Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis Log: Please Help Diagnose


  • Please log in to reply
1 reply to this topic

#1 rjpat

rjpat

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 28 January 2006 - 03:29 PM

McAfee cannot delete, quarantine or fix this virus. Please help me fix it!

Logfile of HijackThis v1.99.1
Scan saved at 3:18:09 PM, on 1/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\mfcoy32.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DSL Tools\DSL Tools\app\TangoService.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\DIGStream\digstream.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\iepi32.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Gaim\gaim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\HijackThis.exe
C:\Program Files\HP\hpcoretech\soln\HPOSM.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by epix™ Internet Services
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.epix.net/"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\83dkp1us.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\83dkp1us.slt\prefs.js)
O2 - BHO: Class - {03054044-E2E0-6460-8BC7-F218707D5058} - C:\WINDOWS\system32\crpg32.dll
O2 - BHO: Class - {05DFBD53-394B-85DD-F1E8-4E38B77F0371} - C:\WINDOWS\winqc32.dll
O2 - BHO: Class - {064CE72F-402C-6FA9-72C8-ADF5FEC210AD} - C:\WINDOWS\addhd32.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {06E9293B-0874-4C97-3FF4-7898452B2624} - C:\WINDOWS\system32\netlf.dll
O2 - BHO: Class - {07DD92D4-CC5A-5DAA-B7C4-DEC0B6D55959} - C:\WINDOWS\atlxd.dll
O2 - BHO: Class - {07FCAF49-FD62-5DEF-3389-86CC7653686C} - C:\WINDOWS\system32\sdkyb32.dll
O2 - BHO: Class - {08BE22CD-C122-B80D-DF7B-507913C3706E} - C:\WINDOWS\ievb.dll
O2 - BHO: Class - {0B4CB86F-D21A-B1C2-381D-61FA9B55F603} - C:\WINDOWS\d3om.dll
O2 - BHO: Class - {0B84B4EF-F58F-474C-FFCD-0E1395C68285} - C:\WINDOWS\ntnk.dll
O2 - BHO: Class - {0CE5CF0A-B8BF-8A5F-3229-4913DA81CB9A} - C:\WINDOWS\ipca.dll
O2 - BHO: Class - {0DD6BB03-8289-D618-06F8-B2AA52FEFF61} - C:\WINDOWS\ieui.dll
O2 - BHO: Class - {0F94A359-A6B2-AA52-04B0-1EF309433959} - C:\WINDOWS\system32\ieyr.dll
O2 - BHO: Class - {10AA115E-9874-17AF-147C-C424D9FA21F0} - C:\WINDOWS\ipin32.dll
O2 - BHO: Class - {12FEFF17-907F-D9D8-2F06-FEC8F3C36A99} - C:\WINDOWS\system32\mshd.dll
O2 - BHO: Class - {1319DCCF-DC18-81C5-9AD1-732BF9FC42A9} - C:\WINDOWS\apilf32.dll
O2 - BHO: Class - {13C3D1A3-A53A-6BFB-F6CA-8FA7292FE0F0} - C:\WINDOWS\sdkxz.dll
O2 - BHO: Class - {1428C938-C429-A68C-F1C4-5ABDB64CCE4D} - C:\WINDOWS\iphp.dll
O2 - BHO: Class - {144A8F4B-8A74-6D3D-DFE1-DCADA483C0C3} - C:\WINDOWS\iesq.dll
O2 - BHO: Class - {17148321-8D1B-4F75-4E46-30E16B398180} - C:\WINDOWS\system32\d3gi.dll
O2 - BHO: Class - {1AF33F6E-2284-681E-BD51-B0BB58BB7DAB} - C:\WINDOWS\system32\addeh32.dll
O2 - BHO: Class - {2069D5FC-B9B3-6FBF-EAE9-C9AD1EAA0AA6} - C:\WINDOWS\system32\atllp.dll
O2 - BHO: Class - {21EE8B1E-4826-CBD8-177D-882322CDB315} - C:\WINDOWS\applm.dll
O2 - BHO: Class - {2346EC13-9103-21E8-08CC-3B6A16FB3208} - C:\WINDOWS\system32\ntoi32.dll
O2 - BHO: Class - {2366F987-C10B-122D-8480-E366C679402B} - C:\WINDOWS\system32\d3hc.dll
O2 - BHO: Class - {25ADEB1C-223C-2A7D-D3AD-712F742ABDB1} - C:\WINDOWS\msic32.dll
O2 - BHO: Class - {263394B0-C7E7-CC16-B1E7-93173A6A15E3} - C:\WINDOWS\crhf.dll
O2 - BHO: Class - {27E1DC7E-E7D9-4F96-56CD-675AC29A8F84} - C:\WINDOWS\mfcdo.dll
O2 - BHO: Class - {2B5650C5-B88E-428F-09F9-0AA365391EAC} - C:\WINDOWS\system32\ipts32.dll
O2 - BHO: Class - {2D6A84B0-0E8B-FE15-DF75-97FBBC623369} - C:\WINDOWS\system32\sdkru32.dll
O2 - BHO: Class - {2D75623F-2853-A6AA-2E3A-A24FD907FEC3} - C:\WINDOWS\apiyh.dll
O2 - BHO: (no name) - {2E9CAFF6-30C7-4208-8807-E79D4EC6F806} - C:\Program Files\Submit\submithook.dll
O2 - BHO: Class - {2FCA15DA-4534-DA39-35D0-ED78D3F19541} - C:\WINDOWS\system32\netwv.dll
O2 - BHO: Class - {3122ABBE-6828-8CEE-E5A1-60205805E8A5} - C:\WINDOWS\system32\netlz32.dll
O2 - BHO: Class - {35D04B13-540E-94EE-E3D3-A514F3941F85} - C:\WINDOWS\appvg.dll
O2 - BHO: Class - {37208B37-9715-3F03-8229-E8A5399FDD1A} - C:\WINDOWS\system32\addap32.dll
O2 - BHO: Class - {3A0CBAB9-F454-BEDE-BCAD-C655C43F49CF} - C:\WINDOWS\system32\netmt.dll
O2 - BHO: Class - {3DD54191-187F-124E-913E-9E0722E43372} - C:\WINDOWS\system32\netmx32.dll
O2 - BHO: Class - {3E58A3D1-3E5B-E66F-5A1B-848309CC5AA0} - C:\WINDOWS\msqw32.dll
O2 - BHO: Class - {3EE97F31-5E94-78B0-8A51-18BEDACA18C9} - C:\WINDOWS\addzc32.dll
O2 - BHO: Class - {41B9B31B-9E66-60DB-D699-458C5D6B05C2} - C:\WINDOWS\ierp32.dll
O2 - BHO: Class - {44855E64-D224-B63D-4A8D-1544ABBF6990} - C:\WINDOWS\mshj32.dll
O2 - BHO: Class - {44A985D9-D7C5-0311-A3DE-065F1EC3B83A} - C:\WINDOWS\d3lf.dll
O2 - BHO: Class - {44E0D735-44D9-6488-8EBC-B58B04F744E3} - C:\WINDOWS\apirw.dll
O2 - BHO: Class - {46306F43-25AC-5BDC-CDF9-597FEDDF51F2} - C:\WINDOWS\system32\sysmq.dll
O2 - BHO: Class - {47E4BE0B-D3F1-77C3-122A-D058B1F24EE2} - C:\WINDOWS\ntcc32.dll
O2 - BHO: Class - {480B26C9-5493-2FD8-25D1-17A24B1257DA} - C:\WINDOWS\appbr32.dll
O2 - BHO: Class - {482ED513-8F9F-5049-FF7A-8FB035464E5F} - C:\WINDOWS\system32\crnf32.dll
O2 - BHO: Class - {4873121D-827E-1BD4-1A2C-B5A0C13C9785} - C:\WINDOWS\system32\iewq.dll
O2 - BHO: Class - {499C9352-48E9-5912-C965-897AC38DF6D1} - C:\WINDOWS\javanp32.dll
O2 - BHO: Class - {4B322B26-B148-1680-1210-710907CDFBBF} - C:\WINDOWS\system32\apibg32.dll
O2 - BHO: Class - {4C94EE29-86CB-80FB-9E07-3C8ECF485735} - C:\WINDOWS\ierz.dll
O2 - BHO: Class - {4D567ABA-C061-F0F9-6007-B9B4A96FB412} - C:\WINDOWS\appwe32.dll
O2 - BHO: Class - {4E3683EC-EDA1-0338-4DF4-D571699FD262} - C:\WINDOWS\system32\mfcfc32.dll (file missing)
O2 - BHO: Class - {51210ACC-D1ED-AB86-D910-0A930B850A8C} - C:\WINDOWS\system32\sdkyo32.dll
O2 - BHO: Class - {51F24A75-CE33-D482-1EBC-0F319E5B6199} - C:\WINDOWS\system32\msys.dll
O2 - BHO: Class - {52764BD5-6198-BD7A-3EF5-C5ABA65FC5D0} - C:\WINDOWS\system32\netyz32.dll
O2 - BHO: Class - {5378A270-97C0-9850-0932-5B4BF750E05A} - C:\WINDOWS\system32\appng32.dll
O2 - BHO: Class - {542594E0-BB2E-852D-961B-E70DE3C8E843} - C:\WINDOWS\system32\mfcke32.dll
O2 - BHO: Class - {55C0B313-E6AB-E4D4-4CB9-5DA79926F43C} - C:\WINDOWS\system32\ieet.dll
O2 - BHO: Class - {57FF3DF5-1455-4BEF-D766-0E2FF7882347} - C:\WINDOWS\system32\ntvc32.dll
O2 - BHO: Class - {596F8480-AF4D-1795-88F6-07ABB014B3CF} - C:\WINDOWS\crog.dll
O2 - BHO: Class - {5C2283D1-61C9-9337-3709-169AA24C7206} - C:\WINDOWS\system32\syskp.dll
O2 - BHO: Class - {5C267B93-C66C-AF60-B81B-E8BFC8C44980} - C:\WINDOWS\mspr32.dll
O2 - BHO: Class - {5E691551-BD59-5A98-EF31-81686F6A4B4A} - C:\WINDOWS\ntig32.dll
O2 - BHO: Class - {601DFB36-F9D6-2A98-81A4-2655BE44B64D} - C:\WINDOWS\system32\crph.dll
O2 - BHO: Class - {61BF9567-4606-B8F2-4A15-3227A0E2E184} - C:\WINDOWS\addqq.dll
O2 - BHO: Class - {64ACBCED-4C70-32ED-5E7C-6D6EFEDA085F} - C:\WINDOWS\mfcui32.dll
O2 - BHO: Class - {66986988-5B7C-BCCE-8321-B70B3F482869} - C:\WINDOWS\system32\addeb32.dll
O2 - BHO: Class - {6824FA3C-0320-4E20-EB91-ADC744D5119E} - C:\WINDOWS\javazb.dll
O2 - BHO: Class - {68325EC5-8249-986D-EB26-06240713F6EC} - C:\WINDOWS\apiar32.dll
O2 - BHO: Class - {68BA8E7B-48F1-E65F-C86B-FB26EE5902B5} - C:\WINDOWS\addhu32.dll
O2 - BHO: Class - {699E5AAC-4CF0-459A-5056-3D06538E911B} - C:\WINDOWS\system32\appyz32.dll
O2 - BHO: Class - {6B5D047F-6194-FA18-BC30-2335EC42AE0E} - C:\WINDOWS\atliw.dll
O2 - BHO: Class - {6D48F634-DFAF-1764-FBD6-1DD58A4594FD} - C:\WINDOWS\sdknh32.dll
O2 - BHO: Class - {7070A8F9-08A4-CA47-0AB0-1EB9E4EE1F3B} - C:\WINDOWS\d3xf32.dll
O2 - BHO: Class - {73A30E12-BF8F-41BB-916F-3B8603733986} - C:\WINDOWS\mfcdj.dll
O2 - BHO: Class - {74ED8331-E220-3723-791F-3C434792B49D} - C:\WINDOWS\iepo.dll
O2 - BHO: Class - {76800C3C-21F8-0E04-8814-FBCBCD1D1D1F} - C:\WINDOWS\system32\sdkdf.dll
O2 - BHO: Class - {772B0D55-0E68-9937-8D1C-CDEC09E6A800} - C:\WINDOWS\system32\msqu.dll
O2 - BHO: Class - {77787939-7B32-FD56-1833-EB1926FA4037} - C:\WINDOWS\apiqr.dll
O2 - BHO: Class - {77FBEC09-E61C-7034-1BB4-9F8EBB286BCA} - C:\WINDOWS\mfcie32.dll
O2 - BHO: Class - {78A36512-8804-C19C-3205-09FF987988BB} - C:\WINDOWS\netas32.dll
O2 - BHO: Class - {794EE32D-7316-0F00-32EF-4314785FE8A6} - C:\WINDOWS\system32\crmv32.dll
O2 - BHO: Class - {795BB343-30B6-2B4F-FA68-F174D498229E} - C:\WINDOWS\system32\netfa.dll
O2 - BHO: Class - {79965454-FF46-B882-98D7-86A2EFD56542} - C:\WINDOWS\system32\crix.dll
O2 - BHO: Class - {7AADF982-4598-7DD2-A20B-630DD168492F} - C:\WINDOWS\sysrz32.dll
O2 - BHO: Class - {7E519B7D-60F7-36E0-6009-671EAD1F7C44} - C:\WINDOWS\sdksr.dll
O2 - BHO: Class - {7F1A013B-F4B4-F8F9-38F7-18989E8EA964} - C:\WINDOWS\system32\d3yd.dll
O2 - BHO: Class - {823178A5-58EC-4476-B53A-FE092D7277DB} - C:\WINDOWS\syszc.dll
O2 - BHO: Class - {848A750E-82F4-F1BA-633F-89CAC4D3092C} - C:\WINDOWS\javapt32.dll
O2 - BHO: Class - {855D9ABD-36CC-FBCB-F69B-5F15C25AE571} - C:\WINDOWS\netxi32.dll
O2 - BHO: Class - {8681F5FE-10E5-BC0E-53C2-DCC12E244065} - C:\WINDOWS\ipxj.dll
O2 - BHO: Class - {86A6E2E0-A3BB-429F-4259-DEDA727BB219} - C:\WINDOWS\iejz32.dll
O2 - BHO: Class - {8757C09B-F4D7-AB82-6033-FA99CDD3C145} - C:\WINDOWS\system32\atlyl.dll
O2 - BHO: Class - {8B118993-5C36-8BA8-1141-71794E0D9F1C} - C:\WINDOWS\system32\addhk.dll
O2 - BHO: Class - {8BEFC88D-7F02-A4AA-BECE-E1797DB4DAC6} - C:\WINDOWS\system32\crsm32.dll
O2 - BHO: Class - {8C95C3BC-BE2E-7565-027A-0FF49D99D167} - C:\WINDOWS\system32\apibp.dll
O2 - BHO: Class - {903085DC-D786-E6B3-D323-6BCB7ADD42E5} - C:\WINDOWS\system32\msxn32.dll
O2 - BHO: Class - {905668B8-5CFE-E86A-2BEF-F4792AA3BB31} - C:\WINDOWS\system32\sdknb.dll
O2 - BHO: Class - {90AD3177-D505-1146-3DDF-60FC741016D6} - C:\WINDOWS\ieuu.dll
O2 - BHO: Class - {91789B58-5FD0-711E-B1E0-CB7DB1F51240} - C:\WINDOWS\system32\d3sf.dll
O2 - BHO: Class - {92901035-3C67-CBB1-A5B7-7E37E4223E5B} - C:\WINDOWS\system32\sdkea32.dll
O2 - BHO: Class - {937347AF-8267-7B4F-C2FD-7C75B9DE0881} - C:\WINDOWS\system32\apior32.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Class - {942B6252-8D31-F803-F849-DB088F9D9A40} - C:\WINDOWS\system32\javaso.dll
O2 - BHO: Class - {953396F6-ADD4-0CAD-D0EE-715FBB27DD54} - C:\WINDOWS\system32\apilm32.dll
O2 - BHO: Class - {98CC5E5F-7877-CB9D-3D33-989DA81B39DA} - C:\WINDOWS\winye32.dll
O2 - BHO: Class - {9A711BC8-2FF4-DE0B-C3F4-C19853966F9A} - C:\WINDOWS\system32\appvp.dll
O2 - BHO: Class - {9AF819D8-F008-7083-3139-8797B1D58E16} - C:\WINDOWS\ntax32.dll
O2 - BHO: Class - {9B248F4A-0E2F-E6AC-4C93-30FA3E8832F5} - C:\WINDOWS\system32\syscd.dll
O2 - BHO: Class - {9C0FBA5F-3F3D-397E-15C0-85E3828D8424} - C:\WINDOWS\msng.dll
O2 - BHO: Class - {9CAD02CC-BB43-75C0-802F-FB2C2F6800B4} - C:\WINDOWS\crqt32.dll
O2 - BHO: Class - {9D392CE1-0E98-05C3-BB34-7FC5B9D8D07E} - C:\WINDOWS\d3zn32.dll
O2 - BHO: Class - {9E14194F-88EB-681C-38F7-2ABCB858F758} - C:\WINDOWS\system32\sdkma32.dll
O2 - BHO: Class - {9E38D3F2-BCDA-AD28-DCF3-B4DA7091010E} - C:\WINDOWS\system32\appzm32.dll
O2 - BHO: Class - {9E40464B-CE86-2A95-419A-510B0FC95988} - C:\WINDOWS\crwu32.dll
O2 - BHO: Class - {9EB26F51-80E2-A6B3-0F0F-207DC5C68481} - C:\WINDOWS\system32\netbv.dll
O2 - BHO: Class - {9FA37FAE-BA76-0AE7-C44F-7E8C68FF3F53} - C:\WINDOWS\mfcuv.dll
O2 - BHO: Class - {A2570630-ECF2-BF6A-C8EA-509D56913F46} - C:\WINDOWS\ipgq.dll
O2 - BHO: Class - {A3ADFA24-B6C7-2903-DCA0-B839562EC0DC} - C:\WINDOWS\crps.dll
O2 - BHO: Class - {A491446E-5B83-7344-6DED-66F77121F386} - C:\WINDOWS\system32\appct32.dll
O2 - BHO: Class - {A5B853EB-02AC-5701-5CE5-B7B603A3964D} - C:\WINDOWS\system32\winhj32.dll
O2 - BHO: Class - {A5CC16AA-AC71-92FD-27FE-035D08A3F4CC} - C:\WINDOWS\system32\netei.dll
O2 - BHO: Class - {A7674ED9-3DD5-0684-F3AA-3C7FFCB84490} - C:\WINDOWS\system32\atlgc.dll
O2 - BHO: Class - {A8EDD24F-291F-AC10-9854-D41319B61F3E} - C:\WINDOWS\system32\addou32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Class - {AAE8D2B7-041D-CBB2-44B4-5E2B264B26C5} - C:\WINDOWS\adddc.dll
O2 - BHO: Class - {AAFF602D-F0F2-D6BA-BD3F-EAC7D552005B} - C:\WINDOWS\system32\msve32.dll
O2 - BHO: Class - {AB6E0FF3-5C24-433E-F0F0-97AEB24D486A} - C:\WINDOWS\sdkli32.dll
O2 - BHO: Class - {ADCC5874-232B-AAF4-BBF6-45118BA84B43} - C:\WINDOWS\system32\atlha32.dll
O2 - BHO: Class - {AE845430-3B50-352F-A6D3-21174EDCA037} - C:\WINDOWS\system32\javahp.dll
O2 - BHO: Class - {AEAE8BDF-EB6D-3455-2CB9-63C74F8A0DBF} - C:\WINDOWS\system32\mfcdw32.dll
O2 - BHO: Class - {B1C3A465-BE37-C89D-C0DE-5220C1228514} - C:\WINDOWS\system32\iecm.dll
O2 - BHO: Class - {B1EA2010-07E4-3D19-B07F-C5DA991481C8} - C:\WINDOWS\system32\d3ti32.dll
O2 - BHO: Class - {B55D75A3-1764-A327-3985-197DA9AC2B33} - C:\WINDOWS\system32\sdkji32.dll
O2 - BHO: Class - {B825DEE4-D4B5-9286-E839-48249C3E89A6} - C:\WINDOWS\system32\netod32.dll
O2 - BHO: Class - {B8F23740-4D73-93A7-F0B0-8EADF3AF789A} - C:\WINDOWS\system32\crsm.dll
O2 - BHO: Class - {B9087056-572E-C46F-41EA-766D3370ABEF} - C:\WINDOWS\ieqc32.dll
O2 - BHO: Class - {B9B03493-3AB7-1458-DC72-1757D8B6955D} - C:\WINDOWS\winwx32.dll
O2 - BHO: Class - {BC144D27-FA6C-007E-D9A7-FA8FB1EB27D4} - C:\WINDOWS\system32\d3dc.dll
O2 - BHO: Class - {BCB849EE-3C14-2916-6479-61D23E66F6F4} - C:\WINDOWS\system32\winfa32.dll
O2 - BHO: Class - {BCEC2CED-A712-8E4B-EE99-55DCA0ABA5D8} - C:\WINDOWS\msoe.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: Class - {C0B52B25-F1C7-7AED-5588-35199E367342} - C:\WINDOWS\addvr.dll
O2 - BHO: Class - {C37CAC8C-72FC-53A0-ECF0-CBC22904A698} - C:\WINDOWS\system32\apiog.dll
O2 - BHO: Class - {C3F45515-C97C-FE89-7CF4-93B09594255D} - C:\WINDOWS\winmt32.dll
O2 - BHO: Class - {C5BB0FBE-CDEE-A485-F3E5-283ADA2D7F30} - C:\WINDOWS\system32\appga32.dll
O2 - BHO: Class - {C6CC3682-4F52-194B-CA60-3B5401F6FCF5} - C:\WINDOWS\system32\javaho.dll
O2 - BHO: Class - {C7CE8C37-C2A4-FBF1-D4D3-3AFEABB7F1EC} - C:\WINDOWS\apiuk32.dll
O2 - BHO: Class - {C8BFB1F8-6B02-5880-8993-6C955AAC22D9} - C:\WINDOWS\apptm32.dll
O2 - BHO: Class - {C8C966DD-1537-9AB7-2EF4-DFEF1A1C8D24} - C:\WINDOWS\system32\mfcpe.dll
O2 - BHO: Class - {CB868F46-633A-4D25-2B7C-44B2B654D1C7} - C:\WINDOWS\sdkxm32.dll
O2 - BHO: Class - {CBA7368E-197A-BCBB-9E7F-32312369E149} - C:\WINDOWS\netmh32.dll
O2 - BHO: Class - {CC74E0B9-F6BF-A716-4F9A-98CC5AAEA235} - C:\WINDOWS\sdkhp32.dll
O2 - BHO: Class - {CDE45960-40E0-55A2-18F1-392935B88569} - C:\WINDOWS\ipjk.dll
O2 - BHO: Class - {CE894740-E436-0855-44E1-DB1DD21DEAD2} - C:\WINDOWS\system32\sdkqa.dll
O2 - BHO: Class - {CEDDF6C5-0CB5-7396-9211-5800350CE4D1} - C:\WINDOWS\sdkwo.dll
O2 - BHO: Class - {CEEC69B5-0380-F78A-088D-A205E618F50B} - C:\WINDOWS\system32\atlon32.dll
O2 - BHO: Class - {CF546225-341C-30CE-6E17-98A3B9CEEB9D} - C:\WINDOWS\msju32.dll
O2 - BHO: Class - {D19A0D3C-60CE-3F19-0B7E-A0E239AC4600} - C:\WINDOWS\cref.dll
O2 - BHO: Class - {D1A35940-7FA5-46BB-81C4-D61A46262B92} - C:\WINDOWS\system32\javama32.dll
O2 - BHO: Class - {D3392890-1389-1643-1819-1732118F3F2E} - C:\WINDOWS\winle32.dll
O2 - BHO: Class - {D6FEE3AE-3708-2B07-0B95-D1C53B9D8787} - C:\WINDOWS\system32\winvc.dll
O2 - BHO: Class - {D8DC8C41-2FDF-F1A1-1319-94F8F477DB59} - C:\WINDOWS\system32\ipga32.dll
O2 - BHO: Class - {D9D9DAA6-24A5-2565-8BB5-077B7917932D} - C:\WINDOWS\system32\d3pl32.dll
O2 - BHO: Class - {DC5AC739-3DE1-DC4E-F480-C18D4DACA3AD} - C:\WINDOWS\system32\windp32.dll
O2 - BHO: Class - {DF704C87-46E7-AE73-9934-657FBE2E1426} - C:\WINDOWS\system32\ntxo32.dll
O2 - BHO: Class - {DFE25EAE-2CAC-3874-88A1-DF482EFF758C} - C:\WINDOWS\system32\msnl.dll
O2 - BHO: Class - {E0AC72B4-8BA8-C6A8-6319-254FCC5D9916} - C:\WINDOWS\ipni32.dll
O2 - BHO: Class - {E2A72A5A-5904-FEE1-9CF2-43DE47B6318F} - C:\WINDOWS\system32\cryc32.dll
O2 - BHO: Class - {E363C209-E213-B037-FBC0-927E7138A3AF} - C:\WINDOWS\system32\crrv32.dll
O2 - BHO: Class - {E3676293-59F9-F3B9-B54E-F3180B709DAA} - C:\WINDOWS\system32\ntyr32.dll
O2 - BHO: Class - {E3C686FA-01E4-A2ED-B92E-B9CC47DCE957} - C:\WINDOWS\iewn32.dll
O2 - BHO: Class - {E5AD27E7-347D-8A47-347A-FBD83901DD61} - C:\WINDOWS\javaom32.dll
O2 - BHO: Class - {E61BC869-33C7-AC36-F015-C0910E22E342} - C:\WINDOWS\system32\winvj32.dll
O2 - BHO: Class - {E67AAEA4-63EA-88A3-538E-D852FAE59639} - C:\WINDOWS\ntxj32.dll
O2 - BHO: Class - {E684A367-9097-B604-A183-5AAD9939B58C} - C:\WINDOWS\system32\sdkvr.dll
O2 - BHO: Class - {E8672AC7-8611-4002-4486-F4856A5C2E37} - C:\WINDOWS\javamb.dll
O2 - BHO: Class - {E8BE2A5E-CEBC-9AC3-3766-2818EC5177F1} - C:\WINDOWS\ieri.dll
O2 - BHO: Class - {EB3E405D-6CF7-0E4F-ADE3-5D1C4344CBB4} - C:\WINDOWS\system32\atlyq.dll
O2 - BHO: Class - {EB4984A7-E07D-81B0-20C5-79624CAB8546} - C:\WINDOWS\atlpp.dll
O2 - BHO: Class - {EC3AD07F-3DBE-C7B3-AD29-010A94FC8B05} - C:\WINDOWS\system32\addoa32.dll
O2 - BHO: Class - {EF1C5F19-D800-F30A-ADD5-7E618D29C88F} - C:\WINDOWS\d3gk32.dll
O2 - BHO: Class - {F02E3B9E-91EA-F259-A3AA-78801E4D5744} - C:\WINDOWS\system32\atljn.dll
O2 - BHO: Class - {F0D81A42-6809-2DA7-9649-78825C8E9FB0} - C:\WINDOWS\netgv32.dll
O2 - BHO: Class - {F0E43199-5174-F601-B6ED-5BE690BB4830} - C:\WINDOWS\appbl.dll
O2 - BHO: Class - {F197B1B9-0AAF-D47B-4EDC-FF4944D4BD3C} - C:\WINDOWS\nthr32.dll
O2 - BHO: Class - {F1BFBED8-8817-33C8-DB05-3E5843F24CBD} - C:\WINDOWS\system32\atlmg32.dll
O2 - BHO: Class - {F1DEDB5C-B92F-230D-58CA-E65403705AD0} - C:\WINDOWS\system32\iecq32.dll
O2 - BHO: Class - {F1F9B28A-1F49-9C3D-094C-6611C983AF32} - C:\WINDOWS\ntgx32.dll
O2 - BHO: Class - {F3229D57-F62B-1F6E-54F4-EAF76321F1C8} - C:\WINDOWS\mfcrx.dll
O2 - BHO: Class - {F76604BF-96C5-81C9-07E5-094D1BB88043} - C:\WINDOWS\system32\atlfl32.dll
O2 - BHO: Class - {F81CAF0F-626A-674A-A2FD-F8C66CBAC4ED} - C:\WINDOWS\system32\mfcdf.dll
O2 - BHO: Class - {FC97DD7A-EAF3-5C15-ED04-6CBD8788DF3C} - C:\WINDOWS\system32\mfcza.dll
O2 - BHO: Class - {FCA0C084-5A1E-2788-C373-3172E1256545} - C:\WINDOWS\javamv.dll
O2 - BHO: Class - {FD86D2AE-6995-3927-1E7E-A8D2260FF6E2} - C:\WINDOWS\system32\ntyt32.dll
O2 - BHO: Class - {FEE35FFA-5707-EF25-2036-A92AB9B624CD} - C:\WINDOWS\crnp.dll
O2 - BHO: Class - {FEF27C0E-F323-983C-7373-F21C8EF035DF} - C:\WINDOWS\system32\javadr.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,1,1,0.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iepi32.exe] C:\WINDOWS\iepi32.exe
O4 - HKLM\..\Run: [iesj32.exe] C:\WINDOWS\iesj32.exe
O4 - HKLM\..\Run: [atlhe.exe] C:\WINDOWS\system32\atlhe.exe
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Open with &ZipScan - C:\PROGRA~1\ZIPSCA~1\zs_ie.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.epix.net
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
O23 - Service: Network Security Service ( 11F#`I) - Unknown owner - C:\WINDOWS\system32\mfcoy32.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Tango Service (TangoService) - Unknown owner - C:\Program Files\DSL Tools\DSL Tools\app\TangoService.exe

BC AdBot (Login to Remove)

 


#2 OwNt

OwNt

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Location:Omaha, NE, USA
  • Local time:12:39 PM

Posted 29 January 2006 - 02:32 PM

Hello rjpat,

You may want to print these instructions out or save them in notepad.
(Start > Programs > Accessories > Notepad)

You have several infections, please bear with me as we clean them up.

1. Please down About:Buster from here: http://www.bleepingcomputer.com/files/aboutbuster.php

2. Once it is download, please run the tool. When the tool is open press Begin Removal and follow any prompts.

3. After the tool is completed please run hijackthis again and fix any of the following entries that remain:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\arsry.dll/sp.html#37049%resultposition.net
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {03054044-E2E0-6460-8BC7-F218707D5058} - C:\WINDOWS\system32\crpg32.dll
O2 - BHO: Class - {05DFBD53-394B-85DD-F1E8-4E38B77F0371} - C:\WINDOWS\winqc32.dll
O2 - BHO: Class - {064CE72F-402C-6FA9-72C8-ADF5FEC210AD} - C:\WINDOWS\addhd32.dll
O2 - BHO: Class - {06E9293B-0874-4C97-3FF4-7898452B2624} - C:\WINDOWS\system32\netlf.dll
O2 - BHO: Class - {07DD92D4-CC5A-5DAA-B7C4-DEC0B6D55959} - C:\WINDOWS\atlxd.dll
O2 - BHO: Class - {07FCAF49-FD62-5DEF-3389-86CC7653686C} - C:\WINDOWS\system32\sdkyb32.dll
O2 - BHO: Class - {08BE22CD-C122-B80D-DF7B-507913C3706E} - C:\WINDOWS\ievb.dll
O2 - BHO: Class - {0B4CB86F-D21A-B1C2-381D-61FA9B55F603} - C:\WINDOWS\d3om.dll
O2 - BHO: Class - {0B84B4EF-F58F-474C-FFCD-0E1395C68285} - C:\WINDOWS\ntnk.dll
O2 - BHO: Class - {0CE5CF0A-B8BF-8A5F-3229-4913DA81CB9A} - C:\WINDOWS\ipca.dll
O2 - BHO: Class - {0DD6BB03-8289-D618-06F8-B2AA52FEFF61} - C:\WINDOWS\ieui.dll
O2 - BHO: Class - {0F94A359-A6B2-AA52-04B0-1EF309433959} - C:\WINDOWS\system32\ieyr.dll
O2 - BHO: Class - {10AA115E-9874-17AF-147C-C424D9FA21F0} - C:\WINDOWS\ipin32.dll
O2 - BHO: Class - {12FEFF17-907F-D9D8-2F06-FEC8F3C36A99} - C:\WINDOWS\system32\mshd.dll
O2 - BHO: Class - {1319DCCF-DC18-81C5-9AD1-732BF9FC42A9} - C:\WINDOWS\apilf32.dll
O2 - BHO: Class - {13C3D1A3-A53A-6BFB-F6CA-8FA7292FE0F0} - C:\WINDOWS\sdkxz.dll
O2 - BHO: Class - {1428C938-C429-A68C-F1C4-5ABDB64CCE4D} - C:\WINDOWS\iphp.dll
O2 - BHO: Class - {144A8F4B-8A74-6D3D-DFE1-DCADA483C0C3} - C:\WINDOWS\iesq.dll
O2 - BHO: Class - {17148321-8D1B-4F75-4E46-30E16B398180} - C:\WINDOWS\system32\d3gi.dll
O2 - BHO: Class - {1AF33F6E-2284-681E-BD51-B0BB58BB7DAB} - C:\WINDOWS\system32\addeh32.dll
O2 - BHO: Class - {2069D5FC-B9B3-6FBF-EAE9-C9AD1EAA0AA6} - C:\WINDOWS\system32\atllp.dll
O2 - BHO: Class - {21EE8B1E-4826-CBD8-177D-882322CDB315} - C:\WINDOWS\applm.dll
O2 - BHO: Class - {2346EC13-9103-21E8-08CC-3B6A16FB3208} - C:\WINDOWS\system32\ntoi32.dll
O2 - BHO: Class - {2366F987-C10B-122D-8480-E366C679402B} - C:\WINDOWS\system32\d3hc.dll
O2 - BHO: Class - {25ADEB1C-223C-2A7D-D3AD-712F742ABDB1} - C:\WINDOWS\msic32.dll
O2 - BHO: Class - {263394B0-C7E7-CC16-B1E7-93173A6A15E3} - C:\WINDOWS\crhf.dll
O2 - BHO: Class - {27E1DC7E-E7D9-4F96-56CD-675AC29A8F84} - C:\WINDOWS\mfcdo.dll
O2 - BHO: Class - {2B5650C5-B88E-428F-09F9-0AA365391EAC} - C:\WINDOWS\system32\ipts32.dll
O2 - BHO: Class - {2D6A84B0-0E8B-FE15-DF75-97FBBC623369} - C:\WINDOWS\system32\sdkru32.dll
O2 - BHO: Class - {2D75623F-2853-A6AA-2E3A-A24FD907FEC3} - C:\WINDOWS\apiyh.dll
O2 - BHO: (no name) - {2E9CAFF6-30C7-4208-8807-E79D4EC6F806} - C:\Program Files\Submit\submithook.dll
O2 - BHO: Class - {2FCA15DA-4534-DA39-35D0-ED78D3F19541} - C:\WINDOWS\system32\netwv.dll
O2 - BHO: Class - {3122ABBE-6828-8CEE-E5A1-60205805E8A5} - C:\WINDOWS\system32\netlz32.dll
O2 - BHO: Class - {35D04B13-540E-94EE-E3D3-A514F3941F85} - C:\WINDOWS\appvg.dll
O2 - BHO: Class - {37208B37-9715-3F03-8229-E8A5399FDD1A} - C:\WINDOWS\system32\addap32.dll
O2 - BHO: Class - {3A0CBAB9-F454-BEDE-BCAD-C655C43F49CF} - C:\WINDOWS\system32\netmt.dll
O2 - BHO: Class - {3DD54191-187F-124E-913E-9E0722E43372} - C:\WINDOWS\system32\netmx32.dll
O2 - BHO: Class - {3E58A3D1-3E5B-E66F-5A1B-848309CC5AA0} - C:\WINDOWS\msqw32.dll
O2 - BHO: Class - {3EE97F31-5E94-78B0-8A51-18BEDACA18C9} - C:\WINDOWS\addzc32.dll
O2 - BHO: Class - {41B9B31B-9E66-60DB-D699-458C5D6B05C2} - C:\WINDOWS\ierp32.dll
O2 - BHO: Class - {44855E64-D224-B63D-4A8D-1544ABBF6990} - C:\WINDOWS\mshj32.dll
O2 - BHO: Class - {44A985D9-D7C5-0311-A3DE-065F1EC3B83A} - C:\WINDOWS\d3lf.dll
O2 - BHO: Class - {44E0D735-44D9-6488-8EBC-B58B04F744E3} - C:\WINDOWS\apirw.dll
O2 - BHO: Class - {46306F43-25AC-5BDC-CDF9-597FEDDF51F2} - C:\WINDOWS\system32\sysmq.dll
O2 - BHO: Class - {47E4BE0B-D3F1-77C3-122A-D058B1F24EE2} - C:\WINDOWS\ntcc32.dll
O2 - BHO: Class - {480B26C9-5493-2FD8-25D1-17A24B1257DA} - C:\WINDOWS\appbr32.dll
O2 - BHO: Class - {482ED513-8F9F-5049-FF7A-8FB035464E5F} - C:\WINDOWS\system32\crnf32.dll
O2 - BHO: Class - {4873121D-827E-1BD4-1A2C-B5A0C13C9785} - C:\WINDOWS\system32\iewq.dll
O2 - BHO: Class - {499C9352-48E9-5912-C965-897AC38DF6D1} - C:\WINDOWS\javanp32.dll
O2 - BHO: Class - {4B322B26-B148-1680-1210-710907CDFBBF} - C:\WINDOWS\system32\apibg32.dll
O2 - BHO: Class - {4C94EE29-86CB-80FB-9E07-3C8ECF485735} - C:\WINDOWS\ierz.dll
O2 - BHO: Class - {4D567ABA-C061-F0F9-6007-B9B4A96FB412} - C:\WINDOWS\appwe32.dll
O2 - BHO: Class - {4E3683EC-EDA1-0338-4DF4-D571699FD262} - C:\WINDOWS\system32\mfcfc32.dll (file missing)
O2 - BHO: Class - {51210ACC-D1ED-AB86-D910-0A930B850A8C} - C:\WINDOWS\system32\sdkyo32.dll
O2 - BHO: Class - {51F24A75-CE33-D482-1EBC-0F319E5B6199} - C:\WINDOWS\system32\msys.dll
O2 - BHO: Class - {52764BD5-6198-BD7A-3EF5-C5ABA65FC5D0} - C:\WINDOWS\system32\netyz32.dll
O2 - BHO: Class - {5378A270-97C0-9850-0932-5B4BF750E05A} - C:\WINDOWS\system32\appng32.dll
O2 - BHO: Class - {542594E0-BB2E-852D-961B-E70DE3C8E843} - C:\WINDOWS\system32\mfcke32.dll
O2 - BHO: Class - {55C0B313-E6AB-E4D4-4CB9-5DA79926F43C} - C:\WINDOWS\system32\ieet.dll
O2 - BHO: Class - {57FF3DF5-1455-4BEF-D766-0E2FF7882347} - C:\WINDOWS\system32\ntvc32.dll
O2 - BHO: Class - {596F8480-AF4D-1795-88F6-07ABB014B3CF} - C:\WINDOWS\crog.dll
O2 - BHO: Class - {5C2283D1-61C9-9337-3709-169AA24C7206} - C:\WINDOWS\system32\syskp.dll
O2 - BHO: Class - {5C267B93-C66C-AF60-B81B-E8BFC8C44980} - C:\WINDOWS\mspr32.dll
O2 - BHO: Class - {5E691551-BD59-5A98-EF31-81686F6A4B4A} - C:\WINDOWS\ntig32.dll
O2 - BHO: Class - {601DFB36-F9D6-2A98-81A4-2655BE44B64D} - C:\WINDOWS\system32\crph.dll
O2 - BHO: Class - {61BF9567-4606-B8F2-4A15-3227A0E2E184} - C:\WINDOWS\addqq.dll
O2 - BHO: Class - {64ACBCED-4C70-32ED-5E7C-6D6EFEDA085F} - C:\WINDOWS\mfcui32.dll
O2 - BHO: Class - {66986988-5B7C-BCCE-8321-B70B3F482869} - C:\WINDOWS\system32\addeb32.dll
O2 - BHO: Class - {6824FA3C-0320-4E20-EB91-ADC744D5119E} - C:\WINDOWS\javazb.dll
O2 - BHO: Class - {68325EC5-8249-986D-EB26-06240713F6EC} - C:\WINDOWS\apiar32.dll
O2 - BHO: Class - {68BA8E7B-48F1-E65F-C86B-FB26EE5902B5} - C:\WINDOWS\addhu32.dll
O2 - BHO: Class - {699E5AAC-4CF0-459A-5056-3D06538E911B} - C:\WINDOWS\system32\appyz32.dll
O2 - BHO: Class - {6B5D047F-6194-FA18-BC30-2335EC42AE0E} - C:\WINDOWS\atliw.dll
O2 - BHO: Class - {6D48F634-DFAF-1764-FBD6-1DD58A4594FD} - C:\WINDOWS\sdknh32.dll
O2 - BHO: Class - {7070A8F9-08A4-CA47-0AB0-1EB9E4EE1F3B} - C:\WINDOWS\d3xf32.dll
O2 - BHO: Class - {73A30E12-BF8F-41BB-916F-3B8603733986} - C:\WINDOWS\mfcdj.dll
O2 - BHO: Class - {74ED8331-E220-3723-791F-3C434792B49D} - C:\WINDOWS\iepo.dll
O2 - BHO: Class - {76800C3C-21F8-0E04-8814-FBCBCD1D1D1F} - C:\WINDOWS\system32\sdkdf.dll
O2 - BHO: Class - {772B0D55-0E68-9937-8D1C-CDEC09E6A800} - C:\WINDOWS\system32\msqu.dll
O2 - BHO: Class - {77787939-7B32-FD56-1833-EB1926FA4037} - C:\WINDOWS\apiqr.dll
O2 - BHO: Class - {77FBEC09-E61C-7034-1BB4-9F8EBB286BCA} - C:\WINDOWS\mfcie32.dll
O2 - BHO: Class - {78A36512-8804-C19C-3205-09FF987988BB} - C:\WINDOWS\netas32.dll
O2 - BHO: Class - {794EE32D-7316-0F00-32EF-4314785FE8A6} - C:\WINDOWS\system32\crmv32.dll
O2 - BHO: Class - {795BB343-30B6-2B4F-FA68-F174D498229E} - C:\WINDOWS\system32\netfa.dll
O2 - BHO: Class - {79965454-FF46-B882-98D7-86A2EFD56542} - C:\WINDOWS\system32\crix.dll
O2 - BHO: Class - {7AADF982-4598-7DD2-A20B-630DD168492F} - C:\WINDOWS\sysrz32.dll
O2 - BHO: Class - {7E519B7D-60F7-36E0-6009-671EAD1F7C44} - C:\WINDOWS\sdksr.dll
O2 - BHO: Class - {7F1A013B-F4B4-F8F9-38F7-18989E8EA964} - C:\WINDOWS\system32\d3yd.dll
O2 - BHO: Class - {823178A5-58EC-4476-B53A-FE092D7277DB} - C:\WINDOWS\syszc.dll
O2 - BHO: Class - {848A750E-82F4-F1BA-633F-89CAC4D3092C} - C:\WINDOWS\javapt32.dll
O2 - BHO: Class - {855D9ABD-36CC-FBCB-F69B-5F15C25AE571} - C:\WINDOWS\netxi32.dll
O2 - BHO: Class - {8681F5FE-10E5-BC0E-53C2-DCC12E244065} - C:\WINDOWS\ipxj.dll
O2 - BHO: Class - {86A6E2E0-A3BB-429F-4259-DEDA727BB219} - C:\WINDOWS\iejz32.dll
O2 - BHO: Class - {8757C09B-F4D7-AB82-6033-FA99CDD3C145} - C:\WINDOWS\system32\atlyl.dll
O2 - BHO: Class - {8B118993-5C36-8BA8-1141-71794E0D9F1C} - C:\WINDOWS\system32\addhk.dll
O2 - BHO: Class - {8BEFC88D-7F02-A4AA-BECE-E1797DB4DAC6} - C:\WINDOWS\system32\crsm32.dll
O2 - BHO: Class - {8C95C3BC-BE2E-7565-027A-0FF49D99D167} - C:\WINDOWS\system32\apibp.dll
O2 - BHO: Class - {903085DC-D786-E6B3-D323-6BCB7ADD42E5} - C:\WINDOWS\system32\msxn32.dll
O2 - BHO: Class - {905668B8-5CFE-E86A-2BEF-F4792AA3BB31} - C:\WINDOWS\system32\sdknb.dll
O2 - BHO: Class - {90AD3177-D505-1146-3DDF-60FC741016D6} - C:\WINDOWS\ieuu.dll
O2 - BHO: Class - {91789B58-5FD0-711E-B1E0-CB7DB1F51240} - C:\WINDOWS\system32\d3sf.dll
O2 - BHO: Class - {92901035-3C67-CBB1-A5B7-7E37E4223E5B} - C:\WINDOWS\system32\sdkea32.dll
O2 - BHO: Class - {937347AF-8267-7B4F-C2FD-7C75B9DE0881} - C:\WINDOWS\system32\apior32.dll
O2 - BHO: Class - {942B6252-8D31-F803-F849-DB088F9D9A40} - C:\WINDOWS\system32\javaso.dll
O2 - BHO: Class - {953396F6-ADD4-0CAD-D0EE-715FBB27DD54} - C:\WINDOWS\system32\apilm32.dll
O2 - BHO: Class - {98CC5E5F-7877-CB9D-3D33-989DA81B39DA} - C:\WINDOWS\winye32.dll
O2 - BHO: Class - {9A711BC8-2FF4-DE0B-C3F4-C19853966F9A} - C:\WINDOWS\system32\appvp.dll
O2 - BHO: Class - {9AF819D8-F008-7083-3139-8797B1D58E16} - C:\WINDOWS\ntax32.dll
O2 - BHO: Class - {9B248F4A-0E2F-E6AC-4C93-30FA3E8832F5} - C:\WINDOWS\system32\syscd.dll
O2 - BHO: Class - {9C0FBA5F-3F3D-397E-15C0-85E3828D8424} - C:\WINDOWS\msng.dll
O2 - BHO: Class - {9CAD02CC-BB43-75C0-802F-FB2C2F6800B4} - C:\WINDOWS\crqt32.dll
O2 - BHO: Class - {9D392CE1-0E98-05C3-BB34-7FC5B9D8D07E} - C:\WINDOWS\d3zn32.dll
O2 - BHO: Class - {9E14194F-88EB-681C-38F7-2ABCB858F758} - C:\WINDOWS\system32\sdkma32.dll
O2 - BHO: Class - {9E38D3F2-BCDA-AD28-DCF3-B4DA7091010E} - C:\WINDOWS\system32\appzm32.dll
O2 - BHO: Class - {9E40464B-CE86-2A95-419A-510B0FC95988} - C:\WINDOWS\crwu32.dll
O2 - BHO: Class - {9EB26F51-80E2-A6B3-0F0F-207DC5C68481} - C:\WINDOWS\system32\netbv.dll
O2 - BHO: Class - {9FA37FAE-BA76-0AE7-C44F-7E8C68FF3F53} - C:\WINDOWS\mfcuv.dll
O2 - BHO: Class - {A2570630-ECF2-BF6A-C8EA-509D56913F46} - C:\WINDOWS\ipgq.dll
O2 - BHO: Class - {A3ADFA24-B6C7-2903-DCA0-B839562EC0DC} - C:\WINDOWS\crps.dll
O2 - BHO: Class - {A491446E-5B83-7344-6DED-66F77121F386} - C:\WINDOWS\system32\appct32.dll
O2 - BHO: Class - {A5B853EB-02AC-5701-5CE5-B7B603A3964D} - C:\WINDOWS\system32\winhj32.dll
O2 - BHO: Class - {A5CC16AA-AC71-92FD-27FE-035D08A3F4CC} - C:\WINDOWS\system32\netei.dll
O2 - BHO: Class - {A7674ED9-3DD5-0684-F3AA-3C7FFCB84490} - C:\WINDOWS\system32\atlgc.dll
O2 - BHO: Class - {A8EDD24F-291F-AC10-9854-D41319B61F3E} - C:\WINDOWS\system32\addou32.dll
O2 - BHO: Class - {AAE8D2B7-041D-CBB2-44B4-5E2B264B26C5} - C:\WINDOWS\adddc.dll
O2 - BHO: Class - {AAFF602D-F0F2-D6BA-BD3F-EAC7D552005B} - C:\WINDOWS\system32\msve32.dll
O2 - BHO: Class - {AB6E0FF3-5C24-433E-F0F0-97AEB24D486A} - C:\WINDOWS\sdkli32.dll
O2 - BHO: Class - {ADCC5874-232B-AAF4-BBF6-45118BA84B43} - C:\WINDOWS\system32\atlha32.dll
O2 - BHO: Class - {AE845430-3B50-352F-A6D3-21174EDCA037} - C:\WINDOWS\system32\javahp.dll
O2 - BHO: Class - {AEAE8BDF-EB6D-3455-2CB9-63C74F8A0DBF} - C:\WINDOWS\system32\mfcdw32.dll
O2 - BHO: Class - {B1C3A465-BE37-C89D-C0DE-5220C1228514} - C:\WINDOWS\system32\iecm.dll
O2 - BHO: Class - {B1EA2010-07E4-3D19-B07F-C5DA991481C8} - C:\WINDOWS\system32\d3ti32.dll
O2 - BHO: Class - {B55D75A3-1764-A327-3985-197DA9AC2B33} - C:\WINDOWS\system32\sdkji32.dll
O2 - BHO: Class - {B825DEE4-D4B5-9286-E839-48249C3E89A6} - C:\WINDOWS\system32\netod32.dll
O2 - BHO: Class - {B8F23740-4D73-93A7-F0B0-8EADF3AF789A} - C:\WINDOWS\system32\crsm.dll
O2 - BHO: Class - {B9087056-572E-C46F-41EA-766D3370ABEF} - C:\WINDOWS\ieqc32.dll
O2 - BHO: Class - {B9B03493-3AB7-1458-DC72-1757D8B6955D} - C:\WINDOWS\winwx32.dll
O2 - BHO: Class - {BC144D27-FA6C-007E-D9A7-FA8FB1EB27D4} - C:\WINDOWS\system32\d3dc.dll
O2 - BHO: Class - {BCB849EE-3C14-2916-6479-61D23E66F6F4} - C:\WINDOWS\system32\winfa32.dll
O2 - BHO: Class - {BCEC2CED-A712-8E4B-EE99-55DCA0ABA5D8} - C:\WINDOWS\msoe.dll
O2 - BHO: Class - {C0B52B25-F1C7-7AED-5588-35199E367342} - C:\WINDOWS\addvr.dll
O2 - BHO: Class - {C37CAC8C-72FC-53A0-ECF0-CBC22904A698} - C:\WINDOWS\system32\apiog.dll
O2 - BHO: Class - {C3F45515-C97C-FE89-7CF4-93B09594255D} - C:\WINDOWS\winmt32.dll
O2 - BHO: Class - {C5BB0FBE-CDEE-A485-F3E5-283ADA2D7F30} - C:\WINDOWS\system32\appga32.dll
O2 - BHO: Class - {C6CC3682-4F52-194B-CA60-3B5401F6FCF5} - C:\WINDOWS\system32\javaho.dll
O2 - BHO: Class - {C7CE8C37-C2A4-FBF1-D4D3-3AFEABB7F1EC} - C:\WINDOWS\apiuk32.dll
O2 - BHO: Class - {C8BFB1F8-6B02-5880-8993-6C955AAC22D9} - C:\WINDOWS\apptm32.dll
O2 - BHO: Class - {C8C966DD-1537-9AB7-2EF4-DFEF1A1C8D24} - C:\WINDOWS\system32\mfcpe.dll
O2 - BHO: Class - {CB868F46-633A-4D25-2B7C-44B2B654D1C7} - C:\WINDOWS\sdkxm32.dll
O2 - BHO: Class - {CBA7368E-197A-BCBB-9E7F-32312369E149} - C:\WINDOWS\netmh32.dll
O2 - BHO: Class - {CC74E0B9-F6BF-A716-4F9A-98CC5AAEA235} - C:\WINDOWS\sdkhp32.dll
O2 - BHO: Class - {CDE45960-40E0-55A2-18F1-392935B88569} - C:\WINDOWS\ipjk.dll
O2 - BHO: Class - {CE894740-E436-0855-44E1-DB1DD21DEAD2} - C:\WINDOWS\system32\sdkqa.dll
O2 - BHO: Class - {CEDDF6C5-0CB5-7396-9211-5800350CE4D1} - C:\WINDOWS\sdkwo.dll
O2 - BHO: Class - {CEEC69B5-0380-F78A-088D-A205E618F50B} - C:\WINDOWS\system32\atlon32.dll
O2 - BHO: Class - {CF546225-341C-30CE-6E17-98A3B9CEEB9D} - C:\WINDOWS\msju32.dll
O2 - BHO: Class - {D19A0D3C-60CE-3F19-0B7E-A0E239AC4600} - C:\WINDOWS\cref.dll
O2 - BHO: Class - {D1A35940-7FA5-46BB-81C4-D61A46262B92} - C:\WINDOWS\system32\javama32.dll
O2 - BHO: Class - {D3392890-1389-1643-1819-1732118F3F2E} - C:\WINDOWS\winle32.dll
O2 - BHO: Class - {D6FEE3AE-3708-2B07-0B95-D1C53B9D8787} - C:\WINDOWS\system32\winvc.dll
O2 - BHO: Class - {D8DC8C41-2FDF-F1A1-1319-94F8F477DB59} - C:\WINDOWS\system32\ipga32.dll
O2 - BHO: Class - {D9D9DAA6-24A5-2565-8BB5-077B7917932D} - C:\WINDOWS\system32\d3pl32.dll
O2 - BHO: Class - {DC5AC739-3DE1-DC4E-F480-C18D4DACA3AD} - C:\WINDOWS\system32\windp32.dll
O2 - BHO: Class - {DF704C87-46E7-AE73-9934-657FBE2E1426} - C:\WINDOWS\system32\ntxo32.dll
O2 - BHO: Class - {DFE25EAE-2CAC-3874-88A1-DF482EFF758C} - C:\WINDOWS\system32\msnl.dll
O2 - BHO: Class - {E0AC72B4-8BA8-C6A8-6319-254FCC5D9916} - C:\WINDOWS\ipni32.dll
O2 - BHO: Class - {E2A72A5A-5904-FEE1-9CF2-43DE47B6318F} - C:\WINDOWS\system32\cryc32.dll
O2 - BHO: Class - {E363C209-E213-B037-FBC0-927E7138A3AF} - C:\WINDOWS\system32\crrv32.dll
O2 - BHO: Class - {E3676293-59F9-F3B9-B54E-F3180B709DAA} - C:\WINDOWS\system32\ntyr32.dll
O2 - BHO: Class - {E3C686FA-01E4-A2ED-B92E-B9CC47DCE957} - C:\WINDOWS\iewn32.dll
O2 - BHO: Class - {E5AD27E7-347D-8A47-347A-FBD83901DD61} - C:\WINDOWS\javaom32.dll
O2 - BHO: Class - {E61BC869-33C7-AC36-F015-C0910E22E342} - C:\WINDOWS\system32\winvj32.dll
O2 - BHO: Class - {E67AAEA4-63EA-88A3-538E-D852FAE59639} - C:\WINDOWS\ntxj32.dll
O2 - BHO: Class - {E684A367-9097-B604-A183-5AAD9939B58C} - C:\WINDOWS\system32\sdkvr.dll
O2 - BHO: Class - {E8672AC7-8611-4002-4486-F4856A5C2E37} - C:\WINDOWS\javamb.dll
O2 - BHO: Class - {E8BE2A5E-CEBC-9AC3-3766-2818EC5177F1} - C:\WINDOWS\ieri.dll
O2 - BHO: Class - {EB3E405D-6CF7-0E4F-ADE3-5D1C4344CBB4} - C:\WINDOWS\system32\atlyq.dll
O2 - BHO: Class - {EB4984A7-E07D-81B0-20C5-79624CAB8546} - C:\WINDOWS\atlpp.dll
O2 - BHO: Class - {EC3AD07F-3DBE-C7B3-AD29-010A94FC8B05} - C:\WINDOWS\system32\addoa32.dll
O2 - BHO: Class - {EF1C5F19-D800-F30A-ADD5-7E618D29C88F} - C:\WINDOWS\d3gk32.dll
O2 - BHO: Class - {F02E3B9E-91EA-F259-A3AA-78801E4D5744} - C:\WINDOWS\system32\atljn.dll
O2 - BHO: Class - {F0D81A42-6809-2DA7-9649-78825C8E9FB0} - C:\WINDOWS\netgv32.dll
O2 - BHO: Class - {F0E43199-5174-F601-B6ED-5BE690BB4830} - C:\WINDOWS\appbl.dll
O2 - BHO: Class - {F197B1B9-0AAF-D47B-4EDC-FF4944D4BD3C} - C:\WINDOWS\nthr32.dll
O2 - BHO: Class - {F1BFBED8-8817-33C8-DB05-3E5843F24CBD} - C:\WINDOWS\system32\atlmg32.dll
O2 - BHO: Class - {F1DEDB5C-B92F-230D-58CA-E65403705AD0} - C:\WINDOWS\system32\iecq32.dll
O2 - BHO: Class - {F1F9B28A-1F49-9C3D-094C-6611C983AF32} - C:\WINDOWS\ntgx32.dll
O2 - BHO: Class - {F3229D57-F62B-1F6E-54F4-EAF76321F1C8} - C:\WINDOWS\mfcrx.dll
O2 - BHO: Class - {F76604BF-96C5-81C9-07E5-094D1BB88043} - C:\WINDOWS\system32\atlfl32.dll
O2 - BHO: Class - {F81CAF0F-626A-674A-A2FD-F8C66CBAC4ED} - C:\WINDOWS\system32\mfcdf.dll
O2 - BHO: Class - {FC97DD7A-EAF3-5C15-ED04-6CBD8788DF3C} - C:\WINDOWS\system32\mfcza.dll
O2 - BHO: Class - {FCA0C084-5A1E-2788-C373-3172E1256545} - C:\WINDOWS\javamv.dll
O2 - BHO: Class - {FD86D2AE-6995-3927-1E7E-A8D2260FF6E2} - C:\WINDOWS\system32\ntyt32.dll
O2 - BHO: Class - {FEE35FFA-5707-EF25-2036-A92AB9B624CD} - C:\WINDOWS\crnp.dll
O2 - BHO: Class - {FEF27C0E-F323-983C-7373-F21C8EF035DF} - C:\WINDOWS\system32\javadr.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [iepi32.exe] C:\WINDOWS\iepi32.exe
O4 - HKLM\..\Run: [iesj32.exe] C:\WINDOWS\iesj32.exe
O4 - HKLM\..\Run: [atlhe.exe] C:\WINDOWS\system32\atlhe.exe
O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O23 - Service: Network Security Service ( 11F#`I) - Unknown owner - C:\WINDOWS\system32\mfcoy32.exe

5. Reboot and run the tool again.

6. Post a fresh Hijackthis log and the log from About:Buster.
If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware Posted Image

Please do not PM me asking for support. My first reply will direct you to the forums instead.
Please post the final results, good or bad. We like to know!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users