Here they are:Log of L2M9XFix v1
************
Running from directory:
C:\WINDOWS\Desktop\l2m9xfix
************
Files found:
C:\WINDOWS\system\aafsipc.dll
C:\WINDOWS\system\aafsipc.dll
C:\WINDOWS\system\clnemres.dll
C:\WINDOWS\system\clnemres.dll
C:\WINDOWS\system\CMGMGR32.DLL
C:\WINDOWS\system\CMGMGR32.DLL
C:\WINDOWS\system\CXL3D.DLL
C:\WINDOWS\system\CXL3D.DLL
C:\WINDOWS\system\DA8VB.DLL
C:\WINDOWS\system\DA8VB.DLL
C:\WINDOWS\system\DANPUT8.DLL
C:\WINDOWS\system\DANPUT8.DLL
C:\WINDOWS\system\dcnhupnp.dll
C:\WINDOWS\system\dcnhupnp.dll
C:\WINDOWS\system\DDMIGR.DLL
C:\WINDOWS\system\DDMIGR.DLL
C:\WINDOWS\system\DQVENUM.DLL
C:\WINDOWS\system\DQVENUM.DLL
C:\WINDOWS\system\DRWSOCK.DLL
C:\WINDOWS\system\DRWSOCK.DLL
C:\WINDOWS\system\ebcli32.dll
C:\WINDOWS\system\ebcli32.dll
C:\WINDOWS\system\emcli32.dll
C:\WINDOWS\system\emcli32.dll
C:\WINDOWS\system\EZLCNS32.DLL
C:\WINDOWS\system\EZLCNS32.DLL
C:\WINDOWS\system\HOINK.DLL
C:\WINDOWS\system\HOINK.DLL
C:\WINDOWS\system\HPSETUP.DLL
C:\WINDOWS\system\HPSETUP.DLL
C:\WINDOWS\system\JQPL400.DLL
C:\WINDOWS\system\JQPL400.DLL
C:\WINDOWS\system\LCRT.DLL
C:\WINDOWS\system\LCRT.DLL
C:\WINDOWS\system\MAACM.DLL
C:\WINDOWS\system\MAACM.DLL
C:\WINDOWS\system\MGJTER40.DLL
C:\WINDOWS\system\MGJTER40.DLL
C:\WINDOWS\system\MKOSS.DLL
C:\WINDOWS\system\MKOSS.DLL
C:\WINDOWS\system\MMOSS.DLL
C:\WINDOWS\system\MMOSS.DLL
C:\WINDOWS\system\MUCMS.DLL
C:\WINDOWS\system\MUCMS.DLL
C:\WINDOWS\system\MWPRINT2.DLL
C:\WINDOWS\system\MWPRINT2.DLL
C:\WINDOWS\system\NPDLL.DLL
C:\WINDOWS\system\NPDLL.DLL
C:\WINDOWS\system\OQE2.DLL
C:\WINDOWS\system\OQE2.DLL
C:\WINDOWS\system\ORUI400.DLL
C:\WINDOWS\system\ORUI400.DLL
C:\WINDOWS\system\OUDBSE32.DLL
C:\WINDOWS\system\OUDBSE32.DLL
C:\WINDOWS\system\OWDBSE32.DLL
C:\WINDOWS\system\OWDBSE32.DLL
C:\WINDOWS\system\RQVPSP.DLL
C:\WINDOWS\system\RQVPSP.DLL
C:\WINDOWS\system\RZASETUP.DLL
C:\WINDOWS\system\RZASETUP.DLL
C:\WINDOWS\system\SFD401LC.DLL
C:\WINDOWS\system\SFD401LC.DLL
C:\WINDOWS\system\WJNASPI.DLL
C:\WINDOWS\system\WJNASPI.DLL
C:\WINDOWS\system\wxnupdak.dll
C:\WINDOWS\system\wxnupdak.dll
C:\WINDOWS\system\WYV8DMOD.DLL
C:\WINDOWS\system\WYV8DMOD.DLL
************
Registry entries found:
************
Killing Explorer
Done!
Killing Rundll32
Done!
Removing malicious CLSID(s)
Done!
Restarting Explorer
Done!
Deleting malicious files
Done!
Finished!
Logfile of HijackThis v1.99.1
Scan saved at 11:59:09 AM, on 11/22/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\PROGRAM FILES\COMMON FILES\SOFTWIN\BITDEFENDER COMMUNICATOR\XCOMMSVR.EXE
C:\PROGRAM FILES\COMMON FILES\SOFTWIN\BITDEFENDER SCAN SERVER\BDSS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\WINDOWS\SYSTEM\HPOOPM07.EXE
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\PROGRAM FILES\YAHOO!\BROWSER\YBRWICON.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\SOFTWIN\BITDEFENDER8\BDMCON.EXE
C:\PROGRAM FILES\SOFTWIN\BITDEFENDER8\BDNAGENT.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\YAHOO!\BROWSER\YCOMMON.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:2323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [HPAIO_PrintFolderMgr] C:\WINDOWS\SYSTEM\hpoopm07.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRAM FILES\SOFTWIN\BITDEFENDER8\bdnagent.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [BitDefender Communicator] "C:\Program Files\Common Files\Softwin\BitDefender Communicator\\xcommsvr.exe"
O4 - HKLM\..\RunServices: [BitDefender Scan Server] "C:\Program Files\Common Files\Softwin\BitDefender Scan Server\\bdss.exe"
O4 - HKLM\..\RunServices: [BitDefender Live! Init] "C:\Program Files\Softwin\BitDefender8\bdinit.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\PROGRAM FILES\CCLEANER\CCLEANER.exe" /AUTO
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai...0/Installer.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
Sign In
Create Account
