Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

security A fatal error in IE has occured 00010E36.[RESOLVED]

Started by popsicletoes , Apr 30 2005 12:43 PM

  • This topic is locked This topic is locked

#1
popsicletoes
Posted 30 April 2005 - 12:43 PM

popsicletoes

    New Member

  • Member
  • Pip
  • 9 posts
Hello I have the alert (security A fatal error in IE has occured 00010E36. Error was caused by TR) I came to this site and found advice that you have given to Flappywolf and tried to follow... I still have the alert. I probably need a newer computer as well, but would like to salvage this one. Please help!!! Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 2:27:17 PM, on 4/30/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ENCOMPASS\MONITOR.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\SYSTEM\SPOOLSRV32.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\3dmoused.exe
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\WINDOWS\SYSTEM\SRVC32.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\REMINDER.EXE
C:\WP.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0A\CSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\HP\REGISTER\REMIND32.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD0.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: WebBar Class - {77712A64-F30B-47C8-A363-CDA1CEC7DC1B} - C:\PROGRA~1\ADVANC~1\ADVANC~1.DLL
O2 - BHO: Implements Jammer - {09F0F280-FB9A-481B-B69A-CB00DC44D027} - C:\PROGRA~1\ADVANC~1\POPUPJ~1.DLL
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-716D74632608} - C:\WINDOWS\SYSTEM\MTC2608.DLL
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-717765728274} - C:\WINDOWS\SYSTEM\WER8274.DLL
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-7173706D8274} - C:\WINDOWS\SYSTEM\SPM8274.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - (no file)
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [Primax 3-D Mouse] 3dmoused.exe
O4 - HKLM\..\Run: [EAPCISetup] c:\windows\SYSTEM\wizard.exe c:\windows\SYSTEM
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [Local runole service] C:\WINDOWS\System\srvc32.exe
O4 - HKLM\..\Run: [Security iGuard] C:\PROGRAM FILES\SECURITY IGUARD\SECURITY IGUARD.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [TweakIco] c:\hp\support\tweakico.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [Srv32 spool service] C:\WINDOWS\System\spoolsrv32.exe
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [ShockmachineReminder] C:\Program Files\shockwave.com\Shockmachine\SmReminder.exe
O4 - HKCU\..\Run: [WindowsFY] C:\WP.EXE
O4 - Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0a\cstray.exe
O4 - Startup: Hewlett Packard Pavilion Registration.lnk = C:\HP\register\Remind32.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {F4DDB04E-E766-4827-BA0A-462F82AA7323} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F4DDB04E-E766-4827-BA0A-462F82AA7323} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (HKCU)
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtw32.dll
O12 - Plugin for .wav: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npaudio.dll
O12 - Plugin for .swf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npswf32.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://www.photopara...ll/phpsetup.cab

:tazz:

I just downloaded spybot and cleared several things out.

Edited by popsicletoes, 30 April 2005 - 03:36 PM.

  • 0

Advertisements

#2
meeeeeeeeee
Posted 10 May 2005 - 03:28 PM

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Hello there! Sorry for the long wait. If you still need help please post a fresh hijackThis log.

:tazz:
  • 0

#3
popsicletoes
Posted 10 May 2005 - 08:24 PM

popsicletoes

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Thanks you so much for the help! I have added AVG, Spybot, About Buster, CW Shredder and cleaned things up, but the blue screen is still there with the security warning. I really appreciate the help!
M~

Logfile of HijackThis v1.99.1
Scan saved at 10:25:09 PM, on 5/10/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\3dmoused.exe
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0A\CSTRAY.EXE
C:\HP\REGISTER\REMIND32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0A\WCS2000.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD0.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: WebBar Class - {77712A64-F30B-47C8-A363-CDA1CEC7DC1B} - C:\PROGRA~1\ADVANC~1\ADVANC~1.DLL
O2 - BHO: Implements Jammer - {09F0F280-FB9A-481B-B69A-CB00DC44D027} - C:\PROGRA~1\ADVANC~1\POPUPJ~1.DLL
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-716D74632608} - C:\WINDOWS\SYSTEM\MTC2608.DLL (file missing)
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-717765728274} - C:\WINDOWS\SYSTEM\WER8274.DLL (file missing)
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-7173706D8274} - C:\WINDOWS\SYSTEM\SPM8274.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - (no file)
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [Primax 3-D Mouse] 3dmoused.exe
O4 - HKLM\..\Run: [EAPCISetup] c:\windows\SYSTEM\wizard.exe c:\windows\SYSTEM
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [Security iGuard] C:\PROGRAM FILES\SECURITY IGUARD\SECURITY IGUARD.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [TweakIco] c:\hp\support\tweakico.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [ShockmachineReminder] C:\Program Files\shockwave.com\Shockmachine\SmReminder.exe
O4 - Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0a\cstray.exe
O4 - Startup: Hewlett Packard Pavilion Registration.lnk = C:\HP\register\Remind32.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {F4DDB04E-E766-4827-BA0A-462F82AA7323} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F4DDB04E-E766-4827-BA0A-462F82AA7323} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtw32.dll
O12 - Plugin for .wav: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npaudio.dll
O12 - Plugin for .swf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npswf32.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://www.photopara...ll/phpsetup.cab
  • 0

#4
meeeeeeeeee
Posted 10 May 2005 - 08:47 PM

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
First, you seem to have a bad windows update. Go to Add/Remove programs and remove KB891711. You can go to Windows Updates and try again later. They claim to have fixed this one.

Now let's get to the real malware! Please read this through then follow it in the order posted.

>> Please go to Add/Remove programs and uninstall the following if found:

Security iGuard


>> Please select the following with HijackThis. With all windows (including this one!) closed, please select "fix.”


O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-716D74632608} - C:\WINDOWS\SYSTEM\MTC2608.DLL (file missing)
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-717765728274} - C:\WINDOWS\SYSTEM\WER8274.DLL (file missing)
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-7173706D8274} - C:\WINDOWS\SYSTEM\SPM8274.DLL (file missing)
O3 - Toolbar: (no name) - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - (no file)
O4 - HKLM\..\Run: [Security iGuard] C:\PROGRAM FILES\SECURITY IGUARD\SECURITY IGUARD.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {F4DDB04E-E766-4827-BA0A-462F82AA7323} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F4DDB04E-E766-4827-BA0A-462F82AA7323} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6F6AF70E-19FD-4220-A4D7-FAC99355947E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2E55802C-14AC-4AE3-AD8D-FBB181AF50A4} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {CB945935-E86E-4A48-8ECC-F638EE4BB300} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {79C7BD32-5CA4-4D8E-A1DC-3EA79B972F35} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC7C3443-545E-4701-BD1D-20E47984C05D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C2CEAC8-58C9-4B75-9D2C-031228363041} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AF9F4D01-FDE2-4597-96D7-13FC666AFC17} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {71B014DE-29B0-41B0-A4EE-909157CDF6E3} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE1ABB96-CFC3-4446-A083-D37B49E34D8D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {83A62425-29CD-414B-9BE9-F511EAB3643A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DE6BDC7C-BD32-41AF-99C1-51E14567B96C} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {A0B282C2-502D-4027-9312-AFA8D117EA80} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F97D2954-C16F-4384-BC7A-7D144909D404} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {38787B0A-0590-4AA3-8C40-BAB4A86E68DF} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {3D85312E-BDEE-4F62-979E-B8467D66F69A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {98088E00-E595-4A7D-AD57-36E42D56FC7E} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {67389C0F-7168-4BC4-8971-EBBB1601DEEB} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D5EBA50A-86D3-48B4-B0C6-D90F94476E02} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {F9965106-C989-4DE1-9CB1-80A7F2F0A45D} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D80D75C2-1525-4DA6-9588-431936B1F28A} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {64020AE2-A814-4A11-AF20-0E0BC4DA3879} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {78D58005-D107-44DE-B833-0E949236F4C9} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {6C375C7F-0FD3-4362-A8FC-767B9D7A84D2} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2CEA811D-0F85-4CE5-8FA9-43D69F2733E1} - C:\WINDOWS\SYSTEM\WLDR.DLL (file missing) (HKCU)



>> Then find and delete the following if found:

C:\PROGRAM FILES\SECURITY IGUARD<<Folder
c:\wp.exe
c:\bsw.exe
c:\bsw.bmp
c:\wp.bmp
c:\windows\system32\wldr.dll


>> Next, please download the following reg file: Smitfraud Fix Reg File

>> When it is finished downloading, double-click on the smitfraud.reg file on your Desktop. When it asks if you want to merge the information, allow it to do so.

>> Reboot and you can now change your desktop properties back to the way you want to. Post a fresh HijackThis log.


:tazz:
  • 0

#5
popsicletoes
Posted 10 May 2005 - 09:35 PM

popsicletoes

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I am having some trouble with the smitfraud link. this is what i get when i click it:
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispAppearancePage"=-
"Wallpaper"=-
"WallpaperStyle"=-
"NoDispBackgroundPage"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktopChanges"=-

[HKEY_CURRENT_USER\Control Panel\Desktop]
"Wallpaper"=-
"WallpaperStyle"=-

[HKEY_CURRENT_USER\Control Panel\Colors]
"Background"="0 78 152"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"notepad.exe"=-
"notepad2.exe"=-
"winlogon.exe"=-
"paint.exe"=-

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Explorer\Browser Helper Objects\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn...t/srchasst.htm"
"CustomizeSearch"="http://ie.search.msn...t/srchcust.htm"
"Default_Search_URL"="http://www.microsoft...ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.microsoft...ie&ar=iesearch"
"Search Page"="http://www.microsoft...ie&ar=iesearch"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft...ie&ar=iesearch"
"Search Bar"="Search Bar"="http://search.msn.co...n-au/prov2.htm"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
""="http://home.microsof...earch.asp?p=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main]
"Search Page"="http://www.microsoft...ie&ar=iesearch"
"Search Bar"="http://search.msn.co...om/spbasic.htm"
"Use Custom Search URL"= dword:00000000

[-HKEY_CLASSES_ROOT\CLSID\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF}]

[-HKEY_CLASSES_ROOT\CLSID\VMHomepage]

[-HKEY_CLASSES_ROOT\CLSID\VMHomepage.1]

[-HKEY_CLASSES_ROOT\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}]

[-HKEY_CLASSES_ROOT\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}]

[-HKEY_CLASSES_ROOT\VMHomepage]

[-HKEY_CLASSES_ROOT\VMHomepage.1]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\HTTP\Parameters\S]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\HTTP\Parameters\S]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\r]

Please advise. Thanks!
M~
  • 0

#6
popsicletoes
Posted 10 May 2005 - 09:36 PM

popsicletoes

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Logfile of HijackThis v1.99.1
Scan saved at 11:55:05 PM, on 5/10/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\3dmoused.exe
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0A\CSTRAY.EXE
C:\HP\REGISTER\REMIND32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0A\WCS2000.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD0.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: WebBar Class - {77712A64-F30B-47C8-A363-CDA1CEC7DC1B} - C:\PROGRA~1\ADVANC~1\ADVANC~1.DLL
O2 - BHO: Implements Jammer - {09F0F280-FB9A-481B-B69A-CB00DC44D027} - C:\PROGRA~1\ADVANC~1\POPUPJ~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [Primax 3-D Mouse] 3dmoused.exe
O4 - HKLM\..\Run: [EAPCISetup] c:\windows\SYSTEM\wizard.exe c:\windows\SYSTEM
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [TweakIco] c:\hp\support\tweakico.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [ShockmachineReminder] C:\Program Files\shockwave.com\Shockmachine\SmReminder.exe
O4 - Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0a\cstray.exe
O4 - Startup: Hewlett Packard Pavilion Registration.lnk = C:\HP\register\Remind32.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtw32.dll
O12 - Plugin for .wav: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npaudio.dll
O12 - Plugin for .swf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npswf32.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://www.photopara...ll/phpsetup.cab

Edited by popsicletoes, 10 May 2005 - 09:51 PM.

  • 0

#7
meeeeeeeeee
Posted 11 May 2005 - 05:38 AM

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Looks good! How's it acting?
  • 0

#8
popsicletoes
Posted 11 May 2005 - 07:28 AM

popsicletoes

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I am having some trouble with the smitfraud link. this is what i get when i click it:
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispAppearancePage"=-
"Wallpaper"=-
"WallpaperStyle"=-
"NoDispBackgroundPage"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktopChanges"=-

[HKEY_CURRENT_USER\Control Panel\Desktop]
"Wallpaper"=-
"WallpaperStyle"=-

[HKEY_CURRENT_USER\Control Panel\Colors]
"Background"="0 78 152"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"notepad.exe"=-
"notepad2.exe"=-
"winlogon.exe"=-
"paint.exe"=-

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Explorer\Browser Helper Objects\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn...t/srchasst.htm"
"CustomizeSearch"="http://ie.search.msn...t/srchcust.htm"
"Default_Search_URL"="http://www.microsoft...ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.microsoft...ie&ar=iesearch"
"Search Page"="http://www.microsoft...ie&ar=iesearch"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft...ie&ar=iesearch"
"Search Bar"="Search Bar"="http://search.msn.co...n-au/prov2.htm"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
""="http://home.microsof...earch.asp?p=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main]
"Search Page"="http://www.microsoft...ie&ar=iesearch"
"Search Bar"="http://search.msn.co...om/spbasic.htm"
"Use Custom Search URL"= dword:00000000

[-HKEY_CLASSES_ROOT\CLSID\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF}]

[-HKEY_CLASSES_ROOT\CLSID\VMHomepage]

[-HKEY_CLASSES_ROOT\CLSID\VMHomepage.1]

[-HKEY_CLASSES_ROOT\Interface\{1E1B2878-88FF-11D2-8D96-D7ACAC95951F}]

[-HKEY_CLASSES_ROOT\TypeLib\{1E1B286C-88FF-11D2-8D96-D7ACAC95951F}]

[-HKEY_CLASSES_ROOT\VMHomepage]

[-HKEY_CLASSES_ROOT\VMHomepage.1]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\HTTP\Parameters\S]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\HTTP\Parameters\S]

[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\r]

Please advise. I still have the blue screen with the warning. Thanks!
M~
  • 0

#9
meeeeeeeeee
Posted 11 May 2005 - 08:47 AM

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Right click the link and select "save as". Name it something you'll remember & then doubleclick it. Allow it to merge with the registry.
  • 0

#10
popsicletoes
Posted 11 May 2005 - 08:02 PM

popsicletoes

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
okay... the inept one needs more help. I did as you said...

Right click the link and select "save as". Name it something you'll remember. Done... now when I double click it on the desktop this page comes up... but nothing to allow to merge with the registry.
  • 0

Advertisements

#11
meeeeeeeeee
Posted 11 May 2005 - 08:09 PM

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Let's see if I can be a bit clearer for you. Sometimes I forget that not everyone lives & breathes this stuff!


http://www.bleepingc...g/smitfraud.reg

^^That's the link to right click & select "save as". Name it something you'll remember.

Were you perhaps selecting another link??
  • 0

#12
popsicletoes
Posted 11 May 2005 - 08:26 PM

popsicletoes

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
i am embarrassed to say that i am still needing help. i did what you said, but when I double click it on the desktop it is a notepad file.

:tazz: < massage therapist... knows muscles, doesn't know the computer!
  • 0

#13
meeeeeeeeee
Posted 12 May 2005 - 05:34 AM

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Not your fault! I should have made that a bit clearer!

Right click on http://www.bleepingc...g/smitfraud.reg and save it as CLICKTHIS.reg (make sure to save as type: "All Files")

That should do it for you!
  • 0

#14
popsicletoes
Posted 12 May 2005 - 08:45 AM

popsicletoes

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
:tazz:
Oh my... I can't believe it is fixed... never thought I could do this. Thanks for all your help and patience, I could not have done it without you!

Logfile of HijackThis v1.99.1
Scan saved at 10:47:58 AM, on 5/12/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\3dmoused.exe
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0A\CSTRAY.EXE
C:\HP\REGISTER\REMIND32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\PROGRAM FILES\COMPUSERVE 7.0A\WCS2000.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD0.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: WebBar Class - {77712A64-F30B-47C8-A363-CDA1CEC7DC1B} - C:\PROGRA~1\ADVANC~1\ADVANC~1.DLL
O2 - BHO: Implements Jammer - {09F0F280-FB9A-481B-B69A-CB00DC44D027} - C:\PROGRA~1\ADVANC~1\POPUPJ~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [Primax 3-D Mouse] 3dmoused.exe
O4 - HKLM\..\Run: [EAPCISetup] c:\windows\SYSTEM\wizard.exe c:\windows\SYSTEM
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [TweakIco] c:\hp\support\tweakico.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [ShockmachineReminder] C:\Program Files\shockwave.com\Shockmachine\SmReminder.exe
O4 - Startup: CompuServe 7.0 Tray Icon.lnk = C:\Program Files\CompuServe 7.0a\cstray.exe
O4 - Startup: Hewlett Packard Pavilion Registration.lnk = C:\HP\register\Remind32.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtw32.dll
O12 - Plugin for .wav: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npaudio.dll
O12 - Plugin for .swf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npswf32.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://www.photopara...ll/phpsetup.cab
  • 0

#15
meeeeeeeeee
Posted 12 May 2005 - 09:01 AM

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Looks good! Nice job cleaning it up!

Now that you are clean, please follow these simple steps in order to

keep your computer clean and secure:
  • Disable and Enable System Restore. - If

    you are using Windows ME or XP then you should disable and reenable

    system restore to make sure there are no infected files found in a

    restore point.

    You can find instructions on how to enable and reenable system restore

    here:

    Managing Windows Millenium System

    Restore

    or

    Windows XP System Restore Guide

    Renable system restore with instructions from tutorial above

  • Make your Internet Explorer more secure -

    This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and

      then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to

        Disable
      • Change the Initialize and script ActiveX controls not marked as

        safe         to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to

        Prompt
      • Change the Navigate sub-frames across different domains to

        Prompt
      • When all these settings have been made, click on the OK

        button.
      • If it prompts you as to whether or not you want to save the

        settings, press the Yes button.
    • Next press the Apply button and then the OK to exit

      the Internet Properties page.
  • Use an AntiVirus Software - It is very

    important that your computer has an anti-virus software running on your

    machine. This alone can save you a lot of trouble with malware in the

    future.

    See this link for a listing of some online & their stand-alone

    antivirus programs:



    Virus, Spyware, and Malware Protection and Removal

    Resources

  • Update your AntiVirus Software - It is

    imperitive that you update your Antivirus software at least once a week

    (Even more if you wish). If you do not update your antivirus software

    then it will not be able to catch any of the new variants that may come

    out.

  • Use a Firewall - I can not stress how

    important it is that you use a Firewall on your computer. Without a

    firewall your computer is succeptible to being hacked and taken over.

    I am very serious about this and see it happen almost every day with my

    clients. Simply using a Firewall in its default configuration can

    lower your risk greatly.

    For a tutorial on Firewalls and a listing of some available ones see

    the link below:

    Understanding and Using Firewalls

  • Visit Microsoft's Windows Update Site

    Frequently     - It is important that you visit

    http://www.windowsupdate.com regularly. This will ensure your computer has always

    the latest security updates available installed on your computer. If

    there are new updates to install, install them immediately, reboot your

    computer, and revisit the site until there are no more critical

    updates.

  • Install Spybot - Search and Destroy -

    Install and download Spybot - Search and Destroy with its TeaTimer

    option. This will provide realtime spyware & hijacker protection on

    your computer alongside your virus protection. You should also scan

    your computer with program on a regular basis just as you would an

    antivirus software.

    A tutorial on installing & using this product can be found here:

    Using Spybot - Search & Destroy to remove Spyware ,

    Malware, and Hijackers

  • Install Ad-Aware - Install and download

    Ad-Aware. ou should also scan your computer with program on a regular

    basis just as you would an antivirus software in conjunction with

    Spybot.

    A tutorial on installing & using this product can be found here:

    Using Ad-aware to remove Spyware, Malware, & Hijackers

    from Your Computer

  • Install SpywareBlaster - SpywareBlaster

    will added a large list of programs and sites into your Internet

    Explorer settings that will protect you from running and downloading

    known malicious programs.

    A tutorial on installing & using this product can be found here:

    Using SpywareBlaster to protect your computer from Spyware and Malware

  • Update all these programs regularly -

    Make sure you update all the programs I have listed regularly. Without

    regular updates you WILL NOT be protected when new malicious

    programs are released.
Follow this list and your potential for being infected again

will reduce dramatically.

Glad I was able to help.

:tazz:

Edited by meeeeeeeeee, 12 May 2005 - 09:02 AM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP