDEF-DB33-BD6C8D4D3F17} - **C:\WINDOWS\ATLIZ32.DLL (file missing)
O2 - BHO: Class - {5BCF260F-C801-D6F7-224D-7118C2A58518} - **C:\WINDOWS\IEHH.DLL (file missing)
O2 - BHO: Class - {395654E0-C152-DEFC-F1D5-D4ED74FC94EC} - **C:\WINDOWS\JAVAER32.DLL (file missing)
O2 - BHO: Class - {589C07A9-1DC8-34EC-2E16-C0D5455DEAEC} - **C:\WINDOWS\SYSUE32.DLL (file missing)
O2 - BHO: Class - {FC4D1C93-3A3E-35D2-1515-1A241B913EAD} - **C:\WINDOWS\MSCY.DLL (file missing)
O2 - BHO: Class - {BD17FBCC-7402-AF39-F454-83BAA6A0B7B6} - **C:\WINDOWS\SYSTEM\WINOV32.DLL (file missing)
O2 - BHO: Class - {8C43E88E-23F1-9BEE-C679-37709D30FC66} - **C:\WINDOWS\SYSTEM\MFCFC.DLL (file missing)
O2 - BHO: Class - {2DA507CE-21F0-C241-2AA6-C3371265751B} - **C:\WINDOWS\ADDYC32.DLL (file missing)
O2 - BHO: Class - {F0088260-8D07-2B04-8A38-036A3B794B14} - **C:\WINDOWS\SYSTEM\NTNR32.DLL (file missing)
O2 - BHO: Class - {1F3EA21C-F800-4535-B35B-675591E8741E} - **C:\WINDOWS\WINDP.DLL (file missing)
O2 - BHO: Class - {7E41957F-89DF-563D-E57F-852D80213014} - **C:\WINDOWS\SYSTEM\IEJB32.DLL (file missing)
O2 - BHO: Class - {4EB25589-BE5C-9376-880D-7A957A8CC68D} - **C:\WINDOWS\SYSTEM\ATLSN32.DLL (file missing)
O2 - BHO: Class - {CBF039DD-C515-9570-992C-A14460661AF5} - **C:\WINDOWS\SYSTEM\D3CV.DLL (file missing)
O2 - BHO: Class - {F2059101-A0B5-E7E4-66E2-7F036D7A0E72} - **C:\WINDOWS\WINIG.DLL (file missing)
O2 - BHO: Class - {1E9130ED-15FF-7903-F86E-7339649B55DA} - **C:\WINDOWS\MSYV.DLL (file missing)
O2 - BHO: Class - {7C0D8542-7B84-251E-C98B-8A6A47C0B4F6} - **C:\WINDOWS\SYSTEM\WINYZ.DLL (file missing)
zeffren
01-16-2006, 01:07 AM
part 8
O2 - BHO: Class - {89856A69-C930-ABFC-EC5F-C1B2FF7838B0} - **C:\WINDOWS\SYSTEM\IPKM32.DLL (file missing)
O2 - BHO: Class - {A819655D-4D84-704C-E285-105F6EB941E1} - **C:\WINDOWS\SYSTEM\ADDPI32.DLL (file missing)
O2 - BHO: Class - {90BABD6B-DA3D-2814-4B15-345BCAAC2F67} - **C:\WINDOWS\D3AZ32.DLL (file missing)
O2 - BHO: Class - {E11A3644-18B0-1DC5-DA37-CB9FB027B7A0} - **C:\WINDOWS\JAVAVL32.DLL (file missing)
O2 - BHO: Class - {CE996454-8042-C16C-872E-240FA757FBD5} - **C:\WINDOWS\SYSTEM\ATLQA32.DLL (file missing)
O2 - BHO: Class - {AB6EDD85-AE4D-654F-6EE9-1EAD4CDD4057} - **C:\WINDOWS\SYSTEM\IPHH.DLL (file missing)
O2 - BHO: Class - {97FD252E-D00A-38CB-932A-31707D770820} - **C:\WINDOWS\SYSTEM\MSHB.DLL (file missing)
O2 - BHO: Class - {91F21F00-9E1E-5707-02DD-8989C486B05A} - **C:\WINDOWS\ATLFU.DLL (file missing)
O2 - BHO: Class - {387124F7-7388-5DC9-DAA3-EDA992B3146B} - **C:\WINDOWS\IPBY.DLL (file missing)
O2 - BHO: Class - {353955DE-0A8B-BAA1-4E05-45BA788C8A1B} - **C:\WINDOWS\CRUZ32.DLL (file missing)
O2 - BHO: Class - {33C16D19-7B27-27E9-6164-770D9CFB825A} - **C:\WINDOWS\SYSTEM\JAVAJU.DLL (file missing)
O2 - BHO: Class - {C150DCAF-9AA1-954F-F789-F83FF58EDA51} - **C:\WINDOWS\SYSTEM\APPGV.DLL (file missing)
O2 - BHO: Class - {082FA205-CF3A-E156-F50C-35DEC1A41A0F} - **C:\WINDOWS\IPCR.DLL (file missing)
O2 - BHO: Class - {D83166BB-4B1E-E009-AEF4-286D350913CF} - **C:\WINDOWS\NTWI.DLL (file missing)
O2 - BHO: Class - {B8E88C5E-BC25-80CC-D1C6-39631741D010} - **C:\WINDOWS\SYSTEM\MFCTJ32.DLL (file missing)
O2 - BHO: Class - {50A6ABD6-7A0D-3E40-3D4F-FBE367BC178C} - **C:\WINDOWS\SYSTEM\WINQT.DLL (file missing)
O2 - BHO: Class - {932FFC92-E36B-17AD-64FD-FC9367AF9E39} - **C:\WINDOWS\SYSTEM\MSGI.DLL (file missing)
O2 - BHO: Class - {7B4CB4A8-D1EF-22A5-DC8A-5D41F0137145} - **C:\WINDOWS\NETTX.DLL (file missing)
O2 - BHO: Class - {88D4DC00-8316-4C96-7C3D-67DE0558A395} - **C:\WINDOWS\APIAS32.DLL (file missing)
O2 - BHO: Class - {B7AA1C7E-9633-591E-CC80-96F99CF166D6} - **C:\WINDOWS\ATLIE.DLL (file missing)
O2 - BHO: Class - {0655C12D-4A51-353B-322A-B1322AB861EC} - **C:\WINDOWS\SYSTEM\JAVAUR32.DLL (file missing)
O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - **C:\WINDOWS\NTQB32.DLL (file missing)
O2 - BHO: Class - {CA46CB74-D4B2-9E7F-A17F-D83F0FCBE44D} - **C:\WINDOWS\APIFI32.DLL (file missing)
O2 - BHO: Class - {EF29429D-4288-0C38-F766-B5D35FD30A9B} - **C:\WINDOWS\SYSTEM\SYSSF32.DLL (file missing)
O2 - BHO: Class - {3FF22A8B-66B0-D57F-BCC2-241193115492} - **C:\WINDOWS\SYSTEM\ADDEW32.DLL (file missing)
O2 - BHO: Class - {EC4843C4-0595-2EE5-6781-60F0411A0AAF} - **C:\WINDOWS\SYSTEM\CRDD.DLL (file missing)
O2 - BHO: Class - {572A44A6-4945-DA71-B13F-066F8EC29E66} - **C:\WINDOWS\APPGH.DLL (file missing)
O2 - BHO: Class - {435397F3-E427-792C-0A91-80B33A1464D5} - **C:\WINDOWS\SYSTEM\APIUF32.DLL (file missing)
O2 - BHO: Class - {8F6D58EB-15A7-77E6-8F75-0C0FC6A733D0} - **C:\WINDOWS\SYSZB32.DLL (file missing)
O2 - BHO: Class - {B41B5122-5456-75A0-3D81-AE0F0D910AC6} - **C:\WINDOWS\ADDTS32.DLL (file missing)
O2 - BHO: Class - {0FF6C88F-1926-6A8F-A09F-584499CEA259} - **C:\WINDOWS\NTZH32.DLL (file missing)
O2 - BHO: Class - {51F0E5D0-5A0D-1418-A1C9-C417E3C5C516} - **C:\WINDOWS\SYSTEM\IEKL.DLL (file missing)
O2 - BHO: Class - {46E95C49-C7D9-CC9A-3962-B27ABABD4A75} - **C:\WINDOWS\SYSTEM\WININ.DLL (file missing)
O2 - BHO: Class - {E35FD33F-53BA-4B4E-6E17-C3C81EE7F8BC} - **C:\WINDOWS\MFCXX.DLL (file missing)
O2 - BHO: Class - {C3D0592A-E898-9364-DBD7-EC2ED69821AF} - **C:\WINDOWS\MSPE32.DLL (file missing)
O2 - BHO: Class - {955DE456-4FC8-12F9-FA9B-0600591E904D} - **C:\WINDOWS\APPTG32.DLL (file missing)
O2 - BHO: Class - {CF295B84-1F3D-A13C-944E-90632373707E} - **C:\WINDOWS\MFCZA32.DLL (file missing)
O2 - BHO: Class - {AC50F23D-F99D-EE5A-71F2-ABCB913DE13A} - **C:\WINDOWS\SDKIV32.DLL (file missing)
O2 - BHO: Class - {4288150C-A768-30F0-AFEC-CE3155F28398} - **C:\WINDOWS\SYSTEM\WINWK.DLL (file missing)
O2 - BHO: Class - {E4DF4553-A8BD-35D8-8802-86B621ED1DCA} - **C:\WINDOWS\SYSTEM\ATLOD.DLL (file missing)
O2 - BHO: Class - {1E9299A9-BF6A-EDA4-8182-44CC97B4CE96} - **C:\WINDOWS\NTKZ32.DLL (file missing)
O2 - BHO: Class - {2CE4A12E-AA6A-84B1-9B64-326550DCDE05} - **C:\WINDOWS\WINRB.DLL (file missing)
O2 - BHO: Class - {4CB8455B-D319-EAD4-A22C-23122C3C402C} - **C:\WINDOWS\JAVAVA32.DLL (file missing)
O2 - BHO: Class - {3547904B-13CE-0F0E-288D-EB9FEE121B90} - **C:\WINDOWS\SYSTEM\NETGQ32.DLL (file missing)
O2 - BHO: Class - {E7065518-0E66-202A-4EB4-121DBCBCE4D0} - **C:\WINDOWS\APIBI.DLL (file missing)
O2 - BHO: Class - {A0E095EB-74FB-9288-E117-E4EB1BCBB1EA} - **C:\WINDOWS\SYSUT32.DLL (file missing)
O2 - BHO: Class - {75C7424E-E5B4-289A-16E2-5131C7F1BFA8} - **C:\WINDOWS\IEGZ32.DLL (file missing)
O2 - BHO: Class - {31CA2290-77D9-5434-6002-2117347ADCC8} - **C:\WINDOWS\SYSTEM\SYSZK32.DLL (file missing)
O2 - BHO: Class - {E5D9D755-2D91-6CBE-9628-DE15E878CAF8} - **C:\WINDOWS\NTIN32.DLL (file missing)
O2 - BHO: Class - {27B79FBE-B0F8-F21C-02A9-63A03A6ECE89} - **C:\WINDOWS\SYSTEM\JAVAEO32.DLL (file missing)
O2 - BHO: Class - {98229130-7B32-6C95-BAD4-9E150FEEC41F} - **C:\WINDOWS\SYSTEM\SYSRU.DLL (file missing)
O2 - BHO: Class - {7FEDBFA5-CC24-E630-1084-0AD619910FDE} - **C:\WINDOWS\SYSTEM\NTCJ32.DLL (file missing)
O2 - BHO: Class - {BF8303BF-FE09-FBCD-6FA8-9E8D3C07DA44} - **C:\WINDOWS\SYSTEM\D3SQ.DLL (file missing)
O2 - BHO: Class - {0D8178AE-7DED-E7A6-AB6D-4D9B04D1AF2A} - **C:\WINDOWS\SYSTEM\MFCZL.DLL (file missing)
O2 - BHO: Class - {920AD1D2-5235-FD60-EB1A-42DB37705C6B} - **C:\WINDOWS\WINWU32.DLL (file missing)
O2 - BHO: Class - {8C677779-4FD3-169D-BA8E-E71421ADE371} - **C:\WINDOWS\APIHR32.DLL (file missing)
O2 - BHO: Class - {9DA4875C-E7AB-8957-897C-2E6523427FE7} - **C:\WINDOWS\SYSTEM\WINAH.DLL (file missing)
O2 - BHO: Class - {CFEA1D24-6CC5-DF22-DF98-2913007B3236} - **C:\WINDOWS\IEVL32.DLL (file missing)
O2 - BHO: Class - {7C061B06-4572-3DED-BEE5-45419ADBBEFC} - **C:\WINDOWS\WINGE32.DLL (file missing)
O2 - BHO: Class - {BA77E2CC-EDA1-2397-6D1D-8D33C8F8181B} - **C:\WINDOWS\SDKDV.DLL (file missing)
O2 - BHO: Class - {241E89F0-36B1-B2D9-4904-E86E094CD405} - **C:\WINDOWS\APIAE32.DLL (file missing)
O2 - BHO: Class - {D2C22B7F-8DD3-0C16-DA5B-AF1BC159FCC4} - **C:\WINDOWS\SDKUZ32.DLL (file missing)
O2 - BHO: Class - {3DD18F99-F4B2-E2CE-4499-B56B124A4263} - **C:\WINDOWS\SYSTEM\APPJZ.DLL (file missing)
O2 - BHO: Class - {28510C06-A16B-091E-FA46-4DB58B0A0432} - **C:\WINDOWS\ADDUH.DLL (file missing)
O2 - BHO: Class - {16BC716B-4CA1-1BCC-3013-0BB54033C395} - **C:\WINDOWS\WINOM.DLL (file missing)
O2 - BHO: Class - {EB230CF2-D770-7CDD-3A01-21C63ADD0123} - **C:\WINDOWS\CRXU.DLL (file missing)
O2 - BHO: Class - {7624347E-865E-1A7A-DB1B-BD99FE90372B} - **C:\WINDOWS\IEYL.DLL (file missing)
O2 - BHO: Class - {3E563B7A-650C-550C-F5E4-C7F1C2A65154} - **C:\WINDOWS\SYSTEM\APPYC.DLL (file missing)
O2 - BHO: Class - {CEC2B27A-883F-E124-1F3F-2CBA3C952B4F} - **C:\WINDOWS\APINI32.DLL (file missing)
O2 - BHO: Class - {56A8C663-874D-4D49-A514-C7F1D1B06635} - **C:\WINDOWS\NETFP.DLL (file missing)
O2 - BHO: Class - {2AA087AF-452D-7B85-0376-6038DFB29FBD} - **C:\WINDOWS\WINZC.DLL (file missing)
O2 - BHO: Class - {C91E708B-10E2-D009-7628-2FF422880424} - **C:\WINDOWS\SYSTEM\CRQR32.DLL (file missing)
O2 - BHO: Class - {8A145590-8F51-3F02-05A0-C47FF2278982} - **C:\WINDOWS\SYSTEM\ATLAT.DLL (file missing)
O2 - BHO: Class - {44EE1F01-F8F2-E8EC-80E1-D8E7FD0D7790} - **C:\WINDOWS\SYSTEM\D3LJ32.DLL (file missing)
O2 - BHO: Class - {00595A1A-F3C3-0278-F9C8-F54F803375B2} - **C:\WINDOWS\SYSTEM\SYSTE.DLL (file missing)
O2 - BHO: Class - {DEDBD566-E937-2878-49B6-DEF0093A388A} - **C:\WINDOWS\SYSTEM\JAVACT32.DLL (file missing)
O2 - BHO: Class - {610146D6-50AE-6627-57CD-E713C4595869} - **C:\WINDOWS\IEHV32.DLL (file missing)
O2 - BHO: Class - {9FF525C4-DA3A-A482-0793-0178BE517407} - **C:\WINDOWS\ATLZJ32.DLL (file missing)
O2 - BHO: Class - {CBCAC426-4AC6-B6CA-5FEB-39407E41AE7C} - **C:\WINDOWS\IEUE32.DLL (file missing)
O2 - BHO: Class - {DFA3BBC8-EFA1-7FBB-E4CA-7AE61A38A78D} - **C:\WINDOWS\CRWE32.DLL (file missing)
O2 - BHO: Class - {389622AC-010D-1BCC-D256-50C17646B062} - **C:\WINDOWS\SYSTEM\APIKF.DLL (file missing)
O2 - BHO: Class - {8521EA94-1EC4-ED82-D9DA-81CA0FF7674B} - **C:\WINDOWS\NTYF.DLL (file missing)
O2 - BHO: Class - {B10A9A8A-BFE0-3A30-47B5-BF3A196D2B94} - **C:\WINDOWS\CROM.DLL (file missing)
Budfred
01-16-2006, 01:08 AM
STOP... READ my last message 2 posts up!!!!!!!!!!!!!!!!!!!
zeffren
01-16-2006, 01:09 AM
part 9
O2 - BHO: Class - {CB4697C2-0A72-46F8-9AF4-EE648F3E92A7} - **C:\WINDOWS\APIDK.DLL (file missing)
O2 - BHO: Class - {EAD01F30-8167-D510-8ED0-53B9B66F4880} - **C:\WINDOWS\D3WM.DLL (file missing)
O2 - BHO: Class - {C97C25C3-652E-69AA-115D-2E4313BB2D75} - **C:\WINDOWS\CRDH32.DLL (file missing)
O2 - BHO: Class - {036CAC76-1E70-CC49-D6D2-0A9821EE5653} - **C:\WINDOWS\SYSTEM\APIGC.DLL (file missing)
O2 - BHO: Class - {10CB9ED8-DE3E-49E2-5735-9F1B7A0CC365} - **C:\WINDOWS\D3XA32.DLL (file missing)
O2 - BHO: Class - {2D9CC334-5E88-A367-8037-97DA2F9B1C74} - **C:\WINDOWS\SYSTEM\SYSZV.DLL (file missing)
O2 - BHO: Class - {7A02B1F4-850B-428A-EFBB-8261989BF9E2} - **C:\WINDOWS\SYSTEM\NETKX.DLL (file missing)
O2 - BHO: Class - {67315774-BF9B-4909-4DF3-6B8EA18180E4} - **C:\WINDOWS\SYSTEM\SDKVV32.DLL (file missing)
O2 - BHO: Class - {C16D172B-93E4-EBAC-D1F1-9E146A146BD5} - **C:\WINDOWS\SYSTEM\APISX.DLL (file missing)
O2 - BHO: Class - {B3FF7B9C-F1C8-535C-D226-761BB3147CE2} - **C:\WINDOWS\NTIH.DLL (file missing)
O2 - BHO: Class - {25C8EE92-824A-9639-4E91-13EC08423454} - **C:\WINDOWS\IPQB32.DLL (file missing)
O2 - BHO: Class - {E426BCED-DD32-904C-AC71-CE36B0634506} - **C:\WINDOWS\D3AA32.DLL (file missing)
O2 - BHO: Class - {C9533713-07CF-C21F-7AB8-989D6A448E7E} - **C:\WINDOWS\CRIU.DLL (file missing)
O2 - BHO: Class - {E98CC41A-8BD7-CE5C-02EE-D529CDEE3973} - **C:\WINDOWS\SYSTEM\NTXB.DLL (file missing)
O2 - BHO: Class - {A00AB9E9-CFED-C0C6-90BA-B32381F9C199} - **C:\WINDOWS\SYSTEM\MFCAI.DLL (file missing)
O2 - BHO: Class - {1BD58A3D-D84D-3006-CA07-81714822BEDB} - **C:\WINDOWS\CRCM.DLL (file missing)
O2 - BHO: Class - {BFBF7402-6F56-197C-30EF-A2D7ABD52E16} - **C:\WINDOWS\NTST.DLL (file missing)
O2 - BHO: Class - {9E45C8C1-AA50-A400-B9DA-69B4E3B82261} - **C:\WINDOWS\SYSTEM\IPFM32.DLL (file missing)
O2 - BHO: Class - {3DE3C5E7-E056-7870-5BA6-FDECCF02B31C} - **C:\WINDOWS\SYSTEM\SDKYV32.DLL (file missing)
O2 - BHO: Class - {E7CE865F-83BD-8B29-E37E-2FF507C083A3} - **C:\WINDOWS\MSDX32.DLL (file missing)
O2 - BHO: Class - {E36E06F3-D2AD-0B7B-342B-5FBA805B6F20} - **C:\WINDOWS\SYSTEM\IPGQ.DLL (file missing)
O2 - BHO: Class - {B39DD509-E1F5-073C-7DCC-52B6550CEC40} - **C:\WINDOWS\MFCRM32.DLL (file missing)
O2 - BHO: Class - {4230B786-8F52-5877-3237-0F1B6BFC64B3} - **C:\WINDOWS\SYSTEM\WINNM.DLL (file missing)
O2 - BHO: Class - {EB7A1A2D-9C0D-C8D4-8A9B-F6E22A647B85} - **C:\WINDOWS\MSWF32.DLL (file missing)
O2 - BHO: Class - {AF0A8010-005A-BEE0-BFC9-FB125961C374} - **C:\WINDOWS\SYSTEM\NTPD32.DLL (file missing)
O2 - BHO: Class - {5F0FCB6F-44FE-17E2-989A-B6D27A932285} - **C:\WINDOWS\SYSTEM\SYSPY32.DLL (file missing)
O2 - BHO: Class - {DB34B7F0-D490-5205-7CAE-49DCC4F42315} - **C:\WINDOWS\NTDS32.DLL (file missing)
O2 - BHO: Class - {B55BCAAE-B104-F97D-9440-3B877FD1C970} - **C:\WINDOWS\SYSTEM\CRPP.DLL (file missing)
O2 - BHO: Class - {762F81D5-81CA-A1BC-751A-8C7745BE3587} - **C:\WINDOWS\SYSTEM\APPIX32.DLL (file missing)
O2 - BHO: Class - {55F3EB81-72B4-C0C2-15A8-068454040866} - **C:\WINDOWS\SYSTEM\CRVL32.DLL (file missing)
O2 - BHO: Class - {102D7ADF-B1F2-150B-DD47-0D7AE8ECDFE0} - **C:\WINDOWS\JAVAAW.DLL (file missing)
O2 - BHO: Class - {26F48417-BA3B-EB85-58BC-D6D86BF802EF} - **C:\WINDOWS\IEYE.DLL (file missing)
O2 - BHO: Class - {49BECFF4-7393-1212-D3DD-7E8D3DE210B1} - **C:\WINDOWS\SYSTEM\APIPC32.DLL (file missing)
O2 - BHO: Class - {9EFD529D-46F8-2CEA-E958-34254F447995} - **C:\WINDOWS\SYSTEM\IPGK.DLL (file missing)
O2 - BHO: Class - {58D0CDED-292E-A742-0F1D-80D844764A6C} - **C:\WINDOWS\NTOQ.DLL (file missing)
O2 - BHO: Class - {81C4026E-2E5E-88DC-7B26-44B223181EC2} - **C:\WINDOWS\NTQU32.DLL (file missing)
O2 - BHO: Class - {9E4475A0-E2D9-90AF-1E86-7FA3DE0B011B} - **C:\WINDOWS\SYSTEM\MSYG32.DLL (file missing)
O2 - BHO: Class - {E2CF483C-E12D-74BF-2258-F30DD51FE932} - **C:\WINDOWS\SYSTEM\JAVAPH.DLL (file missing)
O2 - BHO: Class - {C57A97CE-E8D2-2292-3692-AE5AD4A452E1} - **C:\WINDOWS\IPFO.DLL (file missing)
O2 - BHO: Class - {5E64696E-4C70-147B-6A40-0FCDF71C2F1E} - **C:\WINDOWS\ADDFA32.DLL (file missing)
O2 - BHO: Class - {85A8D85F-2DD8-DE08-A0B2-F759605E60DA} - **C:\WINDOWS\SYSTEM\CRWJ32.DLL (file missing)
O2 - BHO: Class - {5AD1F558-7D3B-880C-B8F3-3397174D6EE6} - **C:\WINDOWS\SYSTEM\JAVASQ.DLL (file missing)
O2 - BHO: Class - {D9FCBA68-5B87-1958-A80B-AD03334103BE} - **C:\WINDOWS\SYSTEM\IEMR.DLL (file missing)
O2 - BHO: Class - {B122B85D-3708-C0FF-DD1B-6F69A7D6D247} - **C:\WINDOWS\CRTL.DLL (file missing)
O2 - BHO: Class - {61744A12-E125-F69C-D1D5-BEFC7277ADF6} - **C:\WINDOWS\WINFR32.DLL (file missing)
O2 - BHO: Class - {119847AD-E967-510F-C463-E0A5B64E15E1} - **C:\WINDOWS\NETYW32.DLL (file missing)
O2 - BHO: Class - {CF4884A6-1B35-783A-1F53-7D50AD282032} - **C:\WINDOWS\SYSTEM\JAVATC32.DLL (file missing)
O2 - BHO: Class - {1CBF1DDF-B824-2FBE-AEA6-6BD514696DF9} - **C:\WINDOWS\SYSTEM\SYSKP32.DLL (file missing)
O2 - BHO: Class - {346C69D8-47DA-8D25-2793-091F27AD1739} - **C:\WINDOWS\ADDKA.DLL (file missing)
O2 - BHO: Class - {60CF4492-119D-A24C-4318-B79E3CA3AE85} - **C:\WINDOWS\ATLHW32.DLL (file missing)
O2 - BHO: Class - {7055D377-44A2-1793-E109-C6FE15F0A9AB} - **C:\WINDOWS\SYSTEM\MSCT32.DLL (file missing)
O2 - BHO: Class - {43DD5961-CA21-309E-A707-F9C0813A3D33} - **C:\WINDOWS\SYSTEM\CRER32.DLL (file missing)
O2 - BHO: Class - {3450926F-D1E7-AF04-B092-55CDB25431A1} - **C:\WINDOWS\SYSTEM\IEOE32.DLL (file missing)
O2 - BHO: Class - {EFBC894E-C716-CF6F-30F0-1F1AE60E2401} - **C:\WINDOWS\MFCCQ.DLL (file missing)
O2 - BHO: Class - {D0D5FF96-EC42-F266-A50E-43824A8C72CC} - **C:\WINDOWS\SYSTEM\APIRO32.DLL (file missing)
O2 - BHO: Class - {410127F4-6EC0-FA46-13B5-0A935061D037} - **C:\WINDOWS\SYSTEM\NETLF32.DLL (file missing)
O2 - BHO: Class - {30C2CB79-B898-DCF3-EFEF-5BB2F1EDEC08} - **C:\WINDOWS\NETJV32.DLL (file missing)
O2 - BHO: Class - {895989D8-A652-DA41-8BE1-C5EC6B1F227D} - **C:\WINDOWS\SYSTEM\IEIY.DLL (file missing)
O2 - BHO: Class - {C871E993-FDEC-292E-86CE-435FEE5CFF75} - **C:\WINDOWS\ADDQB32.DLL (file missing)
O2 - BHO: Class - {BB7B8A9C-DD4F-5B52-7ADF-FC76786C7394} - **C:\WINDOWS\SYSTEM\APPMC32.DLL (file missing)
O2 - BHO: Class - {407D7572-4FE2-1C98-AC10-633A17404FF8} - **C:\WINDOWS\SYSTEM\APIKE32.DLL (file missing)
O2 - BHO: Class - {9AD05C3A-CC73-B83C-9965-1A6BED5208BB} - **C:\WINDOWS\APPZL32.DLL (file missing)
O2 - BHO: Class - {D53BE37F-3A2E-270B-1A0A-66FD4B4BEE2F} - **C:\WINDOWS\SYSGE32.DLL (file missing)
Budfred
01-16-2006, 01:09 AM
I am closing this for the moment... Read what I posted....
Budfred
01-16-2006, 01:17 AM
Hopefully you slowed down and read my earlier messages, so I am opening this again... I will close it again if you start posting more of those entries... Please follow the instructions I posted and then post a fresh log...
zeffren
01-16-2006, 01:37 AM
OK got a lil excited there huh!....
did what you said and here is the new post
Logfile of HijackThis v1.99.1
Scan saved at 12:03:05 AM, on 4/01/00
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\PRIMESOFT\ASWNK\ASWNK.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\MOBILE PHONETOOLS\WATCHDOG.EXE
C:\WINDOWS\SYSTEM\UWPDNMRAZ.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.au/
R3 - Default URLSearchHook is missing
O2 - BHO: PrimeSoft - {44A23DAB-8D31-43AE-9F68-5AC24CF7CE8C} - C:\WINDOWS\SYSTEM\MSINFOSYS.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: PrimeSoft - {44A23DAB-8D31-43AE-9F68-5AC24CF7CE8C} - C:\WINDOWS\SYSTEM\MSINFOSYS.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [ASWnk] c:\program files\primesoft\aswnk\aswnk.exe /noconnect
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [rb32 ml071e] "c:\program files\RapidBlaster\rb32.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\Run: [uwpdnmraz] c:\windows\system\uwpdnmraz.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1059.dll,InstantAccess
O4 - HKCU\..\Run: [SpyElim] lpt.exe
O4 - HKCU\..\Run: [progmen] ssweeper.exe
O4 - HKCU\..\Run: [AppMasterCenter] TemplateDongle.exe
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_AddToList.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O9 - Extra button: Big Pond - {C3FE1580-10ED-11D5-A3A2-D8EA4E107E34} - [url]http://www.bigpond.com/[/url] (file missing) (HKCU)
O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab[/url]
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {47779CB3-13A1-17D8-46BC-130F22435F52} - [url]http://69.50.173.166/1/gdnAU1862.exe[/url]
O16 - DPF: {0F756AA7-07CF-15BA-C97E-7E192779C5C8} - [url]http://69.50.173.166/1/gdnAU1862.exe[/url]
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 195.95.218.1,85.255.112.7
Budfred
01-16-2006, 09:35 AM
You still have a pretty good mess here... First, you have RapidBlaster... Please go to Add/Remove Programs in you Control Panel and look for:
RapidBlaster or rb32.exe
Uninstall what you find...
R3 - Default URLSearchHook is missing
O2 - BHO: PrimeSoft - {44A23DAB-8D31-43AE-9F68-5AC24CF7CE8C} - C:\WINDOWS\SYSTEM\MSINFOSYS.DLL
O3 - Toolbar: PrimeSoft - {44A23DAB-8D31-43AE-9F68-5AC24CF7CE8C} - C:\WINDOWS\SYSTEM\MSINFOSYS.DLL
O4 - HKLM\..\Run: [ASWnk] c:\program files\primesoft\aswnk\aswnk.exe /noconnect
O4 - HKLM\..\Run: [rb32 ml071e] "c:\program files\RapidBlaster\rb32.exe"
O4 - HKLM\..\Run: [uwpdnmraz] c:\windows\system\uwpdnmraz.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1059.dll,InstantAccess
O4 - HKCU\..\Run: [SpyElim] lpt.exe
O4 - HKCU\..\Run: [progmen] ssweeper.exe
O4 - HKCU\..\Run: [AppMasterCenter] TemplateDongle.exe
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O16 - DPF: {47779CB3-13A1-17D8-46BC-130F22435F52} - http://69.50.173.166/1/gdnAU1862.exe
O16 - DPF: {0F756AA7-07CF-15BA-C97E-7E192779C5C8} - http://69.50.173.166/1/gdnAU1862.exe
Close all open windows except HJT and press Fix checked...
Find and delete:
c:\program files\primesoft\aswnk\aswnk.exe (whole folder)
c:\program files\RapidBlaster\rb32.exe (whole folder)
c:\windows\system\uwpdnmraz.exe
EGDACCESS_1059.dll
lpt.exe
ssweeper.exe
TemplateDongle.exe
c:\program files\mailskinner\mailskinner.exe (whole folder)
Reboot and post a fresh HJT log with a report on how things went... Let me know if you couldn't find any of the folders/files to delete...
zeffren
01-16-2006, 10:52 PM
Hey. ok did what you asked and there were a few things i couldnt find....
O4 - HKLM\..\Run: [rb32 ml071e] "c:\program files\RapidBlaster\rb32.exe"
c:\program files\RapidBlaster\rb32.exe (whole folder)
c:\windows\system\uwpdnmraz.exe
EGDACCESS_1059.dll
lpt.exe
ssweeper.exe
TemplateDongle.exe
c:\program files\mailskinner\mailskinner.exe (whole folder)
and here is the new log....
Logfile of HijackThis v1.99.1
Scan saved at 9:13:32 PM, on 4/01/00
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\MOBILE PHONETOOLS\WATCHDOG.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.au/
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_AddToList.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O9 - Extra button: Big Pond - {C3FE1580-10ED-11D5-A3A2-D8EA4E107E34} - http://www.bigpond.com/ (file missing) (HKCU)
O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 195.95.218.1,85.255.112.7
Budfred
01-16-2006, 11:24 PM
Most of the garbage seems to be gone... Use HJT to try to fix this again... If it doesn't go, we will need to run some other scans:
O15 - Trusted IP range: 206.161.125.149
Reboot and post a fresh log...
zeffren
01-16-2006, 11:48 PM
here you go again.....Looks like its still there.... one thing though i dont have time to make a coffee cook dinner and have 8 hours sleep befor explorer starts up anymore.... ;)
Logfile of HijackThis v1.99.1
Scan saved at 10:11:01 PM, on 4/01/00
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\MOBILE PHONETOOLS\WATCHDOG.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.au/
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_AddToList.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O9 - Extra button: Big Pond - {C3FE1580-10ED-11D5-A3A2-D8EA4E107E34} - http://www.bigpond.com/ (file missing) (HKCU)
O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 195.95.218.1,85.255.112.7
Budfred
01-17-2006, 12:05 AM
Okay, try running the HouseCall online virus scan from my signature... It wouldn't hurt to run the other one as well...
Then download, install and update Ad-Aware SE and run it... Fix all that it finds...
Reboot and post a fresh HJT log and a report on how things went and how your computer is working... That remaining item is a trojan, so we need to kill it...
zeffren
01-17-2006, 07:59 AM
Ok did as you sudgested....and well as you can see.... its still there...House call found a few things... fixed most but not all.did the sudgested manual deleating but could not find the subkeys. Ran adaware and it round 2 reg entries. the computer is running alot better as i said but sometimes it hangs on shutdown...says explorer is not responding.. and it has blue screened twice. but it is quiet alot better.anyway here is the new log.
Logfile of HijackThis v1.99.1
Scan saved at 6:28:14 AM, on 5/01/00
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\MOBILE PHONETOOLS\WATCHDOG.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.au/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra button: Big Pond - {C3FE1580-10ED-11D5-A3A2-D8EA4E107E34} - [url]http://www.bigpond.com/[/url] (file missing) (HKCU)
O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab[/url]
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 195.95.218.1,85.255.112.7
Budfred
01-17-2006, 09:02 AM
Okay, try a MWavScan so I can get a better picture of this thing... Particularly note which part of the log to post:
Try running an MWavScan... It will produce a log in the lower window that has the bad list and you will need to use Ctrl-C to copy it and then paste it here for review.... If the list is extremely long, you can just paste the lines that begin with the word "File" since those are the ones we need to be most concerned about...
http://www.mwti.net/products/mwav/mwav.asp
It will suggest that you buy the product to fix what it finds, but that is not necessary... Just post the bad part of the scan and we will deal with it...
zeffren
01-20-2006, 12:25 AM
Ok did as you asked....here is what you asked for
File C:\WINDOWS\Adult_Chat.exe tagged as "not-a-virus:Porn-Dialer.Win32.AsianRaw.bi". Action Taken: No Action Taken.
File C:\WINDOWS\pxckdlauninstall.exe tagged as "not-a-virus:AdWare.Win32.NoName.f". Action Taken: No Action Taken.
File C:\WINDOWS\deinstall.exe infected by "Trojan.Win32.Krepper.ak" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\msclock32.dll tagged as "not-a-virus:AdWare.Win32.NaviPromo.n". Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\iagold3.exe infected by "Trojan.Win32.Golid" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\msplock32.dll tagged as "not-a-virus:AdWare.Win32.NaviPromo.n". Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\EasyDates_au-uninstall.exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\loadctr.exe infected by "Trojan-Dropper.Win32.Small.zx" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\intfsdffdsronsad.exe tagged as "not-a-virus:AdWare.Win32.ISearch.d". Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\dumpsprep.exe infected by "Trojan-Dropper.Win32.Small.xl" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\5HAQY1JH\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\K9YNODQF\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\G5U7WLYZ\toolbar[1].exe tagged as "not-a-virus:AdWare.Win32.ISearch.d". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\OP23GHIJ\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\OP23GHIJ\bbi8032[2].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\OP23GHIJ\setup_inc red_404_p2[1].exe infected by "Trojan-Downloader.Win32.Keenval" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\OP23GHIJ\gdnAU1862 [1].exe infected by "Trojan.Win32.Dialer.ht" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDQ3GLQF\fwn_setup [1].exe tagged as "not-a-virus:AdWare.Win32.FWN.b". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\211IRE5G\barginbud dy[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.s". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\211IRE5G\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\X3N3PXOE\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\MFIBU5QR\gdnAU1862 [2].exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\4LU3S5UZ\fff[1].exe infected by "Trojan.Win32.Golid.i" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\WLUB8HIJ\toprebate s[1].exe infected by "Trojan-Clicker.Win32.Agent.di" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\S1CBCRSV\setup_inc red_FabianBuys_p2[1].exe infected by "Trojan-Downloader.Win32.Keenval" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\S1CBCRSV\setup_inc red_404_p2[1].exe infected by "Trojan-Downloader.Win32.Keenval" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\EVIZUHQJ\amateur2_ gb[1].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\EVIZUHQJ\amateur2_ gb[3].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\EDN4XG36\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\EDN4XG36\gdnAU1862 [1].exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\C9URG9QN\amateur2_ gb[1].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\9OKN5LST\fff[1].exe infected by "Trojan.Win32.Golid.i" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\9OKN5LST\amateur2_ gb[1].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\9OKN5LST\amateur2_ gb[2].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\9OKN5LST\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
zeffren
01-20-2006, 12:31 AM
and here is the second part to the log....
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\9OKN5LST\amateur2_ gb[3].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDAV89IZ\amateur2_ gb[1].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDAV89IZ\amateur2_ gb[2].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDAV89IZ\amateur2_ gb[3].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDAV89IZ\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDAV89IZ\amateur2_ gb[4].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDAV89IZ\amateur2_ gb[5].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDAV89IZ\amateur2_ gb[6].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\GDAV89IZ\amateur2_ gb[7].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\amateur2_ gb[1].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\amateur2_ gb[5].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\amateur2_ gb[2].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\amateur2_ gb[3].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\amateur2_ gb[4].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\bbi8032[2].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\amateur2_ gb[6].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\NF5NVHCW\amateur2_ gb[7].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\W3XFEIBP\amateur2_ gb[1].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\W3XFEIBP\amateur2_ gb[2].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\W3XFEIBP\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\W3XFEIBP\amateur2_ gb[3].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\W3XFEIBP\amateur2_ gb[4].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\W3XFEIBP\amateur2_ gb[5].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\W3XFEIBP\amateur2_ gb[7].exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\UTXUZE1S\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\Z3PJ7P8S\bbi8032[1].exe tagged as "not-a-virus:AdWare.Win32.BargainBuddy.l". Action Taken: No Action Taken.
Budfred
01-20-2006, 12:44 AM
Okay, first download and run CCleaner to clear out temporary folders:
http://www.ccleaner.com/
Then you are going to need to use KillBox to clear out that other garbage:
http://www.atribune.org/downloads/KillBox.exe
Then copy/paste this list into a Notepad file so that you can access it in Safe Mode... Boot to Safe Mode (tap F8 just before Windows starts loading and select Safe Mode)... Choose the "Delete on reboot" and "End Explorer Shell while Killing file" options... Copy/paste the entire list into the line for the file... It should be able to accept the whole list, but if it doesn't you will need to enter them one at a time... Do not click through to close it out and reboot until they have all been entered... Once they are all entered, click through to kill them...
C:\WINDOWS\Adult_Chat.exe
C:\WINDOWS\pxckdlauninstall.exe
C:\WINDOWS\deinstall.exe
C:\WINDOWS\SYSTEM\msclock32.dll
C:\WINDOWS\SYSTEM\iagold3.exe
C:\WINDOWS\SYSTEM\msplock32.dll
C:\WINDOWS\SYSTEM\EasyDates_au-uninstall.exe
C:\WINDOWS\SYSTEM\loadctr.exe
C:\WINDOWS\SYSTEM\intfsdffdsronsad.exe
C:\WINDOWS\SYSTEM\dumpsprep.exe
When done, reboot and post a fresh MWavScan... Also comment on how things are going...
zeffren
01-22-2006, 10:33 PM
Ok here is the new MWavScan. Also the Trusted I.P range" still seems to be listed in the HJT log. Computer is kinda OK but still seems to be slow on the net.Internet explorer still crashes at times, "An unexpected error has occored in internet exploror and this program will now close" message. After this happans my desktop will "blink" a few times then when it comes back i will have lost some icons off my Toolbar, namely Norton antivirus and the "little T.V's" that display for my modem. But i will still be connected to the net. If i go to my modem and see the Data transfer rate i can see information being sent and recieved but i will not be browsing or downloading.My homepage was changed to netscape without my doing it aslwell, i booted my computer and there it was.
Object "netzip Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "tinybar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "rapidblaster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "netzip Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "imiserver ieplugin Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "180solutions Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "rapidblaster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "rapidblaster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "powerreg scheduler Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "powerreg scheduler Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "rapidblaster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "powerreg scheduler Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "powerreg scheduler Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ezula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ezula Spyware/Adware" found in File System! Action Taken: No Action Taken.
zeffren
01-22-2006, 10:35 PM
and here is the other part....and the file anteries have gone.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "E:\Office\Actors\logo.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "E:\Office\Actors\scribble.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "E:\Office\Actors\dot.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "E:\Office\Actors\mnature.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "E:\Office\Actors\hoverbot.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "E:\Office\Actors\will.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "E:\Office\Actors\powerpup.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "E:\Office\Actors\genius.act". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Sha redDlls" refers to invalid object "C:\WINDOWS\TEMP\ICD1.tmp\istactivex.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Wizhost.exe" refers to invalid object "". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\OOBE v.2" refers to invalid object "". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\MsoHtmEd.exe" refers to invalid object "". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Enc2000.exe" refers to invalid object "". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ERS2000.exe" refers to invalid object "". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\CentralScienceLive" refers to invalid object "". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\rsuvwya.exe" refers to invalid object "". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Easy-WebPrint" refers to invalid object "C:\Program Files\Canon\Easy-WebPrint". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\Folders" refers to invalid object "c:\WINDOWS\Start Menu\Programs\HP Share-to-Web\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Shared Tools\msoc.dll" refers to invalid object "C:\Program Files\Microsoft Office\Office". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E82A6C76-8A41-4949-8F7E-9C1B3E59AA90}" refers to invalid object "C:\WINDOWS\TEMP\{60202~1\_EXTRA\OBJECTS\CMDLINE.DL L". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{CFC159E0-92F6-11CF-BA4C-00AA00C0176C}" refers to invalid object "C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\iofd.tlb". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{083319C4-E780-11D2-8A8D-00C04FA31D93}" refers to invalid object "C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\INV7.OCX". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{E5D0E05F-5309-11D1-A1F0-0000F875A2F0}" refers to invalid object "C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\MSCPS.DLL". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{00CEDBF1-864D-11D3-908D-00C0F03B3EDC}" refers to invalid object "C:\PROGRAM FILES\REAL\REALJUKEBOX\IERJPLUG.DLL". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{18A69C68-F3B5-11D5-A3A3-B558B611E034}" refers to invalid object "c:\windows\TEMP\Word8.0\MSForms.exd". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{EF99BD24-C1FB-11D2-892F-0090271D4F88}" refers to invalid object "C:\WINDOWS\DOWNLOADED PROGRAM FILES\YCOMP4,0,2,5.DLL". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{F70F8A45-C490-11D4-9770-0050046C5995}" refers to invalid object "C:\Program Files\ubi.com\plugins\lobbyplugin.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{26436C9F-CA34-11D4-9772-0050046C5995}" refers to invalid object "C:\Program Files\ubi.com\plugins\sessiondp.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{3FB50037-738F-11D4-A39E-0001023B4289}" refers to invalid object "C:\Program Files\ubi.com\Plugins\glfriendsplugin.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{54788BC3-AF4B-11D4-9E49-006008286057}" refers to invalid object "C:\Program Files\ubi.com\com\comgsclient.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{A64DCF07-1178-11D5-9786-0050046C5995}" refers to invalid object "C:\Program Files\ubi.com\com\filexfer.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{39EB71B1-D410-47C6-BCCA-15B9E2C3A9BD}" refers to invalid object "C:\Program Files\ubi.com\com\glconfiginfo.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{83259057-5BD2-4BA1-BC9B-C15D1EE9694F}" refers to invalid object "C:\Program Files\ubi.com\com\glhost.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{367C7F88-00F6-11D5-9780-0050046C5995}" refers to invalid object "C:\Program Files\ubi.com\com\glirc.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{ED26FA88-1322-4456-AF42-74D7187620C5}" refers to invalid object "C:\Program Files\ubi.com\com\glplugin.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{160863C9-8A3A-4E57-A015-891B9F8D8975}" refers to invalid object "C:\Program Files\ubi.com\com\glvoicechat.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}" refers to invalid object "C:\Program Files\ubi.com\com\xceedzip.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{9AB4973D-747A-11D5-97A4-0050046C5995}" refers to invalid object "C:\Program Files\ubi.com\plugins\sessionhybrid.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{A657CBD7-2388-11D5-A8BE-000102246AAE}" refers to invalid object "C:\Program Files\ubi.com\Plugins\sessionubi.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{EADAF9C0-9F71-4FDC-BCB2-E57C8627684E}" refers to invalid object "C:\PROGRAM FILES\COMMON FILES\EACCELERATION\EAC_DREC.DLL". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{468DB36F-74E6-11D6-A3A3-CFA216296F34}" refers to invalid object "c:\windows\TEMP\VBE\MSForms.EXD". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{3D7284B3-5B70-11D0-997F-00AA004CA751}" refers to invalid object "C:\PROGRAM FILES\TLI\A+ ITALIAN\VM\KBD.TLB". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{3D7284C3-5B70-11D0-997F-00AA004CA751}" refers to invalid object "C:\PROGRAM FILES\TLI\A+ ITALIAN\KBD3.TLB". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{9279AB00-BFD9-11D0-8307-00A0C9037801}" refers to invalid object "C:\PROGRAM FILES\TLI\A+ ITALIAN\TLCLIPBD.TLB". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{E82A77D8-0CC3-11D2-A646-000000000000}" refers to invalid object "C:\PROGRAM FILES\TLI\A+ ITALIAN\VIDEOX.OCX". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{32381565-9806-11D2-A88F-000000000000}" refers to invalid object "C:\PROGRAM FILES\TLI\A+ ITALIAN\SOUNDX.OCX". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{B5502CC6-85A0-4A11-AB3B-036B1FDA2B9B}" refers to invalid object "C:\PALTALK\PTICON1.DLL". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{98B04C44-FE6D-11D7-A3A3-444553540000}" refers to invalid object "c:\windows\TEMP\Word8.0\ShockwaveFlashObjects.exd". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{7ED12679-630C-427C-9E04-06356A1C1A45}" refers to invalid object "C:\WINDOWS\TEMP\{60202120-90E1-11D9-A3A3-CDFE89087135}\_EXTRA\OBJECTS\CMDLINE.DLL". Action Taken: No Action Taken.
Entry "HKCR\.POT" refers to invalid object "Powerpoint.Template". Action Taken: No Action Taken.
Entry "HKCR\RogerWilco.Channel.1\shell\open\command" refers to invalid object "A:\ROGERW~1\ROGER.EXE /file %1". Action Taken: No Action Taken.
Entry "HKCR\RogerWilco.Audio.1\shell\open\command" refers to invalid object "A:\ROGERW~1\ROGER.EXE /play %1". Action Taken: No Action Taken.
Entry "HKCR\IEL000\shell\open\command" refers to invalid object "E:\hd\hdlaunch.exe %1". Action Taken: No Action Taken.
Budfred
01-23-2006, 12:32 AM
Some of the changes you are seeing may be due to the fixes we are doing... The malware changes settings and default settings are put in place when the malware is removed... Try using DelDomains for the Trusted IP issue...
Please download WinHelp2002's DelDomains by right-clicking on the following link, and choosing "Save Target As":
http://www.mvps.org/winhelp2002/DelDomains.inf
Save the file to the desktop. Then go to the desktop, right click on DelDomains.inf, and choose Install. You may not see any noticeable changes or prompts; this is normal. Then please restart your computer, and post a new HijackThis log. You will have to reimmunize with SpywareBlaster, IE-SPYADS, and/or Spybot after doing this.
zeffren
01-23-2006, 01:40 AM
OK did as you asked....here is the new HJT log...hope everything looks ok.
Logfile of HijackThis v1.99.1
Scan saved at 4:34:55 PM, on 23/01/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.netscape.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab[/url]
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 195.95.218.1,85.255.112.7
Budfred
01-23-2006, 08:54 AM
Your log seems to be clean... Is your computer running okay??
Run one more scan just to be sure we didn't miss something nasty:
Please download RootkitRevealer.exe and unzip it into a folder. Run a scan and produce a log...
http://www.sysinternals.com/Files/RootkitRevealer.zip
When it is done, go to File and select Save...
Include the log in your next reply.
Do not worry if there are a large number of items, this is normal.
It is a deep scan which will take a considerable amount of time, I suggest you disconnect from the internet and leave the PC alone until its finished.
To reduce the size of the log posted here, please edit out items that appear in these folders if there are some:
C:\RECYCLER\NPROTECT
C:\System Volume Information
before you post the log....
Also, this suggests you are getting your internet service from the Ukraine... if that is not true, fix this line in HJT:
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 195.95.218.1,85.255.112.7
zeffren
01-25-2006, 10:23 AM
OK tried running the "rootkit" program but it wouldnt run. Got "the PSAPI.DLL file is linked to missing export NTDLL.DLL:_stricmp." message. then there was another error message that said.."A Device the is attached to your system is not functioning" I think is cause i'm only running windows 98. Got something else i can use or a sudgestion? couldnt find anything about it on there message boards. anyway...The computer seems to be runnig ok and here is the latest HJT log.
Logfile of HijackThis v1.99.1
Scan saved at 1:14:56 AM, on 26/01/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\NISSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\NISUM.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\SYMPROXYSVC.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\IAMAPP.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\ATRACK.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.netscape.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\PROGRAM FILES\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [iamapp] c:\Program Files\Norton Personal Firewall\IAMAPP.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [nisserv] c:\Program Files\Norton Personal Firewall\NISSERV.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\PROGRAM FILES\CANON\EASY-WEBPRINT\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab[/url]
Budfred
01-25-2006, 10:58 AM
Sorry, I forgot RootkitRevealer doesn't work on Win98 systems...
Did things improve after fixing that O17?? If so, that may have been the last of the malware... Are you having any problems at the moment?? If not...
Here is my prevention speech to help avoid future infection:
This is a good time to set up protection against further
attacks. Read the article linked below about "How did I
get infected". You need an antivirus that is updated, a
good firewall (a router firewall is not enough) and a
spyware blocker like SpywareBlaster and also IE-Spyads.
All of these have good free versions available... be very
cautious about any security software that advertises in
popups or other intrusive ways, they are not only usually
useless, but also often have malware in them....
http://forums.spywareinfo.com/index.php?showtopic=60955
vBulletin v3.6.1, Copyright ©2000-2012, Jelsoft Enterprises Ltd.