Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PLEASE HELP! =) [CLOSED]

Started by thegoat54 , Aug 02 2005 01:14 AM

  • This topic is locked This topic is locked

#1
thegoat54
Posted 02 August 2005 - 01:14 AM

thegoat54

    New Member

  • Member
  • Pip
  • 2 posts
Any help would be GREAT! :tazz:

Logfile of HijackThis v1.99.1
Scan saved at 3:11:39 AM, on 8/2/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\IWP\NPFMNTOR.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\NETYR32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HPZTSB04.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\UNLOAD\HPQCMON.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\DESKTOP\HIJACK\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {A486CC8D-4D69-0934-1BCA-4CAF770BA94E} - C:\WINDOWS\SYSTEM\APICH32.DLL
O2 - BHO: Class - {2882F733-B7B6-5329-F254-6F99D6D7DC9C} - C:\WINDOWS\SYSTEM\D3TI32.DLL
O2 - BHO: Class - {54D0E15D-04E1-F4B0-9D57-9A826010E6AA} - C:\WINDOWS\IPHT.DLL
O2 - BHO: Class - {6CBA8D1A-FBFC-CF1D-D6A4-A213E2797E12} - C:\WINDOWS\SYSTEM\SYSVJ.DLL
O2 - BHO: Class - {DA5FC41F-0DCA-EDB4-61EC-B4FBA3963E4D} - C:\WINDOWS\SYSTEM\JAVAPA.DLL
O2 - BHO: Class - {0E2ED911-ADD7-0D6C-EE7F-0AD55A09FF8D} - C:\WINDOWS\SYSTEM\APPGE32.DLL
O2 - BHO: Class - {FFB2B347-F318-AD04-9CDF-925741BAA0FA} - C:\WINDOWS\NTRI.DLL
O2 - BHO: Class - {DA371525-4626-36A2-15C2-D8474FA5DA8B} - C:\WINDOWS\MSWI.DLL
O2 - BHO: Class - {3D1230B7-697D-58C5-27D9-0B4D4B7DCC48} - C:\WINDOWS\SYSTEM\NTPZ32.DLL
O2 - BHO: Class - {AD1EF48E-DE09-4FBF-D83E-167593424B1D} - C:\WINDOWS\SYSTEM\SYSYF.DLL
O2 - BHO: Class - {9F0FB147-4D6E-FF9B-41FA-9D4944F72B27} - C:\WINDOWS\SYSTEM\WINQX32.DLL
O2 - BHO: Class - {D45E07D6-9102-4EB2-C7D8-87618E96251F} - C:\WINDOWS\SYSTEM\ADDCY.DLL
O2 - BHO: Class - {165E2A96-F6EF-8EAA-AA3B-BCF19E677FD4} - C:\WINDOWS\MSSL.DLL
O2 - BHO: Class - {3DF48671-EE87-CF25-2AA3-B1F575C086D7} - C:\WINDOWS\SYSTEM\ADDUI32.DLL
O2 - BHO: Class - {B8E88C5E-BC25-80CC-D1C6-39631741D010} - C:\WINDOWS\SYSTEM\MFCVZ32.DLL
O2 - BHO: Class - {849D3DCA-F5F2-0B4A-A8D2-B861E7B1A3DB} - C:\WINDOWS\SYSTEM\CREF.DLL
O2 - BHO: Class - {ADF76170-CC18-3741-2816-BCD9B35094C9} - C:\WINDOWS\JAVATA32.DLL
O2 - BHO: Class - {82335B62-7DEF-0FF6-3C5F-94007ED6C7B3} - C:\WINDOWS\APPIB32.DLL
O2 - BHO: Class - {8D1F5508-6A6E-5EA4-B010-5E880FBC9119} - C:\WINDOWS\JAVAGB.DLL
O2 - BHO: Class - {CDCEAEE6-B8F0-9082-5C28-658BC1669AD1} - C:\WINDOWS\APPTV.DLL
O2 - BHO: Class - {9E37589B-6037-730A-AAF5-DB565653BA71} - C:\WINDOWS\ADDFI.DLL
O2 - BHO: Class - {14604D6E-DE07-853B-F23F-7DD24D7B5394} - C:\WINDOWS\SYSTEM\NETHT32.DLL
O2 - BHO: Class - {E5932279-D8DC-3F24-2A72-8D7D96D01E7F} - C:\WINDOWS\APPUT.DLL
O2 - BHO: Class - {D83EAF1B-1044-B324-1BB3-7FD1F48455F2} - C:\WINDOWS\NETTO32.DLL
O2 - BHO: Class - {3A00AA22-FEC1-FC9A-10CE-46012D4BF6B2} - C:\WINDOWS\SYSTEM\MSYB32.DLL
O2 - BHO: Class - {F733BB38-2EF0-9B2B-E0CD-EC5FC57CE367} - C:\WINDOWS\SYSTEM\APIBR.DLL
O2 - BHO: Class - {6449D83F-D4E2-3432-E64A-30883E66287C} - C:\WINDOWS\SYSTEM\APIRZ32.DLL
O2 - BHO: Class - {9341C955-9B9E-D574-C5C1-B294022FF521} - C:\WINDOWS\SYSTEM\IEGX32.DLL
O2 - BHO: Class - {BF6B4D62-8D32-92D9-5406-BCE7C016CBE1} - C:\WINDOWS\SYSJE32.DLL
O2 - BHO: Class - {81B13E5A-B27C-6BB2-7C2F-E42B321541D2} - C:\WINDOWS\WINSQ.DLL
O2 - BHO: Class - {499CBA68-0CDC-4376-9119-E07B6BD9CBB4} - C:\WINDOWS\CRGW.DLL
O2 - BHO: Class - {E69D7404-52DA-A488-F5DB-A7618C654281} - C:\WINDOWS\WINES32.DLL
O2 - BHO: Class - {A3A1D3DD-CE5C-50A8-BB1C-D6D51301175C} - C:\WINDOWS\APIMJ32.DLL
O2 - BHO: Class - {C57A97CE-E8D2-2292-3692-AE5AD4A452E1} - C:\WINDOWS\IPEW.DLL
O2 - BHO: Class - {CF23122C-C402-1BC6-41DB-64BC722F041B} - C:\WINDOWS\SYSTEM\WINWM32.DLL
O2 - BHO: Class - {944EE44C-E29D-1C39-BB55-AC06004EB6D1} - C:\WINDOWS\SYSTEM\SYSDK32.DLL
O2 - BHO: Class - {4D2401C4-3963-5399-544B-E35CFE7B28CC} - C:\WINDOWS\SYSTEM\CRWH.DLL
O2 - BHO: Class - {F5686BA7-3674-ABCB-F94D-A43FDF6A7659} - C:\WINDOWS\SYSTEM\APPGL.DLL
O2 - BHO: Class - {DD61961E-9C13-3BBF-211B-B3C175DF50B0} - C:\WINDOWS\SYSTEM\IETV.DLL
O2 - BHO: Class - {F74F5F33-E70C-8C6D-C5B6-16A0C455D1DB} - C:\WINDOWS\MFCMG.DLL
O2 - BHO: Class - {CF008A72-7CDE-E07A-FBF9-4FBE34248318} - C:\WINDOWS\WINFC.DLL
O2 - BHO: Class - {21204F9B-E08B-9E2A-C0B8-0DA765FD3394} - C:\WINDOWS\WINDD32.DLL
O2 - BHO: Class - {295C10DB-849D-8DF8-7934-BDA72C09FEFE} - C:\WINDOWS\IPJU.DLL
O2 - BHO: Class - {73387395-ABB2-DEF3-C455-735DB3177062} - C:\WINDOWS\NETWF32.DLL
O2 - BHO: Class - {2CE28542-E4C7-D52D-FE61-BF5CDCDE11A7} - C:\WINDOWS\SYSTEM\SYSKH32.DLL
O2 - BHO: Class - {873458BD-F460-8C2C-C434-DA1479C9FA9D} - C:\WINDOWS\IEOX32.DLL
O2 - BHO: Class - {401249DD-FC9A-788E-2A42-6F9CF15DDAD5} - C:\WINDOWS\APPSZ32.DLL
O2 - BHO: Class - {C0B3C183-9559-EAC0-6D1B-180FC6A39B9F} - C:\WINDOWS\SYSTEM\ADDBX32.DLL
O2 - BHO: Class - {3F56B013-2968-2BEF-D3F5-EE7CB8690AC7} - C:\WINDOWS\APPDR.DLL
O2 - BHO: Class - {D2F5D9A4-C618-A8DE-BD9E-602C1BFB1EA1} - C:\WINDOWS\ADDBK32.DLL
O2 - BHO: Class - {A8C66BEE-E12E-7B7C-F78C-9F6802FA0A8B} - C:\WINDOWS\SYSTEM\JAVAPM32.DLL
O2 - BHO: Class - {60E27602-D57E-AE87-A18C-7E8AD993769E} - C:\WINDOWS\SYSTEM\ADDYS.DLL
O2 - BHO: Class - {E16B1DD3-344A-79E1-514A-8BF5E68E8461} - C:\WINDOWS\SYSTEM\NETLA32.DLL
O2 - BHO: Class - {68B76541-F779-19C3-14AB-FC96E7DCA21F} - C:\WINDOWS\SYSTEM\WINYF.DLL
O2 - BHO: Class - {AEC12FD1-2D85-624B-3CFF-BAD55B99B1F3} - C:\WINDOWS\APPSO.DLL
O2 - BHO: Class - {A45618F3-F6BE-0909-6EB6-763DD408A2FD} - C:\WINDOWS\SYSTEM\D3MN32.DLL
O2 - BHO: Class - {3DE3C5E7-E056-7870-5BA6-FDECCF02B31C} - C:\WINDOWS\SYSTEM\SDKYV32.DLL
O2 - BHO: Class - {57139321-BFB2-894C-9C21-AA3CBF02AC36} - C:\WINDOWS\NTQF.DLL
O2 - BHO: Class - {D5430FF5-3038-BE1F-1D1A-A6A44847B77B} - C:\WINDOWS\SYSPD.DLL
O2 - BHO: Class - {F249CF20-A478-5953-169A-1090792E66B4} - C:\WINDOWS\IPZH.DLL
O2 - BHO: Class - {55E7D5FC-94F9-2EDA-0E40-9440AF227929} - C:\WINDOWS\APPMS.DLL
O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - C:\WINDOWS\NTQB32.DLL
O2 - BHO: Class - {2005B9B5-C183-DBA7-D764-F4CD01F0DAA3} - C:\WINDOWS\SDKLY32.DLL
O2 - BHO: Class - {CE62331B-A2CA-DF95-EFF4-350C3CA4877F} - C:\WINDOWS\SYSTEM\JAVASJ32.DLL
O2 - BHO: Class - {263AA006-FCC9-38D2-F5F0-3B6CBB118EEB} - C:\WINDOWS\SYSTEM\NETFR.DLL
O2 - BHO: Class - {4AC62F9C-2025-CE87-7120-9845408A0B63} - C:\WINDOWS\SYSOK.DLL
O2 - BHO: Class - {8144B36B-0CAB-4B25-CC47-F48322B3263D} - C:\WINDOWS\APIBS32.DLL
O2 - BHO: Class - {97D855EA-1734-8802-A3F4-6568F257371E} - C:\WINDOWS\WINJS32.DLL
O2 - BHO: Class - {958E0E4F-AED0-880A-9D7C-3E7D9ECC21F3} - C:\WINDOWS\ADDSD.DLL
O2 - BHO: Class - {7EFD2AAF-EF34-BB29-7E43-A52C9FA5AC8A} - C:\WINDOWS\SYSMN32.DLL
O2 - BHO: Class - {EC5F1AF3-CF0D-5AC3-A2FD-C4AD27BAD24A} - C:\WINDOWS\SYSXD32.DLL
O2 - BHO: Class - {22A97394-EB34-0653-AF9D-BCB8831CBDCC} - C:\WINDOWS\D3NY32.DLL
O2 - BHO: Class - {2847C50A-C8BB-A6A4-AF20-AEF6F512EDD8} - C:\WINDOWS\SYSTEM\MSLW32.DLL
O2 - BHO: Class - {8A4CF18B-B846-C0E7-A457-DF8C366EE6AB} - C:\WINDOWS\JAVATT32.DLL
O2 - BHO: Class - {939A8A3C-4B64-FCB7-9DC0-032D6E16A6B0} - C:\WINDOWS\CRCH32.DLL
O2 - BHO: Class - {963DA6BD-F258-6B5B-A359-11BA2D7DBF77} - C:\WINDOWS\SYSTEM\IPVM32.DLL
O2 - BHO: Class - {1C5C68F8-E651-118C-92FF-F800A97AB75A} - C:\WINDOWS\SYSTEM\NETHZ32.DLL
O2 - BHO: Class - {EE7F9874-6C5C-2039-02A8-8C435F1D1985} - C:\WINDOWS\SYSTEM\APPVF32.DLL
O2 - BHO: Class - {9EDA9785-40FC-1490-006F-96169BF9E07E} - C:\WINDOWS\SYSTEM\IPYO32.DLL
O2 - BHO: Class - {3BAEACBD-6D25-4282-0896-4FA149FAF324} - C:\WINDOWS\MSWZ32.DLL
O2 - BHO: Class - {6F78D1A7-9B90-901B-4763-5F6F47B6AE32} - C:\WINDOWS\MFCFF.DLL
O2 - BHO: Class - {CC6B1259-B78A-B74C-9E99-BA8008EF0397} - C:\WINDOWS\SYSTEM\SYSIF32.DLL
O2 - BHO: Class - {B1EF5669-C451-9D53-566F-21E92AAFF481} - C:\WINDOWS\SYSTEM\SDKCF32.DLL
O2 - BHO: Class - {53EAB9A8-F44A-61A4-B6EC-872F1E9FA433} - C:\WINDOWS\SYSTEM\MSOL.DLL
O2 - BHO: Class - {05563232-5F02-763A-E92E-D32E0B4BF53F} - C:\WINDOWS\CRJX.DLL
O2 - BHO: Class - {C2CF5213-BFD2-2AA4-CF30-DF9D99BF5F26} - C:\WINDOWS\SYSTEM\WINOM.DLL
O2 - BHO: Class - {1801F3E4-30B9-6127-58F8-3C65653A5167} - C:\WINDOWS\CRAL.DLL
O2 - BHO: Class - {EFF8F8E7-8BB1-8A20-9AA1-77DD2035DFA9} - C:\WINDOWS\SYSTEM\MFCON.DLL
O2 - BHO: Class - {2B029CDC-2036-DEE4-CB48-B938F68F9C92} - C:\WINDOWS\ATLSD.DLL
O2 - BHO: Class - {EDB26250-09FC-1FA8-D658-7596EB84482D} - C:\WINDOWS\SYSTEM\APPUJ.DLL
O2 - BHO: Class - {6DECF005-6065-148F-3650-38926255F316} - C:\WINDOWS\SYSTEM\SDKDP32.DLL
O2 - BHO: Class - {3D11949D-122A-F736-FC9E-B1C992E35B78} - C:\WINDOWS\SYSTEM\IPVW.DLL
O2 - BHO: Class - {D172A39A-F3DD-E44E-68F7-A238EC18D3FF} - C:\WINDOWS\SYSTEM\IPNG32.DLL
O2 - BHO: Class - {570908A4-FE60-6ABF-B123-69E2CEC6741D} - C:\WINDOWS\MSLG32.DLL
O2 - BHO: Class - {91C2B0FE-D006-5E8B-44FA-B029114249CF} - C:\WINDOWS\CREB.DLL
O2 - BHO: Class - {295AC432-763E-D35E-236D-3516BE2A8745} - C:\WINDOWS\SYSTEM\IPTU.DLL
O2 - BHO: Class - {C35AADB0-FE0C-8B29-3DF2-80B00335B70D} - C:\WINDOWS\CRZA32.DLL
O2 - BHO: Class - {94BE0630-302D-D47B-F234-E1E9592B1AE6} - C:\WINDOWS\IPNI.DLL
O2 - BHO: Class - {E5C4AAF5-366D-92B4-E3A1-65741AF484B6} - C:\WINDOWS\SYSTEM\WINSZ.DLL
O2 - BHO: Class - {8DC985F0-8511-575A-9130-818D07E50CEE} - C:\WINDOWS\SYSTEM\APIER32.DLL
O2 - BHO: Class - {79363C5E-E8C7-8AF3-DE17-A8D1E8680065} - C:\WINDOWS\SYSTEM\SDKPP.DLL
O2 - BHO: Class - {5365E277-F1B0-AE0D-5911-5137176007E6} - C:\WINDOWS\APPDK.DLL
O2 - BHO: Class - {09D55E10-2E07-7D53-29FE-5C3AF9DB4D7A} - C:\WINDOWS\ADDPZ32.DLL
O2 - BHO: Class - {4566CC43-0B31-07E0-141A-12FC7D5FF802} - C:\WINDOWS\SYSEZ32.DLL
O2 - BHO: Class - {E2FCAB75-146C-CEDB-52F8-63DEE958BC1B} - C:\WINDOWS\SYSTEM\IEQK.DLL
O2 - BHO: Class - {070658EF-FBB1-51FF-B02D-6C8EC243119E} - C:\WINDOWS\APIPR.DLL
O2 - BHO: Class - {F97B935C-4820-CB6C-D4EF-A3AF4B649DB3} - C:\WINDOWS\IPNT.DLL
O2 - BHO: Class - {1C8DC8D2-087A-A91C-789E-1CD007B60FC7} - C:\WINDOWS\SYSTEM\MSIZ32.DLL
O2 - BHO: Class - {EAEB4D30-F422-34AA-B1E8-30F0FEAF1B11} - C:\WINDOWS\SYSTEM\SYSEH.DLL
O2 - BHO: Class - {1A3B9D49-1BA6-22D5-70F3-83C12EB31BE0} - C:\WINDOWS\APITW32.DLL
O2 - BHO: Class - {722D8EBB-61F2-D04B-9938-6479062F7682} - C:\WINDOWS\SDKIK.DLL
O2 - BHO: Class - {6F80A99D-B909-5C0D-B99B-ED9CE85E67DE} - C:\WINDOWS\SYSTEM\ATLEQ32.DLL
O2 - BHO: Class - {631A4540-2042-D857-2571-DD87935DB588} - C:\WINDOWS\NTHZ32.DLL
O2 - BHO: Class - {FA69B0FB-5CC1-6510-2209-5AB77E3AF7AC} - C:\WINDOWS\SYSTEM\MFCID32.DLL
O2 - BHO: Class - {675A16BB-A0C2-544F-5D5E-A550A9BAAF78} - C:\WINDOWS\MFCXY32.DLL
O2 - BHO: Class - {504D846D-FA80-42B4-C3BD-254D288DFA55} - C:\WINDOWS\SYSTEM\IPQV.DLL
O2 - BHO: Class - {ADE15B25-99D9-47AB-3E33-9B2A8D282369} - C:\WINDOWS\SYSTEM\MFCSH32.DLL
O2 - BHO: Class - {88604341-3F26-8D24-AA19-E4F9F035C3A1} - C:\WINDOWS\SYSTEM\IPFP32.DLL
O2 - BHO: Class - {5BA426C5-FB02-68E6-5AAF-4FD3DFFBFCED} - C:\WINDOWS\SYSTEM\JAVAIK.DLL
O2 - BHO: Class - {0D521E90-FF76-3FC3-E866-905A28B2CF30} - C:\WINDOWS\APILN.DLL
O2 - BHO: Class - {5F0F1AE8-F55A-3FDD-FD31-C2E35E64861C} - C:\WINDOWS\SYSTEM\NETRZ.DLL
O2 - BHO: Class - {3C522CEC-1650-20FB-9085-E404FE236831} - C:\WINDOWS\NETGU32.DLL
O2 - BHO: Class - {195BB02B-4008-2F27-063D-AEAD3798CA0C} - C:\WINDOWS\SYSTEM\APIYE.DLL
O2 - BHO: Class - {D8F171E9-477F-B9D5-F4B0-45989B632376} - C:\WINDOWS\SYSTEM\ADDLO32.DLL
O2 - BHO: Class - {4A2CAEE7-479D-525D-B6F5-E9576A65F285} - C:\WINDOWS\APIHS.DLL
O2 - BHO: Class - {F4A963FC-404B-1770-5428-F9861C3D2564} - C:\WINDOWS\SYSTEM\SYSJH.DLL
O2 - BHO: Class - {61E930AA-7C50-F2FA-A487-E67B7884861E} - C:\WINDOWS\SYSTEM\SYSYK32.DLL
O2 - BHO: Class - {C456A362-3423-46FC-6AA3-B7B1D00B9FB8} - C:\WINDOWS\SYSTEM\NTHU32.DLL
O2 - BHO: Class - {1962378B-88F9-50CC-A804-D2474D43DFCF} - C:\WINDOWS\SYSTEM\WINUN32.DLL
O2 - BHO: Class - {83AE9619-65D9-1BB7-7DA7-2CC586B062B5} - C:\WINDOWS\SYSTEM\D3WS32.DLL
O2 - BHO: Class - {D9AA0B45-D4FD-7AED-3EAA-679FA1487A31} - C:\WINDOWS\APPLF.DLL
O2 - BHO: Class - {78BE5EC2-1895-35E6-3DCD-42596173A6FB} - C:\WINDOWS\SYSTEM\SDKXC32.DLL
O2 - BHO: Class - {C22D9ED6-EDCC-967A-DFB1-0043697AEF16} - C:\WINDOWS\SYSTEM\SYSOV32.DLL
O2 - BHO: Class - {B0655B32-20C5-C50B-D818-F1CB9C013D1D} - C:\WINDOWS\SYSTEM\IEAL32.DLL
O2 - BHO: Class - {692156AA-6605-5668-04D3-C5B2231A6A6A} - C:\WINDOWS\SYSTEM\IPTY.DLL
O2 - BHO: Class - {C10A704E-102F-B1FD-66E0-C0B95ABA4630} - C:\WINDOWS\SYSTEM\ATLUV.DLL
O2 - BHO: Class - {A1761B11-6BCE-6633-2E3B-8DD25BAA12F8} - C:\WINDOWS\SYSTEM\D3WK32.DLL
O2 - BHO: Class - {0033AAE9-55C7-41F3-F763-32B1DA16BE5C} - C:\WINDOWS\SYSTEM\MFCDH32.DLL
O2 - BHO: Class - {C38A3B8F-04D2-90AB-A5A9-6FA9905AC8D3} - C:\WINDOWS\SYSTEM\MFCYE32.DLL
O2 - BHO: Class - {815F55AF-62B6-9D54-8964-D45455A224BF} - C:\WINDOWS\SYSTEM\ADDMJ32.DLL
O2 - BHO: Class - {C72CDEFF-404F-B860-EF31-97B23086F97E} - C:\WINDOWS\SYSTEM\ADDDL.DLL
O2 - BHO: Class - {F82406AA-AA26-0FEF-2943-600622AB7AB5} - C:\WINDOWS\IEQT.DLL
O2 - BHO: Class - {0CE67B94-2E2C-93A0-43E8-4B02D9C12BD3} - C:\WINDOWS\SYSTEM\ATLKW32.DLL
O2 - BHO: Class - {26F48417-BA3B-EB85-58BC-D6D86BF802EF} - C:\WINDOWS\IEYE.DLL
O2 - BHO: Class - {DD33DD18-4D26-B41E-13DA-43F55E371DD6} - C:\WINDOWS\D3WN32.DLL
O2 - BHO: Class - {E3707CB3-8DF7-B88F-7460-10CF1C5AF795} - C:\WINDOWS\SYSTEM\APIVH32.DLL
O2 - BHO: Class - {1331A183-B481-1370-0A69-475964CB9CE6} - C:\WINDOWS\SYSTEM\MSLP.DLL
O2 - BHO: Class - {12405A54-7E5C-D9E3-C492-9DB13E5563E6} - C:\WINDOWS\SYSTEM\IPNM32.DLL
O2 - BHO: Class - {AB07D8D0-2369-881F-81AF-C71825A24FD7} - C:\WINDOWS\NTRF.DLL
O2 - BHO: Class - {2DA7677E-5586-2002-9CAE-D23207D699FE} - C:\WINDOWS\SYSTEM\NTGA32.DLL
O2 - BHO: Class - {3A0E4322-F78D-3E65-0094-9D60E1486BC7} - C:\WINDOWS\SYSTEM\NTJR32.DLL
O2 - BHO: Class - {35F57123-7783-1F84-F727-833F7B85FFBF} - C:\WINDOWS\SYSTEM\IERW32.DLL
O2 - BHO: Class - {BD9FC8CA-2B4C-538D-74D9-3F302EFCBC86} - C:\WINDOWS\ADDKV.DLL
O2 - BHO: Class - {41D0E5E5-4CC4-AAC1-982F-7B2573677ABE} - C:\WINDOWS\APPTZ32.DLL
O2 - BHO: Class - {DE0BAD64-90AC-210E-E63A-88EAC8F9B7E6} - C:\WINDOWS\ATLWM.DLL
O2 - BHO: Class - {A486C68F-6631-2A80-9130-5AAE5A0D6D0E} - C:\WINDOWS\SYSTEM\ADDSF.DLL
O2 - BHO: Class - {CF22795E-F0CD-B9F1-BAF6-79B05A0373A3} - C:\WINDOWS\NTAA.DLL
O2 - BHO: Class - {D60F8AE6-EE48-9A9D-7E98-BF44A8A19709} - C:\WINDOWS\SYSTEM\JAVAWB.DLL
O2 - BHO: Class - {538F8201-992A-AD4D-BFA8-757116A97B3F} - C:\WINDOWS\WINSQ32.DLL
O2 - BHO: Class - {D92B11D4-74D5-F043-84CE-D7DC94E095D0} - C:\WINDOWS\SYSTEM\ADDET32.DLL
O2 - BHO: Class - {5AADF711-1959-1F3C-758F-2D8DC7E38CD1} - C:\WINDOWS\SYSTEM\ADDRC32.DLL
O2 - BHO: Class - {38676506-537C-15C1-0E35-C7D795AC6547} - C:\WINDOWS\SYSTEM\APITN.DLL
O2 - BHO: Class - {58EDEE37-3961-A0F9-A428-713B6BA5B6BC} - C:\WINDOWS\SYSTEM\D3MP.DLL
O2 - BHO: Class - {25ADA2FE-929D-3669-BEDF-A52E5180403B} - C:\WINDOWS\ATLGA.DLL
O2 - BHO: Class - {1EDAA77F-A3EB-566C-9C20-F5D68C38C988} - C:\WINDOWS\SYSTEM\JAVAOD.DLL
O2 - BHO: Class - {07CF5064-29FC-1C2D-0459-FA738EE61CAE} - C:\WINDOWS\SYSTEM\APINT32.DLL
O2 - BHO: Class - {EE64D601-3718-A3A2-8684-040FA0D9ABAE} - C:\WINDOWS\MSJF.DLL
O2 - BHO: Class - {6A0B9026-1DD1-F53E-E086-D1C4630850D8} - C:\WINDOWS\SYSTEM\WINXI32.DLL
O2 - BHO: Class - {2825AEB2-BECC-119B-D482-F8F24CE5B9FA} - C:\WINDOWS\SYSTEM\IEES.DLL
O2 - BHO: Class - {4E0FF516-5DEF-B102-AAF1-DBCBB044FBCC} - C:\WINDOWS\SYSTEM\CRYY.DLL
O2 - BHO: Class - {62F9E29F-0396-506F-A1AF-EC0A261735CD} - C:\WINDOWS\ATLCU32.DLL
O2 - BHO: Class - {C23A3931-7986-D600-52CD-D52ABEE43493} - C:\WINDOWS\SYSTEM\APPYW.DLL
O2 - BHO: Class - {2BEB5930-7738-6D7C-0175-118F5147FE64} - C:\WINDOWS\CRYY.DLL
O2 - BHO: Class - {48552068-C2EC-57E1-CDA1-204CEE91F68E} - C:\WINDOWS\ATLGP32.DLL
O2 - BHO: Class - {699A7440-B879-1CAF-2441-7FE2382928F2} - C:\WINDOWS\JAVAWM32.DLL
O2 - BHO: Class - {5AC750D9-A521-2823-588F-E44E44F0720C} - C:\WINDOWS\SYSTEM\APPTY32.DLL
O2 - BHO: Class - {DEABD788-8FB3-FD63-7965-389321DD0368} - C:\WINDOWS\D3DN32.DLL
O2 - BHO: Class - {1F50B05E-F490-4773-D83E-94FEB595AE83} - C:\WINDOWS\APIUR.DLL
O2 - BHO: Class - {3AF7875B-3509-1522-7F8C-7BB4D9CDC65D} - C:\WINDOWS\WINMR32.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [CRRH32.EXE] C:\WINDOWS\CRRH32.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [NPFMonitor] C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NETYR32.EXE] C:\WINDOWS\SYSTEM\NETYR32.EXE /s
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O16 - DPF: {8AB662FD-CFE0-4D68-96B8-128AFA3C68A6} (CPrtTmpControl Object) - http://eshare.hpphot...nload/setup.cab
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/...stall/AxCtp.cab
O16 - DPF: RaptisoftGameLoader - http://www.miniclip....tgameloader.cab
  • 0

Advertisements

#2
thegoat54
Posted 02 August 2005 - 01:29 AM

thegoat54

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Reposted updated:
Please note. I really did try to run Ad-aware, and spybot. but they both crash on this computer :tazz:

Logfile of HijackThis v1.99.1
Scan saved at 3:27:03 AM, on 8/2/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\IWP\NPFMNTOR.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\NETYR32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HPZTSB04.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\UNLOAD\HPQCMON.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\DESKTOP\HIJACK\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {A486CC8D-4D69-0934-1BCA-4CAF770BA94E} - C:\WINDOWS\SYSTEM\APICH32.DLL
O2 - BHO: Class - {2882F733-B7B6-5329-F254-6F99D6D7DC9C} - C:\WINDOWS\SYSTEM\D3TI32.DLL
O2 - BHO: Class - {54D0E15D-04E1-F4B0-9D57-9A826010E6AA} - C:\WINDOWS\IPHT.DLL
O2 - BHO: Class - {6CBA8D1A-FBFC-CF1D-D6A4-A213E2797E12} - C:\WINDOWS\SYSTEM\SYSVJ.DLL
O2 - BHO: Class - {DA5FC41F-0DCA-EDB4-61EC-B4FBA3963E4D} - C:\WINDOWS\SYSTEM\JAVAPA.DLL
O2 - BHO: Class - {0E2ED911-ADD7-0D6C-EE7F-0AD55A09FF8D} - C:\WINDOWS\SYSTEM\APPGE32.DLL
O2 - BHO: Class - {FFB2B347-F318-AD04-9CDF-925741BAA0FA} - C:\WINDOWS\NTRI.DLL
O2 - BHO: Class - {DA371525-4626-36A2-15C2-D8474FA5DA8B} - C:\WINDOWS\MSWI.DLL
O2 - BHO: Class - {3D1230B7-697D-58C5-27D9-0B4D4B7DCC48} - C:\WINDOWS\SYSTEM\NTPZ32.DLL
O2 - BHO: Class - {AD1EF48E-DE09-4FBF-D83E-167593424B1D} - C:\WINDOWS\SYSTEM\SYSYF.DLL
O2 - BHO: Class - {9F0FB147-4D6E-FF9B-41FA-9D4944F72B27} - C:\WINDOWS\SYSTEM\WINQX32.DLL
O2 - BHO: Class - {D45E07D6-9102-4EB2-C7D8-87618E96251F} - C:\WINDOWS\SYSTEM\ADDCY.DLL
O2 - BHO: Class - {165E2A96-F6EF-8EAA-AA3B-BCF19E677FD4} - C:\WINDOWS\MSSL.DLL
O2 - BHO: Class - {3DF48671-EE87-CF25-2AA3-B1F575C086D7} - C:\WINDOWS\SYSTEM\ADDUI32.DLL
O2 - BHO: Class - {B8E88C5E-BC25-80CC-D1C6-39631741D010} - C:\WINDOWS\SYSTEM\MFCVZ32.DLL
O2 - BHO: Class - {849D3DCA-F5F2-0B4A-A8D2-B861E7B1A3DB} - C:\WINDOWS\SYSTEM\CREF.DLL
O2 - BHO: Class - {ADF76170-CC18-3741-2816-BCD9B35094C9} - C:\WINDOWS\JAVATA32.DLL
O2 - BHO: Class - {82335B62-7DEF-0FF6-3C5F-94007ED6C7B3} - C:\WINDOWS\APPIB32.DLL
O2 - BHO: Class - {8D1F5508-6A6E-5EA4-B010-5E880FBC9119} - C:\WINDOWS\JAVAGB.DLL
O2 - BHO: Class - {CDCEAEE6-B8F0-9082-5C28-658BC1669AD1} - C:\WINDOWS\APPTV.DLL
O2 - BHO: Class - {9E37589B-6037-730A-AAF5-DB565653BA71} - C:\WINDOWS\ADDFI.DLL
O2 - BHO: Class - {14604D6E-DE07-853B-F23F-7DD24D7B5394} - C:\WINDOWS\SYSTEM\NETHT32.DLL
O2 - BHO: Class - {E5932279-D8DC-3F24-2A72-8D7D96D01E7F} - C:\WINDOWS\APPUT.DLL
O2 - BHO: Class - {D83EAF1B-1044-B324-1BB3-7FD1F48455F2} - C:\WINDOWS\NETTO32.DLL
O2 - BHO: Class - {3A00AA22-FEC1-FC9A-10CE-46012D4BF6B2} - C:\WINDOWS\SYSTEM\MSYB32.DLL
O2 - BHO: Class - {F733BB38-2EF0-9B2B-E0CD-EC5FC57CE367} - C:\WINDOWS\SYSTEM\APIBR.DLL
O2 - BHO: Class - {6449D83F-D4E2-3432-E64A-30883E66287C} - C:\WINDOWS\SYSTEM\APIRZ32.DLL
O2 - BHO: Class - {9341C955-9B9E-D574-C5C1-B294022FF521} - C:\WINDOWS\SYSTEM\IEGX32.DLL
O2 - BHO: Class - {BF6B4D62-8D32-92D9-5406-BCE7C016CBE1} - C:\WINDOWS\SYSJE32.DLL
O2 - BHO: Class - {81B13E5A-B27C-6BB2-7C2F-E42B321541D2} - C:\WINDOWS\WINSQ.DLL
O2 - BHO: Class - {499CBA68-0CDC-4376-9119-E07B6BD9CBB4} - C:\WINDOWS\CRGW.DLL
O2 - BHO: Class - {E69D7404-52DA-A488-F5DB-A7618C654281} - C:\WINDOWS\WINES32.DLL
O2 - BHO: Class - {A3A1D3DD-CE5C-50A8-BB1C-D6D51301175C} - C:\WINDOWS\APIMJ32.DLL
O2 - BHO: Class - {C57A97CE-E8D2-2292-3692-AE5AD4A452E1} - C:\WINDOWS\IPEW.DLL
O2 - BHO: Class - {CF23122C-C402-1BC6-41DB-64BC722F041B} - C:\WINDOWS\SYSTEM\WINWM32.DLL
O2 - BHO: Class - {944EE44C-E29D-1C39-BB55-AC06004EB6D1} - C:\WINDOWS\SYSTEM\SYSDK32.DLL
O2 - BHO: Class - {4D2401C4-3963-5399-544B-E35CFE7B28CC} - C:\WINDOWS\SYSTEM\CRWH.DLL
O2 - BHO: Class - {F5686BA7-3674-ABCB-F94D-A43FDF6A7659} - C:\WINDOWS\SYSTEM\APPGL.DLL
O2 - BHO: Class - {DD61961E-9C13-3BBF-211B-B3C175DF50B0} - C:\WINDOWS\SYSTEM\IETV.DLL
O2 - BHO: Class - {F74F5F33-E70C-8C6D-C5B6-16A0C455D1DB} - C:\WINDOWS\MFCMG.DLL
O2 - BHO: Class - {CF008A72-7CDE-E07A-FBF9-4FBE34248318} - C:\WINDOWS\WINFC.DLL
O2 - BHO: Class - {21204F9B-E08B-9E2A-C0B8-0DA765FD3394} - C:\WINDOWS\WINDD32.DLL
O2 - BHO: Class - {295C10DB-849D-8DF8-7934-BDA72C09FEFE} - C:\WINDOWS\IPJU.DLL
O2 - BHO: Class - {73387395-ABB2-DEF3-C455-735DB3177062} - C:\WINDOWS\NETWF32.DLL
O2 - BHO: Class - {2CE28542-E4C7-D52D-FE61-BF5CDCDE11A7} - C:\WINDOWS\SYSTEM\SYSKH32.DLL
O2 - BHO: Class - {873458BD-F460-8C2C-C434-DA1479C9FA9D} - C:\WINDOWS\IEOX32.DLL
O2 - BHO: Class - {401249DD-FC9A-788E-2A42-6F9CF15DDAD5} - C:\WINDOWS\APPSZ32.DLL
O2 - BHO: Class - {C0B3C183-9559-EAC0-6D1B-180FC6A39B9F} - C:\WINDOWS\SYSTEM\ADDBX32.DLL
O2 - BHO: Class - {3F56B013-2968-2BEF-D3F5-EE7CB8690AC7} - C:\WINDOWS\APPDR.DLL
O2 - BHO: Class - {D2F5D9A4-C618-A8DE-BD9E-602C1BFB1EA1} - C:\WINDOWS\ADDBK32.DLL
O2 - BHO: Class - {A8C66BEE-E12E-7B7C-F78C-9F6802FA0A8B} - C:\WINDOWS\SYSTEM\JAVAPM32.DLL
O2 - BHO: Class - {60E27602-D57E-AE87-A18C-7E8AD993769E} - C:\WINDOWS\SYSTEM\ADDYS.DLL
O2 - BHO: Class - {E16B1DD3-344A-79E1-514A-8BF5E68E8461} - C:\WINDOWS\SYSTEM\NETLA32.DLL
O2 - BHO: Class - {68B76541-F779-19C3-14AB-FC96E7DCA21F} - C:\WINDOWS\SYSTEM\WINYF.DLL
O2 - BHO: Class - {AEC12FD1-2D85-624B-3CFF-BAD55B99B1F3} - C:\WINDOWS\APPSO.DLL
O2 - BHO: Class - {A45618F3-F6BE-0909-6EB6-763DD408A2FD} - C:\WINDOWS\SYSTEM\D3MN32.DLL
O2 - BHO: Class - {3DE3C5E7-E056-7870-5BA6-FDECCF02B31C} - C:\WINDOWS\SYSTEM\SDKYV32.DLL
O2 - BHO: Class - {57139321-BFB2-894C-9C21-AA3CBF02AC36} - C:\WINDOWS\NTQF.DLL
O2 - BHO: Class - {D5430FF5-3038-BE1F-1D1A-A6A44847B77B} - C:\WINDOWS\SYSPD.DLL
O2 - BHO: Class - {F249CF20-A478-5953-169A-1090792E66B4} - C:\WINDOWS\IPZH.DLL
O2 - BHO: Class - {55E7D5FC-94F9-2EDA-0E40-9440AF227929} - C:\WINDOWS\APPMS.DLL
O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - C:\WINDOWS\NTQB32.DLL
O2 - BHO: Class - {2005B9B5-C183-DBA7-D764-F4CD01F0DAA3} - C:\WINDOWS\SDKLY32.DLL
O2 - BHO: Class - {CE62331B-A2CA-DF95-EFF4-350C3CA4877F} - C:\WINDOWS\SYSTEM\JAVASJ32.DLL
O2 - BHO: Class - {263AA006-FCC9-38D2-F5F0-3B6CBB118EEB} - C:\WINDOWS\SYSTEM\NETFR.DLL
O2 - BHO: Class - {4AC62F9C-2025-CE87-7120-9845408A0B63} - C:\WINDOWS\SYSOK.DLL
O2 - BHO: Class - {8144B36B-0CAB-4B25-CC47-F48322B3263D} - C:\WINDOWS\APIBS32.DLL
O2 - BHO: Class - {97D855EA-1734-8802-A3F4-6568F257371E} - C:\WINDOWS\WINJS32.DLL
O2 - BHO: Class - {958E0E4F-AED0-880A-9D7C-3E7D9ECC21F3} - C:\WINDOWS\ADDSD.DLL
O2 - BHO: Class - {7EFD2AAF-EF34-BB29-7E43-A52C9FA5AC8A} - C:\WINDOWS\SYSMN32.DLL
O2 - BHO: Class - {EC5F1AF3-CF0D-5AC3-A2FD-C4AD27BAD24A} - C:\WINDOWS\SYSXD32.DLL
O2 - BHO: Class - {22A97394-EB34-0653-AF9D-BCB8831CBDCC} - C:\WINDOWS\D3NY32.DLL
O2 - BHO: Class - {2847C50A-C8BB-A6A4-AF20-AEF6F512EDD8} - C:\WINDOWS\SYSTEM\MSLW32.DLL
O2 - BHO: Class - {8A4CF18B-B846-C0E7-A457-DF8C366EE6AB} - C:\WINDOWS\JAVATT32.DLL
O2 - BHO: Class - {939A8A3C-4B64-FCB7-9DC0-032D6E16A6B0} - C:\WINDOWS\CRCH32.DLL
O2 - BHO: Class - {963DA6BD-F258-6B5B-A359-11BA2D7DBF77} - C:\WINDOWS\SYSTEM\IPVM32.DLL
O2 - BHO: Class - {1C5C68F8-E651-118C-92FF-F800A97AB75A} - C:\WINDOWS\SYSTEM\NETHZ32.DLL
O2 - BHO: Class - {EE7F9874-6C5C-2039-02A8-8C435F1D1985} - C:\WINDOWS\SYSTEM\APPVF32.DLL
O2 - BHO: Class - {9EDA9785-40FC-1490-006F-96169BF9E07E} - C:\WINDOWS\SYSTEM\IPYO32.DLL
O2 - BHO: Class - {3BAEACBD-6D25-4282-0896-4FA149FAF324} - C:\WINDOWS\MSWZ32.DLL
O2 - BHO: Class - {6F78D1A7-9B90-901B-4763-5F6F47B6AE32} - C:\WINDOWS\MFCFF.DLL
O2 - BHO: Class - {CC6B1259-B78A-B74C-9E99-BA8008EF0397} - C:\WINDOWS\SYSTEM\SYSIF32.DLL
O2 - BHO: Class - {B1EF5669-C451-9D53-566F-21E92AAFF481} - C:\WINDOWS\SYSTEM\SDKCF32.DLL
O2 - BHO: Class - {53EAB9A8-F44A-61A4-B6EC-872F1E9FA433} - C:\WINDOWS\SYSTEM\MSOL.DLL
O2 - BHO: Class - {05563232-5F02-763A-E92E-D32E0B4BF53F} - C:\WINDOWS\CRJX.DLL
O2 - BHO: Class - {C2CF5213-BFD2-2AA4-CF30-DF9D99BF5F26} - C:\WINDOWS\SYSTEM\WINOM.DLL
O2 - BHO: Class - {1801F3E4-30B9-6127-58F8-3C65653A5167} - C:\WINDOWS\CRAL.DLL
O2 - BHO: Class - {EFF8F8E7-8BB1-8A20-9AA1-77DD2035DFA9} - C:\WINDOWS\SYSTEM\MFCON.DLL
O2 - BHO: Class - {2B029CDC-2036-DEE4-CB48-B938F68F9C92} - C:\WINDOWS\ATLSD.DLL
O2 - BHO: Class - {EDB26250-09FC-1FA8-D658-7596EB84482D} - C:\WINDOWS\SYSTEM\APPUJ.DLL
O2 - BHO: Class - {6DECF005-6065-148F-3650-38926255F316} - C:\WINDOWS\SYSTEM\SDKDP32.DLL
O2 - BHO: Class - {3D11949D-122A-F736-FC9E-B1C992E35B78} - C:\WINDOWS\SYSTEM\IPVW.DLL
O2 - BHO: Class - {D172A39A-F3DD-E44E-68F7-A238EC18D3FF} - C:\WINDOWS\SYSTEM\IPNG32.DLL
O2 - BHO: Class - {570908A4-FE60-6ABF-B123-69E2CEC6741D} - C:\WINDOWS\MSLG32.DLL
O2 - BHO: Class - {91C2B0FE-D006-5E8B-44FA-B029114249CF} - C:\WINDOWS\CREB.DLL
O2 - BHO: Class - {295AC432-763E-D35E-236D-3516BE2A8745} - C:\WINDOWS\SYSTEM\IPTU.DLL
O2 - BHO: Class - {C35AADB0-FE0C-8B29-3DF2-80B00335B70D} - C:\WINDOWS\CRZA32.DLL
O2 - BHO: Class - {94BE0630-302D-D47B-F234-E1E9592B1AE6} - C:\WINDOWS\IPNI.DLL
O2 - BHO: Class - {E5C4AAF5-366D-92B4-E3A1-65741AF484B6} - C:\WINDOWS\SYSTEM\WINSZ.DLL
O2 - BHO: Class - {8DC985F0-8511-575A-9130-818D07E50CEE} - C:\WINDOWS\SYSTEM\APIER32.DLL
O2 - BHO: Class - {79363C5E-E8C7-8AF3-DE17-A8D1E8680065} - C:\WINDOWS\SYSTEM\SDKPP.DLL
O2 - BHO: Class - {5365E277-F1B0-AE0D-5911-5137176007E6} - C:\WINDOWS\APPDK.DLL
O2 - BHO: Class - {09D55E10-2E07-7D53-29FE-5C3AF9DB4D7A} - C:\WINDOWS\ADDPZ32.DLL
O2 - BHO: Class - {4566CC43-0B31-07E0-141A-12FC7D5FF802} - C:\WINDOWS\SYSEZ32.DLL
O2 - BHO: Class - {E2FCAB75-146C-CEDB-52F8-63DEE958BC1B} - C:\WINDOWS\SYSTEM\IEQK.DLL
O2 - BHO: Class - {070658EF-FBB1-51FF-B02D-6C8EC243119E} - C:\WINDOWS\APIPR.DLL
O2 - BHO: Class - {F97B935C-4820-CB6C-D4EF-A3AF4B649DB3} - C:\WINDOWS\IPNT.DLL
O2 - BHO: Class - {1C8DC8D2-087A-A91C-789E-1CD007B60FC7} - C:\WINDOWS\SYSTEM\MSIZ32.DLL
O2 - BHO: Class - {EAEB4D30-F422-34AA-B1E8-30F0FEAF1B11} - C:\WINDOWS\SYSTEM\SYSEH.DLL
O2 - BHO: Class - {1A3B9D49-1BA6-22D5-70F3-83C12EB31BE0} - C:\WINDOWS\APITW32.DLL
O2 - BHO: Class - {722D8EBB-61F2-D04B-9938-6479062F7682} - C:\WINDOWS\SDKIK.DLL
O2 - BHO: Class - {6F80A99D-B909-5C0D-B99B-ED9CE85E67DE} - C:\WINDOWS\SYSTEM\ATLEQ32.DLL
O2 - BHO: Class - {631A4540-2042-D857-2571-DD87935DB588} - C:\WINDOWS\NTHZ32.DLL
O2 - BHO: Class - {FA69B0FB-5CC1-6510-2209-5AB77E3AF7AC} - C:\WINDOWS\SYSTEM\MFCID32.DLL
O2 - BHO: Class - {675A16BB-A0C2-544F-5D5E-A550A9BAAF78} - C:\WINDOWS\MFCXY32.DLL
O2 - BHO: Class - {504D846D-FA80-42B4-C3BD-254D288DFA55} - C:\WINDOWS\SYSTEM\IPQV.DLL
O2 - BHO: Class - {ADE15B25-99D9-47AB-3E33-9B2A8D282369} - C:\WINDOWS\SYSTEM\MFCSH32.DLL
O2 - BHO: Class - {88604341-3F26-8D24-AA19-E4F9F035C3A1} - C:\WINDOWS\SYSTEM\IPFP32.DLL
O2 - BHO: Class - {5BA426C5-FB02-68E6-5AAF-4FD3DFFBFCED} - C:\WINDOWS\SYSTEM\JAVAIK.DLL
O2 - BHO: Class - {0D521E90-FF76-3FC3-E866-905A28B2CF30} - C:\WINDOWS\APILN.DLL
O2 - BHO: Class - {5F0F1AE8-F55A-3FDD-FD31-C2E35E64861C} - C:\WINDOWS\SYSTEM\NETRZ.DLL
O2 - BHO: Class - {3C522CEC-1650-20FB-9085-E404FE236831} - C:\WINDOWS\NETGU32.DLL
O2 - BHO: Class - {195BB02B-4008-2F27-063D-AEAD3798CA0C} - C:\WINDOWS\SYSTEM\APIYE.DLL
O2 - BHO: Class - {D8F171E9-477F-B9D5-F4B0-45989B632376} - C:\WINDOWS\SYSTEM\ADDLO32.DLL
O2 - BHO: Class - {4A2CAEE7-479D-525D-B6F5-E9576A65F285} - C:\WINDOWS\APIHS.DLL
O2 - BHO: Class - {F4A963FC-404B-1770-5428-F9861C3D2564} - C:\WINDOWS\SYSTEM\SYSJH.DLL
O2 - BHO: Class - {61E930AA-7C50-F2FA-A487-E67B7884861E} - C:\WINDOWS\SYSTEM\SYSYK32.DLL
O2 - BHO: Class - {C456A362-3423-46FC-6AA3-B7B1D00B9FB8} - C:\WINDOWS\SYSTEM\NTHU32.DLL
O2 - BHO: Class - {1962378B-88F9-50CC-A804-D2474D43DFCF} - C:\WINDOWS\SYSTEM\WINUN32.DLL
O2 - BHO: Class - {83AE9619-65D9-1BB7-7DA7-2CC586B062B5} - C:\WINDOWS\SYSTEM\D3WS32.DLL
O2 - BHO: Class - {D9AA0B45-D4FD-7AED-3EAA-679FA1487A31} - C:\WINDOWS\APPLF.DLL
O2 - BHO: Class - {78BE5EC2-1895-35E6-3DCD-42596173A6FB} - C:\WINDOWS\SYSTEM\SDKXC32.DLL
O2 - BHO: Class - {C22D9ED6-EDCC-967A-DFB1-0043697AEF16} - C:\WINDOWS\SYSTEM\SYSOV32.DLL
O2 - BHO: Class - {B0655B32-20C5-C50B-D818-F1CB9C013D1D} - C:\WINDOWS\SYSTEM\IEAL32.DLL
O2 - BHO: Class - {692156AA-6605-5668-04D3-C5B2231A6A6A} - C:\WINDOWS\SYSTEM\IPTY.DLL
O2 - BHO: Class - {C10A704E-102F-B1FD-66E0-C0B95ABA4630} - C:\WINDOWS\SYSTEM\ATLUV.DLL
O2 - BHO: Class - {A1761B11-6BCE-6633-2E3B-8DD25BAA12F8} - C:\WINDOWS\SYSTEM\D3WK32.DLL
O2 - BHO: Class - {0033AAE9-55C7-41F3-F763-32B1DA16BE5C} - C:\WINDOWS\SYSTEM\MFCDH32.DLL
O2 - BHO: Class - {C38A3B8F-04D2-90AB-A5A9-6FA9905AC8D3} - C:\WINDOWS\SYSTEM\MFCYE32.DLL
O2 - BHO: Class - {815F55AF-62B6-9D54-8964-D45455A224BF} - C:\WINDOWS\SYSTEM\ADDMJ32.DLL
O2 - BHO: Class - {C72CDEFF-404F-B860-EF31-97B23086F97E} - C:\WINDOWS\SYSTEM\ADDDL.DLL
O2 - BHO: Class - {F82406AA-AA26-0FEF-2943-600622AB7AB5} - C:\WINDOWS\IEQT.DLL
O2 - BHO: Class - {0CE67B94-2E2C-93A0-43E8-4B02D9C12BD3} - C:\WINDOWS\SYSTEM\ATLKW32.DLL
O2 - BHO: Class - {26F48417-BA3B-EB85-58BC-D6D86BF802EF} - C:\WINDOWS\IEYE.DLL
O2 - BHO: Class - {DD33DD18-4D26-B41E-13DA-43F55E371DD6} - C:\WINDOWS\D3WN32.DLL
O2 - BHO: Class - {E3707CB3-8DF7-B88F-7460-10CF1C5AF795} - C:\WINDOWS\SYSTEM\APIVH32.DLL
O2 - BHO: Class - {1331A183-B481-1370-0A69-475964CB9CE6} - C:\WINDOWS\SYSTEM\MSLP.DLL
O2 - BHO: Class - {12405A54-7E5C-D9E3-C492-9DB13E5563E6} - C:\WINDOWS\SYSTEM\IPNM32.DLL
O2 - BHO: Class - {AB07D8D0-2369-881F-81AF-C71825A24FD7} - C:\WINDOWS\NTRF.DLL
O2 - BHO: Class - {2DA7677E-5586-2002-9CAE-D23207D699FE} - C:\WINDOWS\SYSTEM\NTGA32.DLL
O2 - BHO: Class - {3A0E4322-F78D-3E65-0094-9D60E1486BC7} - C:\WINDOWS\SYSTEM\NTJR32.DLL
O2 - BHO: Class - {35F57123-7783-1F84-F727-833F7B85FFBF} - C:\WINDOWS\SYSTEM\IERW32.DLL
O2 - BHO: Class - {BD9FC8CA-2B4C-538D-74D9-3F302EFCBC86} - C:\WINDOWS\ADDKV.DLL
O2 - BHO: Class - {41D0E5E5-4CC4-AAC1-982F-7B2573677ABE} - C:\WINDOWS\APPTZ32.DLL
O2 - BHO: Class - {DE0BAD64-90AC-210E-E63A-88EAC8F9B7E6} - C:\WINDOWS\ATLWM.DLL
O2 - BHO: Class - {A486C68F-6631-2A80-9130-5AAE5A0D6D0E} - C:\WINDOWS\SYSTEM\ADDSF.DLL
O2 - BHO: Class - {CF22795E-F0CD-B9F1-BAF6-79B05A0373A3} - C:\WINDOWS\NTAA.DLL
O2 - BHO: Class - {D60F8AE6-EE48-9A9D-7E98-BF44A8A19709} - C:\WINDOWS\SYSTEM\JAVAWB.DLL
O2 - BHO: Class - {538F8201-992A-AD4D-BFA8-757116A97B3F} - C:\WINDOWS\WINSQ32.DLL
O2 - BHO: Class - {D92B11D4-74D5-F043-84CE-D7DC94E095D0} - C:\WINDOWS\SYSTEM\ADDET32.DLL
O2 - BHO: Class - {5AADF711-1959-1F3C-758F-2D8DC7E38CD1} - C:\WINDOWS\SYSTEM\ADDRC32.DLL
O2 - BHO: Class - {38676506-537C-15C1-0E35-C7D795AC6547} - C:\WINDOWS\SYSTEM\APITN.DLL
O2 - BHO: Class - {58EDEE37-3961-A0F9-A428-713B6BA5B6BC} - C:\WINDOWS\SYSTEM\D3MP.DLL
O2 - BHO: Class - {25ADA2FE-929D-3669-BEDF-A52E5180403B} - C:\WINDOWS\ATLGA.DLL
O2 - BHO: Class - {1EDAA77F-A3EB-566C-9C20-F5D68C38C988} - C:\WINDOWS\SYSTEM\JAVAOD.DLL
O2 - BHO: Class - {07CF5064-29FC-1C2D-0459-FA738EE61CAE} - C:\WINDOWS\SYSTEM\APINT32.DLL
O2 - BHO: Class - {EE64D601-3718-A3A2-8684-040FA0D9ABAE} - C:\WINDOWS\MSJF.DLL
O2 - BHO: Class - {6A0B9026-1DD1-F53E-E086-D1C4630850D8} - C:\WINDOWS\SYSTEM\WINXI32.DLL
O2 - BHO: Class - {2825AEB2-BECC-119B-D482-F8F24CE5B9FA} - C:\WINDOWS\SYSTEM\IEES.DLL
O2 - BHO: Class - {4E0FF516-5DEF-B102-AAF1-DBCBB044FBCC} - C:\WINDOWS\SYSTEM\CRYY.DLL
O2 - BHO: Class - {62F9E29F-0396-506F-A1AF-EC0A261735CD} - C:\WINDOWS\ATLCU32.DLL
O2 - BHO: Class - {C23A3931-7986-D600-52CD-D52ABEE43493} - C:\WINDOWS\SYSTEM\APPYW.DLL
O2 - BHO: Class - {2BEB5930-7738-6D7C-0175-118F5147FE64} - C:\WINDOWS\CRYY.DLL
O2 - BHO: Class - {48552068-C2EC-57E1-CDA1-204CEE91F68E} - C:\WINDOWS\ATLGP32.DLL
O2 - BHO: Class - {699A7440-B879-1CAF-2441-7FE2382928F2} - C:\WINDOWS\JAVAWM32.DLL
O2 - BHO: Class - {5AC750D9-A521-2823-588F-E44E44F0720C} - C:\WINDOWS\SYSTEM\APPTY32.DLL
O2 - BHO: Class - {DEABD788-8FB3-FD63-7965-389321DD0368} - C:\WINDOWS\D3DN32.DLL
O2 - BHO: Class - {1F50B05E-F490-4773-D83E-94FEB595AE83} - C:\WINDOWS\APIUR.DLL
O2 - BHO: Class - {3AF7875B-3509-1522-7F8C-7BB4D9CDC65D} - C:\WINDOWS\WINMR32.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O16 - DPF: {8AB662FD-CFE0-4D68-96B8-128AFA3C68A6} (CPrtTmpControl Object) - http://eshare.hpphot...nload/setup.cab
O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/...stall/AxCtp.cab
O16 - DPF: RaptisoftGameLoader - http://www.miniclip....tgameloader.cab
  • 0

#3
Justin
Posted 02 August 2005 - 02:15 AM

Justin

    I do a little bit of everything

  • Member
  • PipPipPipPipPip
  • 2,353 posts
Hello, welcome to the GeekstoGo Forums!

My name is Justin, and I will be helping you clean up your system. Lets get started!

This is a nasty infection, and we might have to run through this fix numerous times depending on if it reinfects you (which it is supposed to do). Please stick with me. We will fix this!

Please take the following steps:Please take the following steps:

Set hidden files showing. How do I show hidden files?

IMPORTANT Be sure all browser and explorer windows are closed.

Press Ctrl+Alt+Delete to start the Task Manager. If you find Network Security Service in this list, select it and end the task.

Run HijackThis. Click on "Config...", "Misc Tools", "Open process manager". Select
CRRH32.EXE
NETYR32.EXE
and click on "Kill process". Answer Yes to the "Are you sure..." question.

Run HijackThis, click on "Scan" and check the boxes next to all these items.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bjxwh.dll/sp.html#37049
R3 - Default URLSearchHook is missing
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {A486CC8D-4D69-0934-1BCA-4CAF770BA94E} - C:\WINDOWS\SYSTEM\APICH32.DLL
O2 - BHO: Class - {2882F733-B7B6-5329-F254-6F99D6D7DC9C} - C:\WINDOWS\SYSTEM\D3TI32.DLL
O2 - BHO: Class - {54D0E15D-04E1-F4B0-9D57-9A826010E6AA} - C:\WINDOWS\IPHT.DLL
O2 - BHO: Class - {6CBA8D1A-FBFC-CF1D-D6A4-A213E2797E12} - C:\WINDOWS\SYSTEM\SYSVJ.DLL
O2 - BHO: Class - {DA5FC41F-0DCA-EDB4-61EC-B4FBA3963E4D} - C:\WINDOWS\SYSTEM\JAVAPA.DLL
O2 - BHO: Class - {0E2ED911-ADD7-0D6C-EE7F-0AD55A09FF8D} - C:\WINDOWS\SYSTEM\APPGE32.DLL
O2 - BHO: Class - {FFB2B347-F318-AD04-9CDF-925741BAA0FA} - C:\WINDOWS\NTRI.DLL
O2 - BHO: Class - {DA371525-4626-36A2-15C2-D8474FA5DA8B} - C:\WINDOWS\MSWI.DLL
O2 - BHO: Class - {3D1230B7-697D-58C5-27D9-0B4D4B7DCC48} - C:\WINDOWS\SYSTEM\NTPZ32.DLL
O2 - BHO: Class - {AD1EF48E-DE09-4FBF-D83E-167593424B1D} - C:\WINDOWS\SYSTEM\SYSYF.DLL
O2 - BHO: Class - {9F0FB147-4D6E-FF9B-41FA-9D4944F72B27} - C:\WINDOWS\SYSTEM\WINQX32.DLL
O2 - BHO: Class - {D45E07D6-9102-4EB2-C7D8-87618E96251F} - C:\WINDOWS\SYSTEM\ADDCY.DLL
O2 - BHO: Class - {165E2A96-F6EF-8EAA-AA3B-BCF19E677FD4} - C:\WINDOWS\MSSL.DLL
O2 - BHO: Class - {3DF48671-EE87-CF25-2AA3-B1F575C086D7} - C:\WINDOWS\SYSTEM\ADDUI32.DLL
O2 - BHO: Class - {B8E88C5E-BC25-80CC-D1C6-39631741D010} - C:\WINDOWS\SYSTEM\MFCVZ32.DLL
O2 - BHO: Class - {849D3DCA-F5F2-0B4A-A8D2-B861E7B1A3DB} - C:\WINDOWS\SYSTEM\CREF.DLL
O2 - BHO: Class - {ADF76170-CC18-3741-2816-BCD9B35094C9} - C:\WINDOWS\JAVATA32.DLL
O2 - BHO: Class - {82335B62-7DEF-0FF6-3C5F-94007ED6C7B3} - C:\WINDOWS\APPIB32.DLL
O2 - BHO: Class - {8D1F5508-6A6E-5EA4-B010-5E880FBC9119} - C:\WINDOWS\JAVAGB.DLL
O2 - BHO: Class - {CDCEAEE6-B8F0-9082-5C28-658BC1669AD1} - C:\WINDOWS\APPTV.DLL
O2 - BHO: Class - {9E37589B-6037-730A-AAF5-DB565653BA71} - C:\WINDOWS\ADDFI.DLL
O2 - BHO: Class - {14604D6E-DE07-853B-F23F-7DD24D7B5394} - C:\WINDOWS\SYSTEM\NETHT32.DLL
O2 - BHO: Class - {E5932279-D8DC-3F24-2A72-8D7D96D01E7F} - C:\WINDOWS\APPUT.DLL
O2 - BHO: Class - {D83EAF1B-1044-B324-1BB3-7FD1F48455F2} - C:\WINDOWS\NETTO32.DLL
O2 - BHO: Class - {3A00AA22-FEC1-FC9A-10CE-46012D4BF6B2} - C:\WINDOWS\SYSTEM\MSYB32.DLL
O2 - BHO: Class - {F733BB38-2EF0-9B2B-E0CD-EC5FC57CE367} - C:\WINDOWS\SYSTEM\APIBR.DLL
O2 - BHO: Class - {6449D83F-D4E2-3432-E64A-30883E66287C} - C:\WINDOWS\SYSTEM\APIRZ32.DLL
O2 - BHO: Class - {9341C955-9B9E-D574-C5C1-B294022FF521} - C:\WINDOWS\SYSTEM\IEGX32.DLL
O2 - BHO: Class - {BF6B4D62-8D32-92D9-5406-BCE7C016CBE1} - C:\WINDOWS\SYSJE32.DLL
O2 - BHO: Class - {81B13E5A-B27C-6BB2-7C2F-E42B321541D2} - C:\WINDOWS\WINSQ.DLL
O2 - BHO: Class - {499CBA68-0CDC-4376-9119-E07B6BD9CBB4} - C:\WINDOWS\CRGW.DLL
O2 - BHO: Class - {E69D7404-52DA-A488-F5DB-A7618C654281} - C:\WINDOWS\WINES32.DLL
O2 - BHO: Class - {A3A1D3DD-CE5C-50A8-BB1C-D6D51301175C} - C:\WINDOWS\APIMJ32.DLL
O2 - BHO: Class - {C57A97CE-E8D2-2292-3692-AE5AD4A452E1} - C:\WINDOWS\IPEW.DLL
O2 - BHO: Class - {CF23122C-C402-1BC6-41DB-64BC722F041B} - C:\WINDOWS\SYSTEM\WINWM32.DLL
O2 - BHO: Class - {944EE44C-E29D-1C39-BB55-AC06004EB6D1} - C:\WINDOWS\SYSTEM\SYSDK32.DLL
O2 - BHO: Class - {4D2401C4-3963-5399-544B-E35CFE7B28CC} - C:\WINDOWS\SYSTEM\CRWH.DLL
O2 - BHO: Class - {F5686BA7-3674-ABCB-F94D-A43FDF6A7659} - C:\WINDOWS\SYSTEM\APPGL.DLL
O2 - BHO: Class - {DD61961E-9C13-3BBF-211B-B3C175DF50B0} - C:\WINDOWS\SYSTEM\IETV.DLL
O2 - BHO: Class - {F74F5F33-E70C-8C6D-C5B6-16A0C455D1DB} - C:\WINDOWS\MFCMG.DLL
O2 - BHO: Class - {CF008A72-7CDE-E07A-FBF9-4FBE34248318} - C:\WINDOWS\WINFC.DLL
O2 - BHO: Class - {21204F9B-E08B-9E2A-C0B8-0DA765FD3394} - C:\WINDOWS\WINDD32.DLL
O2 - BHO: Class - {295C10DB-849D-8DF8-7934-BDA72C09FEFE} - C:\WINDOWS\IPJU.DLL
O2 - BHO: Class - {73387395-ABB2-DEF3-C455-735DB3177062} - C:\WINDOWS\NETWF32.DLL
O2 - BHO: Class - {2CE28542-E4C7-D52D-FE61-BF5CDCDE11A7} - C:\WINDOWS\SYSTEM\SYSKH32.DLL
O2 - BHO: Class - {873458BD-F460-8C2C-C434-DA1479C9FA9D} - C:\WINDOWS\IEOX32.DLL
O2 - BHO: Class - {401249DD-FC9A-788E-2A42-6F9CF15DDAD5} - C:\WINDOWS\APPSZ32.DLL
O2 - BHO: Class - {C0B3C183-9559-EAC0-6D1B-180FC6A39B9F} - C:\WINDOWS\SYSTEM\ADDBX32.DLL
O2 - BHO: Class - {3F56B013-2968-2BEF-D3F5-EE7CB8690AC7} - C:\WINDOWS\APPDR.DLL
O2 - BHO: Class - {D2F5D9A4-C618-A8DE-BD9E-602C1BFB1EA1} - C:\WINDOWS\ADDBK32.DLL
O2 - BHO: Class - {A8C66BEE-E12E-7B7C-F78C-9F6802FA0A8B} - C:\WINDOWS\SYSTEM\JAVAPM32.DLL
O2 - BHO: Class - {60E27602-D57E-AE87-A18C-7E8AD993769E} - C:\WINDOWS\SYSTEM\ADDYS.DLL
O2 - BHO: Class - {E16B1DD3-344A-79E1-514A-8BF5E68E8461} - C:\WINDOWS\SYSTEM\NETLA32.DLL
O2 - BHO: Class - {68B76541-F779-19C3-14AB-FC96E7DCA21F} - C:\WINDOWS\SYSTEM\WINYF.DLL
O2 - BHO: Class - {AEC12FD1-2D85-624B-3CFF-BAD55B99B1F3} - C:\WINDOWS\APPSO.DLL
O2 - BHO: Class - {A45618F3-F6BE-0909-6EB6-763DD408A2FD} - C:\WINDOWS\SYSTEM\D3MN32.DLL
O2 - BHO: Class - {3DE3C5E7-E056-7870-5BA6-FDECCF02B31C} - C:\WINDOWS\SYSTEM\SDKYV32.DLL
O2 - BHO: Class - {57139321-BFB2-894C-9C21-AA3CBF02AC36} - C:\WINDOWS\NTQF.DLL
O2 - BHO: Class - {D5430FF5-3038-BE1F-1D1A-A6A44847B77B} - C:\WINDOWS\SYSPD.DLL
O2 - BHO: Class - {F249CF20-A478-5953-169A-1090792E66B4} - C:\WINDOWS\IPZH.DLL
O2 - BHO: Class - {55E7D5FC-94F9-2EDA-0E40-9440AF227929} - C:\WINDOWS\APPMS.DLL
O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - C:\WINDOWS\NTQB32.DLL
O2 - BHO: Class - {2005B9B5-C183-DBA7-D764-F4CD01F0DAA3} - C:\WINDOWS\SDKLY32.DLL
O2 - BHO: Class - {CE62331B-A2CA-DF95-EFF4-350C3CA4877F} - C:\WINDOWS\SYSTEM\JAVASJ32.DLL
O2 - BHO: Class - {263AA006-FCC9-38D2-F5F0-3B6CBB118EEB} - C:\WINDOWS\SYSTEM\NETFR.DLL
O2 - BHO: Class - {4AC62F9C-2025-CE87-7120-9845408A0B63} - C:\WINDOWS\SYSOK.DLL
O2 - BHO: Class - {8144B36B-0CAB-4B25-CC47-F48322B3263D} - C:\WINDOWS\APIBS32.DLL
O2 - BHO: Class - {97D855EA-1734-8802-A3F4-6568F257371E} - C:\WINDOWS\WINJS32.DLL
O2 - BHO: Class - {958E0E4F-AED0-880A-9D7C-3E7D9ECC21F3} - C:\WINDOWS\ADDSD.DLL
O2 - BHO: Class - {7EFD2AAF-EF34-BB29-7E43-A52C9FA5AC8A} - C:\WINDOWS\SYSMN32.DLL
O2 - BHO: Class - {EC5F1AF3-CF0D-5AC3-A2FD-C4AD27BAD24A} - C:\WINDOWS\SYSXD32.DLL
O2 - BHO: Class - {22A97394-EB34-0653-AF9D-BCB8831CBDCC} - C:\WINDOWS\D3NY32.DLL
O2 - BHO: Class - {2847C50A-C8BB-A6A4-AF20-AEF6F512EDD8} - C:\WINDOWS\SYSTEM\MSLW32.DLL
O2 - BHO: Class - {8A4CF18B-B846-C0E7-A457-DF8C366EE6AB} - C:\WINDOWS\JAVATT32.DLL
O2 - BHO: Class - {939A8A3C-4B64-FCB7-9DC0-032D6E16A6B0} - C:\WINDOWS\CRCH32.DLL
O2 - BHO: Class - {963DA6BD-F258-6B5B-A359-11BA2D7DBF77} - C:\WINDOWS\SYSTEM\IPVM32.DLL
O2 - BHO: Class - {1C5C68F8-E651-118C-92FF-F800A97AB75A} - C:\WINDOWS\SYSTEM\NETHZ32.DLL
O2 - BHO: Class - {EE7F9874-6C5C-2039-02A8-8C435F1D1985} - C:\WINDOWS\SYSTEM\APPVF32.DLL
O2 - BHO: Class - {9EDA9785-40FC-1490-006F-96169BF9E07E} - C:\WINDOWS\SYSTEM\IPYO32.DLL
O2 - BHO: Class - {3BAEACBD-6D25-4282-0896-4FA149FAF324} - C:\WINDOWS\MSWZ32.DLL
O2 - BHO: Class - {6F78D1A7-9B90-901B-4763-5F6F47B6AE32} - C:\WINDOWS\MFCFF.DLL
O2 - BHO: Class - {CC6B1259-B78A-B74C-9E99-BA8008EF0397} - C:\WINDOWS\SYSTEM\SYSIF32.DLL
O2 - BHO: Class - {B1EF5669-C451-9D53-566F-21E92AAFF481} - C:\WINDOWS\SYSTEM\SDKCF32.DLL
O2 - BHO: Class - {53EAB9A8-F44A-61A4-B6EC-872F1E9FA433} - C:\WINDOWS\SYSTEM\MSOL.DLL
O2 - BHO: Class - {05563232-5F02-763A-E92E-D32E0B4BF53F} - C:\WINDOWS\CRJX.DLL
O2 - BHO: Class - {C2CF5213-BFD2-2AA4-CF30-DF9D99BF5F26} - C:\WINDOWS\SYSTEM\WINOM.DLL
O2 - BHO: Class - {1801F3E4-30B9-6127-58F8-3C65653A5167} - C:\WINDOWS\CRAL.DLL
O2 - BHO: Class - {EFF8F8E7-8BB1-8A20-9AA1-77DD2035DFA9} - C:\WINDOWS\SYSTEM\MFCON.DLL
O2 - BHO: Class - {2B029CDC-2036-DEE4-CB48-B938F68F9C92} - C:\WINDOWS\ATLSD.DLL
O2 - BHO: Class - {EDB26250-09FC-1FA8-D658-7596EB84482D} - C:\WINDOWS\SYSTEM\APPUJ.DLL
O2 - BHO: Class - {6DECF005-6065-148F-3650-38926255F316} - C:\WINDOWS\SYSTEM\SDKDP32.DLL
O2 - BHO: Class - {3D11949D-122A-F736-FC9E-B1C992E35B78} - C:\WINDOWS\SYSTEM\IPVW.DLL
O2 - BHO: Class - {D172A39A-F3DD-E44E-68F7-A238EC18D3FF} - C:\WINDOWS\SYSTEM\IPNG32.DLL
O2 - BHO: Class - {570908A4-FE60-6ABF-B123-69E2CEC6741D} - C:\WINDOWS\MSLG32.DLL
O2 - BHO: Class - {91C2B0FE-D006-5E8B-44FA-B029114249CF} - C:\WINDOWS\CREB.DLL
O2 - BHO: Class - {295AC432-763E-D35E-236D-3516BE2A8745} - C:\WINDOWS\SYSTEM\IPTU.DLL
O2 - BHO: Class - {C35AADB0-FE0C-8B29-3DF2-80B00335B70D} - C:\WINDOWS\CRZA32.DLL
O2 - BHO: Class - {94BE0630-302D-D47B-F234-E1E9592B1AE6} - C:\WINDOWS\IPNI.DLL
O2 - BHO: Class - {E5C4AAF5-366D-92B4-E3A1-65741AF484B6} - C:\WINDOWS\SYSTEM\WINSZ.DLL
O2 - BHO: Class - {8DC985F0-8511-575A-9130-818D07E50CEE} - C:\WINDOWS\SYSTEM\APIER32.DLL
O2 - BHO: Class - {79363C5E-E8C7-8AF3-DE17-A8D1E8680065} - C:\WINDOWS\SYSTEM\SDKPP.DLL
O2 - BHO: Class - {5365E277-F1B0-AE0D-5911-5137176007E6} - C:\WINDOWS\APPDK.DLL
O2 - BHO: Class - {09D55E10-2E07-7D53-29FE-5C3AF9DB4D7A} - C:\WINDOWS\ADDPZ32.DLL
O2 - BHO: Class - {4566CC43-0B31-07E0-141A-12FC7D5FF802} - C:\WINDOWS\SYSEZ32.DLL
O2 - BHO: Class - {E2FCAB75-146C-CEDB-52F8-63DEE958BC1B} - C:\WINDOWS\SYSTEM\IEQK.DLL
O2 - BHO: Class - {070658EF-FBB1-51FF-B02D-6C8EC243119E} - C:\WINDOWS\APIPR.DLL
O2 - BHO: Class - {F97B935C-4820-CB6C-D4EF-A3AF4B649DB3} - C:\WINDOWS\IPNT.DLL
O2 - BHO: Class - {1C8DC8D2-087A-A91C-789E-1CD007B60FC7} - C:\WINDOWS\SYSTEM\MSIZ32.DLL
O2 - BHO: Class - {EAEB4D30-F422-34AA-B1E8-30F0FEAF1B11} - C:\WINDOWS\SYSTEM\SYSEH.DLL
O2 - BHO: Class - {1A3B9D49-1BA6-22D5-70F3-83C12EB31BE0} - C:\WINDOWS\APITW32.DLL
O2 - BHO: Class - {722D8EBB-61F2-D04B-9938-6479062F7682} - C:\WINDOWS\SDKIK.DLL
O2 - BHO: Class - {6F80A99D-B909-5C0D-B99B-ED9CE85E67DE} - C:\WINDOWS\SYSTEM\ATLEQ32.DLL
O2 - BHO: Class - {631A4540-2042-D857-2571-DD87935DB588} - C:\WINDOWS\NTHZ32.DLL
O2 - BHO: Class - {FA69B0FB-5CC1-6510-2209-5AB77E3AF7AC} - C:\WINDOWS\SYSTEM\MFCID32.DLL
O2 - BHO: Class - {675A16BB-A0C2-544F-5D5E-A550A9BAAF78} - C:\WINDOWS\MFCXY32.DLL
O2 - BHO: Class - {504D846D-FA80-42B4-C3BD-254D288DFA55} - C:\WINDOWS\SYSTEM\IPQV.DLL
O2 - BHO: Class - {ADE15B25-99D9-47AB-3E33-9B2A8D282369} - C:\WINDOWS\SYSTEM\MFCSH32.DLL
O2 - BHO: Class - {88604341-3F26-8D24-AA19-E4F9F035C3A1} - C:\WINDOWS\SYSTEM\IPFP32.DLL
O2 - BHO: Class - {5BA426C5-FB02-68E6-5AAF-4FD3DFFBFCED} - C:\WINDOWS\SYSTEM\JAVAIK.DLL
O2 - BHO: Class - {0D521E90-FF76-3FC3-E866-905A28B2CF30} - C:\WINDOWS\APILN.DLL
O2 - BHO: Class - {5F0F1AE8-F55A-3FDD-FD31-C2E35E64861C} - C:\WINDOWS\SYSTEM\NETRZ.DLL
O2 - BHO: Class - {3C522CEC-1650-20FB-9085-E404FE236831} - C:\WINDOWS\NETGU32.DLL
O2 - BHO: Class - {195BB02B-4008-2F27-063D-AEAD3798CA0C} - C:\WINDOWS\SYSTEM\APIYE.DLL
O2 - BHO: Class - {D8F171E9-477F-B9D5-F4B0-45989B632376} - C:\WINDOWS\SYSTEM\ADDLO32.DLL
O2 - BHO: Class - {4A2CAEE7-479D-525D-B6F5-E9576A65F285} - C:\WINDOWS\APIHS.DLL
O2 - BHO: Class - {F4A963FC-404B-1770-5428-F9861C3D2564} - C:\WINDOWS\SYSTEM\SYSJH.DLL
O2 - BHO: Class - {61E930AA-7C50-F2FA-A487-E67B7884861E} - C:\WINDOWS\SYSTEM\SYSYK32.DLL
O2 - BHO: Class - {C456A362-3423-46FC-6AA3-B7B1D00B9FB8} - C:\WINDOWS\SYSTEM\NTHU32.DLL
O2 - BHO: Class - {1962378B-88F9-50CC-A804-D2474D43DFCF} - C:\WINDOWS\SYSTEM\WINUN32.DLL
O2 - BHO: Class - {83AE9619-65D9-1BB7-7DA7-2CC586B062B5} - C:\WINDOWS\SYSTEM\D3WS32.DLL
O2 - BHO: Class - {D9AA0B45-D4FD-7AED-3EAA-679FA1487A31} - C:\WINDOWS\APPLF.DLL
O2 - BHO: Class - {78BE5EC2-1895-35E6-3DCD-42596173A6FB} - C:\WINDOWS\SYSTEM\SDKXC32.DLL
O2 - BHO: Class - {C22D9ED6-EDCC-967A-DFB1-0043697AEF16} - C:\WINDOWS\SYSTEM\SYSOV32.DLL
O2 - BHO: Class - {B0655B32-20C5-C50B-D818-F1CB9C013D1D} - C:\WINDOWS\SYSTEM\IEAL32.DLL
O2 - BHO: Class - {692156AA-6605-5668-04D3-C5B2231A6A6A} - C:\WINDOWS\SYSTEM\IPTY.DLL
O2 - BHO: Class - {C10A704E-102F-B1FD-66E0-C0B95ABA4630} - C:\WINDOWS\SYSTEM\ATLUV.DLL
O2 - BHO: Class - {A1761B11-6BCE-6633-2E3B-8DD25BAA12F8} - C:\WINDOWS\SYSTEM\D3WK32.DLL
O2 - BHO: Class - {0033AAE9-55C7-41F3-F763-32B1DA16BE5C} - C:\WINDOWS\SYSTEM\MFCDH32.DLL
O2 - BHO: Class - {C38A3B8F-04D2-90AB-A5A9-6FA9905AC8D3} - C:\WINDOWS\SYSTEM\MFCYE32.DLL
O2 - BHO: Class - {815F55AF-62B6-9D54-8964-D45455A224BF} - C:\WINDOWS\SYSTEM\ADDMJ32.DLL
O2 - BHO: Class - {C72CDEFF-404F-B860-EF31-97B23086F97E} - C:\WINDOWS\SYSTEM\ADDDL.DLL
O2 - BHO: Class - {F82406AA-AA26-0FEF-2943-600622AB7AB5} - C:\WINDOWS\IEQT.DLL
O2 - BHO: Class - {0CE67B94-2E2C-93A0-43E8-4B02D9C12BD3} - C:\WINDOWS\SYSTEM\ATLKW32.DLL
O2 - BHO: Class - {26F48417-BA3B-EB85-58BC-D6D86BF802EF} - C:\WINDOWS\IEYE.DLL
O2 - BHO: Class - {DD33DD18-4D26-B41E-13DA-43F55E371DD6} - C:\WINDOWS\D3WN32.DLL
O2 - BHO: Class - {E3707CB3-8DF7-B88F-7460-10CF1C5AF795} - C:\WINDOWS\SYSTEM\APIVH32.DLL
O2 - BHO: Class - {1331A183-B481-1370-0A69-475964CB9CE6} - C:\WINDOWS\SYSTEM\MSLP.DLL
O2 - BHO: Class - {12405A54-7E5C-D9E3-C492-9DB13E5563E6} - C:\WINDOWS\SYSTEM\IPNM32.DLL
O2 - BHO: Class - {AB07D8D0-2369-881F-81AF-C71825A24FD7} - C:\WINDOWS\NTRF.DLL
O2 - BHO: Class - {2DA7677E-5586-2002-9CAE-D23207D699FE} - C:\WINDOWS\SYSTEM\NTGA32.DLL
O2 - BHO: Class - {3A0E4322-F78D-3E65-0094-9D60E1486BC7} - C:\WINDOWS\SYSTEM\NTJR32.DLL
O2 - BHO: Class - {35F57123-7783-1F84-F727-833F7B85FFBF} - C:\WINDOWS\SYSTEM\IERW32.DLL
O2 - BHO: Class - {BD9FC8CA-2B4C-538D-74D9-3F302EFCBC86} - C:\WINDOWS\ADDKV.DLL
O2 - BHO: Class - {41D0E5E5-4CC4-AAC1-982F-7B2573677ABE} - C:\WINDOWS\APPTZ32.DLL
O2 - BHO: Class - {DE0BAD64-90AC-210E-E63A-88EAC8F9B7E6} - C:\WINDOWS\ATLWM.DLL
O2 - BHO: Class - {A486C68F-6631-2A80-9130-5AAE5A0D6D0E} - C:\WINDOWS\SYSTEM\ADDSF.DLL
O2 - BHO: Class - {CF22795E-F0CD-B9F1-BAF6-79B05A0373A3} - C:\WINDOWS\NTAA.DLL
O2 - BHO: Class - {D60F8AE6-EE48-9A9D-7E98-BF44A8A19709} - C:\WINDOWS\SYSTEM\JAVAWB.DLL
O2 - BHO: Class - {538F8201-992A-AD4D-BFA8-757116A97B3F} - C:\WINDOWS\WINSQ32.DLL
O2 - BHO: Class - {D92B11D4-74D5-F043-84CE-D7DC94E095D0} - C:\WINDOWS\SYSTEM\ADDET32.DLL
O2 - BHO: Class - {5AADF711-1959-1F3C-758F-2D8DC7E38CD1} - C:\WINDOWS\SYSTEM\ADDRC32.DLL
O2 - BHO: Class - {38676506-537C-15C1-0E35-C7D795AC6547} - C:\WINDOWS\SYSTEM\APITN.DLL
O2 - BHO: Class - {58EDEE37-3961-A0F9-A428-713B6BA5B6BC} - C:\WINDOWS\SYSTEM\D3MP.DLL
O2 - BHO: Class - {25ADA2FE-929D-3669-BEDF-A52E5180403B} - C:\WINDOWS\ATLGA.DLL
O2 - BHO: Class - {1EDAA77F-A3EB-566C-9C20-F5D68C38C988} - C:\WINDOWS\SYSTEM\JAVAOD.DLL
O2 - BHO: Class - {07CF5064-29FC-1C2D-0459-FA738EE61CAE} - C:\WINDOWS\SYSTEM\APINT32.DLL
O2 - BHO: Class - {EE64D601-3718-A3A2-8684-040FA0D9ABAE} - C:\WINDOWS\MSJF.DLL
O2 - BHO: Class - {6A0B9026-1DD1-F53E-E086-D1C4630850D8} - C:\WINDOWS\SYSTEM\WINXI32.DLL
O2 - BHO: Class - {2825AEB2-BECC-119B-D482-F8F24CE5B9FA} - C:\WINDOWS\SYSTEM\IEES.DLL
O2 - BHO: Class - {4E0FF516-5DEF-B102-AAF1-DBCBB044FBCC} - C:\WINDOWS\SYSTEM\CRYY.DLL
O2 - BHO: Class - {62F9E29F-0396-506F-A1AF-EC0A261735CD} - C:\WINDOWS\ATLCU32.DLL
O2 - BHO: Class - {C23A3931-7986-D600-52CD-D52ABEE43493} - C:\WINDOWS\SYSTEM\APPYW.DLL
O2 - BHO: Class - {2BEB5930-7738-6D7C-0175-118F5147FE64} - C:\WINDOWS\CRYY.DLL
O2 - BHO: Class - {48552068-C2EC-57E1-CDA1-204CEE91F68E} - C:\WINDOWS\ATLGP32.DLL
O2 - BHO: Class - {699A7440-B879-1CAF-2441-7FE2382928F2} - C:\WINDOWS\JAVAWM32.DLL
O2 - BHO: Class - {5AC750D9-A521-2823-588F-E44E44F0720C} - C:\WINDOWS\SYSTEM\APPTY32.DLL
O2 - BHO: Class - {DEABD788-8FB3-FD63-7965-389321DD0368} - C:\WINDOWS\D3DN32.DLL
O2 - BHO: Class - {1F50B05E-F490-4773-D83E-94FEB595AE83} - C:\WINDOWS\APIUR.DLL
O2 - BHO: Class - {3AF7875B-3509-1522-7F8C-7BB4D9CDC65D} - C:\WINDOWS\WINMR32.DLL
O4 - HKLM\..\Run: [CRRH32.EXE] C:\WINDOWS\CRRH32.EXE
O4 - HKLM\..\RunServices: [NETYR32.EXE] C:\WINDOWS\SYSTEM\NETYR32.EXE /s
Then close all windows, and browsers, except HijackThis. Tell HijackThis to "Fix checked".

Restart your computer in Safe Mode. How do I Safe Boot my computer?

Folders and files with a tilde (~), means that there is a file/folder that starts with the six characters in front of the tilde, note that there may be spaces in the name. If there are more than one, please report them back and do not delete!

Delete the following files in red (it could be that they are deleted already):
C:\WINDOWS\bjxwh.dll
C:\WINDOWS\SYSTEM\APICH32.DLL
C:\WINDOWS\SYSTEM\D3TI32.DLL
C:\WINDOWS\IPHT.DLL
C:\WINDOWS\SYSTEM\SYSVJ.DLL
C:\WINDOWS\SYSTEM\JAVAPA.DLL
C:\WINDOWS\SYSTEM\APPGE32.DLL
C:\WINDOWS\NTRI.DLL
C:\WINDOWS\MSWI.DLL
C:\WINDOWS\SYSTEM\NTPZ32.DLL
C:\WINDOWS\SYSTEM\SYSYF.DLL
C:\WINDOWS\SYSTEM\WINQX32.DLL
C:\WINDOWS\SYSTEM\ADDCY.DLL
C:\WINDOWS\MSSL.DLL
C:\WINDOWS\SYSTEM\ADDUI32.DLL
C:\WINDOWS\SYSTEM\MFCVZ32.DLL
C:\WINDOWS\SYSTEM\CREF.DLL
C:\WINDOWS\JAVATA32.DLL
C:\WINDOWS\APPIB32.DLL
C:\WINDOWS\JAVAGB.DLL
C:\WINDOWS\APPTV.DLL
C:\WINDOWS\ADDFI.DLL
C:\WINDOWS\SYSTEM\NETHT32.DLL
C:\WINDOWS\APPUT.DLL
C:\WINDOWS\NETTO32.DLL
C:\WINDOWS\SYSTEM\MSYB32.DLL
C:\WINDOWS\SYSTEM\APIBR.DLL
C:\WINDOWS\SYSTEM\APIRZ32.DLL
C:\WINDOWS\SYSTEM\IEGX32.DLL
C:\WINDOWS\SYSJE32.DLL
C:\WINDOWS\WINSQ.DLL
C:\WINDOWS\CRGW.DLL
C:\WINDOWS\WINES32.DLL
C:\WINDOWS\APIMJ32.DLL
C:\WINDOWS\IPEW.DLL
C:\WINDOWS\SYSTEM\WINWM32.DLL
C:\WINDOWS\SYSTEM\SYSDK32.DLL
C:\WINDOWS\SYSTEM\CRWH.DLL
C:\WINDOWS\SYSTEM\APPGL.DLL
C:\WINDOWS\SYSTEM\IETV.DLL
C:\WINDOWS\MFCMG.DLL
C:\WINDOWS\WINFC.DLL
C:\WINDOWS\WINDD32.DLL
C:\WINDOWS\IPJU.DLL
C:\WINDOWS\NETWF32.DLL
C:\WINDOWS\SYSTEM\SYSKH32.DLL
C:\WINDOWS\IEOX32.DLL
C:\WINDOWS\APPSZ32.DLL
C:\WINDOWS\SYSTEM\ADDBX32.DLL
C:\WINDOWS\APPDR.DLL
C:\WINDOWS\ADDBK32.DLL
C:\WINDOWS\SYSTEM\JAVAPM32.DLL
C:\WINDOWS\SYSTEM\ADDYS.DLL
C:\WINDOWS\SYSTEM\NETLA32.DLL
C:\WINDOWS\SYSTEM\WINYF.DLL
C:\WINDOWS\APPSO.DLL
C:\WINDOWS\SYSTEM\D3MN32.DLL
:\WINDOWS\SYSTEM\SDKYV32.DLL
C:\WINDOWS\NTQF.DLL
C:\WINDOWS\SYSPD.DLL
C:\WINDOWS\IPZH.DLL
C:\WINDOWS\APPMS.DLL
C:\WINDOWS\NTQB32.DLL
C:\WINDOWS\SDKLY32.DLL
C:\WINDOWS\SYSTEM\JAVASJ32.DLL
C:\WINDOWS\SYSTEM\NETFR.DLL
C:\WINDOWS\SYSOK.DLL
C:\WINDOWS\APIBS32.DLL
C:\WINDOWS\WINJS32.DLL
C:\WINDOWS\ADDSD.DLL
C:\WINDOWS\SYSMN32.DLL
C:\WINDOWS\SYSXD32.DLL
C:\WINDOWS\D3NY32.DLL
C:\WINDOWS\SYSTEM\MSLW32.DLL
C:\WINDOWS\JAVATT32.DLL
C:\WINDOWS\CRCH32.DLL
C:\WINDOWS\SYSTEM\IPVM32.DLL
C:\WINDOWS\SYSTEM\NETHZ32.DLL
C:\WINDOWS\SYSTEM\APPVF32.DLL
C:\WINDOWS\SYSTEM\IPYO32.DLL
C:\WINDOWS\MSWZ32.DLL
C:\WINDOWS\MFCFF.DLL
C:\WINDOWS\SYSTEM\SYSIF32.DLL
C:\WINDOWS\SYSTEM\SDKCF32.DLL
C:\WINDOWS\SYSTEM\MSOL.DLL
C:\WINDOWS\CRJX.DLL
C:\WINDOWS\SYSTEM\WINOM.DLL
C:\WINDOWS\CRAL.DLL
C:\WINDOWS\SYSTEM\MFCON.DLL
C:\WINDOWS\ATLSD.DLL
C:\WINDOWS\SYSTEM\APPUJ.DLL
C:\WINDOWS\SYSTEM\SDKDP32.DLL
C:\WINDOWS\SYSTEM\IPVW.DLL
C:\WINDOWS\SYSTEM\IPNG32.DLL
C:\WINDOWS\MSLG32.DLL
C:\WINDOWS\CREB.DLL
C:\WINDOWS\SYSTEM\IPTU.DLL
C:\WINDOWS\CRZA32.DLL
C:\WINDOWS\IPNI.DLL
C:\WINDOWS\SYSTEM\WINSZ.DLL
C:\WINDOWS\SYSTEM\APIER32.DLL
C:\WINDOWS\SYSTEM\SDKPP.DLL
C:\WINDOWS\APPDK.DLL
C:\WINDOWS\ADDPZ32.DLL
C:\WINDOWS\SYSEZ32.DLL
C:\WINDOWS\SYSTEM\IEQK.DLL
C:\WINDOWS\APIPR.DLL
C:\WINDOWS\IPNT.DLL
C:\WINDOWS\SYSTEM\MSIZ32.DLL
C:\WINDOWS\SYSTEM\SYSEH.DLL
C:\WINDOWS\APITW32.DLL
C:\WINDOWS\SDKIK.DLL
C:\WINDOWS\SYSTEM\ATLEQ32.DLL
C:\WINDOWS\NTHZ32.DLL
C:\WINDOWS\SYSTEM\MFCID32.DLL
C:\WINDOWS\MFCXY32.DLL
C:\WINDOWS\SYSTEM\IPQV.DLL
C:\WINDOWS\SYSTEM\MFCSH32.DLL
C:\WINDOWS\SYSTEM\IPFP32.DLL
C:\WINDOWS\SYSTEM\JAVAIK.DLL
C:\WINDOWS\APILN.DLL
C:\WINDOWS\SYSTEM\NETRZ.DLL
C:\WINDOWS\NETGU32.DLL
C:\WINDOWS\SYSTEM\APIYE.DLL
C:\WINDOWS\SYSTEM\ADDLO32.DLL
C:\WINDOWS\APIHS.DLL
C:\WINDOWS\SYSTEM\SYSJH.DLL
C:\WINDOWS\SYSTEM\SYSYK32.DLL
C:\WINDOWS\SYSTEM\NTHU32.DLL
C:\WINDOWS\SYSTEM\WINUN32.DLL
C:\WINDOWS\SYSTEM\D3WS32.DLL
C:\WINDOWS\APPLF.DLL
C:\WINDOWS\SYSTEM\SDKXC32.DLL
C:\WINDOWS\SYSTEM\SYSOV32.DLL
C:\WINDOWS\SYSTEM\IEAL32.DLL
C:\WINDOWS\SYSTEM\IPTY.DLL
C:\WINDOWS\SYSTEM\ATLUV.DLL
C:\WINDOWS\SYSTEM\D3WK32.DLL
C:\WINDOWS\SYSTEM\MFCDH32.DLL
C:\WINDOWS\SYSTEM\MFCYE32.DLL
C:\WINDOWS\SYSTEM\ADDMJ32.DLL
C:\WINDOWS\SYSTEM\ADDDL.DLL
C:\WINDOWS\IEQT.DLL
C:\WINDOWS\SYSTEM\ATLKW32.DLL
C:\WINDOWS\IEYE.DLL
C:\WINDOWS\D3WN32.DLL
C:\WINDOWS\SYSTEM\APIVH32.DLL
C:\WINDOWS\SYSTEM\MSLP.DLL
C:\WINDOWS\SYSTEM\IPNM32.DLL
C:\WINDOWS\NTRF.DLL
C:\WINDOWS\SYSTEM\NTGA32.DLL
C:\WINDOWS\SYSTEM\NTJR32.DLL
C:\WINDOWS\SYSTEM\IERW32.DLL
C:\WINDOWS\ADDKV.DLL
C:\WINDOWS\APPTZ32.DLL
C:\WINDOWS\ATLWM.DLL
C:\WINDOWS\SYSTEM\ADDSF.DLL
C:\WINDOWS\NTAA.DLL
C:\WINDOWS\SYSTEM\JAVAWB.DLL
C:\WINDOWS\WINSQ32.DLL
C:\WINDOWS\SYSTEM\ADDET32.DLL
C:\WINDOWS\SYSTEM\ADDRC32.DLL
C:\WINDOWS\SYSTEM\APITN.DLL
C:\WINDOWS\SYSTEM\D3MP.DLL
C:\WINDOWS\ATLGA.DLL
C:\WINDOWS\SYSTEM\JAVAOD.DLL
C:\WINDOWS\SYSTEM\APINT32.DLL
C:\WINDOWS\MSJF.DLL
C:\WINDOWS\SYSTEM\WINXI32.DLL
C:\WINDOWS\SYSTEM\IEES.DLL
C:\WINDOWS\SYSTEM\CRYY.DLL
C:\WINDOWS\ATLCU32.DLL
C:\WINDOWS\SYSTEM\APPYW.DLL
C:\WINDOWS\CRYY.DLL
C:\WINDOWS\ATLGP32.DLL
C:\WINDOWS\JAVAWM32.DLL
C:\WINDOWS\SYSTEM\APPTY32.DLL
C:\WINDOWS\D3DN32.DLL
C:\WINDOWS\APIUR.DLL
C:\WINDOWS\WINMR32.DLL

(also deleted any *.dat files with the same name as one of these *.exe files)

While still in Safe Mode finish the cleanup process, please run through the rest of these steps:

From the Start Menu, choose "Run" and type Regedit then click "Ok".
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
and highlight Services in the left pane. In the right pane, look for any of these entries:

__NS_Service
__NS_Service_2
__NS_Service_3

If any are listed, right-click that entry in the right pane and choose Delete.

Now navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root
and highlight Root in the Left Pane. In the right pane, look for these entries:

LEGACY___NS_Service
LEGACY___NS_Service_2
LEGACY___NS_Service_3

If you find it, right-click it in the right-pane and choose delete.

If you have trouble deleting a key. Then click once on the key name (LEGACY__NS_SERVICE_ or another name that starts with LEGACY__NS_SERVICE) to highlight it. Then click on the "Permission" menu option under "Security" or "Edit". Uncheck "Allow inheritable permissions" and press "copy". Then click on everyone and put a checkmark in "full control". Then press "Apply" and "Ok" and attempt to delete the key again.

Exit regedit, and restart your computer in Normal Mode.

To remove the remainder of the files this exploit deposits, run this Online AntiVirus scan, removing all it finds:

Trend Micro (PC-cillin) - Free on-line Scan

=== Check ActiveX Settings ===
Adjust your security settings for ActiveX:
Go to Internet Options/Security/Internet, press "Default level", then "Ok".
Now press "Custom Level."
In the ActiveX section, set the first option, "Download signed controls", to "Prompt"; set the second option, "Download unsigned controls", to "Disable"; and finally, set "Initialize and Script ActiveX controls not marked as safe" to "Disable".


=== Replace Deleted Files ===
It is also possible that the infection may have deleted up to three files from your system. If these files are present, to be safe I suggest you overwrite them with a new copy.

Go here: http://www.spywarein...es.html#control and download the version of control.exe for your operating system. If you are running Windows 2000, copy it to c:\winnt\system32\. For Windows XP, copy it to c:\windows\system32\.

Download the Hoster from here: http://members.aol.c...dbee/hoster.zip
Press "Restore Original Hosts" and press "Ok"
Exit Program.

If you have Spybot S&D installed you may also need to replace one file.
Go here: http://www.spywarein...s.html#sdhelper and download SDHelper.dll. Copy the file to the folder containing you Spybot S&D program (normally C:\Program Files\Spybot - Search & Destroy)

Additionally, Please check your ActiveX security settings. They may have been changed by this CWS variant to allow ALL ActiveX!! If they have been changed, reset your ActiveX Security Settings in IE as recommended.

Download Ad-aware SE and update it (the Globe icon, then Connect).

Next, go to Settings (the gear icon at the top) and then "Scanning" and checkmark these items so they will be green:
"Scan within archives"
"Scan my IE Favorites for banned URLS"
"Scan my hosts file"

Then click "Proceed" to save settings.

Click on "Tweak" next. And checkmark to make this green also:
"Automatically try to unregister objects prior to deletion"

Click on "Proceed"

Next, from the main screen, click on "Perform Full System Scan". Uncheck "Search for negligible risk entries" and click on "Next". Eliminate all that Ad-aware finds.

Checkmark any items found after scanning to remove (this will actually put them in quarantine and can recover from backup if any should not be removed).

Restart your computer after cleaning with AdAware SE and scan again. Repeat the process until no further items are found as bad.

Run HiJackThis and post a new log in this thread.
  • 0

#4
Justin
Posted 21 August 2005 - 10:14 PM

Justin

    I do a little bit of everything

  • Member
  • PipPipPipPipPip
  • 2,353 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP