Jump to content

Recommended Posts

i was told to send my question in this area...dunno if its the right place so here goes.

i dl'd ab,did all the usual stuff it says to do,got more than half way through the scan...and there it is"error #6--overflow"....i click ok and it seems to end everything.

wat do i do now to resolve this"error #6"problem?

as i sad before in the open chat forum--i'am really a novice at this computer stuff so im at a loss as to what to do...any help on the subject would greatly be appreciated...thank you in advance for any advice to come my way..

p.s. ive read a few other topics and as far those logs go--i have no idea how or even where to see those logs to post here for you guys.

hardracer

Link to post
Share on other sites

I'm in the same situation...keep getting error 6 overflow.

It's happening in safe mode too. Running Windows XP Pro SP2.

The program launchs, but after a couple of seconds, as soon as I run the scan, the error pops up.

Hope I can get it working since there is not many answers to this problem in the forums that I've searched.

Link to post
Share on other sites

Would you BOTH please post HijackThis log as we can see what going on...nomad2224 since hardracer started this topic would you put your in a new topic please.

Please download HijackThis version 1.99.1 from HERE and make sure to unzip and to it's own, permanent folder. To run HijackThis click Scan and then Save log, Post the new log in a reply to this thread.

Also is that the EXACT error messge and all of it??

Edited by jwbirdsong
Link to post
Share on other sites

Would you BOTH please post HijackThis log as we can see what going on...nomad2224 since hardracer started this topic would you put your in a new topic please.

Please download HijackThis version 1.99.1 from HERE and make sure to unzip and to it's own, permanent folder. To run HijackThis click Scan and then Save log, Post the new log in a reply to this thread.

Also is that the EXACT error messge and all of it??

here is my log file u wanted to see.yes the error message is what i said it was(exact)

Logfile of HijackThis v1.99.1

Scan saved at 7:48:30 PM, on 1/23/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\system32\winwx.exe

C:\WINDOWS\System32\ctfmon.exe

C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

C:\Program Files\EarthLink TotalAccess\TaskPanl.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe

C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe

c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\System32\wuauclt.exe

C:\WINDOWS\system32\ieab32.exe

C:\Program Files\MSN\MSNCoreFiles\msn.exe

C:\WINDOWS\System32\rsvp.exe

C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchv.com/search.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049

R3 - Default URLSearchHook is missing

O2 - BHO: Class - {014A827D-E04B-4100-86CC-AA5FBCB8F577} - C:\WINDOWS\system32\ntoz.dll

O2 - BHO: Class - {0291E910-8D54-4FA6-C81D-D18ED280B289} - C:\WINDOWS\apius32.dll

O2 - BHO: Class - {04D536A8-BE6C-6283-AD25-18CADEF98984} - C:\WINDOWS\sysdw32.dll

O2 - BHO: Class - {058C9936-6D60-53AB-C6A6-BABA8EDE5F00} - C:\WINDOWS\system32\winnh.dll

O2 - BHO: Class - {05F3C50C-D53F-D6BC-9065-2ABB3092A8D0} - C:\WINDOWS\ipsd.dll

O2 - BHO: Class - {05F3F3D2-8BFA-C735-FCDF-D4BD8418D325} - C:\WINDOWS\wincd32.dll

O2 - BHO: Class - {06197E31-50B6-4043-D6C9-8E70AAB849E5} - C:\WINDOWS\system32\windh.dll

O2 - BHO: Class - {065A3DF4-4253-B880-16A3-75DA427DD453} - C:\WINDOWS\wintz.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Class - {07AC6A37-E15F-F543-A739-15DB1285B61A} - C:\WINDOWS\system32\mstv.dll

O2 - BHO: Class - {07D83F1A-3A3D-EF25-F957-DCA0DCC72ABC} - C:\WINDOWS\sdkss32.dll

O2 - BHO: Class - {07E2FBBF-C64A-1972-227E-82FA4861EB78} - C:\WINDOWS\apias.dll

O2 - BHO: Class - {07E66B38-1367-7DC0-FD3C-CA1BFBA6BCC7} - C:\WINDOWS\system32\atlyd.dll

O2 - BHO: Class - {083A00C1-8BB2-5BD6-D3E8-27ADF3D597CA} - C:\WINDOWS\msmk.dll

O2 - BHO: Class - {08B062B7-0572-9CCE-27F2-A318B78A3677} - C:\WINDOWS\ntxm32.dll

O2 - BHO: Class - {094C8CED-58C8-2CD1-5207-27C140FB0531} - C:\WINDOWS\ieqe32.dll

O2 - BHO: Class - {094EDED8-1F6C-995C-6754-A544D7EA188B} - C:\WINDOWS\system32\crbr32.dll

O2 - BHO: Class - {0A8D0092-6F79-27C0-3B9C-D542A7FC6907} - C:\WINDOWS\system32\javalr32.dll

O2 - BHO: Class - {0B01EADD-4EEA-1744-7321-45BB28A5E86A} - C:\WINDOWS\system32\javabq32.dll

O2 - BHO: Class - {0CAEDEE2-8F3E-F86F-35DC-CDEAAE346249} - C:\WINDOWS\crvc.dll

O2 - BHO: Class - {0DFE18F1-8279-20AE-4CC5-10CB30FF50DA} - C:\WINDOWS\appul32.dll

O2 - BHO: Class - {0E07F1CC-6044-9AB8-86B3-B33F53CA4787} - C:\WINDOWS\javaph.dll

O2 - BHO: Class - {0E3BEE03-C426-F488-CA26-D938932339AC} - C:\WINDOWS\system32\ntqt.dll

O2 - BHO: Class - {0F0E061E-FA0C-0C44-F0D9-0E0C21180458} - C:\WINDOWS\mfcnb.dll

O2 - BHO: Class - {0FCDFA68-74F9-605A-8029-180E50A9964A} - C:\WINDOWS\system32\netai.dll

O2 - BHO: Class - {102D7ADF-B1F2-150B-DD47-0D7AE8ECDFE0} - C:\WINDOWS\javabo.dll

O2 - BHO: Class - {10FF78CB-D256-A957-AA38-C09CAEAA3E70} - C:\WINDOWS\system32\mfcgx.dll

O2 - BHO: Class - {116B5897-9869-1B77-3DC7-646F9CB58D2B} - C:\WINDOWS\system32\msrn32.dll

O2 - BHO: Class - {11BE3648-39DF-4A8F-2B7F-AF543F3C21DF} - C:\WINDOWS\sysmx32.dll

O2 - BHO: Class - {11BEC0B9-C370-4820-FE14-3C42B32E0875} - C:\WINDOWS\system32\apitx.dll

O2 - BHO: Class - {124EC0E5-C940-3ED0-1241-6B1E7CF1D1E8} - C:\WINDOWS\d3xq.dll

O2 - BHO: Class - {1323364A-6290-C22E-760E-ABFCF4445116} - C:\WINDOWS\system32\iehq32.dll

O2 - BHO: Class - {13B77FE1-9911-A0C2-1D01-61CA21EAEB83} - C:\WINDOWS\system32\addbt.dll

O2 - BHO: Class - {13C3D1A3-A53A-6BFB-F6CA-8FA7292FE0F0} - C:\WINDOWS\sdkzj.dll

O2 - BHO: Class - {14882629-ECB5-DB2D-9FF8-D87930DD6A0A} - C:\WINDOWS\iefb32.dll

O2 - BHO: Class - {153707B5-D0ED-A171-CBB3-87B9E1296513} - C:\WINDOWS\atlwb32.dll

O2 - BHO: Class - {1546F4A6-423F-7B55-1F30-B621C06F5D69} - C:\WINDOWS\system32\d3bu32.dll

O2 - BHO: Class - {1676763F-15C3-F5F2-9C0B-0631705661ED} - C:\WINDOWS\ntng32.dll

O2 - BHO: Class - {16A67573-5153-0344-B04A-BF8F43B5057F} - C:\WINDOWS\sdkql.dll

O2 - BHO: Class - {16B25743-B02B-E5F0-F1AE-94D196232E38} - C:\WINDOWS\winkl.dll

O2 - BHO: Class - {16BD821E-5751-423E-4850-6CC5D07FECD8} - C:\WINDOWS\winfc32.dll

O2 - BHO: Class - {16D601F6-E41B-1A0C-95AA-2EF05F7C37EE} - C:\WINDOWS\system32\appze.dll

O2 - BHO: Class - {17094FC7-F985-CD03-CB64-049B61C2C70E} - C:\WINDOWS\system32\addcg.dll

O2 - BHO: Class - {1713182A-5092-DD29-01DB-F0D69793396C} - C:\WINDOWS\addco.dll

O2 - BHO: Class - {1760E281-B7CE-24A2-166B-0B9F9BB7B8A9} - C:\WINDOWS\system32\netpc32.dll

O2 - BHO: Class - {17A1BA50-1F42-91DF-8D52-9482601397EF} - C:\WINDOWS\apigp32.dll

O2 - BHO: Class - {18C9B52B-7151-9593-8427-72C86515DCDE} - C:\WINDOWS\appcb.dll

O2 - BHO: Class - {1A828816-226B-81EE-2E66-CFEBA8E97E2F} - C:\WINDOWS\apibh32.dll

O2 - BHO: Class - {1AF1C718-5A24-D7BB-592A-F2291195734F} - C:\WINDOWS\appbe32.dll

O2 - BHO: Class - {1B7649CB-3BCF-46D5-F4A7-39AEAE5625AB} - C:\WINDOWS\crzn.dll

O2 - BHO: Class - {1B849856-C2B0-C16F-7AA2-AF1A44A6BEDA} - C:\WINDOWS\system32\ipma32.dll

O2 - BHO: Class - {1B9CCCD9-3DA0-5E43-A4CE-924A8F49CC0F} - C:\WINDOWS\system32\iexs.dll

O2 - BHO: Class - {1DF846A3-16F9-BEC1-05D0-31207FD24B28} - C:\WINDOWS\system32\javaxu32.dll

O2 - BHO: Class - {1E94F949-F3F0-5C64-038A-53C68D35F288} - C:\WINDOWS\system32\javalr.dll

O2 - BHO: Class - {1EB77D8F-DC5A-7E55-59FC-844CAE64FC70} - C:\WINDOWS\syslm.dll

O2 - BHO: Class - {1EDBFE12-619A-B05D-D81A-42593402A991} - C:\WINDOWS\appsh.dll

O2 - BHO: Class - {1F1A3DD0-5DB3-08D8-FE9F-CB49DA5EFA2E} - C:\WINDOWS\system32\syspu.dll

O2 - BHO: Class - {1F7B837E-CC0C-8A77-DD3C-43144BEFEB4B} - C:\WINDOWS\d3nm32.dll

O2 - BHO: Class - {1F8E709E-AEC3-AC71-0350-66348A990C05} - C:\WINDOWS\system32\msps.dll

O2 - BHO: Class - {204BFD00-8711-E685-9059-B543F47899E1} - C:\WINDOWS\system32\d3tx32.dll

O2 - BHO: Class - {2067DEDB-34F7-9CC4-7353-3E1E927B32A3} - C:\WINDOWS\system32\d3lc32.dll

O2 - BHO: Class - {22A99D53-6CB9-33A5-DED6-D04F5F0F1AE8} - C:\WINDOWS\system32\d3nm32.dll

O2 - BHO: Class - {22B1BD81-78EF-C72F-0793-EFF78ED6B103} - C:\WINDOWS\system32\javalf.dll

O2 - BHO: Class - {2345C8ED-802B-A5E6-4EE8-68E9D4825903} - C:\WINDOWS\iedl.dll

O2 - BHO: Class - {23DA50CE-1A25-2F1D-13E6-38C10B86A8F2} - C:\WINDOWS\appug32.dll

O2 - BHO: Class - {23E29B01-78ED-B227-C0D9-7F01F2621B9A} - C:\WINDOWS\system32\addbd32.dll

O2 - BHO: Class - {24BE1459-795A-5BA6-B9B1-DC1A2D1652EF} - C:\WINDOWS\system32\winmg.dll

O2 - BHO: Class - {25058AE5-5371-3EC0-9CB9-B7B2AE83A00A} - C:\WINDOWS\system32\crmn.dll

O2 - BHO: Class - {259EE5B9-79F9-788C-1426-7B4E6B1A0211} - C:\WINDOWS\addic32.dll

O2 - BHO: Class - {28223167-A6CC-2F8F-758F-1F424FBB380E} - C:\WINDOWS\system32\mfcyi.dll

O2 - BHO: Class - {28FF0DAA-6EDD-259A-83C4-EADDF15D72AD} - C:\WINDOWS\system32\mfcbl32.dll

O2 - BHO: Class - {29FC66BD-3EA4-3F16-0ABF-93515F25ED12} - C:\WINDOWS\winjx32.dll

O2 - BHO: Class - {2A37058B-D1BB-61D1-21BA-B7A66036D544} - C:\WINDOWS\appkg32.dll

O2 - BHO: Class - {2A696067-2ABB-2ABE-9CCF-E895A174E181} - C:\WINDOWS\wintm.dll

O2 - BHO: Class - {2AD24B66-877B-347B-4D3D-73A13C8BB2CB} - C:\WINDOWS\netdg.dll

O2 - BHO: Class - {2ADD1D56-2534-91AF-C52E-680B595C6999} - C:\WINDOWS\system32\ierm32.dll

O2 - BHO: Class - {2CE88230-1C35-89B5-88A0-B07ACA0B401D} - C:\WINDOWS\system32\ntjf.dll

O2 - BHO: Class - {2CEB755B-6BCC-9879-D315-A49FBFA75BD7} - C:\WINDOWS\ntux.dll

O2 - BHO: Class - {2CFF8F86-4117-E570-DCB8-49CE5BB1B815} - C:\WINDOWS\apijn32.dll

O2 - BHO: Class - {2D83144A-96F5-FD55-350C-BB36CBABB8B2} - C:\WINDOWS\system32\msyf.dll

O2 - BHO: Class - {2D9A5F30-BB39-3C3B-1DB0-A4572E5E7077} - C:\WINDOWS\ipot32.dll

O2 - BHO: Class - {2E5DB345-70C0-FF98-D20F-C69A65169900} - C:\WINDOWS\system32\mfclq32.dll

O2 - BHO: Class - {2EDD9108-F5D8-936A-8F9A-116CB847DCC0} - C:\WINDOWS\d3mx32.dll

O2 - BHO: Class - {2F1C51B0-AC7F-A18C-6486-8BD910B563C3} - C:\WINDOWS\system32\sdktf32.dll

O2 - BHO: Class - {2F7660FB-0CEA-4B11-A8C5-3175CFDBA441} - C:\WINDOWS\system32\windj32.dll

O2 - BHO: Class - {2FA6B0AE-AAE8-9CDC-8004-516B1C672B52} - C:\WINDOWS\appqi32.dll

O2 - BHO: Class - {2FCA3DE0-0928-B4AD-0D83-44697B4D7A24} - C:\WINDOWS\atlyc32.dll

O2 - BHO: Class - {300881BB-DD69-DBCB-AE92-B05A3E8707E1} - C:\WINDOWS\iewo.dll

O2 - BHO: Class - {309B0370-9499-BD83-5B63-522A8DC7EFD4} - C:\WINDOWS\system32\ntmi.dll

O2 - BHO: Class - {30B92BEE-1F2E-CDB3-9958-2877E3A478BF} - C:\WINDOWS\ipwf32.dll

O2 - BHO: Class - {30C15F1B-B902-8769-7E97-07B632351674} - C:\WINDOWS\netza.dll

O2 - BHO: Class - {3202B39B-A35B-BCEE-9DB0-68ED2C239785} - C:\WINDOWS\system32\crfq.dll

O2 - BHO: Class - {32647596-213A-8327-EDB5-24A45C5C5E36} - C:\WINDOWS\sdkig.dll

O2 - BHO: Class - {32D819AE-5E1D-5524-783B-C8993083716B} - C:\WINDOWS\winwr.dll

O2 - BHO: Class - {33AC10E4-94BE-C3D0-855D-41F27DCEDD3D} - C:\WINDOWS\system32\msma.dll

O2 - BHO: Class - {33EC6E43-4826-94FA-3A03-B94290B62B85} - C:\WINDOWS\iehb.dll

O2 - BHO: Class - {34563B77-50A7-B32B-750C-907E592AD1F7} - C:\WINDOWS\system32\ntiw.dll

O2 - BHO: Class - {3487A0E4-207B-E09F-81B8-A8EDBD853E83} - C:\WINDOWS\mfchd32.dll

O2 - BHO: Class - {3585FF78-2F11-FF4A-2596-1DF8EA166C87} - C:\WINDOWS\system32\javayr32.dll

O2 - BHO: Class - {36CC50DE-E932-3435-B11B-709E3AFE8849} - C:\WINDOWS\sdkfz.dll

O2 - BHO: Class - {3712D7D0-9565-F99D-D800-6036A77E45C4} - C:\WINDOWS\crdy32.dll

O2 - BHO: Class - {38270C16-6F54-81A1-B343-987591F9FF85} - C:\WINDOWS\system32\iexa32.dll

O2 - BHO: Class - {38683242-D589-5595-2821-3BE52429FEC3} - C:\WINDOWS\system32\appks32.dll

O2 - BHO: Class - {38A13BE2-44E2-8EAD-D101-458EB7B89D67} - C:\WINDOWS\system32\javadg32.dll

O2 - BHO: Class - {38EB7DA0-52FB-AADA-9FBF-2A397DD19AA1} - C:\WINDOWS\system32\crln32.dll

O2 - BHO: Class - {3ADF6BD5-30EF-8D1D-8D7D-3A0CDCC2FD01} - C:\WINDOWS\system32\appxc.dll

O2 - BHO: Class - {3AEAD8F8-7409-2055-D03F-1E630CC0A5B8} - C:\WINDOWS\winot.dll

O2 - BHO: Class - {3AF46D2B-238E-2C0A-6C63-109D3CE5E7C0} - C:\WINDOWS\addsz32.dll

O2 - BHO: Class - {3AF61C43-088F-A3C6-4312-3AB906276F3A} - C:\WINDOWS\system32\winfu.dll

O2 - BHO: Class - {3BA5C516-2E23-6854-9EFC-21E89FEB7C2E} - C:\WINDOWS\system32\mspl.dll

O2 - BHO: Class - {3BB31146-3116-E523-81A1-39DC94BD27E5} - C:\WINDOWS\system32\appdm32.dll

O2 - BHO: Class - {3BD916EE-69B6-9D47-6347-D97C3BA97F02} - C:\WINDOWS\system32\mfcam32.dll

O2 - BHO: Class - {3C69B1A3-D6E3-9B58-A742-1A46F3BDB7CE} - C:\WINDOWS\winqw.dll

O2 - BHO: Class - {3C73D315-DD9F-9F82-0398-D2936B2878B2} - C:\WINDOWS\ntfs32.dll

O2 - BHO: Class - {3C7FB04E-255B-74C8-0E5F-D8E57CAAC3BC} - C:\WINDOWS\apphf32.dll

O2 - BHO: Class - {3D2ACA16-3F1C-BF97-6524-0F7072E1E895} - C:\WINDOWS\netnx32.dll

O2 - BHO: Class - {3D983ED1-97AB-F11D-D545-3A47F28CC430} - C:\WINDOWS\system32\winuq.dll

O2 - BHO: Class - {3E8EDD63-7719-B595-1F25-C50F23DBF99D} - C:\WINDOWS\system32\javakb32.dll

O2 - BHO: Class - {40430AEB-7146-EE85-0D82-B57E2A8F44A9} - C:\WINDOWS\addwr.dll

O2 - BHO: Class - {4089564D-FCC7-C2D7-9F2A-ED05B543E8CA} - C:\WINDOWS\system32\sysfa32.dll

O2 - BHO: Class - {4097E29E-2A74-3EEA-7090-0E73AF19AC3E} - C:\WINDOWS\apiri32.dll

O2 - BHO: Class - {4249913F-B87B-5BCB-BDAC-0E589CD03682} - C:\WINDOWS\system32\appkx32.dll

O2 - BHO: Class - {42874627-68BA-AD3E-2E5A-AF9C92CF61D3} - C:\WINDOWS\system32\ieov32.dll

O2 - BHO: Class - {42B28786-0E2F-6823-286D-BA74F50C3A0D} - C:\WINDOWS\addww32.dll

O2 - BHO: Class - {42B6D2AA-FC71-B406-F3BA-1E0D9D759441} - C:\WINDOWS\apphf.dll

O2 - BHO: Class - {43544B19-A240-DF9B-5CE9-9DC02154188E} - C:\WINDOWS\system32\d3bt32.dll

O2 - BHO: Class - {4407E807-267B-A3CE-F228-77149FA4302C} - C:\WINDOWS\system32\sysex.dll

O2 - BHO: Class - {4478A40E-095C-9113-16CA-AAE4FCB0841A} - C:\WINDOWS\netyz32.dll

O2 - BHO: Class - {44D83962-1E60-044C-50E1-DCC0B1C6B08C} - C:\WINDOWS\atlop32.dll

O2 - BHO: Class - {45723711-8D3F-C8F9-24E0-F252B24B3148} - C:\WINDOWS\sdkau.dll

O2 - BHO: Class - {45BF02B3-6F53-F516-CA0B-8B10C0085204} - C:\WINDOWS\apigq32.dll

O2 - BHO: Class - {460072CA-8C43-F205-2195-C713F1949B30} - C:\WINDOWS\javasu32.dll

O2 - BHO: Class - {46030852-EC50-153A-66BC-0BAEA8CBC16A} - C:\WINDOWS\system32\msjb.dll

O2 - BHO: Class - {469875BB-BC3F-507E-B350-021484557DB4} - C:\WINDOWS\system32\d3nj32.dll

O2 - BHO: Class - {477DF9B4-C171-F601-74D6-D3697B4B1E8B} - C:\WINDOWS\addct32.dll

O2 - BHO: Class - {48604E09-168D-FEB9-0B26-5518D029DA95} - C:\WINDOWS\system32\ipxh.dll

O2 - BHO: Class - {4861F239-22C4-39AD-0E05-069E210E1F47} - C:\WINDOWS\javani.dll

O2 - BHO: Class - {4A6CF2F7-DDDD-2A8C-FF62-94A72AA7954F} - C:\WINDOWS\appja32.dll

O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O2 - BHO: Class - {4B898F0F-81A2-A0FB-5F4C-37100AC2D624} - C:\WINDOWS\system32\d3ew32.dll

O2 - BHO: Class - {4C97FF57-707D-49B6-2CBA-7996791E6202} - C:\WINDOWS\netdt32.dll

O2 - BHO: Class - {4CB86D61-970D-C338-7AD0-8B13C488150E} - C:\WINDOWS\sdkcd32.dll

O2 - BHO: Class - {4CC0A8A4-E4C5-6742-27C3-C153BB6598A6} - C:\WINDOWS\ippg32.dll

O2 - BHO: Class - {4D55F1A8-55DA-AA1A-83F6-E4407B24CCE5} - C:\WINDOWS\system32\ipdb.dll

O2 - BHO: Class - {4D77B656-3929-8E8D-2C15-42407E685FFA} - C:\WINDOWS\crlh32.dll

O2 - BHO: Class - {4DB64B88-0933-55E1-5343-261A238D2B60} - C:\WINDOWS\ntfk32.dll

O2 - BHO: Class - {4EC3A22A-5434-CC1A-4E91-B9094044E2D6} - C:\WINDOWS\system32\ipmm.dll

O2 - BHO: Class - {4EF173C7-37FB-764C-4EE2-D86CB880FB29} - C:\WINDOWS\sysmy32.dll

O2 - BHO: Class - {4EFEDBE3-55DF-655C-7684-265961EDD697} - C:\WINDOWS\javaci32.dll

O2 - BHO: Class - {4F5D7708-5CE8-F0D7-D1F2-50B7B257B1EF} - C:\WINDOWS\javats.dll

O2 - BHO: Class - {50AA68D1-B792-9F1D-0E5A-E28E5958CC5B} - C:\WINDOWS\system32\mfcse32.dll

O2 - BHO: Class - {50B7CF0C-8AE5-BB42-E622-CE649815FF71} - C:\WINDOWS\system32\atlvo.dll

O2 - BHO: Class - {50D98177-3925-757E-8E92-625565712438} - C:\WINDOWS\d3ce.dll

O2 - BHO: Class - {510C09CC-B06A-EFC8-2E17-38F386848F3E} - C:\WINDOWS\crud32.dll

O2 - BHO: Class - {5169D876-4C97-5087-3456-0DCBB0716BC9} - C:\WINDOWS\iezy32.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Class - {5395C6CC-9119-AA2E-B008-2D31A543B883} - C:\WINDOWS\system32\atlia.dll

O2 - BHO: Class - {539B572E-7B0F-7CC3-9352-C94BF984726F} - C:\WINDOWS\apikl.dll

O2 - BHO: Class - {54255AC2-2B7F-9119-713D-1BFBB01E8BCD} - C:\WINDOWS\nethy.dll

O2 - BHO: Class - {54D0E15D-04E1-F4B0-9D57-9A826010E6AA} - C:\WINDOWS\ipkl.dll

O2 - BHO: Class - {55AC4EE7-4B4F-A677-88EE-C19AD29C7B4D} - C:\WINDOWS\system32\iedk32.dll

O2 - BHO: Class - {55E7FCAD-77C1-35FF-8206-D7405C6CDFAB} - C:\WINDOWS\ippb32.dll

O2 - BHO: Class - {5624FB2A-5E7E-C67B-2C18-0AAF52EEFBB0} - C:\WINDOWS\ipun32.dll

O2 - BHO: Class - {565744A1-C652-BC19-4230-289DA72A989C} - C:\WINDOWS\netur32.dll

O2 - BHO: Class - {572A44A6-4945-DA71-B13F-066F8EC29E66} - C:\WINDOWS\appex.dll

O2 - BHO: Class - {5732A44D-F6D6-76F6-4E92-2027907B8818} - C:\WINDOWS\system32\d3bo.dll

O2 - BHO: Class - {574F5154-24C8-7C08-5A89-1EF0CC0ABB65} - C:\WINDOWS\system32\ntwj.dll

O2 - BHO: Class - {5994FD3E-5FC2-9A72-EE68-06292ACBFC71} - C:\WINDOWS\system32\ntqw32.dll

O2 - BHO: Class - {5BE76740-FD01-49B4-5ABA-AA49D68044EF} - C:\WINDOWS\sdklr.dll

O2 - BHO: Class - {5C145150-DD6C-53BA-84AE-224D696D255B} - C:\WINDOWS\ntej32.dll

O2 - BHO: Class - {5C2283D1-61C9-9337-3709-169AA24C7206} - C:\WINDOWS\system32\sysjx.dll

O2 - BHO: Class - {5C74F9CB-19A6-7A1A-EAF6-EB84A7061D05} - C:\WINDOWS\system32\mfcpy.dll

O2 - BHO: Class - {5E709357-9905-BEDE-6228-649AC8CA2565} - C:\WINDOWS\system32\d3sd32.dll

O2 - BHO: (no name) - {5E7FFA99-C5C0-6BFA-DA44-8A9DB0AE94FD} - (no file)

O2 - BHO: Class - {604368E9-EA0B-0E3E-E1F2-50F1DD1F7690} - C:\WINDOWS\system32\mfcan.dll

O2 - BHO: Class - {610207BA-E8D7-9260-B756-291184C1BFB4} - C:\WINDOWS\ieqy32.dll

O2 - BHO: Class - {61675AEA-0AAC-FB29-2A8B-E712314B4A52} - C:\WINDOWS\system32\msxv.dll

O2 - BHO: Class - {61BB595D-A6B2-4293-216F-8317630E1849} - C:\WINDOWS\system32\crwi.dll

O2 - BHO: Class - {6248255C-2322-395B-0A66-A5455141BD55} - C:\WINDOWS\system32\sdkfe32.dll

O2 - BHO: Class - {628389AE-FDE9-F181-ABB4-DB08BD5345BC} - C:\WINDOWS\d3ph.dll

O2 - BHO: Class - {6292CB7C-CAEA-9541-226F-1C73897C3C39} - C:\WINDOWS\d3ki.dll

O2 - BHO: Class - {629FEEBC-8D1F-BA64-26C3-686D45062880} - C:\WINDOWS\system32\cryp.dll

O2 - BHO: Class - {630B5448-88BA-594C-A5C4-16A53B83F0F9} - C:\WINDOWS\system32\ipqh32.dll

O2 - BHO: Class - {6469535C-868D-78CB-87BD-9BF74E0AEB7A} - C:\WINDOWS\system32\addsz.dll

O2 - BHO: Class - {646D843D-7CDF-78F8-2D9D-391E871C2089} - C:\WINDOWS\iplz.dll

O2 - BHO: Class - {646F2028-8431-3C1F-122B-739B5643F144} - C:\WINDOWS\system32\apptc32.dll

O2 - BHO: Class - {646F6A47-24D0-2033-3709-4F9D79ED6FC9} - C:\WINDOWS\atlqm.dll

O2 - BHO: Class - {64ACBCED-4C70-32ED-5E7C-6D6EFEDA085F} - C:\WINDOWS\mfcvq32.dll

O2 - BHO: Class - {64CA0FC6-5085-C447-8988-25C5AC6CDBBE} - C:\WINDOWS\system32\netuu32.dll

O2 - BHO: Class - {651DA460-C8D1-926D-7E35-8258A39BB7C2} - C:\WINDOWS\atldp32.dll

O2 - BHO: Class - {652D4929-5C76-94A9-0C3D-31460592C199} - C:\WINDOWS\system32\winbk.dll

O2 - BHO: Class - {6565FF3C-2255-1708-8543-85E668E94D6C} - C:\WINDOWS\system32\apimc32.dll

O2 - BHO: Class - {66E7A648-A2D0-B506-715E-8D564D8364C2} - C:\WINDOWS\system32\netma32.dll

O2 - BHO: Class - {6736D543-9459-D61F-8FA7-A53653949C0D} - C:\WINDOWS\netbr32.dll

O2 - BHO: Class - {681772EF-1514-33C7-0408-B8771F24D4CB} - C:\WINDOWS\d3ed.dll

O2 - BHO: Class - {683DA086-8E62-5396-D4EF-2401FF58EB59} - C:\WINDOWS\system32\ipxf.dll

O2 - BHO: Class - {69848259-E5F3-2574-2AEE-41BB1DBD3EAC} - C:\WINDOWS\msap32.dll

O2 - BHO: Class - {69A8069F-CE5E-4765-8040-82403FEC3895} - C:\WINDOWS\system32\netln32.dll

O2 - BHO: Class - {69A989AD-BFBB-9324-846E-194CABCE649B} - C:\WINDOWS\system32\ntob32.dll

O2 - BHO: Class - {69C0535E-8F6B-1482-8F80-DF6B338BFBF8} - C:\WINDOWS\system32\crlw32.dll

O2 - BHO: Class - {6A9A98A4-1733-141A-04B1-536A43E5A00C} - C:\WINDOWS\netdc.dll

O2 - BHO: Class - {6AA3715D-405C-076E-8F16-52A674C871DB} - C:\WINDOWS\system32\addlc32.dll

O2 - BHO: Class - {6AA46007-7E40-353F-4B29-4EB589B6027B} - C:\WINDOWS\ntwi32.dll

O2 - BHO: Class - {6B2E69E2-80CF-0FCD-2529-005B76F6EB87} - C:\WINDOWS\system32\msxa32.dll

O2 - BHO: Class - {6BEF21ED-FE12-619A-B05D-D81A14259340} - C:\WINDOWS\atlax32.dll

O2 - BHO: Class - {6BFB4F8E-42B3-1853-FED2-0CE716BE6757} - C:\WINDOWS\system32\d3by.dll

O2 - BHO: Class - {6D5086FD-B70A-A21D-970A-511772E1A75C} - C:\WINDOWS\creb32.dll

O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysnk.dll

O2 - BHO: Class - {6F3DF768-3C51-2FC4-8417-FD3009EF0F08} - C:\WINDOWS\netpb32.dll

O2 - BHO: Class - {6F80CE58-E9EF-47A6-EE09-D515FF3D4D49} - C:\WINDOWS\sdklh.dll

O2 - BHO: Class - {6F99DB7E-CFDF-18F9-0B84-6D52A771173C} - C:\WINDOWS\system32\sdkie32.dll

O2 - BHO: Class - {6FBFD571-083B-0404-2CF4-4D02FE84655B} - C:\WINDOWS\system32\ntus.dll

O2 - BHO: Class - {70337B1D-11EA-9346-27AA-F77086D05C11} - C:\WINDOWS\syszv32.dll

O2 - BHO: Class - {70B1A180-F009-3014-DEDC-432095A475AF} - C:\WINDOWS\addze32.dll

O2 - BHO: Class - {70B30880-F84D-EE39-FE16-EDB1E1A80F9A} - C:\WINDOWS\system32\iely32.dll

O2 - BHO: Class - {70C06EC5-199D-FEF2-7785-6D008B0AC3BA} - C:\WINDOWS\javaau.dll

O2 - BHO: Class - {7121259F-441E-E13B-61A6-168C5EC38A14} - C:\WINDOWS\system32\iphd.dll

O2 - BHO: Class - {719E6513-D632-2EF9-585A-CBABAA0E69DC} - C:\WINDOWS\cren32.dll

O2 - BHO: Class - {72D633DF-F78E-4CB0-8219-60FA41D1EFE7} - C:\WINDOWS\mskk.dll

O2 - BHO: Class - {72E2A979-EAEA-2FA7-5086-F53AE6460277} - C:\WINDOWS\sdkcu.dll

O2 - BHO: Class - {74573A6C-C0FD-80B4-5489-3A6D60261E63} - C:\WINDOWS\system32\ntqn32.dll

O2 - BHO: Class - {7585E61C-CBB8-8C7F-66E0-1C519B9044FA} - C:\WINDOWS\d3dq32.dll

O2 - BHO: (no name) - {75D05867-E38D-2939-A8D4-F77D51475C5A} - (no file)

O2 - BHO: Class - {78397146-034F-3E67-9127-DD62A91D02AD} - C:\WINDOWS\ipae.dll

O2 - BHO: Class - {79062573-086D-5A0F-D7B9-40FCC3638669} - C:\WINDOWS\system32\iptq32.dll

O2 - BHO: (no name) - {798A3875-F0CF-E2B2-3196-D55E89CDEF04} - (no file)

O2 - BHO: Class - {7B316A9C-6980-991E-D5E2-EDEB4A735241} - C:\WINDOWS\crqw32.dll

O2 - BHO: Class - {7B4CB4A8-D1EF-22A5-DC8A-5D41F0137145} - C:\WINDOWS\netvh.dll

O2 - BHO: Class - {7C3F5115-13B8-F3E5-3A5F-4F6BD2411BED} - C:\WINDOWS\apiui.dll

O2 - BHO: Class - {7C77122B-026F-9791-38EB-B10B289B5B82} - C:\WINDOWS\system32\ipzb.dll

O2 - BHO: Class - {7D8E9033-94CD-739D-8A5B-376572E16A8C} - C:\WINDOWS\system32\appte32.dll

O2 - BHO: Class - {7E1181D1-3C72-2402-8167-9DC0FB9A9570} - C:\WINDOWS\sysmq32.dll

O2 - BHO: Class - {7E138803-B04F-E7FE-F90D-174F78CA6C63} - C:\WINDOWS\apprg32.dll

O2 - BHO: Class - {7FD58EC4-B55E-2A44-DFAB-99005B7E4071} - C:\WINDOWS\crpd32.dll

O2 - BHO: Class - {80E8BCDE-64B0-C3D0-A6E1-0DA0877E6210} - C:\WINDOWS\system32\winxr32.dll

O2 - BHO: Class - {8144B36B-0CAB-4B25-CC47-F48322B3263D} - C:\WINDOWS\apiak32.dll

O2 - BHO: Class - {81D25943-2085-D1C4-2F01-1C9877C3D278} - C:\WINDOWS\system32\sdkog.dll

O2 - BHO: Class - {81D3418A-9625-4C94-1B9D-02B573A0B877} - C:\WINDOWS\system32\mspz32.dll

O2 - BHO: Class - {82288C41-7D9C-ACA6-B1EB-D7DB067AC72B} - C:\WINDOWS\atleh32.dll

O2 - BHO: Class - {8258A0E9-18F6-B253-C69A-64B1F4A6E2C8} - C:\WINDOWS\atlwh.dll

O2 - BHO: Class - {834B70C4-08A7-7082-A675-EFDC4D348484} - C:\WINDOWS\system32\atlfv32.dll

O2 - BHO: Class - {83C08741-7DD6-E1E8-DFFA-D55F3DFD30B7} - C:\WINDOWS\netzy.dll

O2 - BHO: Class - {83EBAF80-FDC9-395C-7F4C-6E85D8F3AEC5} - C:\WINDOWS\system32\mscd32.dll

O2 - BHO: Class - {8455ADD6-2004-47C2-9816-6F3B875B7CE3} - C:\WINDOWS\system32\crex32.dll

O2 - BHO: Class - {84D6A0AA-3EC4-07BA-6550-B79683EEB9B1} - C:\WINDOWS\system32\mswz.dll

O2 - BHO: Class - {867653BB-CBDA-5ADF-86A5-ECF1FB3432E2} - C:\WINDOWS\netuz32.dll

O2 - BHO: Class - {877B5096-0FB9-2632-5448-A94D5150B850} - C:\WINDOWS\system32\ntrn32.dll

O2 - BHO: Class - {877CAAEB-2293-602B-7876-793995AAE631} - C:\WINDOWS\system32\ntfw32.dll

O2 - BHO: Class - {88BBF9A8-1EBB-A896-9EFB-F2292B0737CF} - C:\WINDOWS\system32\netsv.dll

O2 - BHO: Class - {8A98241B-FE20-D008-805C-5BC0B7C14266} - C:\WINDOWS\system32\mfchp.dll

O2 - BHO: Class - {8B82102E-F491-66D2-F758-5BB004FEE44C} - C:\WINDOWS\windd.dll

O2 - BHO: Class - {8B9B410F-0A67-22CE-3941-CB77C211A4A9} - C:\WINDOWS\javabp32.dll

O2 - BHO: Class - {8C6233B9-0AC4-7DAC-AEB8-897EA23435DD} - C:\WINDOWS\ntzc.dll

O2 - BHO: Class - {8C70ABA6-D9B7-D043-9FBD-C653704D8236} - C:\WINDOWS\system32\ipdw.dll

O2 - BHO: Class - {8C70E5C4-7966-C457-B59B-A255A3E7EFBC} - C:\WINDOWS\system32\sysoy32.dll

O2 - BHO: Class - {8D0585C2-7837-436E-A1A5-25C507937285} - C:\WINDOWS\appwj.dll

O2 - BHO: Class - {8D1BAA26-F985-1788-3C2F-DBED986F74EE} - C:\WINDOWS\system32\winju32.dll

O2 - BHO: Class - {8ECE1E98-E8BF-1F28-C6BE-4B4F73514849} - C:\WINDOWS\winlt.dll

O2 - BHO: Class - {8F25C446-FCA0-E176-9876-4060D9B1BE10} - C:\WINDOWS\javatw.dll

O2 - BHO: Class - {8F25DEB8-3391-C994-0370-06E9127B615A} - C:\WINDOWS\system32\addrw32.dll

O2 - BHO: Class - {8F847879-40F7-B232-AEC5-D3214B36C965} - C:\WINDOWS\addeq32.dll

O2 - BHO: Class - {8F9CE5C4-7A8B-60FC-A8C2-8E61BD61D4BF} - C:\WINDOWS\mfcnj.dll

O2 - BHO: Class - {91EF62AC-1515-4102-869D-7CF17FBD48DC} - C:\WINDOWS\atliw32.dll

O2 - BHO: Class - {91F6D3FF-75DE-A3F4-BDDB-CEAB798A115F} - C:\WINDOWS\system32\winms.dll

O2 - BHO: Class - {927DD87A-66BA-9B9F-0879-783B761C8F50} - C:\WINDOWS\atlum32.dll

O2 - BHO: Class - {92B633A3-0AC2-646E-E2D7-D9D8DFA4C0CD} - C:\WINDOWS\iejh32.dll

O2 - BHO: Class - {92D83A26-147B-6F87-83E4-B271371785C1} - C:\WINDOWS\appkd32.dll

O2 - BHO: Class - {934022E3-4A67-7059-D032-46007A715210} - C:\WINDOWS\system32\mfces.dll

O2 - BHO: Class - {9347DCAE-D4C8-BCF3-AEE9-E2B1A1821BA8} - C:\WINDOWS\atlym.dll

O2 - BHO: Class - {937347AF-8267-7B4F-C2FD-7C75B9DE0881} - C:\WINDOWS\system32\apimb32.dll

O2 - BHO: Class - {94B07238-5DA7-46C7-3E9F-22E42CC1710A} - C:\WINDOWS\netpm.dll

O2 - BHO: Class - {964821EA-9370-D325-A9C3-9A9AC811F826} - C:\WINDOWS\system32\javaep.dll

O2 - BHO: Class - {964E2124-4EFC-8478-D558-FA3F46CA1604} - C:\WINDOWS\iebb32.dll

O2 - BHO: Class - {988C6476-5EA2-E122-57CE-2E4F86D27B58} - C:\WINDOWS\msgc.dll

O2 - BHO: Class - {9901B510-5371-56AC-A511-EFC399359401} - C:\WINDOWS\crit.dll

O2 - BHO: Class - {99E674B1-BD1C-9AB8-9C0E-C4FB2608BBD6} - C:\WINDOWS\atlzo32.dll

O2 - BHO: Class - {9AC98B09-E932-6B01-C983-A8AF24A16D40} - C:\WINDOWS\winzn.dll

O2 - BHO: Class - {9B02CB83-DCD2-2DB6-02DC-2D81D1BE1FE7} - C:\WINDOWS\d3mv32.dll

O2 - BHO: Class - {9C0B1C11-4B55-F4A7-0E89-A3C089B28991} - C:\WINDOWS\ipmu32.dll

O2 - BHO: Class - {9C53B9C2-DA43-9FE8-1CA5-21E8B34F522A} - C:\WINDOWS\system32\ipxp.dll

O2 - BHO: Class - {9DE2FBCC-AD05-1958-B77D-913F493B121A} - C:\WINDOWS\system32\netdu32.dll

O2 - BHO: Class - {9E6480CF-41D5-ADA6-566E-13AE9287A0CD} - C:\WINDOWS\system32\sdkeh.dll

O2 - BHO: Class - {9F8C6736-431A-A80F-7DB3-0D6C8BBD7EA1} - C:\WINDOWS\system32\netxx32.dll

O2 - BHO: Class - {A02E347F-8BF6-310A-944E-8F4FF9AA318A} - C:\WINDOWS\system32\iefm32.dll

O2 - BHO: Class - {A083F83A-C389-3B89-28F2-94347C2D6EF2} - C:\WINDOWS\system32\javayu.dll

O2 - BHO: Class - {A23E343E-58A3-FFA8-2F95-0FE8774232D1} - C:\WINDOWS\javaen32.dll

O2 - BHO: Class - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - C:\WINDOWS\atlki32.dll

O2 - BHO: Class - {A3D347B5-8D22-1E55-4D3E-C94C91F76762} - C:\WINDOWS\apikr32.dll

O2 - BHO: Class - {A40E210D-44F7-33DE-2D6C-292A6520AB82} - C:\WINDOWS\winpr32.dll

O2 - BHO: Class - {A5181EB4-FBCD-5B6F-4454-F9FEB6BD85FB} - C:\WINDOWS\system32\ntaj32.dll

O2 - BHO: Class - {A5363EEA-80FF-2D9D-B95C-136303CBE2E5} - C:\WINDOWS\system32\iphv.dll

O2 - BHO: Class - {A68F3DFF-6D4F-704D-DF3C-C62590315208} - C:\WINDOWS\system32\sysys.dll

O2 - BHO: Class - {A743397C-15FF-B350-E883-BF7404029D99} - C:\WINDOWS\system32\nttq32.dll

O2 - BHO: Class - {A7595DD0-954D-787A-73FC-769C95DF9F01} - C:\WINDOWS\system32\addwv32.dll

O2 - BHO: Class - {A7686D30-B576-3F3B-6990-2E06EB868F7B} - C:\WINDOWS\appgk.dll

O2 - BHO: Class - {A87070C2-BB4F-55A2-5375-ABE4322DA8C3} - C:\WINDOWS\system32\d3vg.dll

O2 - BHO: Class - {A8F6AA45-4788-6802-0A8B-624FBA5DC8CA} - C:\WINDOWS\system32\syshk32.dll

O2 - BHO: Class - {A9593486-C5F0-338D-36D5-AEC2E367709D} - C:\WINDOWS\nethd32.dll

O2 - BHO: Class - {A98BEA99-7B4B-FA3E-03F1-10C3D1AE7212} - C:\WINDOWS\system32\winuk.dll

O2 - BHO: Class - {AA0B70B4-0585-98FF-591D-792B7C365368} - C:\WINDOWS\mfcqb32.dll

O2 - BHO: Class - {AA3DBC87-F177-8D58-138B-069152EFDEAC} - C:\WINDOWS\system32\sysot32.dll

O2 - BHO: Class - {AA6F9854-E7A9-2FA2-2605-600B5705C69D} - C:\WINDOWS\ipsb32.dll

O2 - BHO: Class - {AAF322C0-53A3-24FC-C5E6-B062F9D982F9} - C:\WINDOWS\mfcma32.dll

O2 - BHO: Class - {ABD7967C-3F51-655C-C22D-34A94C9679EE} - C:\WINDOWS\system32\javacr.dll

O2 - BHO: Class - {AC2D8F55-4AC6-20AE-E0C0-B85403479114} - C:\WINDOWS\addzs.dll

O2 - BHO: Class - {ADCD2861-F951-CBB0-CD36-3C98A6A42196} - C:\WINDOWS\system32\winil32.dll

O2 - BHO: Class - {AE845430-3B50-352F-A6D3-21174EDCA037} - C:\WINDOWS\system32\javaix.dll

O2 - BHO: Class - {AE9AEB8F-0E7F-D767-F3C7-AF22C0FBA643} - C:\WINDOWS\atleu32.dll

O2 - BHO: Class - {AEE963C3-B79E-B7F1-4CBF-657FECF4CE92} - C:\WINDOWS\system32\appin.dll

O2 - BHO: Class - {AF21BBF6-248D-FEC6-977C-E433AC049B4A} - C:\WINDOWS\system32\addkd.dll

O2 - BHO: Class - {AF24C0CC-264C-C2F6-6BBC-FF4A88C674D6} - C:\WINDOWS\atlmo.dll

O2 - BHO: Class - {AF9E4499-5741-2FA8-A50F-64532BF9D788} - C:\WINDOWS\mshz.dll

O2 - BHO: Class - {B064CDCC-4563-66B0-0A96-37CF520ADED6} - C:\WINDOWS\system32\winwo32.dll

O2 - BHO: Class - {B0957B29-6605-0ACF-0683-0B29FEADFBE3} - C:\WINDOWS\system32\sysds.dll

O2 - BHO: Class - {B0FD6320-27E9-F236-D46C-1DBD5BB05BC1} - C:\WINDOWS\system32\apipi.dll

O2 - BHO: Class - {B264D484-9FD0-1008-BB3F-897E9586D92D} - C:\WINDOWS\system32\appvv.dll

O2 - BHO: Class - {B2D696D0-91BB-1E7F-44BB-A44FB1038DDF} - C:\WINDOWS\sdkio.dll

O2 - BHO: Class - {B31A4C19-741A-B567-F0E0-A2C7CDED6BD1} - C:\WINDOWS\system32\mfcjp32.dll

O2 - BHO: Class - {B3203551-0B4E-FCF6-9876-7B853EEBCC3F} - C:\WINDOWS\mfcdy.dll

O2 - BHO: Class - {B4C91D4F-8735-A88D-E8BE-4D168226F78A} - C:\WINDOWS\system32\d3rf32.dll

O2 - BHO: Class - {B5280A99-D3D1-117F-31CD-AB87AE880429} - C:\WINDOWS\crky.dll

O2 - BHO: Class - {B538BB10-3165-F984-CC16-9066CAB6B092} - C:\WINDOWS\netsn.dll

O2 - BHO: Class - {B58B9B1C-55D9-1746-5D04-4AD3FEBB33BE} - C:\WINDOWS\system32\netvf32.dll

O2 - BHO: Class - {B66EAEC2-2CE6-1697-9346-9B1E60E39650} - C:\WINDOWS\system32\msav.dll

O2 - BHO: Class - {B75BCD02-ABA7-9B5A-4478-A8AD97904CAC} - C:\WINDOWS\addnh32.dll

O2 - BHO: Class - {B796461E-A644-4E39-1933-D7EA1A81BA8E} - C:\WINDOWS\mfcmc.dll

O2 - BHO: Class - {B7C5F0FA-A733-E146-85CE-933DC6846D60} - C:\WINDOWS\ieij32.dll

O2 - BHO: Class - {B825595B-2058-BCA4-1A37-31A9B58CD033} - C:\WINDOWS\system32\winsp32.dll

O2 - BHO: Class - {B877A895-E66D-9B51-2A5E-B2821E0C16B0} - C:\WINDOWS\atlrd32.dll

O2 - BHO: Class - {B89B5A4B-A477-CC8D-A74D-8A1989AEEB9C} - C:\WINDOWS\system32\sysjf.dll

O2 - BHO: Class - {B9E4D006-7A30-6772-18E7-A2C7B4E14473} - C:\WINDOWS\javads.dll

O2 - BHO: Class - {B9FBC1A6-6B9A-7B6E-DE5D-CCFDD33AD068} - C:\WINDOWS\system32\appfl.dll

O2 - BHO: Class - {B9FBCC0E-658E-7FF9-97B0-FE0DA15F0299} - C:\WINDOWS\system32\mfcin32.dll

O2 - BHO: Class - {BB007F00-66B3-C207-453B-7CE8EDD79624} - C:\WINDOWS\sysqr32.dll

O2 - BHO: Class - {BB48572C-295E-5F17-1B6B-3589DA7CAB9B} - C:\WINDOWS\system32\sysox32.dll

O2 - BHO: Class - {BB5A0FC4-FCAF-FA07-2E59-B4F763DA2F07} - C:\WINDOWS\system32\sdkwd.dll

O2 - BHO: Class - {BBF5E38D-037F-77FE-1BD4-D0175630EF03} - C:\WINDOWS\apitm.dll

O2 - BHO: Class - {BC92A8D6-EC15-3C14-13BB-52BEF3DFBFA6} - C:\WINDOWS\mswg32.dll

O2 - BHO: Class - {BCC63AE6-D49C-A710-E427-27B59630AB82} - C:\WINDOWS\netbv32.dll

O2 - BHO: (no name) - {BD9FC8CA-2B4C-538D-74D9-3F302EFCBC86} - (no file)

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: Class - {BE086B08-211D-FFA7-7138-00EA0ABD2480} - C:\WINDOWS\system32\addfo.dll

O2 - BHO: Class - {BE109F8B-9C0D-8B9B-9B55-F31A546042B6} - C:\WINDOWS\winoo.dll

O2 - BHO: Class - {BE14A955-DD6C-A165-6A81-393FF536A2E2} - C:\WINDOWS\system32\ntbj.dll

O2 - BHO: Class - {BFA7FB09-7AC3-95E9-2881-B1966F738029} - C:\WINDOWS\winon32.dll

O2 - BHO: Class - {BFAA3D4F-3121-6765-035E-63AE94A824A9} - C:\WINDOWS\msnr32.dll

O2 - BHO: Class - {C2CC1826-44AA-2597-F243-7FEE13F6D54D} - C:\WINDOWS\system32\sdkrd.dll

O2 - BHO: Class - {C35E61AF-D4CC-C616-D8F0-C6D3B83A1702} - C:\WINDOWS\ntau.dll

O2 - BHO: Class - {C388D48F-0D9E-D287-957F-C50854563DE8} - C:\WINDOWS\netxm.dll

O2 - BHO: Class - {C3F84830-18F3-1D3D-C769-86D58A213F17} - C:\WINDOWS\apphd32.dll

O2 - BHO: Class - {C47E6517-9FEE-B27A-3EA8-BB572B11D25B} - C:\WINDOWS\system32\iehy.dll

O2 - BHO: Class - {C5E8FB41-08A4-948D-D9CA-321F51984943} - C:\WINDOWS\system32\apipr32.dll

O2 - BHO: Class - {C680FC92-CC8D-3933-941C-DB2ADEAD27D8} - C:\WINDOWS\javasi.dll

O2 - BHO: Class - {C682057F-E371-B29A-848C-7D9B32E2DD9C} - C:\WINDOWS\system32\appkm.dll

O2 - BHO: Class - {C6A53716-4EDC-CC43-99E1-9DBC615B7F1D} - C:\WINDOWS\system32\ntvd32.dll

O2 - BHO: Class - {C71388B9-CAAF-E409-BCE8-33736697C205} - C:\WINDOWS\appyu32.dll

O2 - BHO: Class - {C7B0E086-75CE-E71D-0DDA-51166A3A3D0F} - C:\WINDOWS\system32\mfced32.dll

O2 - BHO: Class - {C8F47880-52EF-4AA6-8D33-E43E9369AC13} - C:\WINDOWS\system32\ieui.dll

O2 - BHO: Class - {C91C2B34-D631-75C3-CD74-32FA1B2B0372} - C:\WINDOWS\system32\addyr32.dll

O2 - BHO: Class - {CA212655-5E8E-FD47-2580-32B04CA0E0B7} - C:\WINDOWS\d3qn.dll

O2 - BHO: Class - {CA9321F5-9849-30AD-6D1F-008B13CFD1D4} - C:\WINDOWS\ipdd.dll

O2 - BHO: Class - {CAEBAB9D-5B6A-D04D-3DF1-1992B30E11BB} - C:\WINDOWS\system32\applx.dll

O2 - BHO: Class - {CBAF5FF2-257D-3BA9-7FC4-8176A9916FCD} - C:\WINDOWS\d3vx.dll

O2 - BHO: Class - {CBBEC243-B125-F6CB-20B6-4A6446E07C07} - C:\WINDOWS\msci32.dll

O2 - BHO: Class - {CBCAC426-4AC6-B6CA-5FEB-39407E41AE7C} - C:\WINDOWS\ieue32.dll

O2 - BHO: Class - {CBD77B3F-8090-DD29-E058-34289DE3949A} - C:\WINDOWS\msbu32.dll

O2 - BHO: Class - {CC2E5D02-E711-BE07-3647-61D1BB49E8ED} - C:\WINDOWS\atlcx32.dll

O2 - BHO: Class - {CC67C393-741E-9B61-DB09-E37FD3F55B9B} - C:\WINDOWS\system32\ntxt32.dll

O2 - BHO: Class - {CC8F52DA-21F1-1A00-1DF7-6E14B89A961B} - C:\WINDOWS\system32\apito32.dll

O2 - BHO: Class - {CDB321C3-65E6-FD4B-0966-70348178E22A} - C:\WINDOWS\system32\appty32.dll

O2 - BHO: Class - {CDCF6DC4-9E36-A15E-5E68-4B01DC737125} - C:\WINDOWS\system32\winys.dll

O2 - BHO: Class - {CE4EFCA5-BE39-72B1-86A3-43F1C9A037D4} - C:\WINDOWS\msup.dll

O2 - BHO: Class - {CE7A710F-55BC-4498-742A-FEB5AF0058EF} - C:\WINDOWS\system32\crab32.dll

O2 - BHO: Class - {CE7F55BB-9429-AC8A-D9FC-39604EE56230} - C:\WINDOWS\ipql32.dll

O2 - BHO: Class - {CF3F3E61-9595-B4D3-EC0A-2911D33AF9CA} - C:\WINDOWS\netwx.dll

O2 - BHO: Class - {CFBA6A8B-141A-EFF7-2284-53A16D783BE4} - C:\WINDOWS\system32\d3pj32.dll

O2 - BHO: Class - {CFC2CF30-BAD3-6B1F-4A72-6F6A8D1F61C6} - C:\WINDOWS\crqs32.dll

O2 - BHO: Class - {D010E2E2-A168-789D-9E57-563AC50A66D0} - C:\WINDOWS\ntlb32.dll

O2 - BHO: Class - {D1B08BEF-61F3-13A0-6BCC-CB7E58770653} - C:\WINDOWS\netrz32.dll

O2 - BHO: Class - {D1DC71DB-95AD-1742-1B05-0653ADF80398} - C:\WINDOWS\sdkcf.dll

O2 - BHO: Class - {D1F50E66-9069-E055-C419-5AF69B876F46} - C:\WINDOWS\system32\apicr32.dll

O2 - BHO: Class - {D24C63AD-A963-E031-6313-22AD11D24EF1} - C:\WINDOWS\system32\ipgy32.dll

O2 - BHO: Class - {D4CB4CF2-3A32-88F6-F529-198F1CBBD1A6} - C:\WINDOWS\javamp.dll

O2 - BHO: Class - {D61D1D35-032C-D543-DA97-C2A2B06597AC} - C:\WINDOWS\system32\sdkto.dll

O2 - BHO: Class - {D7C24EDA-2656-4823-DC8B-F199CF3E738A} - C:\WINDOWS\system32\d3bg.dll

O2 - BHO: Class - {D8017933-B2A5-8733-0290-960149CE4D0D} - C:\WINDOWS\mfclh32.dll

O2 - BHO: Class - {D822CDEB-8143-2AA7-E4BB-E2055B7F4CCF} - C:\WINDOWS\system32\ipid32.dll

O2 - BHO: Class - {D824CB60-CF53-9F73-1BD8-6286E09FCF52} - C:\WINDOWS\system32\atlpl32.dll

O2 - BHO: Class - {D878BBC9-1D4B-1169-6016-5902B7CCFC40} - C:\WINDOWS\system32\sysjl.dll

O2 - BHO: Class - {D8F83F56-26F9-C667-A9AA-64C24DF449D6} - C:\WINDOWS\system32\ipql.dll

O2 - BHO: Class - {D9E4FCE9-DD60-AD26-B07D-BFB00720C50B} - C:\WINDOWS\system32\ipsr32.dll

O2 - BHO: Class - {D9F1ED10-B3DA-B8A9-67B7-86AA485C18AF} - C:\WINDOWS\system32\crkw.dll

O2 - BHO: Class - {DA50B851-33CA-06EB-529C-7E0AD96F9CAC} - C:\WINDOWS\atlbn.dll

O2 - BHO: Class - {DA69B6C4-9CB8-E5E8-026E-66C0112155F6} - C:\WINDOWS\system32\neton.dll

O2 - BHO: Class - {DABFBD59-CC8B-0E4D-60D9-8C44B013EAEF} - C:\WINDOWS\system32\addkn32.dll

O2 - BHO: Class - {DBD77B54-39C0-3D05-7A8D-1B1016FA7380} - C:\WINDOWS\system32\ieoh32.dll

O2 - BHO: Class - {DC0E40FD-D633-7594-A016-624F4172C934} - C:\WINDOWS\javaku.dll

O2 - BHO: Class - {DC42B4BF-AEBD-5A1A-288E-435E8D572F2A} - C:\WINDOWS\system32\syszz32.dll

O2 - BHO: Class - {DCA24E10-9BF9-9CE6-DD3F-572B605B86BB} - C:\WINDOWS\system32\atlac32.dll

O2 - BHO: Class - {DD27625A-DB28-F315-0405-729F194BD480} - C:\WINDOWS\system32\javati32.dll

O2 - BHO: Class - {DD499CA0-63C5-BE6B-7B26-F81AF2321007} - C:\WINDOWS\system32\atlqn.dll

O2 - BHO: Class - {DD4E4285-FC77-25C4-758D-88C44D92F004} - C:\WINDOWS\ntew32.dll

O2 - BHO: Class - {DD57FEDD-5FE0-0AED-E965-E1FF1402070E} - C:\WINDOWS\system32\crce.dll

O2 - BHO: Class - {DD7C6A5A-CDEA-97AD-3B53-18A2321EE6F6} - C:\WINDOWS\criu32.dll

O2 - BHO: Class - {DE3AE878-C016-F46D-089A-80B24A7316D7} - C:\WINDOWS\system32\addpv32.dll

O2 - BHO: Class - {DE9E19CF-4511-CFDF-5432-EABB6602A7D8} - C:\WINDOWS\system32\ipiq32.dll

O2 - BHO: Class - {DED9B197-A97B-8EB4-D4C0-1E70C2D3CFF5} - C:\WINDOWS\system32\sysfd32.dll

O2 - BHO: Class - {DF668E96-27EB-767C-CDC7-40ADB11675F2} - C:\WINDOWS\system32\iehr.dll

O2 - BHO: Class - {DFD60C9F-2B34-B4BD-B915-227AB606A962} - C:\WINDOWS\ntrk.dll

O2 - BHO: Class - {E04B2E72-AF5D-42B4-27C2-1DFBEB4A9650} - C:\WINDOWS\ipad.dll

O2 - BHO: Class - {E04CC398-6D86-A823-890A-29F8D27B4B0A} - C:\WINDOWS\netod32.dll

O2 - BHO: Class - {E07D9064-AD32-E4F4-6A8B-A5DBD4D56770} - C:\WINDOWS\system32\javain32.dll

O2 - BHO: Class - {E0B3C0A8-3E9A-3AAB-F740-EFF74FBA6985} - C:\WINDOWS\ipkd32.dll

O2 - BHO: Class - {E14797E4-9E5E-0402-9342-8ED990B9E13F} - C:\WINDOWS\system32\mfcnw32.dll

O2 - BHO: Class - {E15E1E91-0FD3-9AEB-0959-00933AADA0C4} - C:\WINDOWS\system32\addqf32.dll

O2 - BHO: Class - {E16A73BF-9FF9-43CE-8578-8DF8D3508388} - C:\WINDOWS\system32\sdkax32.dll

O2 - BHO: Class - {E2440651-7FE0-4276-6917-766C9FA742A6} - C:\WINDOWS\system32\sdkon32.dll

O2 - BHO: Class - {E2E6C0E2-FA3A-8992-181C-3BA9E7ED6D56} - C:\WINDOWS\mfcqi32.dll

O2 - BHO: Class - {E2F0712F-9E43-CF54-86D0-C0E27572FBE1} - C:\WINDOWS\system32\crvu32.dll

O2 - BHO: Class - {E44D3492-E63F-A52F-8235-06D2B331C92A} - C:\WINDOWS\system32\appnb32.dll

O2 - BHO: Class - {E558C92A-26ED-983A-0F8B-64C91ED05AE9} - C:\WINDOWS\javadc.dll

O2 - BHO: Class - {E57CF4E2-608E-1F55-6A8B-10D3B7AD07E2} - C:\WINDOWS\system32\sysre32.dll

O2 - BHO: Class - {E58BBC7E-7207-D1BE-CE98-6CC37B27883D} - C:\WINDOWS\system32\d3cj32.dll

O2 - BHO: Class - {E5AC69B4-006E-2FF7-BB25-3C43062AD4EF} - C:\WINDOWS\mfczj32.dll

O2 - BHO: Class - {E5F0C91D-B125-C770-69FE-FB3428702538} - C:\WINDOWS\system32\sysnv.dll

O2 - BHO: Class - {E60D7284-3090-534F-5C3A-08BCBA772F9C} - C:\WINDOWS\system32\netld.dll

O2 - BHO: Class - {E616513A-40E1-2657-5238-EAF908483D9A} - C:\WINDOWS\system32\sysim32.dll

O2 - BHO: Class - {E686FA0B-6D47-10E4-FC7D-A620410395A5} - C:\WINDOWS\system32\mfcjs.dll

O2 - BHO: Class - {E85DB2A8-73A7-0E64-0B9F-3B3DF072FE21} - C:\WINDOWS\system32\sysum32.dll

O2 - BHO: Class - {E8B2A684-D6D8-C5EA-F174-952A69CDEAD1} - C:\WINDOWS\system32\apidg.dll

O2 - BHO: Class - {EA197903-5454-DCA0-1431-906504E5199D} - C:\WINDOWS\system32\msjw32.dll

O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - C:\WINDOWS\ntrz32.dll

O2 - BHO: Class - {EB3F1F3A-312D-1F0B-BE12-33935E41A208} - C:\WINDOWS\system32\atlnq32.dll

O2 - BHO: Class - {EB53464A-65A2-9AA0-C376-11ADD5428232} - C:\WINDOWS\appeb.dll

O2 - BHO: Class - {EB619721-7FA1-13F4-FCC7-F7910CF00AC8} - C:\WINDOWS\system32\addaj32.dll

O2 - BHO: Class - {EB6F84A8-01F1-4D7E-CBCE-4B02B1BB0094} - C:\WINDOWS\system32\nthz32.dll

O2 - BHO: Class - {EB875E59-D1A2-BEDD-B6E0-01204A789601} - C:\WINDOWS\system32\crko32.dll

O2 - BHO: Class - {EBA74261-7CAA-F270-26F4-4E2A669761D1} - C:\WINDOWS\ntne.dll

O2 - BHO: Class - {EBB58D88-B4D1-648E-CB8F-D10EF01B83E5} - C:\WINDOWS\system32\addhm.dll

O2 - BHO: Class - {EC0BF822-7720-175B-2901-9FA68F761D30} - C:\WINDOWS\d3op.dll

O2 - BHO: Class - {EDD6C5EA-5F3E-7B1D-A3D0-9E3A169E6444} - C:\WINDOWS\systb.dll (file missing)

O2 - BHO: Class - {EF4B1BBF-9691-E915-81F6-F75B7DD313AA} - C:\WINDOWS\ieva32.dll

O2 - BHO: Class - {EF56697C-5109-5395-6FE2-E92AAFF48176} - C:\WINDOWS\mfcwk32.dll

O2 - BHO: Class - {EFD32CB9-039B-2B11-A357-D6D56A398537} - C:\WINDOWS\appqz32.dll

O2 - BHO: Class - {EFD4E5E6-F6FA-35B8-21D0-795BD90D0719} - C:\WINDOWS\javakd32.dll

O2 - BHO: Class - {EFEBB260-C21E-967D-CA15-0C1770C3C5C5} - C:\WINDOWS\mfcsd.dll

O2 - BHO: Class - {F1895589-F7BC-679C-6B28-F8543FF20375} - C:\WINDOWS\d3lq32.dll

O2 - BHO: Class - {F1EB7ABF-6A20-18CA-0717-32A5D07D7B75} - C:\WINDOWS\appap32.dll

O2 - BHO: Class - {F20341B7-4D4B-5B61-38C8-74F9630B49F0} - C:\WINDOWS\system32\winkc32.dll

O2 - BHO: Class - {F20ED84C-D847-D6C7-F794-2ED9DCB4B4D1} - C:\WINDOWS\javapa.dll

O2 - BHO: Class - {F3A0E4F7-5A26-16D7-F285-82AF755C81E0} - C:\WINDOWS\system32\netjj32.dll

O2 - BHO: Class - {F3E960E4-F8DE-2718-D510-335C5E2FEB9F} - C:\WINDOWS\d3zu32.dll

O2 - BHO: Class - {F45672AA-5BCB-168F-8F4C-4B17FD2623E8} - C:\WINDOWS\msmf.dll

O2 - BHO: Class - {F46FA47B-6291-D27B-D125-BCEEBB49E346} - C:\WINDOWS\ierw.dll

O2 - BHO: Class - {F4A41C9A-A713-9C96-601E-1966003429F8} - C:\WINDOWS\addiu.dll

O2 - BHO: Class - {F52A683D-86BC-5DC9-8231-5370AB157678} - C:\WINDOWS\system32\ipti.dll

O2 - BHO: Class - {F5593432-5366-0A96-4CF5-94D4D166B10C} - C:\WINDOWS\system32\d3wz.dll

O2 - BHO: Class - {F62510CB-ED83-E3EF-9E28-73519F1B7A0C} - C:\WINDOWS\d3ft32.dll

O2 - BHO: Class - {F69AC43F-54FB-0910-EFEE-6455168C3713} - C:\WINDOWS\ipxm.dll

O2 - BHO: Class - {F6CB920B-A4A6-46E0-C07F-F02819E65389} - C:\WINDOWS\winka32.dll

O2 - BHO: Class - {F6F49380-F6BB-3D04-920B-C960D86C67BC} - C:\WINDOWS\addve32.dll

O2 - BHO: Class - {F72B1F16-5DA1-0CE7-8A46-761D0FBCADC7} - C:\WINDOWS\system32\netpz32.dll

O2 - BHO: Class - {F74D5213-8A18-F9CF-E487-AA203A37CEB8} - C:\WINDOWS\system32\addwf.dll

O2 - BHO: Class - {F822BF6C-BD82-883D-1146-288575F3091D} - C:\WINDOWS\system32\winiw.dll

O2 - BHO: Class - {F82406AA-AA26-0FEF-2943-600622AB7AB5} - C:\WINDOWS\iesd.dll

O2 - BHO: Class - {F8F78A55-0101-C0E3-D286-3EADE0CB6313} - C:\WINDOWS\addgz32.dll

O2 - BHO: Class - {F9D982F9-B035-9FE7-9252-71E960E1F3E5} - C:\WINDOWS\system32\neteq.dll

O2 - BHO: Class - {FAA44DA8-BC87-EAF8-DE08-0B6C7CABB256} - C:\WINDOWS\sdkuv.dll

O2 - BHO: Class - {FB9C0E2C-9054-C0EA-4D57-F9CCE6487636} - C:\WINDOWS\system32\ipau.dll

O2 - BHO: Class - {FBC1B2FF-838B-6257-27F0-2FD318F49B54} - C:\WINDOWS\system32\appwg.dll

O2 - BHO: Class - {FBF77D9B-CA17-A517-257C-C38A16C5AD4F} - C:\WINDOWS\mfcae32.dll

O2 - BHO: Class - {FC5F4FD2-9814-9658-709F-821EB79F97AB} - C:\WINDOWS\javatk.dll

O2 - BHO: Class - {FC69783B-05C2-F77D-6E0B-9055DEF49D6C} - C:\WINDOWS\system32\sysef32.dll

O2 - BHO: Class - {FC72CC24-F754-BD19-FD0E-852C1775E57D} - C:\WINDOWS\system32\netox32.dll

O2 - BHO: Class - {FC933F3B-F61C-174E-C6CD-8A9A8ECDD4A8} - C:\WINDOWS\winrc.dll

O2 - BHO: Class - {FD33DF99-7965-02B4-4056-996478BCDA14} - C:\WINDOWS\ntfp.dll

O2 - BHO: (no name) - {FD4A74BF-5712-24E2-4DA7-6711D4FD291B} - (no file)

O2 - BHO: Class - {FE3D33D0-958B-2C94-A4A8-DB4A4566ED06} - C:\WINDOWS\system32\ieto32.dll

O2 - BHO: Class - {FF3F0D99-BB3D-8567-11A3-BD77E0658DEA} - C:\WINDOWS\atlze32.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [winwx.exe] C:\WINDOWS\system32\winwx.exe

O4 - HKLM\..\Run: [ntge.exe] C:\WINDOWS\ntge.exe

O4 - HKLM\..\Run: [d3az.exe] C:\WINDOWS\system32\d3az.exe

O4 - HKLM\..\RunOnce: [ieab32.exe] C:\WINDOWS\system32\ieab32.exe

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll

O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab'>http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Link to post
Share on other sites

And also post ANY sort of log that was generated by AB if there is one..look in the AboutBuster folder.

i took a screen shot of what ihave and what it does.

it does appear to be version 6 as i dl'd this 2-3 days ago,but anyways this is what came up as i did the scan again..looks like where getting somewhere on this pesky cws garbage...thanks guys

i hope i did this right...im no good at doin the stuff u tell me to do but im tryin post-120-1138142533_thumb.jpg

please tell me if i didnt do it right(i think i did).

i hope this it what ur looking for

post-120-1138142533_thumb.jpg

Link to post
Share on other sites

ok jw....heres my current log as u requested...thanks for any help u can give.

i saw somewhere,where folks can donate.(i cant find it now...of course)can you let me know where/how i can get back to this button/place..more to the point a physical place where i can mail a check or money order due to the fact that i really dont want to do any money type transactions on the computer(still dont trust them for security reasons)...i will definitly donate some fundage towards u guys in ur efforts towards fixing this stupid cws crap..again,your help is greatly appreciated---i cant tell how much..

hardracer

Logfile of HijackThis v1.99.1

Scan saved at 10:46:41 PM, on 1/27/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\system32\winwx.exe

C:\WINDOWS\System32\ctfmon.exe

C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

C:\Program Files\EarthLink TotalAccess\TaskPanl.exe

C:\WINDOWS\system32\ieab32.exe

C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe

C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe

c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\MSN\MSNCoreFiles\msn.exe

C:\WINDOWS\System32\rsvp.exe

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchv.com/search.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049

R3 - Default URLSearchHook is missing

O2 - BHO: Class - {014A827D-E04B-4100-86CC-AA5FBCB8F577} - C:\WINDOWS\system32\ntoz.dll

O2 - BHO: Class - {0291E910-8D54-4FA6-C81D-D18ED280B289} - C:\WINDOWS\apius32.dll

O2 - BHO: Class - {04D536A8-BE6C-6283-AD25-18CADEF98984} - C:\WINDOWS\sysdw32.dll

O2 - BHO: Class - {058C9936-6D60-53AB-C6A6-BABA8EDE5F00} - C:\WINDOWS\system32\winnh.dll

O2 - BHO: Class - {05F3C50C-D53F-D6BC-9065-2ABB3092A8D0} - C:\WINDOWS\ipsd.dll

O2 - BHO: Class - {05F3F3D2-8BFA-C735-FCDF-D4BD8418D325} - C:\WINDOWS\wincd32.dll

O2 - BHO: Class - {06197E31-50B6-4043-D6C9-8E70AAB849E5} - C:\WINDOWS\system32\windh.dll

O2 - BHO: Class - {065A3DF4-4253-B880-16A3-75DA427DD453} - C:\WINDOWS\wintz.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Class - {07AC6A37-E15F-F543-A739-15DB1285B61A} - C:\WINDOWS\system32\mstv.dll

O2 - BHO: Class - {07D83F1A-3A3D-EF25-F957-DCA0DCC72ABC} - C:\WINDOWS\sdkss32.dll

O2 - BHO: Class - {07E2FBBF-C64A-1972-227E-82FA4861EB78} - C:\WINDOWS\apias.dll

O2 - BHO: Class - {07E66B38-1367-7DC0-FD3C-CA1BFBA6BCC7} - C:\WINDOWS\system32\atlyd.dll

O2 - BHO: Class - {083A00C1-8BB2-5BD6-D3E8-27ADF3D597CA} - C:\WINDOWS\msmk.dll

O2 - BHO: Class - {08B062B7-0572-9CCE-27F2-A318B78A3677} - C:\WINDOWS\ntxm32.dll

O2 - BHO: Class - {094C8CED-58C8-2CD1-5207-27C140FB0531} - C:\WINDOWS\ieqe32.dll

O2 - BHO: Class - {094EDED8-1F6C-995C-6754-A544D7EA188B} - C:\WINDOWS\system32\crbr32.dll

O2 - BHO: Class - {0A8D0092-6F79-27C0-3B9C-D542A7FC6907} - C:\WINDOWS\system32\javalr32.dll

O2 - BHO: Class - {0B01EADD-4EEA-1744-7321-45BB28A5E86A} - C:\WINDOWS\system32\javabq32.dll

O2 - BHO: Class - {0CAEDEE2-8F3E-F86F-35DC-CDEAAE346249} - C:\WINDOWS\crvc.dll

O2 - BHO: Class - {0DFE18F1-8279-20AE-4CC5-10CB30FF50DA} - C:\WINDOWS\appul32.dll

O2 - BHO: Class - {0E07F1CC-6044-9AB8-86B3-B33F53CA4787} - C:\WINDOWS\javaph.dll

O2 - BHO: Class - {0E3BEE03-C426-F488-CA26-D938932339AC} - C:\WINDOWS\system32\ntqt.dll

O2 - BHO: Class - {0F0E061E-FA0C-0C44-F0D9-0E0C21180458} - C:\WINDOWS\mfcnb.dll

O2 - BHO: Class - {0FCDFA68-74F9-605A-8029-180E50A9964A} - C:\WINDOWS\system32\netai.dll

O2 - BHO: Class - {102D7ADF-B1F2-150B-DD47-0D7AE8ECDFE0} - C:\WINDOWS\javabo.dll

O2 - BHO: Class - {10FF78CB-D256-A957-AA38-C09CAEAA3E70} - C:\WINDOWS\system32\mfcgx.dll

O2 - BHO: Class - {116B5897-9869-1B77-3DC7-646F9CB58D2B} - C:\WINDOWS\system32\msrn32.dll

O2 - BHO: Class - {11BE3648-39DF-4A8F-2B7F-AF543F3C21DF} - C:\WINDOWS\sysmx32.dll

O2 - BHO: Class - {11BEC0B9-C370-4820-FE14-3C42B32E0875} - C:\WINDOWS\system32\apitx.dll

O2 - BHO: Class - {124EC0E5-C940-3ED0-1241-6B1E7CF1D1E8} - C:\WINDOWS\d3xq.dll

O2 - BHO: Class - {1323364A-6290-C22E-760E-ABFCF4445116} - C:\WINDOWS\system32\iehq32.dll

O2 - BHO: Class - {13B77FE1-9911-A0C2-1D01-61CA21EAEB83} - C:\WINDOWS\system32\addbt.dll

O2 - BHO: Class - {13C3D1A3-A53A-6BFB-F6CA-8FA7292FE0F0} - C:\WINDOWS\sdkzj.dll

O2 - BHO: Class - {14882629-ECB5-DB2D-9FF8-D87930DD6A0A} - C:\WINDOWS\iefb32.dll

O2 - BHO: Class - {153707B5-D0ED-A171-CBB3-87B9E1296513} - C:\WINDOWS\atlwb32.dll

O2 - BHO: Class - {1546F4A6-423F-7B55-1F30-B621C06F5D69} - C:\WINDOWS\system32\d3bu32.dll

O2 - BHO: Class - {1676763F-15C3-F5F2-9C0B-0631705661ED} - C:\WINDOWS\ntng32.dll

O2 - BHO: Class - {16A67573-5153-0344-B04A-BF8F43B5057F} - C:\WINDOWS\sdkql.dll

O2 - BHO: Class - {16B25743-B02B-E5F0-F1AE-94D196232E38} - C:\WINDOWS\winkl.dll

O2 - BHO: Class - {16BD821E-5751-423E-4850-6CC5D07FECD8} - C:\WINDOWS\winfc32.dll

O2 - BHO: Class - {16D601F6-E41B-1A0C-95AA-2EF05F7C37EE} - C:\WINDOWS\system32\appze.dll

O2 - BHO: Class - {17094FC7-F985-CD03-CB64-049B61C2C70E} - C:\WINDOWS\system32\addcg.dll

O2 - BHO: Class - {1713182A-5092-DD29-01DB-F0D69793396C} - C:\WINDOWS\addco.dll

O2 - BHO: Class - {1760E281-B7CE-24A2-166B-0B9F9BB7B8A9} - C:\WINDOWS\system32\netpc32.dll

O2 - BHO: Class - {17A1BA50-1F42-91DF-8D52-9482601397EF} - C:\WINDOWS\apigp32.dll

O2 - BHO: Class - {18C9B52B-7151-9593-8427-72C86515DCDE} - C:\WINDOWS\appcb.dll

O2 - BHO: Class - {1A828816-226B-81EE-2E66-CFEBA8E97E2F} - C:\WINDOWS\apibh32.dll

O2 - BHO: Class - {1AF1C718-5A24-D7BB-592A-F2291195734F} - C:\WINDOWS\appbe32.dll

O2 - BHO: Class - {1B7649CB-3BCF-46D5-F4A7-39AEAE5625AB} - C:\WINDOWS\crzn.dll

O2 - BHO: Class - {1B849856-C2B0-C16F-7AA2-AF1A44A6BEDA} - C:\WINDOWS\system32\ipma32.dll

O2 - BHO: Class - {1B9CCCD9-3DA0-5E43-A4CE-924A8F49CC0F} - C:\WINDOWS\system32\iexs.dll

O2 - BHO: Class - {1DF846A3-16F9-BEC1-05D0-31207FD24B28} - C:\WINDOWS\system32\javaxu32.dll

O2 - BHO: Class - {1E94F949-F3F0-5C64-038A-53C68D35F288} - C:\WINDOWS\system32\javalr.dll

O2 - BHO: Class - {1EB77D8F-DC5A-7E55-59FC-844CAE64FC70} - C:\WINDOWS\syslm.dll

O2 - BHO: Class - {1EDBFE12-619A-B05D-D81A-42593402A991} - C:\WINDOWS\appsh.dll

O2 - BHO: Class - {1F1A3DD0-5DB3-08D8-FE9F-CB49DA5EFA2E} - C:\WINDOWS\system32\syspu.dll

O2 - BHO: Class - {1F7B837E-CC0C-8A77-DD3C-43144BEFEB4B} - C:\WINDOWS\d3nm32.dll

O2 - BHO: Class - {1F8E709E-AEC3-AC71-0350-66348A990C05} - C:\WINDOWS\system32\msps.dll

O2 - BHO: Class - {204BFD00-8711-E685-9059-B543F47899E1} - C:\WINDOWS\system32\d3tx32.dll

O2 - BHO: Class - {2067DEDB-34F7-9CC4-7353-3E1E927B32A3} - C:\WINDOWS\system32\d3lc32.dll

O2 - BHO: Class - {22A99D53-6CB9-33A5-DED6-D04F5F0F1AE8} - C:\WINDOWS\system32\d3nm32.dll

O2 - BHO: Class - {22B1BD81-78EF-C72F-0793-EFF78ED6B103} - C:\WINDOWS\system32\javalf.dll

O2 - BHO: Class - {2345C8ED-802B-A5E6-4EE8-68E9D4825903} - C:\WINDOWS\iedl.dll

O2 - BHO: Class - {23DA50CE-1A25-2F1D-13E6-38C10B86A8F2} - C:\WINDOWS\appug32.dll

O2 - BHO: Class - {23E29B01-78ED-B227-C0D9-7F01F2621B9A} - C:\WINDOWS\system32\addbd32.dll

O2 - BHO: Class - {24BE1459-795A-5BA6-B9B1-DC1A2D1652EF} - C:\WINDOWS\system32\winmg.dll

O2 - BHO: Class - {25058AE5-5371-3EC0-9CB9-B7B2AE83A00A} - C:\WINDOWS\system32\crmn.dll

O2 - BHO: Class - {259EE5B9-79F9-788C-1426-7B4E6B1A0211} - C:\WINDOWS\addic32.dll

O2 - BHO: Class - {28223167-A6CC-2F8F-758F-1F424FBB380E} - C:\WINDOWS\system32\mfcyi.dll

O2 - BHO: Class - {28FF0DAA-6EDD-259A-83C4-EADDF15D72AD} - C:\WINDOWS\system32\mfcbl32.dll

O2 - BHO: Class - {29FC66BD-3EA4-3F16-0ABF-93515F25ED12} - C:\WINDOWS\winjx32.dll

O2 - BHO: Class - {2A37058B-D1BB-61D1-21BA-B7A66036D544} - C:\WINDOWS\appkg32.dll

O2 - BHO: Class - {2A696067-2ABB-2ABE-9CCF-E895A174E181} - C:\WINDOWS\wintm.dll

O2 - BHO: Class - {2AD24B66-877B-347B-4D3D-73A13C8BB2CB} - C:\WINDOWS\netdg.dll

O2 - BHO: Class - {2ADD1D56-2534-91AF-C52E-680B595C6999} - C:\WINDOWS\system32\ierm32.dll

O2 - BHO: Class - {2CE88230-1C35-89B5-88A0-B07ACA0B401D} - C:\WINDOWS\system32\ntjf.dll

O2 - BHO: Class - {2CEB755B-6BCC-9879-D315-A49FBFA75BD7} - C:\WINDOWS\ntux.dll

O2 - BHO: Class - {2CFF8F86-4117-E570-DCB8-49CE5BB1B815} - C:\WINDOWS\apijn32.dll

O2 - BHO: Class - {2D83144A-96F5-FD55-350C-BB36CBABB8B2} - C:\WINDOWS\system32\msyf.dll

O2 - BHO: Class - {2D9A5F30-BB39-3C3B-1DB0-A4572E5E7077} - C:\WINDOWS\ipot32.dll

O2 - BHO: Class - {2E5DB345-70C0-FF98-D20F-C69A65169900} - C:\WINDOWS\system32\mfclq32.dll

O2 - BHO: Class - {2EDD9108-F5D8-936A-8F9A-116CB847DCC0} - C:\WINDOWS\d3mx32.dll

O2 - BHO: Class - {2F1C51B0-AC7F-A18C-6486-8BD910B563C3} - C:\WINDOWS\system32\sdktf32.dll

O2 - BHO: Class - {2F7660FB-0CEA-4B11-A8C5-3175CFDBA441} - C:\WINDOWS\system32\windj32.dll

O2 - BHO: Class - {2FA6B0AE-AAE8-9CDC-8004-516B1C672B52} - C:\WINDOWS\appqi32.dll

O2 - BHO: Class - {2FCA3DE0-0928-B4AD-0D83-44697B4D7A24} - C:\WINDOWS\atlyc32.dll

O2 - BHO: Class - {300881BB-DD69-DBCB-AE92-B05A3E8707E1} - C:\WINDOWS\iewo.dll

O2 - BHO: Class - {309B0370-9499-BD83-5B63-522A8DC7EFD4} - C:\WINDOWS\system32\ntmi.dll

O2 - BHO: Class - {30B92BEE-1F2E-CDB3-9958-2877E3A478BF} - C:\WINDOWS\ipwf32.dll

O2 - BHO: Class - {30C15F1B-B902-8769-7E97-07B632351674} - C:\WINDOWS\netza.dll

O2 - BHO: Class - {3202B39B-A35B-BCEE-9DB0-68ED2C239785} - C:\WINDOWS\system32\crfq.dll

O2 - BHO: Class - {32647596-213A-8327-EDB5-24A45C5C5E36} - C:\WINDOWS\sdkig.dll

O2 - BHO: Class - {32D819AE-5E1D-5524-783B-C8993083716B} - C:\WINDOWS\winwr.dll

O2 - BHO: Class - {33AC10E4-94BE-C3D0-855D-41F27DCEDD3D} - C:\WINDOWS\system32\msma.dll

O2 - BHO: Class - {33EC6E43-4826-94FA-3A03-B94290B62B85} - C:\WINDOWS\iehb.dll

O2 - BHO: Class - {34563B77-50A7-B32B-750C-907E592AD1F7} - C:\WINDOWS\system32\ntiw.dll

O2 - BHO: Class - {3487A0E4-207B-E09F-81B8-A8EDBD853E83} - C:\WINDOWS\mfchd32.dll

O2 - BHO: Class - {3585FF78-2F11-FF4A-2596-1DF8EA166C87} - C:\WINDOWS\system32\javayr32.dll

O2 - BHO: Class - {36CC50DE-E932-3435-B11B-709E3AFE8849} - C:\WINDOWS\sdkfz.dll

O2 - BHO: Class - {3712D7D0-9565-F99D-D800-6036A77E45C4} - C:\WINDOWS\crdy32.dll

O2 - BHO: Class - {38270C16-6F54-81A1-B343-987591F9FF85} - C:\WINDOWS\system32\iexa32.dll

O2 - BHO: Class - {38683242-D589-5595-2821-3BE52429FEC3} - C:\WINDOWS\system32\appks32.dll

O2 - BHO: Class - {38A13BE2-44E2-8EAD-D101-458EB7B89D67} - C:\WINDOWS\system32\javadg32.dll

O2 - BHO: Class - {38EB7DA0-52FB-AADA-9FBF-2A397DD19AA1} - C:\WINDOWS\system32\crln32.dll

O2 - BHO: Class - {3ADF6BD5-30EF-8D1D-8D7D-3A0CDCC2FD01} - C:\WINDOWS\system32\appxc.dll

O2 - BHO: Class - {3AEAD8F8-7409-2055-D03F-1E630CC0A5B8} - C:\WINDOWS\winot.dll

O2 - BHO: Class - {3AF46D2B-238E-2C0A-6C63-109D3CE5E7C0} - C:\WINDOWS\addsz32.dll

O2 - BHO: Class - {3AF61C43-088F-A3C6-4312-3AB906276F3A} - C:\WINDOWS\system32\winfu.dll

O2 - BHO: Class - {3BA5C516-2E23-6854-9EFC-21E89FEB7C2E} - C:\WINDOWS\system32\mspl.dll

O2 - BHO: Class - {3BB31146-3116-E523-81A1-39DC94BD27E5} - C:\WINDOWS\system32\appdm32.dll

O2 - BHO: Class - {3BD916EE-69B6-9D47-6347-D97C3BA97F02} - C:\WINDOWS\system32\mfcam32.dll

O2 - BHO: Class - {3C69B1A3-D6E3-9B58-A742-1A46F3BDB7CE} - C:\WINDOWS\winqw.dll

O2 - BHO: Class - {3C73D315-DD9F-9F82-0398-D2936B2878B2} - C:\WINDOWS\ntfs32.dll

O2 - BHO: Class - {3C7FB04E-255B-74C8-0E5F-D8E57CAAC3BC} - C:\WINDOWS\apphf32.dll

O2 - BHO: Class - {3D2ACA16-3F1C-BF97-6524-0F7072E1E895} - C:\WINDOWS\netnx32.dll

O2 - BHO: Class - {3D983ED1-97AB-F11D-D545-3A47F28CC430} - C:\WINDOWS\system32\winuq.dll

O2 - BHO: Class - {3E8EDD63-7719-B595-1F25-C50F23DBF99D} - C:\WINDOWS\system32\javakb32.dll

O2 - BHO: Class - {40430AEB-7146-EE85-0D82-B57E2A8F44A9} - C:\WINDOWS\addwr.dll

O2 - BHO: Class - {4089564D-FCC7-C2D7-9F2A-ED05B543E8CA} - C:\WINDOWS\system32\sysfa32.dll

O2 - BHO: Class - {4097E29E-2A74-3EEA-7090-0E73AF19AC3E} - C:\WINDOWS\apiri32.dll

O2 - BHO: Class - {4249913F-B87B-5BCB-BDAC-0E589CD03682} - C:\WINDOWS\system32\appkx32.dll

O2 - BHO: Class - {42874627-68BA-AD3E-2E5A-AF9C92CF61D3} - C:\WINDOWS\system32\ieov32.dll

O2 - BHO: Class - {42B28786-0E2F-6823-286D-BA74F50C3A0D} - C:\WINDOWS\addww32.dll

O2 - BHO: Class - {42B6D2AA-FC71-B406-F3BA-1E0D9D759441} - C:\WINDOWS\apphf.dll

O2 - BHO: Class - {43544B19-A240-DF9B-5CE9-9DC02154188E} - C:\WINDOWS\system32\d3bt32.dll

O2 - BHO: Class - {4407E807-267B-A3CE-F228-77149FA4302C} - C:\WINDOWS\system32\sysex.dll

O2 - BHO: Class - {4478A40E-095C-9113-16CA-AAE4FCB0841A} - C:\WINDOWS\netyz32.dll

O2 - BHO: Class - {44D83962-1E60-044C-50E1-DCC0B1C6B08C} - C:\WINDOWS\atlop32.dll

O2 - BHO: Class - {45723711-8D3F-C8F9-24E0-F252B24B3148} - C:\WINDOWS\sdkau.dll

O2 - BHO: Class - {45BF02B3-6F53-F516-CA0B-8B10C0085204} - C:\WINDOWS\apigq32.dll

O2 - BHO: Class - {460072CA-8C43-F205-2195-C713F1949B30} - C:\WINDOWS\javasu32.dll

O2 - BHO: Class - {46030852-EC50-153A-66BC-0BAEA8CBC16A} - C:\WINDOWS\system32\msjb.dll

O2 - BHO: Class - {469875BB-BC3F-507E-B350-021484557DB4} - C:\WINDOWS\system32\d3nj32.dll

O2 - BHO: Class - {477DF9B4-C171-F601-74D6-D3697B4B1E8B} - C:\WINDOWS\addct32.dll

O2 - BHO: Class - {48604E09-168D-FEB9-0B26-5518D029DA95} - C:\WINDOWS\system32\ipxh.dll

O2 - BHO: Class - {4861F239-22C4-39AD-0E05-069E210E1F47} - C:\WINDOWS\javani.dll

O2 - BHO: Class - {4A6CF2F7-DDDD-2A8C-FF62-94A72AA7954F} - C:\WINDOWS\appja32.dll

O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O2 - BHO: Class - {4B898F0F-81A2-A0FB-5F4C-37100AC2D624} - C:\WINDOWS\system32\d3ew32.dll

O2 - BHO: Class - {4C97FF57-707D-49B6-2CBA-7996791E6202} - C:\WINDOWS\netdt32.dll

O2 - BHO: Class - {4CB86D61-970D-C338-7AD0-8B13C488150E} - C:\WINDOWS\sdkcd32.dll

O2 - BHO: Class - {4CC0A8A4-E4C5-6742-27C3-C153BB6598A6} - C:\WINDOWS\ippg32.dll

O2 - BHO: Class - {4D55F1A8-55DA-AA1A-83F6-E4407B24CCE5} - C:\WINDOWS\system32\ipdb.dll

O2 - BHO: Class - {4D77B656-3929-8E8D-2C15-42407E685FFA} - C:\WINDOWS\crlh32.dll

O2 - BHO: Class - {4DB64B88-0933-55E1-5343-261A238D2B60} - C:\WINDOWS\ntfk32.dll

O2 - BHO: Class - {4EC3A22A-5434-CC1A-4E91-B9094044E2D6} - C:\WINDOWS\system32\ipmm.dll

O2 - BHO: Class - {4EF173C7-37FB-764C-4EE2-D86CB880FB29} - C:\WINDOWS\sysmy32.dll

O2 - BHO: Class - {4EFEDBE3-55DF-655C-7684-265961EDD697} - C:\WINDOWS\javaci32.dll

O2 - BHO: Class - {4F5D7708-5CE8-F0D7-D1F2-50B7B257B1EF} - C:\WINDOWS\javats.dll

O2 - BHO: Class - {50AA68D1-B792-9F1D-0E5A-E28E5958CC5B} - C:\WINDOWS\system32\mfcse32.dll

O2 - BHO: Class - {50B7CF0C-8AE5-BB42-E622-CE649815FF71} - C:\WINDOWS\system32\atlvo.dll

O2 - BHO: Class - {50D98177-3925-757E-8E92-625565712438} - C:\WINDOWS\d3ce.dll

O2 - BHO: Class - {510C09CC-B06A-EFC8-2E17-38F386848F3E} - C:\WINDOWS\crud32.dll

O2 - BHO: Class - {5169D876-4C97-5087-3456-0DCBB0716BC9} - C:\WINDOWS\iezy32.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Class - {5395C6CC-9119-AA2E-B008-2D31A543B883} - C:\WINDOWS\system32\atlia.dll

O2 - BHO: Class - {539B572E-7B0F-7CC3-9352-C94BF984726F} - C:\WINDOWS\apikl.dll

O2 - BHO: Class - {54255AC2-2B7F-9119-713D-1BFBB01E8BCD} - C:\WINDOWS\nethy.dll

O2 - BHO: Class - {54D0E15D-04E1-F4B0-9D57-9A826010E6AA} - C:\WINDOWS\ipkl.dll

O2 - BHO: Class - {55AC4EE7-4B4F-A677-88EE-C19AD29C7B4D} - C:\WINDOWS\system32\iedk32.dll

O2 - BHO: Class - {55E7FCAD-77C1-35FF-8206-D7405C6CDFAB} - C:\WINDOWS\ippb32.dll

O2 - BHO: Class - {5624FB2A-5E7E-C67B-2C18-0AAF52EEFBB0} - C:\WINDOWS\ipun32.dll

O2 - BHO: Class - {565744A1-C652-BC19-4230-289DA72A989C} - C:\WINDOWS\netur32.dll

O2 - BHO: Class - {572A44A6-4945-DA71-B13F-066F8EC29E66} - C:\WINDOWS\appex.dll

O2 - BHO: Class - {5732A44D-F6D6-76F6-4E92-2027907B8818} - C:\WINDOWS\system32\d3bo.dll

O2 - BHO: Class - {574F5154-24C8-7C08-5A89-1EF0CC0ABB65} - C:\WINDOWS\system32\ntwj.dll

O2 - BHO: Class - {5994FD3E-5FC2-9A72-EE68-06292ACBFC71} - C:\WINDOWS\system32\ntqw32.dll

O2 - BHO: Class - {5BE76740-FD01-49B4-5ABA-AA49D68044EF} - C:\WINDOWS\sdklr.dll

O2 - BHO: Class - {5C145150-DD6C-53BA-84AE-224D696D255B} - C:\WINDOWS\ntej32.dll

O2 - BHO: Class - {5C2283D1-61C9-9337-3709-169AA24C7206} - C:\WINDOWS\system32\sysjx.dll

O2 - BHO: Class - {5C74F9CB-19A6-7A1A-EAF6-EB84A7061D05} - C:\WINDOWS\system32\mfcpy.dll

O2 - BHO: Class - {5E709357-9905-BEDE-6228-649AC8CA2565} - C:\WINDOWS\system32\d3sd32.dll

O2 - BHO: (no name) - {5E7FFA99-C5C0-6BFA-DA44-8A9DB0AE94FD} - (no file)

O2 - BHO: Class - {604368E9-EA0B-0E3E-E1F2-50F1DD1F7690} - C:\WINDOWS\system32\mfcan.dll

O2 - BHO: Class - {610207BA-E8D7-9260-B756-291184C1BFB4} - C:\WINDOWS\ieqy32.dll

O2 - BHO: Class - {61675AEA-0AAC-FB29-2A8B-E712314B4A52} - C:\WINDOWS\system32\msxv.dll

O2 - BHO: Class - {61BB595D-A6B2-4293-216F-8317630E1849} - C:\WINDOWS\system32\crwi.dll

O2 - BHO: Class - {6248255C-2322-395B-0A66-A5455141BD55} - C:\WINDOWS\system32\sdkfe32.dll

O2 - BHO: Class - {628389AE-FDE9-F181-ABB4-DB08BD5345BC} - C:\WINDOWS\d3ph.dll

O2 - BHO: Class - {6292CB7C-CAEA-9541-226F-1C73897C3C39} - C:\WINDOWS\d3ki.dll

O2 - BHO: Class - {629FEEBC-8D1F-BA64-26C3-686D45062880} - C:\WINDOWS\system32\cryp.dll

O2 - BHO: Class - {630B5448-88BA-594C-A5C4-16A53B83F0F9} - C:\WINDOWS\system32\ipqh32.dll

O2 - BHO: Class - {6469535C-868D-78CB-87BD-9BF74E0AEB7A} - C:\WINDOWS\system32\addsz.dll

O2 - BHO: Class - {646D843D-7CDF-78F8-2D9D-391E871C2089} - C:\WINDOWS\iplz.dll

O2 - BHO: Class - {646F2028-8431-3C1F-122B-739B5643F144} - C:\WINDOWS\system32\apptc32.dll

O2 - BHO: Class - {646F6A47-24D0-2033-3709-4F9D79ED6FC9} - C:\WINDOWS\atlqm.dll

O2 - BHO: Class - {64ACBCED-4C70-32ED-5E7C-6D6EFEDA085F} - C:\WINDOWS\mfcvq32.dll

O2 - BHO: Class - {64CA0FC6-5085-C447-8988-25C5AC6CDBBE} - C:\WINDOWS\system32\netuu32.dll

O2 - BHO: Class - {651DA460-C8D1-926D-7E35-8258A39BB7C2} - C:\WINDOWS\atldp32.dll

O2 - BHO: Class - {652D4929-5C76-94A9-0C3D-31460592C199} - C:\WINDOWS\system32\winbk.dll

O2 - BHO: Class - {6565FF3C-2255-1708-8543-85E668E94D6C} - C:\WINDOWS\system32\apimc32.dll

O2 - BHO: Class - {66E7A648-A2D0-B506-715E-8D564D8364C2} - C:\WINDOWS\system32\netma32.dll

O2 - BHO: Class - {6736D543-9459-D61F-8FA7-A53653949C0D} - C:\WINDOWS\netbr32.dll

O2 - BHO: Class - {681772EF-1514-33C7-0408-B8771F24D4CB} - C:\WINDOWS\d3ed.dll

O2 - BHO: Class - {683DA086-8E62-5396-D4EF-2401FF58EB59} - C:\WINDOWS\system32\ipxf.dll

O2 - BHO: Class - {69848259-E5F3-2574-2AEE-41BB1DBD3EAC} - C:\WINDOWS\msap32.dll

O2 - BHO: Class - {69A8069F-CE5E-4765-8040-82403FEC3895} - C:\WINDOWS\system32\netln32.dll

O2 - BHO: Class - {69A989AD-BFBB-9324-846E-194CABCE649B} - C:\WINDOWS\system32\ntob32.dll

O2 - BHO: Class - {69C0535E-8F6B-1482-8F80-DF6B338BFBF8} - C:\WINDOWS\system32\crlw32.dll

O2 - BHO: Class - {6A9A98A4-1733-141A-04B1-536A43E5A00C} - C:\WINDOWS\netdc.dll

O2 - BHO: Class - {6AA3715D-405C-076E-8F16-52A674C871DB} - C:\WINDOWS\system32\addlc32.dll

O2 - BHO: Class - {6AA46007-7E40-353F-4B29-4EB589B6027B} - C:\WINDOWS\ntwi32.dll

O2 - BHO: Class - {6B2E69E2-80CF-0FCD-2529-005B76F6EB87} - C:\WINDOWS\system32\msxa32.dll

O2 - BHO: Class - {6BEF21ED-FE12-619A-B05D-D81A14259340} - C:\WINDOWS\atlax32.dll

O2 - BHO: Class - {6BFB4F8E-42B3-1853-FED2-0CE716BE6757} - C:\WINDOWS\system32\d3by.dll

O2 - BHO: Class - {6D5086FD-B70A-A21D-970A-511772E1A75C} - C:\WINDOWS\creb32.dll

O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysnk.dll

O2 - BHO: Class - {6F3DF768-3C51-2FC4-8417-FD3009EF0F08} - C:\WINDOWS\netpb32.dll

O2 - BHO: Class - {6F80CE58-E9EF-47A6-EE09-D515FF3D4D49} - C:\WINDOWS\sdklh.dll

O2 - BHO: Class - {6F99DB7E-CFDF-18F9-0B84-6D52A771173C} - C:\WINDOWS\system32\sdkie32.dll

O2 - BHO: Class - {6FBFD571-083B-0404-2CF4-4D02FE84655B} - C:\WINDOWS\system32\ntus.dll

O2 - BHO: Class - {70337B1D-11EA-9346-27AA-F77086D05C11} - C:\WINDOWS\syszv32.dll

O2 - BHO: Class - {70B1A180-F009-3014-DEDC-432095A475AF} - C:\WINDOWS\addze32.dll

O2 - BHO: Class - {70B30880-F84D-EE39-FE16-EDB1E1A80F9A} - C:\WINDOWS\system32\iely32.dll

O2 - BHO: Class - {70C06EC5-199D-FEF2-7785-6D008B0AC3BA} - C:\WINDOWS\javaau.dll

O2 - BHO: Class - {7121259F-441E-E13B-61A6-168C5EC38A14} - C:\WINDOWS\system32\iphd.dll

O2 - BHO: Class - {719E6513-D632-2EF9-585A-CBABAA0E69DC} - C:\WINDOWS\cren32.dll

O2 - BHO: Class - {72D633DF-F78E-4CB0-8219-60FA41D1EFE7} - C:\WINDOWS\mskk.dll

O2 - BHO: Class - {72E2A979-EAEA-2FA7-5086-F53AE6460277} - C:\WINDOWS\sdkcu.dll

O2 - BHO: Class - {74573A6C-C0FD-80B4-5489-3A6D60261E63} - C:\WINDOWS\system32\ntqn32.dll

O2 - BHO: Class - {7585E61C-CBB8-8C7F-66E0-1C519B9044FA} - C:\WINDOWS\d3dq32.dll

O2 - BHO: (no name) - {75D05867-E38D-2939-A8D4-F77D51475C5A} - (no file)

O2 - BHO: Class - {78397146-034F-3E67-9127-DD62A91D02AD} - C:\WINDOWS\ipae.dll

O2 - BHO: Class - {79062573-086D-5A0F-D7B9-40FCC3638669} - C:\WINDOWS\system32\iptq32.dll

O2 - BHO: (no name) - {798A3875-F0CF-E2B2-3196-D55E89CDEF04} - (no file)

O2 - BHO: Class - {7B316A9C-6980-991E-D5E2-EDEB4A735241} - C:\WINDOWS\crqw32.dll

O2 - BHO: Class - {7B4CB4A8-D1EF-22A5-DC8A-5D41F0137145} - C:\WINDOWS\netvh.dll

O2 - BHO: Class - {7C3F5115-13B8-F3E5-3A5F-4F6BD2411BED} - C:\WINDOWS\apiui.dll

O2 - BHO: Class - {7C77122B-026F-9791-38EB-B10B289B5B82} - C:\WINDOWS\system32\ipzb.dll

O2 - BHO: Class - {7D8E9033-94CD-739D-8A5B-376572E16A8C} - C:\WINDOWS\system32\appte32.dll

O2 - BHO: Class - {7E1181D1-3C72-2402-8167-9DC0FB9A9570} - C:\WINDOWS\sysmq32.dll

O2 - BHO: Class - {7E138803-B04F-E7FE-F90D-174F78CA6C63} - C:\WINDOWS\apprg32.dll

O2 - BHO: Class - {7FD58EC4-B55E-2A44-DFAB-99005B7E4071} - C:\WINDOWS\crpd32.dll

O2 - BHO: Class - {80E8BCDE-64B0-C3D0-A6E1-0DA0877E6210} - C:\WINDOWS\system32\winxr32.dll

O2 - BHO: Class - {8144B36B-0CAB-4B25-CC47-F48322B3263D} - C:\WINDOWS\apiak32.dll

O2 - BHO: Class - {81D25943-2085-D1C4-2F01-1C9877C3D278} - C:\WINDOWS\system32\sdkog.dll

O2 - BHO: Class - {81D3418A-9625-4C94-1B9D-02B573A0B877} - C:\WINDOWS\system32\mspz32.dll

O2 - BHO: Class - {82288C41-7D9C-ACA6-B1EB-D7DB067AC72B} - C:\WINDOWS\atleh32.dll

O2 - BHO: Class - {8258A0E9-18F6-B253-C69A-64B1F4A6E2C8} - C:\WINDOWS\atlwh.dll

O2 - BHO: Class - {834B70C4-08A7-7082-A675-EFDC4D348484} - C:\WINDOWS\system32\atlfv32.dll

O2 - BHO: Class - {83C08741-7DD6-E1E8-DFFA-D55F3DFD30B7} - C:\WINDOWS\netzy.dll

O2 - BHO: Class - {83EBAF80-FDC9-395C-7F4C-6E85D8F3AEC5} - C:\WINDOWS\system32\mscd32.dll

O2 - BHO: Class - {8455ADD6-2004-47C2-9816-6F3B875B7CE3} - C:\WINDOWS\system32\crex32.dll

O2 - BHO: Class - {84D6A0AA-3EC4-07BA-6550-B79683EEB9B1} - C:\WINDOWS\system32\mswz.dll

O2 - BHO: Class - {867653BB-CBDA-5ADF-86A5-ECF1FB3432E2} - C:\WINDOWS\netuz32.dll

O2 - BHO: Class - {877B5096-0FB9-2632-5448-A94D5150B850} - C:\WINDOWS\system32\ntrn32.dll

O2 - BHO: Class - {877CAAEB-2293-602B-7876-793995AAE631} - C:\WINDOWS\system32\ntfw32.dll

O2 - BHO: Class - {88BBF9A8-1EBB-A896-9EFB-F2292B0737CF} - C:\WINDOWS\system32\netsv.dll

O2 - BHO: Class - {8A98241B-FE20-D008-805C-5BC0B7C14266} - C:\WINDOWS\system32\mfchp.dll

O2 - BHO: Class - {8B82102E-F491-66D2-F758-5BB004FEE44C} - C:\WINDOWS\windd.dll

O2 - BHO: Class - {8B9B410F-0A67-22CE-3941-CB77C211A4A9} - C:\WINDOWS\javabp32.dll

O2 - BHO: Class - {8C6233B9-0AC4-7DAC-AEB8-897EA23435DD} - C:\WINDOWS\ntzc.dll

O2 - BHO: Class - {8C70ABA6-D9B7-D043-9FBD-C653704D8236} - C:\WINDOWS\system32\ipdw.dll

O2 - BHO: Class - {8C70E5C4-7966-C457-B59B-A255A3E7EFBC} - C:\WINDOWS\system32\sysoy32.dll

O2 - BHO: Class - {8D0585C2-7837-436E-A1A5-25C507937285} - C:\WINDOWS\appwj.dll

O2 - BHO: Class - {8D1BAA26-F985-1788-3C2F-DBED986F74EE} - C:\WINDOWS\system32\winju32.dll

O2 - BHO: Class - {8ECE1E98-E8BF-1F28-C6BE-4B4F73514849} - C:\WINDOWS\winlt.dll

O2 - BHO: Class - {8F25C446-FCA0-E176-9876-4060D9B1BE10} - C:\WINDOWS\javatw.dll

O2 - BHO: Class - {8F25DEB8-3391-C994-0370-06E9127B615A} - C:\WINDOWS\system32\addrw32.dll

O2 - BHO: Class - {8F847879-40F7-B232-AEC5-D3214B36C965} - C:\WINDOWS\addeq32.dll

O2 - BHO: Class - {8F9CE5C4-7A8B-60FC-A8C2-8E61BD61D4BF} - C:\WINDOWS\mfcnj.dll

O2 - BHO: Class - {91EF62AC-1515-4102-869D-7CF17FBD48DC} - C:\WINDOWS\atliw32.dll

O2 - BHO: Class - {91F6D3FF-75DE-A3F4-BDDB-CEAB798A115F} - C:\WINDOWS\system32\winms.dll

O2 - BHO: Class - {927DD87A-66BA-9B9F-0879-783B761C8F50} - C:\WINDOWS\atlum32.dll

O2 - BHO: Class - {92B633A3-0AC2-646E-E2D7-D9D8DFA4C0CD} - C:\WINDOWS\iejh32.dll

O2 - BHO: Class - {92D83A26-147B-6F87-83E4-B271371785C1} - C:\WINDOWS\appkd32.dll

O2 - BHO: Class - {934022E3-4A67-7059-D032-46007A715210} - C:\WINDOWS\system32\mfces.dll

O2 - BHO: Class - {9347DCAE-D4C8-BCF3-AEE9-E2B1A1821BA8} - C:\WINDOWS\atlym.dll

O2 - BHO: Class - {937347AF-8267-7B4F-C2FD-7C75B9DE0881} - C:\WINDOWS\system32\apimb32.dll

O2 - BHO: Class - {94B07238-5DA7-46C7-3E9F-22E42CC1710A} - C:\WINDOWS\netpm.dll

O2 - BHO: Class - {964821EA-9370-D325-A9C3-9A9AC811F826} - C:\WINDOWS\system32\javaep.dll

O2 - BHO: Class - {964E2124-4EFC-8478-D558-FA3F46CA1604} - C:\WINDOWS\iebb32.dll

O2 - BHO: Class - {988C6476-5EA2-E122-57CE-2E4F86D27B58} - C:\WINDOWS\msgc.dll

O2 - BHO: Class - {9901B510-5371-56AC-A511-EFC399359401} - C:\WINDOWS\crit.dll

O2 - BHO: Class - {99E674B1-BD1C-9AB8-9C0E-C4FB2608BBD6} - C:\WINDOWS\atlzo32.dll

O2 - BHO: Class - {9AC98B09-E932-6B01-C983-A8AF24A16D40} - C:\WINDOWS\winzn.dll

O2 - BHO: Class - {9B02CB83-DCD2-2DB6-02DC-2D81D1BE1FE7} - C:\WINDOWS\d3mv32.dll

O2 - BHO: Class - {9C0B1C11-4B55-F4A7-0E89-A3C089B28991} - C:\WINDOWS\ipmu32.dll

O2 - BHO: Class - {9C53B9C2-DA43-9FE8-1CA5-21E8B34F522A} - C:\WINDOWS\system32\ipxp.dll

O2 - BHO: Class - {9DE2FBCC-AD05-1958-B77D-913F493B121A} - C:\WINDOWS\system32\netdu32.dll

O2 - BHO: Class - {9E6480CF-41D5-ADA6-566E-13AE9287A0CD} - C:\WINDOWS\system32\sdkeh.dll

O2 - BHO: Class - {9F8C6736-431A-A80F-7DB3-0D6C8BBD7EA1} - C:\WINDOWS\system32\netxx32.dll

O2 - BHO: Class - {A02E347F-8BF6-310A-944E-8F4FF9AA318A} - C:\WINDOWS\system32\iefm32.dll

O2 - BHO: Class - {A083F83A-C389-3B89-28F2-94347C2D6EF2} - C:\WINDOWS\system32\javayu.dll

O2 - BHO: Class - {A23E343E-58A3-FFA8-2F95-0FE8774232D1} - C:\WINDOWS\javaen32.dll

O2 - BHO: Class - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - C:\WINDOWS\atlki32.dll

O2 - BHO: Class - {A3D347B5-8D22-1E55-4D3E-C94C91F76762} - C:\WINDOWS\apikr32.dll

O2 - BHO: Class - {A40E210D-44F7-33DE-2D6C-292A6520AB82} - C:\WINDOWS\winpr32.dll

O2 - BHO: Class - {A5181EB4-FBCD-5B6F-4454-F9FEB6BD85FB} - C:\WINDOWS\system32\ntaj32.dll

O2 - BHO: Class - {A5363EEA-80FF-2D9D-B95C-136303CBE2E5} - C:\WINDOWS\system32\iphv.dll

O2 - BHO: Class - {A68F3DFF-6D4F-704D-DF3C-C62590315208} - C:\WINDOWS\system32\sysys.dll

O2 - BHO: Class - {A743397C-15FF-B350-E883-BF7404029D99} - C:\WINDOWS\system32\nttq32.dll

O2 - BHO: Class - {A7595DD0-954D-787A-73FC-769C95DF9F01} - C:\WINDOWS\system32\addwv32.dll

O2 - BHO: Class - {A7686D30-B576-3F3B-6990-2E06EB868F7B} - C:\WINDOWS\appgk.dll

O2 - BHO: Class - {A87070C2-BB4F-55A2-5375-ABE4322DA8C3} - C:\WINDOWS\system32\d3vg.dll

O2 - BHO: Class - {A8F6AA45-4788-6802-0A8B-624FBA5DC8CA} - C:\WINDOWS\system32\syshk32.dll

O2 - BHO: Class - {A9593486-C5F0-338D-36D5-AEC2E367709D} - C:\WINDOWS\nethd32.dll

O2 - BHO: Class - {A98BEA99-7B4B-FA3E-03F1-10C3D1AE7212} - C:\WINDOWS\system32\winuk.dll

O2 - BHO: Class - {AA0B70B4-0585-98FF-591D-792B7C365368} - C:\WINDOWS\mfcqb32.dll

O2 - BHO: Class - {AA3DBC87-F177-8D58-138B-069152EFDEAC} - C:\WINDOWS\system32\sysot32.dll

O2 - BHO: Class - {AA6F9854-E7A9-2FA2-2605-600B5705C69D} - C:\WINDOWS\ipsb32.dll

O2 - BHO: Class - {AAF322C0-53A3-24FC-C5E6-B062F9D982F9} - C:\WINDOWS\mfcma32.dll

O2 - BHO: Class - {ABD7967C-3F51-655C-C22D-34A94C9679EE} - C:\WINDOWS\system32\javacr.dll

O2 - BHO: Class - {AC2D8F55-4AC6-20AE-E0C0-B85403479114} - C:\WINDOWS\addzs.dll

O2 - BHO: Class - {ADCD2861-F951-CBB0-CD36-3C98A6A42196} - C:\WINDOWS\system32\winil32.dll

O2 - BHO: Class - {AE845430-3B50-352F-A6D3-21174EDCA037} - C:\WINDOWS\system32\javaix.dll

O2 - BHO: Class - {AE9AEB8F-0E7F-D767-F3C7-AF22C0FBA643} - C:\WINDOWS\atleu32.dll

O2 - BHO: Class - {AEE963C3-B79E-B7F1-4CBF-657FECF4CE92} - C:\WINDOWS\system32\appin.dll

O2 - BHO: Class - {AF21BBF6-248D-FEC6-977C-E433AC049B4A} - C:\WINDOWS\system32\addkd.dll

O2 - BHO: Class - {AF24C0CC-264C-C2F6-6BBC-FF4A88C674D6} - C:\WINDOWS\atlmo.dll

O2 - BHO: Class - {AF9E4499-5741-2FA8-A50F-64532BF9D788} - C:\WINDOWS\mshz.dll

O2 - BHO: Class - {B064CDCC-4563-66B0-0A96-37CF520ADED6} - C:\WINDOWS\system32\winwo32.dll

O2 - BHO: Class - {B0957B29-6605-0ACF-0683-0B29FEADFBE3} - C:\WINDOWS\system32\sysds.dll

O2 - BHO: Class - {B0FD6320-27E9-F236-D46C-1DBD5BB05BC1} - C:\WINDOWS\system32\apipi.dll

O2 - BHO: Class - {B264D484-9FD0-1008-BB3F-897E9586D92D} - C:\WINDOWS\system32\appvv.dll

O2 - BHO: Class - {B2D696D0-91BB-1E7F-44BB-A44FB1038DDF} - C:\WINDOWS\sdkio.dll

O2 - BHO: Class - {B31A4C19-741A-B567-F0E0-A2C7CDED6BD1} - C:\WINDOWS\system32\mfcjp32.dll

O2 - BHO: Class - {B3203551-0B4E-FCF6-9876-7B853EEBCC3F} - C:\WINDOWS\mfcdy.dll

O2 - BHO: Class - {B4C91D4F-8735-A88D-E8BE-4D168226F78A} - C:\WINDOWS\system32\d3rf32.dll

O2 - BHO: Class - {B5280A99-D3D1-117F-31CD-AB87AE880429} - C:\WINDOWS\crky.dll

O2 - BHO: Class - {B538BB10-3165-F984-CC16-9066CAB6B092} - C:\WINDOWS\netsn.dll

O2 - BHO: Class - {B58B9B1C-55D9-1746-5D04-4AD3FEBB33BE} - C:\WINDOWS\system32\netvf32.dll

O2 - BHO: Class - {B66EAEC2-2CE6-1697-9346-9B1E60E39650} - C:\WINDOWS\system32\msav.dll

O2 - BHO: Class - {B75BCD02-ABA7-9B5A-4478-A8AD97904CAC} - C:\WINDOWS\addnh32.dll

O2 - BHO: Class - {B796461E-A644-4E39-1933-D7EA1A81BA8E} - C:\WINDOWS\mfcmc.dll

O2 - BHO: Class - {B7C5F0FA-A733-E146-85CE-933DC6846D60} - C:\WINDOWS\ieij32.dll

O2 - BHO: Class - {B825595B-2058-BCA4-1A37-31A9B58CD033} - C:\WINDOWS\system32\winsp32.dll

O2 - BHO: Class - {B877A895-E66D-9B51-2A5E-B2821E0C16B0} - C:\WINDOWS\atlrd32.dll

O2 - BHO: Class - {B89B5A4B-A477-CC8D-A74D-8A1989AEEB9C} - C:\WINDOWS\system32\sysjf.dll

O2 - BHO: Class - {B9E4D006-7A30-6772-18E7-A2C7B4E14473} - C:\WINDOWS\javads.dll

O2 - BHO: Class - {B9FBC1A6-6B9A-7B6E-DE5D-CCFDD33AD068} - C:\WINDOWS\system32\appfl.dll

O2 - BHO: Class - {B9FBCC0E-658E-7FF9-97B0-FE0DA15F0299} - C:\WINDOWS\system32\mfcin32.dll

O2 - BHO: Class - {BB007F00-66B3-C207-453B-7CE8EDD79624} - C:\WINDOWS\sysqr32.dll

O2 - BHO: Class - {BB48572C-295E-5F17-1B6B-3589DA7CAB9B} - C:\WINDOWS\system32\sysox32.dll

O2 - BHO: Class - {BB5A0FC4-FCAF-FA07-2E59-B4F763DA2F07} - C:\WINDOWS\system32\sdkwd.dll

O2 - BHO: Class - {BBF5E38D-037F-77FE-1BD4-D0175630EF03} - C:\WINDOWS\apitm.dll

O2 - BHO: Class - {BC92A8D6-EC15-3C14-13BB-52BEF3DFBFA6} - C:\WINDOWS\mswg32.dll

O2 - BHO: Class - {BCC63AE6-D49C-A710-E427-27B59630AB82} - C:\WINDOWS\netbv32.dll

O2 - BHO: (no name) - {BD9FC8CA-2B4C-538D-74D9-3F302EFCBC86} - (no file)

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: Class - {BE086B08-211D-FFA7-7138-00EA0ABD2480} - C:\WINDOWS\system32\addfo.dll

O2 - BHO: Class - {BE109F8B-9C0D-8B9B-9B55-F31A546042B6} - C:\WINDOWS\winoo.dll

O2 - BHO: Class - {BE14A955-DD6C-A165-6A81-393FF536A2E2} - C:\WINDOWS\system32\ntbj.dll

O2 - BHO: Class - {BFA7FB09-7AC3-95E9-2881-B1966F738029} - C:\WINDOWS\winon32.dll

O2 - BHO: Class - {BFAA3D4F-3121-6765-035E-63AE94A824A9} - C:\WINDOWS\msnr32.dll

O2 - BHO: Class - {C2CC1826-44AA-2597-F243-7FEE13F6D54D} - C:\WINDOWS\system32\sdkrd.dll

O2 - BHO: Class - {C35E61AF-D4CC-C616-D8F0-C6D3B83A1702} - C:\WINDOWS\ntau.dll

O2 - BHO: Class - {C388D48F-0D9E-D287-957F-C50854563DE8} - C:\WINDOWS\netxm.dll

O2 - BHO: Class - {C3F84830-18F3-1D3D-C769-86D58A213F17} - C:\WINDOWS\apphd32.dll

O2 - BHO: Class - {C47E6517-9FEE-B27A-3EA8-BB572B11D25B} - C:\WINDOWS\system32\iehy.dll

O2 - BHO: Class - {C5E8FB41-08A4-948D-D9CA-321F51984943} - C:\WINDOWS\system32\apipr32.dll

O2 - BHO: Class - {C680FC92-CC8D-3933-941C-DB2ADEAD27D8} - C:\WINDOWS\javasi.dll

O2 - BHO: Class - {C682057F-E371-B29A-848C-7D9B32E2DD9C} - C:\WINDOWS\system32\appkm.dll

O2 - BHO: Class - {C6A53716-4EDC-CC43-99E1-9DBC615B7F1D} - C:\WINDOWS\system32\ntvd32.dll

O2 - BHO: Class - {C71388B9-CAAF-E409-BCE8-33736697C205} - C:\WINDOWS\appyu32.dll

O2 - BHO: Class - {C7B0E086-75CE-E71D-0DDA-51166A3A3D0F} - C:\WINDOWS\system32\mfced32.dll

O2 - BHO: Class - {C8F47880-52EF-4AA6-8D33-E43E9369AC13} - C:\WINDOWS\system32\ieui.dll

O2 - BHO: Class - {C91C2B34-D631-75C3-CD74-32FA1B2B0372} - C:\WINDOWS\system32\addyr32.dll

O2 - BHO: Class - {CA212655-5E8E-FD47-2580-32B04CA0E0B7} - C:\WINDOWS\d3qn.dll

O2 - BHO: Class - {CA9321F5-9849-30AD-6D1F-008B13CFD1D4} - C:\WINDOWS\ipdd.dll

O2 - BHO: Class - {CAEBAB9D-5B6A-D04D-3DF1-1992B30E11BB} - C:\WINDOWS\system32\applx.dll

O2 - BHO: Class - {CBAF5FF2-257D-3BA9-7FC4-8176A9916FCD} - C:\WINDOWS\d3vx.dll

O2 - BHO: Class - {CBBEC243-B125-F6CB-20B6-4A6446E07C07} - C:\WINDOWS\msci32.dll

O2 - BHO: Class - {CBCAC426-4AC6-B6CA-5FEB-39407E41AE7C} - C:\WINDOWS\ieue32.dll

O2 - BHO: Class - {CBD77B3F-8090-DD29-E058-34289DE3949A} - C:\WINDOWS\msbu32.dll

O2 - BHO: Class - {CC2E5D02-E711-BE07-3647-61D1BB49E8ED} - C:\WINDOWS\atlcx32.dll

O2 - BHO: Class - {CC67C393-741E-9B61-DB09-E37FD3F55B9B} - C:\WINDOWS\system32\ntxt32.dll

O2 - BHO: Class - {CC8F52DA-21F1-1A00-1DF7-6E14B89A961B} - C:\WINDOWS\system32\apito32.dll

O2 - BHO: Class - {CDB321C3-65E6-FD4B-0966-70348178E22A} - C:\WINDOWS\system32\appty32.dll

O2 - BHO: Class - {CDCF6DC4-9E36-A15E-5E68-4B01DC737125} - C:\WINDOWS\system32\winys.dll

O2 - BHO: Class - {CE4EFCA5-BE39-72B1-86A3-43F1C9A037D4} - C:\WINDOWS\msup.dll

O2 - BHO: Class - {CE7A710F-55BC-4498-742A-FEB5AF0058EF} - C:\WINDOWS\system32\crab32.dll

O2 - BHO: Class - {CE7F55BB-9429-AC8A-D9FC-39604EE56230} - C:\WINDOWS\ipql32.dll

O2 - BHO: Class - {CF3F3E61-9595-B4D3-EC0A-2911D33AF9CA} - C:\WINDOWS\netwx.dll

O2 - BHO: Class - {CFBA6A8B-141A-EFF7-2284-53A16D783BE4} - C:\WINDOWS\system32\d3pj32.dll

O2 - BHO: Class - {CFC2CF30-BAD3-6B1F-4A72-6F6A8D1F61C6} - C:\WINDOWS\crqs32.dll

O2 - BHO: Class - {D010E2E2-A168-789D-9E57-563AC50A66D0} - C:\WINDOWS\ntlb32.dll

O2 - BHO: Class - {D1B08BEF-61F3-13A0-6BCC-CB7E58770653} - C:\WINDOWS\netrz32.dll

O2 - BHO: Class - {D1DC71DB-95AD-1742-1B05-0653ADF80398} - C:\WINDOWS\sdkcf.dll

O2 - BHO: Class - {D1F50E66-9069-E055-C419-5AF69B876F46} - C:\WINDOWS\system32\apicr32.dll

O2 - BHO: Class - {D24C63AD-A963-E031-6313-22AD11D24EF1} - C:\WINDOWS\system32\ipgy32.dll

O2 - BHO: Class - {D4CB4CF2-3A32-88F6-F529-198F1CBBD1A6} - C:\WINDOWS\javamp.dll

O2 - BHO: Class - {D61D1D35-032C-D543-DA97-C2A2B06597AC} - C:\WINDOWS\system32\sdkto.dll

O2 - BHO: Class - {D7C24EDA-2656-4823-DC8B-F199CF3E738A} - C:\WINDOWS\system32\d3bg.dll

O2 - BHO: Class - {D8017933-B2A5-8733-0290-960149CE4D0D} - C:\WINDOWS\mfclh32.dll

O2 - BHO: Class - {D822CDEB-8143-2AA7-E4BB-E2055B7F4CCF} - C:\WINDOWS\system32\ipid32.dll

O2 - BHO: Class - {D824CB60-CF53-9F73-1BD8-6286E09FCF52} - C:\WINDOWS\system32\atlpl32.dll

O2 - BHO: Class - {D878BBC9-1D4B-1169-6016-5902B7CCFC40} - C:\WINDOWS\system32\sysjl.dll

O2 - BHO: Class - {D8F83F56-26F9-C667-A9AA-64C24DF449D6} - C:\WINDOWS\system32\ipql.dll

O2 - BHO: Class - {D9E4FCE9-DD60-AD26-B07D-BFB00720C50B} - C:\WINDOWS\system32\ipsr32.dll

O2 - BHO: Class - {D9F1ED10-B3DA-B8A9-67B7-86AA485C18AF} - C:\WINDOWS\system32\crkw.dll

O2 - BHO: Class - {DA50B851-33CA-06EB-529C-7E0AD96F9CAC} - C:\WINDOWS\atlbn.dll

O2 - BHO: Class - {DA69B6C4-9CB8-E5E8-026E-66C0112155F6} - C:\WINDOWS\system32\neton.dll

O2 - BHO: Class - {DABFBD59-CC8B-0E4D-60D9-8C44B013EAEF} - C:\WINDOWS\system32\addkn32.dll

O2 - BHO: Class - {DBD77B54-39C0-3D05-7A8D-1B1016FA7380} - C:\WINDOWS\system32\ieoh32.dll

O2 - BHO: Class - {DC0E40FD-D633-7594-A016-624F4172C934} - C:\WINDOWS\javaku.dll

O2 - BHO: Class - {DC42B4BF-AEBD-5A1A-288E-435E8D572F2A} - C:\WINDOWS\system32\syszz32.dll

O2 - BHO: Class - {DCA24E10-9BF9-9CE6-DD3F-572B605B86BB} - C:\WINDOWS\system32\atlac32.dll

O2 - BHO: Class - {DD27625A-DB28-F315-0405-729F194BD480} - C:\WINDOWS\system32\javati32.dll

O2 - BHO: Class - {DD499CA0-63C5-BE6B-7B26-F81AF2321007} - C:\WINDOWS\system32\atlqn.dll

O2 - BHO: Class - {DD4E4285-FC77-25C4-758D-88C44D92F004} - C:\WINDOWS\ntew32.dll

O2 - BHO: Class - {DD57FEDD-5FE0-0AED-E965-E1FF1402070E} - C:\WINDOWS\system32\crce.dll

O2 - BHO: Class - {DD7C6A5A-CDEA-97AD-3B53-18A2321EE6F6} - C:\WINDOWS\criu32.dll

O2 - BHO: Class - {DE3AE878-C016-F46D-089A-80B24A7316D7} - C:\WINDOWS\system32\addpv32.dll

O2 - BHO: Class - {DE9E19CF-4511-CFDF-5432-EABB6602A7D8} - C:\WINDOWS\system32\ipiq32.dll

O2 - BHO: Class - {DED9B197-A97B-8EB4-D4C0-1E70C2D3CFF5} - C:\WINDOWS\system32\sysfd32.dll

O2 - BHO: Class - {DF668E96-27EB-767C-CDC7-40ADB11675F2} - C:\WINDOWS\system32\iehr.dll

O2 - BHO: Class - {DFD60C9F-2B34-B4BD-B915-227AB606A962} - C:\WINDOWS\ntrk.dll

O2 - BHO: Class - {E04B2E72-AF5D-42B4-27C2-1DFBEB4A9650} - C:\WINDOWS\ipad.dll

O2 - BHO: Class - {E04CC398-6D86-A823-890A-29F8D27B4B0A} - C:\WINDOWS\netod32.dll

O2 - BHO: Class - {E07D9064-AD32-E4F4-6A8B-A5DBD4D56770} - C:\WINDOWS\system32\javain32.dll

O2 - BHO: Class - {E0B3C0A8-3E9A-3AAB-F740-EFF74FBA6985} - C:\WINDOWS\ipkd32.dll

O2 - BHO: Class - {E14797E4-9E5E-0402-9342-8ED990B9E13F} - C:\WINDOWS\system32\mfcnw32.dll

O2 - BHO: Class - {E15E1E91-0FD3-9AEB-0959-00933AADA0C4} - C:\WINDOWS\system32\addqf32.dll

O2 - BHO: Class - {E16A73BF-9FF9-43CE-8578-8DF8D3508388} - C:\WINDOWS\system32\sdkax32.dll

O2 - BHO: Class - {E2440651-7FE0-4276-6917-766C9FA742A6} - C:\WINDOWS\system32\sdkon32.dll

O2 - BHO: Class - {E2E6C0E2-FA3A-8992-181C-3BA9E7ED6D56} - C:\WINDOWS\mfcqi32.dll

O2 - BHO: Class - {E2F0712F-9E43-CF54-86D0-C0E27572FBE1} - C:\WINDOWS\system32\crvu32.dll

O2 - BHO: Class - {E44D3492-E63F-A52F-8235-06D2B331C92A} - C:\WINDOWS\system32\appnb32.dll

O2 - BHO: Class - {E558C92A-26ED-983A-0F8B-64C91ED05AE9} - C:\WINDOWS\javadc.dll

O2 - BHO: Class - {E57CF4E2-608E-1F55-6A8B-10D3B7AD07E2} - C:\WINDOWS\system32\sysre32.dll

O2 - BHO: Class - {E58BBC7E-7207-D1BE-CE98-6CC37B27883D} - C:\WINDOWS\system32\d3cj32.dll

O2 - BHO: Class - {E5AC69B4-006E-2FF7-BB25-3C43062AD4EF} - C:\WINDOWS\mfczj32.dll

O2 - BHO: Class - {E5F0C91D-B125-C770-69FE-FB3428702538} - C:\WINDOWS\system32\sysnv.dll

O2 - BHO: Class - {E60D7284-3090-534F-5C3A-08BCBA772F9C} - C:\WINDOWS\system32\netld.dll

O2 - BHO: Class - {E616513A-40E1-2657-5238-EAF908483D9A} - C:\WINDOWS\system32\sysim32.dll

O2 - BHO: Class - {E686FA0B-6D47-10E4-FC7D-A620410395A5} - C:\WINDOWS\system32\mfcjs.dll

O2 - BHO: Class - {E85DB2A8-73A7-0E64-0B9F-3B3DF072FE21} - C:\WINDOWS\system32\sysum32.dll

O2 - BHO: Class - {E8B2A684-D6D8-C5EA-F174-952A69CDEAD1} - C:\WINDOWS\system32\apidg.dll

O2 - BHO: Class - {EA197903-5454-DCA0-1431-906504E5199D} - C:\WINDOWS\system32\msjw32.dll

O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - C:\WINDOWS\ntrz32.dll

O2 - BHO: Class - {EB3F1F3A-312D-1F0B-BE12-33935E41A208} - C:\WINDOWS\system32\atlnq32.dll

O2 - BHO: Class - {EB53464A-65A2-9AA0-C376-11ADD5428232} - C:\WINDOWS\appeb.dll

O2 - BHO: Class - {EB619721-7FA1-13F4-FCC7-F7910CF00AC8} - C:\WINDOWS\system32\addaj32.dll

O2 - BHO: Class - {EB6F84A8-01F1-4D7E-CBCE-4B02B1BB0094} - C:\WINDOWS\system32\nthz32.dll

O2 - BHO: Class - {EB875E59-D1A2-BEDD-B6E0-01204A789601} - C:\WINDOWS\system32\crko32.dll

O2 - BHO: Class - {EBA74261-7CAA-F270-26F4-4E2A669761D1} - C:\WINDOWS\ntne.dll

O2 - BHO: Class - {EBB58D88-B4D1-648E-CB8F-D10EF01B83E5} - C:\WINDOWS\system32\addhm.dll

O2 - BHO: Class - {EC0BF822-7720-175B-2901-9FA68F761D30} - C:\WINDOWS\d3op.dll

O2 - BHO: Class - {EDD6C5EA-5F3E-7B1D-A3D0-9E3A169E6444} - C:\WINDOWS\systb.dll (file missing)

O2 - BHO: Class - {EF4B1BBF-9691-E915-81F6-F75B7DD313AA} - C:\WINDOWS\ieva32.dll

O2 - BHO: Class - {EF56697C-5109-5395-6FE2-E92AAFF48176} - C:\WINDOWS\mfcwk32.dll

O2 - BHO: Class - {EFD32CB9-039B-2B11-A357-D6D56A398537} - C:\WINDOWS\appqz32.dll

O2 - BHO: Class - {EFD4E5E6-F6FA-35B8-21D0-795BD90D0719} - C:\WINDOWS\javakd32.dll

O2 - BHO: Class - {EFEBB260-C21E-967D-CA15-0C1770C3C5C5} - C:\WINDOWS\mfcsd.dll

O2 - BHO: Class - {F1895589-F7BC-679C-6B28-F8543FF20375} - C:\WINDOWS\d3lq32.dll

O2 - BHO: Class - {F1EB7ABF-6A20-18CA-0717-32A5D07D7B75} - C:\WINDOWS\appap32.dll

O2 - BHO: Class - {F20341B7-4D4B-5B61-38C8-74F9630B49F0} - C:\WINDOWS\system32\winkc32.dll

O2 - BHO: Class - {F20ED84C-D847-D6C7-F794-2ED9DCB4B4D1} - C:\WINDOWS\javapa.dll

O2 - BHO: Class - {F3A0E4F7-5A26-16D7-F285-82AF755C81E0} - C:\WINDOWS\system32\netjj32.dll

O2 - BHO: Class - {F3E960E4-F8DE-2718-D510-335C5E2FEB9F} - C:\WINDOWS\d3zu32.dll

O2 - BHO: Class - {F45672AA-5BCB-168F-8F4C-4B17FD2623E8} - C:\WINDOWS\msmf.dll

O2 - BHO: Class - {F46FA47B-6291-D27B-D125-BCEEBB49E346} - C:\WINDOWS\ierw.dll

O2 - BHO: Class - {F4A41C9A-A713-9C96-601E-1966003429F8} - C:\WINDOWS\addiu.dll

O2 - BHO: Class - {F52A683D-86BC-5DC9-8231-5370AB157678} - C:\WINDOWS\system32\ipti.dll

O2 - BHO: Class - {F5593432-5366-0A96-4CF5-94D4D166B10C} - C:\WINDOWS\system32\d3wz.dll

O2 - BHO: Class - {F62510CB-ED83-E3EF-9E28-73519F1B7A0C} - C:\WINDOWS\d3ft32.dll

O2 - BHO: Class - {F69AC43F-54FB-0910-EFEE-6455168C3713} - C:\WINDOWS\ipxm.dll

O2 - BHO: Class - {F6CB920B-A4A6-46E0-C07F-F02819E65389} - C:\WINDOWS\winka32.dll

O2 - BHO: Class - {F6F49380-F6BB-3D04-920B-C960D86C67BC} - C:\WINDOWS\addve32.dll

O2 - BHO: Class - {F72B1F16-5DA1-0CE7-8A46-761D0FBCADC7} - C:\WINDOWS\system32\netpz32.dll

O2 - BHO: Class - {F74D5213-8A18-F9CF-E487-AA203A37CEB8} - C:\WINDOWS\system32\addwf.dll

O2 - BHO: Class - {F822BF6C-BD82-883D-1146-288575F3091D} - C:\WINDOWS\system32\winiw.dll

O2 - BHO: Class - {F82406AA-AA26-0FEF-2943-600622AB7AB5} - C:\WINDOWS\iesd.dll

O2 - BHO: Class - {F8F78A55-0101-C0E3-D286-3EADE0CB6313} - C:\WINDOWS\addgz32.dll

O2 - BHO: Class - {F9D982F9-B035-9FE7-9252-71E960E1F3E5} - C:\WINDOWS\system32\neteq.dll

O2 - BHO: Class - {FAA44DA8-BC87-EAF8-DE08-0B6C7CABB256} - C:\WINDOWS\sdkuv.dll

O2 - BHO: Class - {FB9C0E2C-9054-C0EA-4D57-F9CCE6487636} - C:\WINDOWS\system32\ipau.dll

O2 - BHO: Class - {FBC1B2FF-838B-6257-27F0-2FD318F49B54} - C:\WINDOWS\system32\appwg.dll

O2 - BHO: Class - {FBF77D9B-CA17-A517-257C-C38A16C5AD4F} - C:\WINDOWS\mfcae32.dll

O2 - BHO: Class - {FC5F4FD2-9814-9658-709F-821EB79F97AB} - C:\WINDOWS\javatk.dll

O2 - BHO: Class - {FC69783B-05C2-F77D-6E0B-9055DEF49D6C} - C:\WINDOWS\system32\sysef32.dll

O2 - BHO: Class - {FC72CC24-F754-BD19-FD0E-852C1775E57D} - C:\WINDOWS\system32\netox32.dll

O2 - BHO: Class - {FC933F3B-F61C-174E-C6CD-8A9A8ECDD4A8} - C:\WINDOWS\winrc.dll

O2 - BHO: Class - {FD33DF99-7965-02B4-4056-996478BCDA14} - C:\WINDOWS\ntfp.dll

O2 - BHO: (no name) - {FD4A74BF-5712-24E2-4DA7-6711D4FD291B} - (no file)

O2 - BHO: Class - {FE3D33D0-958B-2C94-A4A8-DB4A4566ED06} - C:\WINDOWS\system32\ieto32.dll

O2 - BHO: Class - {FF3F0D99-BB3D-8567-11A3-BD77E0658DEA} - C:\WINDOWS\atlze32.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [winwx.exe] C:\WINDOWS\system32\winwx.exe

O4 - HKLM\..\Run: [ntge.exe] C:\WINDOWS\ntge.exe

O4 - HKLM\..\Run: [d3az.exe] C:\WINDOWS\system32\d3az.exe

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart

O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll

O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab'>http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Remote Procedure Call (RPC) Helper ( 11F

Link to post
Share on other sites

First of all, you will need to print out this post and/or save a copy as a text file in Notepad so that you have a hard copy of these instructions; you can not have IE/Firefox/any browser open during the fix

Please download CWShredder from HERE and save it to someplace you will remember like your desktop.

Download HSRegfix from HERE

Just unzip and place on your desktop.

Help with unzipping files is HERE

Please download ATF Cleaner by Atribune.

  • Double-click ATF-Cleaner.exe to run the program.
    Under Main choose: Select All
    Click the Empty Selected button.

If you use Firefox browser

  • Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

Please download Ewido Anti Malware, it is a free version of the program.

  1. Install ewido security suite
  2. When installing the program, under "Additonal Options" uncheck...
    • Install background guard
    • Install scan via context menu

[*] Launch ewido, there should now be an icon on your desktop, double-click it.

[*] The program will now open to the main screen.

[*] When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.

[*] You will need to update ewido to the latest definition files:

  • On the left hand side of the main screen click update.
  • Then click on Start Update.

[*] The update will start and a progress bar will show the updates being installed.

(the status bar at the bottom will display "Update successful")

[*] Close Ewido

If you are having problems with the updater, you can use this link to manually update ewido.

Ewido manual updates

Next, please enable viewing of hidden files as follows:

1) Go to My Computer, and click on the "Tools" menu

2) Click "Folder options"

3) Select the "View" tab

4) Make sure "Show hidden files and folders" is selected

5) Make sure "Hide extensions for known file types" is unchecked

6) Make sure "Hide protected operating system files (recommended)" is unchecked

Next, please reboot your computer in Safe Mode by doing the following:

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap F8.
  • Instead of Windows loading as normal, a menu should appear
  • Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:

http://www.pchell.com/support/safemode.shtml

Please run HijackThis and click "Scan." Place checks next to the following entries:

  • R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = <a href="
http://www.searchv.com/search.html" target="_blank">http://www.searchv.com/search.html</a>
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\bwmun.dll/sp.html#37049
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {014A827D-E04B-4100-86CC-AA5FBCB8F577} - C:\WINDOWS\system32\ntoz.dll
O2 - BHO: Class - {0291E910-8D54-4FA6-C81D-D18ED280B289} - C:\WINDOWS\apius32.dll
O2 - BHO: Class - {04D536A8-BE6C-6283-AD25-18CADEF98984} - C:\WINDOWS\sysdw32.dll
O2 - BHO: Class - {058C9936-6D60-53AB-C6A6-BABA8EDE5F00} - C:\WINDOWS\system32\winnh.dll
O2 - BHO: Class - {05F3C50C-D53F-D6BC-9065-2ABB3092A8D0} - C:\WINDOWS\ipsd.dll
O2 - BHO: Class - {05F3F3D2-8BFA-C735-FCDF-D4BD8418D325} - C:\WINDOWS\wincd32.dll
O2 - BHO: Class - {06197E31-50B6-4043-D6C9-8E70AAB849E5} - C:\WINDOWS\system32\windh.dll
O2 - BHO: Class - {065A3DF4-4253-B880-16A3-75DA427DD453} - C:\WINDOWS\wintz.dll
O2 - BHO: Class - {07AC6A37-E15F-F543-A739-15DB1285B61A} - C:\WINDOWS\system32\mstv.dll
O2 - BHO: Class - {07D83F1A-3A3D-EF25-F957-DCA0DCC72ABC} - C:\WINDOWS\sdkss32.dll
O2 - BHO: Class - {07E2FBBF-C64A-1972-227E-82FA4861EB78} - C:\WINDOWS\apias.dll
O2 - BHO: Class - {07E66B38-1367-7DC0-FD3C-CA1BFBA6BCC7} - C:\WINDOWS\system32\atlyd.dll
O2 - BHO: Class - {083A00C1-8BB2-5BD6-D3E8-27ADF3D597CA} - C:\WINDOWS\msmk.dll
O2 - BHO: Class - {08B062B7-0572-9CCE-27F2-A318B78A3677} - C:\WINDOWS\ntxm32.dll
O2 - BHO: Class - {094C8CED-58C8-2CD1-5207-27C140FB0531} - C:\WINDOWS\ieqe32.dll
O2 - BHO: Class - {094EDED8-1F6C-995C-6754-A544D7EA188B} - C:\WINDOWS\system32\crbr32.dll
O2 - BHO: Class - {0A8D0092-6F79-27C0-3B9C-D542A7FC6907} - C:\WINDOWS\system32\javalr32.dll
O2 - BHO: Class - {0B01EADD-4EEA-1744-7321-45BB28A5E86A} - C:\WINDOWS\system32\javabq32.dll
O2 - BHO: Class - {0CAEDEE2-8F3E-F86F-35DC-CDEAAE346249} - C:\WINDOWS\crvc.dll
O2 - BHO: Class - {0DFE18F1-8279-20AE-4CC5-10CB30FF50DA} - C:\WINDOWS\appul32.dll
O2 - BHO: Class - {0E07F1CC-6044-9AB8-86B3-B33F53CA4787} - C:\WINDOWS\javaph.dll
O2 - BHO: Class - {0E3BEE03-C426-F488-CA26-D938932339AC} - C:\WINDOWS\system32\ntqt.dll
O2 - BHO: Class - {0F0E061E-FA0C-0C44-F0D9-0E0C21180458} - C:\WINDOWS\mfcnb.dll
O2 - BHO: Class - {0FCDFA68-74F9-605A-8029-180E50A9964A} - C:\WINDOWS\system32\netai.dll
O2 - BHO: Class - {102D7ADF-B1F2-150B-DD47-0D7AE8ECDFE0} - C:\WINDOWS\javabo.dll
O2 - BHO: Class - {10FF78CB-D256-A957-AA38-C09CAEAA3E70} - C:\WINDOWS\system32\mfcgx.dll
O2 - BHO: Class - {116B5897-9869-1B77-3DC7-646F9CB58D2B} - C:\WINDOWS\system32\msrn32.dll
O2 - BHO: Class - {11BE3648-39DF-4A8F-2B7F-AF543F3C21DF} - C:\WINDOWS\sysmx32.dll
O2 - BHO: Class - {11BEC0B9-C370-4820-FE14-3C42B32E0875} - C:\WINDOWS\system32\apitx.dll
O2 - BHO: Class - {124EC0E5-C940-3ED0-1241-6B1E7CF1D1E8} - C:\WINDOWS\d3xq.dll
O2 - BHO: Class - {1323364A-6290-C22E-760E-ABFCF4445116} - C:\WINDOWS\system32\iehq32.dll
O2 - BHO: Class - {13B77FE1-9911-A0C2-1D01-61CA21EAEB83} - C:\WINDOWS\system32\addbt.dll
O2 - BHO: Class - {13C3D1A3-A53A-6BFB-F6CA-8FA7292FE0F0} - C:\WINDOWS\sdkzj.dll
O2 - BHO: Class - {14882629-ECB5-DB2D-9FF8-D87930DD6A0A} - C:\WINDOWS\iefb32.dll
O2 - BHO: Class - {153707B5-D0ED-A171-CBB3-87B9E1296513} - C:\WINDOWS\atlwb32.dll
O2 - BHO: Class - {1546F4A6-423F-7B55-1F30-B621C06F5D69} - C:\WINDOWS\system32\d3bu32.dll
O2 - BHO: Class - {1676763F-15C3-F5F2-9C0B-0631705661ED} - C:\WINDOWS\ntng32.dll
O2 - BHO: Class - {16A67573-5153-0344-B04A-BF8F43B5057F} - C:\WINDOWS\sdkql.dll
O2 - BHO: Class - {16B25743-B02B-E5F0-F1AE-94D196232E38} - C:\WINDOWS\winkl.dll
O2 - BHO: Class - {16BD821E-5751-423E-4850-6CC5D07FECD8} - C:\WINDOWS\winfc32.dll
O2 - BHO: Class - {16D601F6-E41B-1A0C-95AA-2EF05F7C37EE} - C:\WINDOWS\system32\appze.dll
O2 - BHO: Class - {17094FC7-F985-CD03-CB64-049B61C2C70E} - C:\WINDOWS\system32\addcg.dll
O2 - BHO: Class - {1713182A-5092-DD29-01DB-F0D69793396C} - C:\WINDOWS\addco.dll
O2 - BHO: Class - {1760E281-B7CE-24A2-166B-0B9F9BB7B8A9} - C:\WINDOWS\system32\netpc32.dll
O2 - BHO: Class - {17A1BA50-1F42-91DF-8D52-9482601397EF} - C:\WINDOWS\apigp32.dll
O2 - BHO: Class - {18C9B52B-7151-9593-8427-72C86515DCDE} - C:\WINDOWS\appcb.dll
O2 - BHO: Class - {1A828816-226B-81EE-2E66-CFEBA8E97E2F} - C:\WINDOWS\apibh32.dll
O2 - BHO: Class - {1AF1C718-5A24-D7BB-592A-F2291195734F} - C:\WINDOWS\appbe32.dll
O2 - BHO: Class - {1B7649CB-3BCF-46D5-F4A7-39AEAE5625AB} - C:\WINDOWS\crzn.dll
O2 - BHO: Class - {1B849856-C2B0-C16F-7AA2-AF1A44A6BEDA} - C:\WINDOWS\system32\ipma32.dll
O2 - BHO: Class - {1B9CCCD9-3DA0-5E43-A4CE-924A8F49CC0F} - C:\WINDOWS\system32\iexs.dll
O2 - BHO: Class - {1DF846A3-16F9-BEC1-05D0-31207FD24B28} - C:\WINDOWS\system32\javaxu32.dll
O2 - BHO: Class - {1E94F949-F3F0-5C64-038A-53C68D35F288} - C:\WINDOWS\system32\javalr.dll
O2 - BHO: Class - {1EB77D8F-DC5A-7E55-59FC-844CAE64FC70} - C:\WINDOWS\syslm.dll
O2 - BHO: Class - {1EDBFE12-619A-B05D-D81A-42593402A991} - C:\WINDOWS\appsh.dll
O2 - BHO: Class - {1F1A3DD0-5DB3-08D8-FE9F-CB49DA5EFA2E} - C:\WINDOWS\system32\syspu.dll
O2 - BHO: Class - {1F7B837E-CC0C-8A77-DD3C-43144BEFEB4B} - C:\WINDOWS\d3nm32.dll
O2 - BHO: Class - {1F8E709E-AEC3-AC71-0350-66348A990C05} - C:\WINDOWS\system32\msps.dll
O2 - BHO: Class - {204BFD00-8711-E685-9059-B543F47899E1} - C:\WINDOWS\system32\d3tx32.dll
O2 - BHO: Class - {2067DEDB-34F7-9CC4-7353-3E1E927B32A3} - C:\WINDOWS\system32\d3lc32.dll
O2 - BHO: Class - {22A99D53-6CB9-33A5-DED6-D04F5F0F1AE8} - C:\WINDOWS\system32\d3nm32.dll
O2 - BHO: Class - {22B1BD81-78EF-C72F-0793-EFF78ED6B103} - C:\WINDOWS\system32\javalf.dll
O2 - BHO: Class - {2345C8ED-802B-A5E6-4EE8-68E9D4825903} - C:\WINDOWS\iedl.dll
O2 - BHO: Class - {23DA50CE-1A25-2F1D-13E6-38C10B86A8F2} - C:\WINDOWS\appug32.dll
O2 - BHO: Class - {23E29B01-78ED-B227-C0D9-7F01F2621B9A} - C:\WINDOWS\system32\addbd32.dll
O2 - BHO: Class - {24BE1459-795A-5BA6-B9B1-DC1A2D1652EF} - C:\WINDOWS\system32\winmg.dll
O2 - BHO: Class - {25058AE5-5371-3EC0-9CB9-B7B2AE83A00A} - C:\WINDOWS\system32\crmn.dll
O2 - BHO: Class - {259EE5B9-79F9-788C-1426-7B4E6B1A0211} - C:\WINDOWS\addic32.dll
O2 - BHO: Class - {28223167-A6CC-2F8F-758F-1F424FBB380E} - C:\WINDOWS\system32\mfcyi.dll
O2 - BHO: Class - {28FF0DAA-6EDD-259A-83C4-EADDF15D72AD} - C:\WINDOWS\system32\mfcbl32.dll
O2 - BHO: Class - {29FC66BD-3EA4-3F16-0ABF-93515F25ED12} - C:\WINDOWS\winjx32.dll
O2 - BHO: Class - {2A37058B-D1BB-61D1-21BA-B7A66036D544} - C:\WINDOWS\appkg32.dll
O2 - BHO: Class - {2A696067-2ABB-2ABE-9CCF-E895A174E181} - C:\WINDOWS\wintm.dll
O2 - BHO: Class - {2AD24B66-877B-347B-4D3D-73A13C8BB2CB} - C:\WINDOWS\netdg.dll
O2 - BHO: Class - {2ADD1D56-2534-91AF-C52E-680B595C6999} - C:\WINDOWS\system32\ierm32.dll
O2 - BHO: Class - {2CE88230-1C35-89B5-88A0-B07ACA0B401D} - C:\WINDOWS\system32\ntjf.dll
O2 - BHO: Class - {2CEB755B-6BCC-9879-D315-A49FBFA75BD7} - C:\WINDOWS\ntux.dll
O2 - BHO: Class - {2CFF8F86-4117-E570-DCB8-49CE5BB1B815} - C:\WINDOWS\apijn32.dll
O2 - BHO: Class - {2D83144A-96F5-FD55-350C-BB36CBABB8B2} - C:\WINDOWS\system32\msyf.dll
O2 - BHO: Class - {2D9A5F30-BB39-3C3B-1DB0-A4572E5E7077} - C:\WINDOWS\ipot32.dll
O2 - BHO: Class - {2E5DB345-70C0-FF98-D20F-C69A65169900} - C:\WINDOWS\system32\mfclq32.dll
O2 - BHO: Class - {2EDD9108-F5D8-936A-8F9A-116CB847DCC0} - C:\WINDOWS\d3mx32.dll
O2 - BHO: Class - {2F1C51B0-AC7F-A18C-6486-8BD910B563C3} - C:\WINDOWS\system32\sdktf32.dll
O2 - BHO: Class - {2F7660FB-0CEA-4B11-A8C5-3175CFDBA441} - C:\WINDOWS\system32\windj32.dll
O2 - BHO: Class - {2FA6B0AE-AAE8-9CDC-8004-516B1C672B52} - C:\WINDOWS\appqi32.dll
O2 - BHO: Class - {2FCA3DE0-0928-B4AD-0D83-44697B4D7A24} - C:\WINDOWS\atlyc32.dll
O2 - BHO: Class - {300881BB-DD69-DBCB-AE92-B05A3E8707E1} - C:\WINDOWS\iewo.dll
O2 - BHO: Class - {309B0370-9499-BD83-5B63-522A8DC7EFD4} - C:\WINDOWS\system32\ntmi.dll
O2 - BHO: Class - {30B92BEE-1F2E-CDB3-9958-2877E3A478BF} - C:\WINDOWS\ipwf32.dll
O2 - BHO: Class - {30C15F1B-B902-8769-7E97-07B632351674} - C:\WINDOWS\netza.dll
O2 - BHO: Class - {3202B39B-A35B-BCEE-9DB0-68ED2C239785} - C:\WINDOWS\system32\crfq.dll
O2 - BHO: Class - {32647596-213A-8327-EDB5-24A45C5C5E36} - C:\WINDOWS\sdkig.dll
O2 - BHO: Class - {32D819AE-5E1D-5524-783B-C8993083716B} - C:\WINDOWS\winwr.dll
O2 - BHO: Class - {33AC10E4-94BE-C3D0-855D-41F27DCEDD3D} - C:\WINDOWS\system32\msma.dll
O2 - BHO: Class - {33EC6E43-4826-94FA-3A03-B94290B62B85} - C:\WINDOWS\iehb.dll
O2 - BHO: Class - {34563B77-50A7-B32B-750C-907E592AD1F7} - C:\WINDOWS\system32\ntiw.dll
O2 - BHO: Class - {3487A0E4-207B-E09F-81B8-A8EDBD853E83} - C:\WINDOWS\mfchd32.dll
O2 - BHO: Class - {3585FF78-2F11-FF4A-2596-1DF8EA166C87} - C:\WINDOWS\system32\javayr32.dll
O2 - BHO: Class - {36CC50DE-E932-3435-B11B-709E3AFE8849} - C:\WINDOWS\sdkfz.dll
O2 - BHO: Class - {3712D7D0-9565-F99D-D800-6036A77E45C4} - C:\WINDOWS\crdy32.dll
O2 - BHO: Class - {38270C16-6F54-81A1-B343-987591F9FF85} - C:\WINDOWS\system32\iexa32.dll
O2 - BHO: Class - {38683242-D589-5595-2821-3BE52429FEC3} - C:\WINDOWS\system32\appks32.dll
O2 - BHO: Class - {38A13BE2-44E2-8EAD-D101-458EB7B89D67} - C:\WINDOWS\system32\javadg32.dll
O2 - BHO: Class - {38EB7DA0-52FB-AADA-9FBF-2A397DD19AA1} - C:\WINDOWS\system32\crln32.dll
O2 - BHO: Class - {3ADF6BD5-30EF-8D1D-8D7D-3A0CDCC2FD01} - C:\WINDOWS\system32\appxc.dll
O2 - BHO: Class - {3AEAD8F8-7409-2055-D03F-1E630CC0A5B8} - C:\WINDOWS\winot.dll
O2 - BHO: Class - {3AF46D2B-238E-2C0A-6C63-109D3CE5E7C0} - C:\WINDOWS\addsz32.dll
O2 - BHO: Class - {3AF61C43-088F-A3C6-4312-3AB906276F3A} - C:\WINDOWS\system32\winfu.dll
O2 - BHO: Class - {3BA5C516-2E23-6854-9EFC-21E89FEB7C2E} - C:\WINDOWS\system32\mspl.dll
O2 - BHO: Class - {3BB31146-3116-E523-81A1-39DC94BD27E5} - C:\WINDOWS\system32\appdm32.dll
O2 - BHO: Class - {3BD916EE-69B6-9D47-6347-D97C3BA97F02} - C:\WINDOWS\system32\mfcam32.dll
O2 - BHO: Class - {3C69B1A3-D6E3-9B58-A742-1A46F3BDB7CE} - C:\WINDOWS\winqw.dll
O2 - BHO: Class - {3C73D315-DD9F-9F82-0398-D2936B2878B2} - C:\WINDOWS\ntfs32.dll
O2 - BHO: Class - {3C7FB04E-255B-74C8-0E5F-D8E57CAAC3BC} - C:\WINDOWS\apphf32.dll
O2 - BHO: Class - {3D2ACA16-3F1C-BF97-6524-0F7072E1E895} - C:\WINDOWS\netnx32.dll
O2 - BHO: Class - {3D983ED1-97AB-F11D-D545-3A47F28CC430} - C:\WINDOWS\system32\winuq.dll
O2 - BHO: Class - {3E8EDD63-7719-B595-1F25-C50F23DBF99D} - C:\WINDOWS\system32\javakb32.dll
O2 - BHO: Class - {40430AEB-7146-EE85-0D82-B57E2A8F44A9} - C:\WINDOWS\addwr.dll
O2 - BHO: Class - {4089564D-FCC7-C2D7-9F2A-ED05B543E8CA} - C:\WINDOWS\system32\sysfa32.dll
O2 - BHO: Class - {4097E29E-2A74-3EEA-7090-0E73AF19AC3E} - C:\WINDOWS\apiri32.dll
O2 - BHO: Class - {4249913F-B87B-5BCB-BDAC-0E589CD03682} - C:\WINDOWS\system32\appkx32.dll
O2 - BHO: Class - {42874627-68BA-AD3E-2E5A-AF9C92CF61D3} - C:\WINDOWS\system32\ieov32.dll
O2 - BHO: Class - {42B28786-0E2F-6823-286D-BA74F50C3A0D} - C:\WINDOWS\addww32.dll
O2 - BHO: Class - {42B6D2AA-FC71-B406-F3BA-1E0D9D759441} - C:\WINDOWS\apphf.dll
O2 - BHO: Class - {43544B19-A240-DF9B-5CE9-9DC02154188E} - C:\WINDOWS\system32\d3bt32.dll
O2 - BHO: Class - {4407E807-267B-A3CE-F228-77149FA4302C} - C:\WINDOWS\system32\sysex.dll
O2 - BHO: Class - {4478A40E-095C-9113-16CA-AAE4FCB0841A} - C:\WINDOWS\netyz32.dll
O2 - BHO: Class - {44D83962-1E60-044C-50E1-DCC0B1C6B08C} - C:\WINDOWS\atlop32.dll
O2 - BHO: Class - {45723711-8D3F-C8F9-24E0-F252B24B3148} - C:\WINDOWS\sdkau.dll
O2 - BHO: Class - {45BF02B3-6F53-F516-CA0B-8B10C0085204} - C:\WINDOWS\apigq32.dll
O2 - BHO: Class - {460072CA-8C43-F205-2195-C713F1949B30} - C:\WINDOWS\javasu32.dll
O2 - BHO: Class - {46030852-EC50-153A-66BC-0BAEA8CBC16A} - C:\WINDOWS\system32\msjb.dll
O2 - BHO: Class - {469875BB-BC3F-507E-B350-021484557DB4} - C:\WINDOWS\system32\d3nj32.dll
O2 - BHO: Class - {477DF9B4-C171-F601-74D6-D3697B4B1E8B} - C:\WINDOWS\addct32.dll
O2 - BHO: Class - {48604E09-168D-FEB9-0B26-5518D029DA95} - C:\WINDOWS\system32\ipxh.dll
O2 - BHO: Class - {4861F239-22C4-39AD-0E05-069E210E1F47} - C:\WINDOWS\javani.dll
O2 - BHO: Class - {4A6CF2F7-DDDD-2A8C-FF62-94A72AA7954F} - C:\WINDOWS\appja32.dll
O2 - BHO: Class - {4B898F0F-81A2-A0FB-5F4C-37100AC2D624} - C:\WINDOWS\system32\d3ew32.dll
O2 - BHO: Class - {4C97FF57-707D-49B6-2CBA-7996791E6202} - C:\WINDOWS\netdt32.dll
O2 - BHO: Class - {4CB86D61-970D-C338-7AD0-8B13C488150E} - C:\WINDOWS\sdkcd32.dll
O2 - BHO: Class - {4CC0A8A4-E4C5-6742-27C3-C153BB6598A6} - C:\WINDOWS\ippg32.dll
O2 - BHO: Class - {4D55F1A8-55DA-AA1A-83F6-E4407B24CCE5} - C:\WINDOWS\system32\ipdb.dll
O2 - BHO: Class - {4D77B656-3929-8E8D-2C15-42407E685FFA} - C:\WINDOWS\crlh32.dll
O2 - BHO: Class - {4DB64B88-0933-55E1-5343-261A238D2B60} - C:\WINDOWS\ntfk32.dll
O2 - BHO: Class - {4EC3A22A-5434-CC1A-4E91-B9094044E2D6} - C:\WINDOWS\system32\ipmm.dll
O2 - BHO: Class - {4EF173C7-37FB-764C-4EE2-D86CB880FB29} - C:\WINDOWS\sysmy32.dll
O2 - BHO: Class - {4EFEDBE3-55DF-655C-7684-265961EDD697} - C:\WINDOWS\javaci32.dll
O2 - BHO: Class - {4F5D7708-5CE8-F0D7-D1F2-50B7B257B1EF} - C:\WINDOWS\javats.dll
O2 - BHO: Class - {50AA68D1-B792-9F1D-0E5A-E28E5958CC5B} - C:\WINDOWS\system32\mfcse32.dll
O2 - BHO: Class - {50B7CF0C-8AE5-BB42-E622-CE649815FF71} - C:\WINDOWS\system32\atlvo.dll
O2 - BHO: Class - {50D98177-3925-757E-8E92-625565712438} - C:\WINDOWS\d3ce.dll
O2 - BHO: Class - {510C09CC-B06A-EFC8-2E17-38F386848F3E} - C:\WINDOWS\crud32.dll
O2 - BHO: Class - {5169D876-4C97-5087-3456-0DCBB0716BC9} - C:\WINDOWS\iezy32.dll
O2 - BHO: Class - {5395C6CC-9119-AA2E-B008-2D31A543B883} - C:\WINDOWS\system32\atlia.dll
O2 - BHO: Class - {539B572E-7B0F-7CC3-9352-C94BF984726F} - C:\WINDOWS\apikl.dll
O2 - BHO: Class - {54255AC2-2B7F-9119-713D-1BFBB01E8BCD} - C:\WINDOWS\nethy.dll
O2 - BHO: Class - {54D0E15D-04E1-F4B0-9D57-9A826010E6AA} - C:\WINDOWS\ipkl.dll
O2 - BHO: Class - {55AC4EE7-4B4F-A677-88EE-C19AD29C7B4D} - C:\WINDOWS\system32\iedk32.dll
O2 - BHO: Class - {55E7FCAD-77C1-35FF-8206-D7405C6CDFAB} - C:\WINDOWS\ippb32.dll
O2 - BHO: Class - {5624FB2A-5E7E-C67B-2C18-0AAF52EEFBB0} - C:\WINDOWS\ipun32.dll
O2 - BHO: Class - {565744A1-C652-BC19-4230-289DA72A989C} - C:\WINDOWS\netur32.dll
O2 - BHO: Class - {572A44A6-4945-DA71-B13F-066F8EC29E66} - C:\WINDOWS\appex.dll
O2 - BHO: Class - {5732A44D-F6D6-76F6-4E92-2027907B8818} - C:\WINDOWS\system32\d3bo.dll
O2 - BHO: Class - {574F5154-24C8-7C08-5A89-1EF0CC0ABB65} - C:\WINDOWS\system32\ntwj.dll
O2 - BHO: Class - {5994FD3E-5FC2-9A72-EE68-06292ACBFC71} - C:\WINDOWS\system32\ntqw32.dll
O2 - BHO: Class - {5BE76740-FD01-49B4-5ABA-AA49D68044EF} - C:\WINDOWS\sdklr.dll
O2 - BHO: Class - {5C145150-DD6C-53BA-84AE-224D696D255B} - C:\WINDOWS\ntej32.dll
O2 - BHO: Class - {5C2283D1-61C9-9337-3709-169AA24C7206} - C:\WINDOWS\system32\sysjx.dll
O2 - BHO: Class - {5C74F9CB-19A6-7A1A-EAF6-EB84A7061D05} - C:\WINDOWS\system32\mfcpy.dll
O2 - BHO: Class - {5E709357-9905-BEDE-6228-649AC8CA2565} - C:\WINDOWS\system32\d3sd32.dll
O2 - BHO: (no name) - {5E7FFA99-C5C0-6BFA-DA44-8A9DB0AE94FD} - (no file)
O2 - BHO: Class - {604368E9-EA0B-0E3E-E1F2-50F1DD1F7690} - C:\WINDOWS\system32\mfcan.dll
O2 - BHO: Class - {610207BA-E8D7-9260-B756-291184C1BFB4} - C:\WINDOWS\ieqy32.dll
O2 - BHO: Class - {61675AEA-0AAC-FB29-2A8B-E712314B4A52} - C:\WINDOWS\system32\msxv.dll
O2 - BHO: Class - {61BB595D-A6B2-4293-216F-8317630E1849} - C:\WINDOWS\system32\crwi.dll
O2 - BHO: Class - {6248255C-2322-395B-0A66-A5455141BD55} - C:\WINDOWS\system32\sdkfe32.dll
O2 - BHO: Class - {628389AE-FDE9-F181-ABB4-DB08BD5345BC} - C:\WINDOWS\d3ph.dll
O2 - BHO: Class - {6292CB7C-CAEA-9541-226F-1C73897C3C39} - C:\WINDOWS\d3ki.dll
O2 - BHO: Class - {629FEEBC-8D1F-BA64-26C3-686D45062880} - C:\WINDOWS\system32\cryp.dll
O2 - BHO: Class - {630B5448-88BA-594C-A5C4-16A53B83F0F9} - C:\WINDOWS\system32\ipqh32.dll
O2 - BHO: Class - {6469535C-868D-78CB-87BD-9BF74E0AEB7A} - C:\WINDOWS\system32\addsz.dll
O2 - BHO: Class - {646D843D-7CDF-78F8-2D9D-391E871C2089} - C:\WINDOWS\iplz.dll
O2 - BHO: Class - {646F2028-8431-3C1F-122B-739B5643F144} - C:\WINDOWS\system32\apptc32.dll
O2 - BHO: Class - {646F6A47-24D0-2033-3709-4F9D79ED6FC9} - C:\WINDOWS\atlqm.dll
O2 - BHO: Class - {64ACBCED-4C70-32ED-5E7C-6D6EFEDA085F} - C:\WINDOWS\mfcvq32.dll
O2 - BHO: Class - {64CA0FC6-5085-C447-8988-25C5AC6CDBBE} - C:\WINDOWS\system32\netuu32.dll
O2 - BHO: Class - {651DA460-C8D1-926D-7E35-8258A39BB7C2} - C:\WINDOWS\atldp32.dll
O2 - BHO: Class - {652D4929-5C76-94A9-0C3D-31460592C199} - C:\WINDOWS\system32\winbk.dll
O2 - BHO: Class - {6565FF3C-2255-1708-8543-85E668E94D6C} - C:\WINDOWS\system32\apimc32.dll
O2 - BHO: Class - {66E7A648-A2D0-B506-715E-8D564D8364C2} - C:\WINDOWS\system32\netma32.dll
O2 - BHO: Class - {6736D543-9459-D61F-8FA7-A53653949C0D} - C:\WINDOWS\netbr32.dll
O2 - BHO: Class - {681772EF-1514-33C7-0408-B8771F24D4CB} - C:\WINDOWS\d3ed.dll
O2 - BHO: Class - {683DA086-8E62-5396-D4EF-2401FF58EB59} - C:\WINDOWS\system32\ipxf.dll
O2 - BHO: Class - {69848259-E5F3-2574-2AEE-41BB1DBD3EAC} - C:\WINDOWS\msap32.dll
O2 - BHO: Class - {69A8069F-CE5E-4765-8040-82403FEC3895} - C:\WINDOWS\system32\netln32.dll
O2 - BHO: Class - {69A989AD-BFBB-9324-846E-194CABCE649B} - C:\WINDOWS\system32\ntob32.dll
O2 - BHO: Class - {69C0535E-8F6B-1482-8F80-DF6B338BFBF8} - C:\WINDOWS\system32\crlw32.dll
O2 - BHO: Class - {6A9A98A4-1733-141A-04B1-536A43E5A00C} - C:\WINDOWS\netdc.dll
O2 - BHO: Class - {6AA3715D-405C-076E-8F16-52A674C871DB} - C:\WINDOWS\system32\addlc32.dll
O2 - BHO: Class - {6AA46007-7E40-353F-4B29-4EB589B6027B} - C:\WINDOWS\ntwi32.dll
O2 - BHO: Class - {6B2E69E2-80CF-0FCD-2529-005B76F6EB87} - C:\WINDOWS\system32\msxa32.dll
O2 - BHO: Class - {6BEF21ED-FE12-619A-B05D-D81A14259340} - C:\WINDOWS\atlax32.dll
O2 - BHO: Class - {6BFB4F8E-42B3-1853-FED2-0CE716BE6757} - C:\WINDOWS\system32\d3by.dll
O2 - BHO: Class - {6D5086FD-B70A-A21D-970A-511772E1A75C} - C:\WINDOWS\creb32.dll
O2 - BHO: Class - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - C:\WINDOWS\system32\sysnk.dll
O2 - BHO: Class - {6F3DF768-3C51-2FC4-8417-FD3009EF0F08} - C:\WINDOWS\netpb32.dll
O2 - BHO: Class - {6F80CE58-E9EF-47A6-EE09-D515FF3D4D49} - C:\WINDOWS\sdklh.dll
O2 - BHO: Class - {6F99DB7E-CFDF-18F9-0B84-6D52A771173C} - C:\WINDOWS\system32\sdkie32.dll
O2 - BHO: Class - {6FBFD571-083B-0404-2CF4-4D02FE84655B} - C:\WINDOWS\system32\ntus.dll
O2 - BHO: Class - {70337B1D-11EA-9346-27AA-F77086D05C11} - C:\WINDOWS\syszv32.dll
O2 - BHO: Class - {70B1A180-F009-3014-DEDC-432095A475AF} - C:\WINDOWS\addze32.dll
O2 - BHO: Class - {70B30880-F84D-EE39-FE16-EDB1E1A80F9A} - C:\WINDOWS\system32\iely32.dll
O2 - BHO: Class - {70C06EC5-199D-FEF2-7785-6D008B0AC3BA} - C:\WINDOWS\javaau.dll
O2 - BHO: Class - {7121259F-441E-E13B-61A6-168C5EC38A14} - C:\WINDOWS\system32\iphd.dll
O2 - BHO: Class - {719E6513-D632-2EF9-585A-CBABAA0E69DC} - C:\WINDOWS\cren32.dll
O2 - BHO: Class - {72D633DF-F78E-4CB0-8219-60FA41D1EFE7} - C:\WINDOWS\mskk.dll
O2 - BHO: Class - {72E2A979-EAEA-2FA7-5086-F53AE6460277} - C:\WINDOWS\sdkcu.dll
O2 - BHO: Class - {74573A6C-C0FD-80B4-5489-3A6D60261E63} - C:\WINDOWS\system32\ntqn32.dll
O2 - BHO: Class - {7585E61C-CBB8-8C7F-66E0-1C519B9044FA} - C:\WINDOWS\d3dq32.dll
O2 - BHO: (no name) - {75D05867-E38D-2939-A8D4-F77D51475C5A} - (no file)
O2 - BHO: Class - {78397146-034F-3E67-9127-DD62A91D02AD} - C:\WINDOWS\ipae.dll
O2 - BHO: Class - {79062573-086D-5A0F-D7B9-40FCC3638669} - C:\WINDOWS\system32\iptq32.dll
O2 - BHO: (no name) - {798A3875-F0CF-E2B2-3196-D55E89CDEF04} - (no file)
O2 - BHO: Class - {7B316A9C-6980-991E-D5E2-EDEB4A735241} - C:\WINDOWS\crqw32.dll
O2 - BHO: Class - {7B4CB4A8-D1EF-22A5-DC8A-5D41F0137145} - C:\WINDOWS\netvh.dll
O2 - BHO: Class - {7C3F5115-13B8-F3E5-3A5F-4F6BD2411BED} - C:\WINDOWS\apiui.dll
O2 - BHO: Class - {7C77122B-026F-9791-38EB-B10B289B5B82} - C:\WINDOWS\system32\ipzb.dll
O2 - BHO: Class - {7D8E9033-94CD-739D-8A5B-376572E16A8C} - C:\WINDOWS\system32\appte32.dll
O2 - BHO: Class - {7E1181D1-3C72-2402-8167-9DC0FB9A9570} - C:\WINDOWS\sysmq32.dll
O2 - BHO: Class - {7E138803-B04F-E7FE-F90D-174F78CA6C63} - C:\WINDOWS\apprg32.dll
O2 - BHO: Class - {7FD58EC4-B55E-2A44-DFAB-99005B7E4071} - C:\WINDOWS\crpd32.dll
O2 - BHO: Class - {80E8BCDE-64B0-C3D0-A6E1-0DA0877E6210} - C:\WINDOWS\system32\winxr32.dll
O2 - BHO: Class - {8144B36B-0CAB-4B25-CC47-F48322B3263D} - C:\WINDOWS\apiak32.dll
O2 - BHO: Class - {81D25943-2085-D1C4-2F01-1C9877C3D278} - C:\WINDOWS\system32\sdkog.dll
O2 - BHO: Class - {81D3418A-9625-4C94-1B9D-02B573A0B877} - C:\WINDOWS\system32\mspz32.dll
O2 - BHO: Class - {82288C41-7D9C-ACA6-B1EB-D7DB067AC72B} - C:\WINDOWS\atleh32.dll
O2 - BHO: Class - {8258A0E9-18F6-B253-C69A-64B1F4A6E2C8} - C:\WINDOWS\atlwh.dll
O2 - BHO: Class - {834B70C4-08A7-7082-A675-EFDC4D348484} - C:\WINDOWS\system32\atlfv32.dll
O2 - BHO: Class - {83C08741-7DD6-E1E8-DFFA-D55F3DFD30B7} - C:\WINDOWS\netzy.dll
O2 - BHO: Class - {83EBAF80-FDC9-395C-7F4C-6E85D8F3AEC5} - C:\WINDOWS\system32\mscd32.dll
O2 - BHO: Class - {8455ADD6-2004-47C2-9816-6F3B875B7CE3} - C:\WINDOWS\system32\crex32.dll
O2 - BHO: Class - {84D6A0AA-3EC4-07BA-6550-B79683EEB9B1} - C:\WINDOWS\system32\mswz.dll
O2 - BHO: Class - {867653BB-CBDA-5ADF-86A5-ECF1FB3432E2} - C:\WINDOWS\netuz32.dll
O2 - BHO: Class - {877B5096-0FB9-2632-5448-A94D5150B850} - C:\WINDOWS\system32\ntrn32.dll
O2 - BHO: Class - {877CAAEB-2293-602B-7876-793995AAE631} - C:\WINDOWS\system32\ntfw32.dll
O2 - BHO: Class - {88BBF9A8-1EBB-A896-9EFB-F2292B0737CF} - C:\WINDOWS\system32\netsv.dll
O2 - BHO: Class - {8A98241B-FE20-D008-805C-5BC0B7C14266} - C:\WINDOWS\system32\mfchp.dll
O2 - BHO: Class - {8B82102E-F491-66D2-F758-5BB004FEE44C} - C:\WINDOWS\windd.dll
O2 - BHO: Class - {8B9B410F-0A67-22CE-3941-CB77C211A4A9} - C:\WINDOWS\javabp32.dll
O2 - BHO: Class - {8C6233B9-0AC4-7DAC-AEB8-897EA23435DD} - C:\WINDOWS\ntzc.dll
O2 - BHO: Class - {8C70ABA6-D9B7-D043-9FBD-C653704D8236} - C:\WINDOWS\system32\ipdw.dll
O2 - BHO: Class - {8C70E5C4-7966-C457-B59B-A255A3E7EFBC} - C:\WINDOWS\system32\sysoy32.dll
O2 - BHO: Class - {8D0585C2-7837-436E-A1A5-25C507937285} - C:\WINDOWS\appwj.dll
O2 - BHO: Class - {8D1BAA26-F985-1788-3C2F-DBED986F74EE} - C:\WINDOWS\system32\winju32.dll
O2 - BHO: Class - {8ECE1E98-E8BF-1F28-C6BE-4B4F73514849} - C:\WINDOWS\winlt.dll
O2 - BHO: Class - {8F25C446-FCA0-E176-9876-4060D9B1BE10} - C:\WINDOWS\javatw.dll
O2 - BHO: Class - {8F25DEB8-3391-C994-0370-06E9127B615A} - C:\WINDOWS\system32\addrw32.dll
O2 - BHO: Class - {8F847879-40F7-B232-AEC5-D3214B36C965} - C:\WINDOWS\addeq32.dll
O2 - BHO: Class - {8F9CE5C4-7A8B-60FC-A8C2-8E61BD61D4BF} - C:\WINDOWS\mfcnj.dll
O2 - BHO: Class - {91EF62AC-1515-4102-869D-7CF17FBD48DC} - C:\WINDOWS\atliw32.dll
O2 - BHO: Class - {91F6D3FF-75DE-A3F4-BDDB-CEAB798A115F} - C:\WINDOWS\system32\winms.dll
O2 - BHO: Class - {927DD87A-66BA-9B9F-0879-783B761C8F50} - C:\WINDOWS\atlum32.dll
O2 - BHO: Class - {92B633A3-0AC2-646E-E2D7-D9D8DFA4C0CD} - C:\WINDOWS\iejh32.dll
O2 - BHO: Class - {92D83A26-147B-6F87-83E4-B271371785C1} - C:\WINDOWS\appkd32.dll
O2 - BHO: Class - {934022E3-4A67-7059-D032-46007A715210} - C:\WINDOWS\system32\mfces.dll
O2 - BHO: Class - {9347DCAE-D4C8-BCF3-AEE9-E2B1A1821BA8} - C:\WINDOWS\atlym.dll
O2 - BHO: Class - {937347AF-8267-7B4F-C2FD-7C75B9DE0881} - C:\WINDOWS\system32\apimb32.dll
O2 - BHO: Class - {94B07238-5DA7-46C7-3E9F-22E42CC1710A} - C:\WINDOWS\netpm.dll
O2 - BHO: Class - {964821EA-9370-D325-A9C3-9A9AC811F826} - C:\WINDOWS\system32\javaep.dll
O2 - BHO: Class - {964E2124-4EFC-8478-D558-FA3F46CA1604} - C:\WINDOWS\iebb32.dll
O2 - BHO: Class - {988C6476-5EA2-E122-57CE-2E4F86D27B58} - C:\WINDOWS\msgc.dll
O2 - BHO: Class - {9901B510-5371-56AC-A511-EFC399359401} - C:\WINDOWS\crit.dll
O2 - BHO: Class - {99E674B1-BD1C-9AB8-9C0E-C4FB2608BBD6} - C:\WINDOWS\atlzo32.dll
O2 - BHO: Class - {9AC98B09-E932-6B01-C983-A8AF24A16D40} - C:\WINDOWS\winzn.dll
O2 - BHO: Class - {9B02CB83-DCD2-2DB6-02DC-2D81D1BE1FE7} - C:\WINDOWS\d3mv32.dll
O2 - BHO: Class - {9C0B1C11-4B55-F4A7-0E89-A3C089B28991} - C:\WINDOWS\ipmu32.dll
O2 - BHO: Class - {9C53B9C2-DA43-9FE8-1CA5-21E8B34F522A} - C:\WINDOWS\system32\ipxp.dll
O2 - BHO: Class - {9DE2FBCC-AD05-1958-B77D-913F493B121A} - C:\WINDOWS\system32\netdu32.dll
O2 - BHO: Class - {9E6480CF-41D5-ADA6-566E-13AE9287A0CD} - C:\WINDOWS\system32\sdkeh.dll
O2 - BHO: Class - {9F8C6736-431A-A80F-7DB3-0D6C8BBD7EA1} - C:\WINDOWS\system32\netxx32.dll
O2 - BHO: Class - {A02E347F-8BF6-310A-944E-8F4FF9AA318A} - C:\WINDOWS\system32\iefm32.dll
O2 - BHO: Class - {A083F83A-C389-3B89-28F2-94347C2D6EF2} - C:\WINDOWS\system32\javayu.dll
O2 - BHO: Class - {A23E343E-58A3-FFA8-2F95-0FE8774232D1} - C:\WINDOWS\javaen32.dll
O2 - BHO: Class - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - C:\WINDOWS\atlki32.dll
O2 - BHO: Class - {A3D347B5-8D22-1E55-4D3E-C94C91F76762} - C:\WINDOWS\apikr32.dll
O2 - BHO: Class - {A40E210D-44F7-33DE-2D6C-292A6520AB82} - C:\WINDOWS\winpr32.dll
O2 - BHO: Class - {A5181EB4-FBCD-5B6F-4454-F9FEB6BD85FB} - C:\WINDOWS\system32\ntaj32.dll
O2 - BHO: Class - {A5363EEA-80FF-2D9D-B95C-136303CBE2E5} - C:\WINDOWS\system32\iphv.dll
O2 - BHO: Class - {A68F3DFF-6D4F-704D-DF3C-C62590315208} - C:\WINDOWS\system32\sysys.dll
O2 - BHO: Class - {A743397C-15FF-B350-E883-BF7404029D99} - C:\WINDOWS\system32\nttq32.dll
O2 - BHO: Class - {A7595DD0-954D-787A-73FC-769C95DF9F01} - C:\WINDOWS\system32\addwv32.dll
O2 - BHO: Class - {A7686D30-B576-3F3B-6990-2E06EB868F7B} - C:\WINDOWS\appgk.dll
O2 - BHO: Class - {A87070C2-BB4F-55A2-5375-ABE4322DA8C3} - C:\WINDOWS\system32\d3vg.dll
O2 - BHO: Class - {A8F6AA45-4788-6802-0A8B-624FBA5DC8CA} - C:\WINDOWS\system32\syshk32.dll
O2 - BHO: Class - {A9593486-C5F0-338D-36D5-AEC2E367709D} - C:\WINDOWS\nethd32.dll
O2 - BHO: Class - {A98BEA99-7B4B-FA3E-03F1-10C3D1AE7212} - C:\WINDOWS\system32\winuk.dll
O2 - BHO: Class - {AA0B70B4-0585-98FF-591D-792B7C365368} - C:\WINDOWS\mfcqb32.dll
O2 - BHO: Class - {AA3DBC87-F177-8D58-138B-069152EFDEAC} - C:\WINDOWS\system32\sysot32.dll
O2 - BHO: Class - {AA6F9854-E7A9-2FA2-2605-600B5705C69D} - C:\WINDOWS\ipsb32.dll
O2 - BHO: Class - {AAF322C0-53A3-24FC-C5E6-B062F9D982F9} - C:\WINDOWS\mfcma32.dll
O2 - BHO: Class - {ABD7967C-3F51-655C-C22D-34A94C9679EE} - C:\WINDOWS\system32\javacr.dll
O2 - BHO: Class - {AC2D8F55-4AC6-20AE-E0C0-B85403479114} - C:\WINDOWS\addzs.dll
O2 - BHO: Class - {ADCD2861-F951-CBB0-CD36-3C98A6A42196} - C:\WINDOWS\system32\winil32.dll
O2 - BHO: Class - {AE845430-3B50-352F-A6D3-21174EDCA037} - C:\WINDOWS\system32\javaix.dll
O2 - BHO: Class - {AE9AEB8F-0E7F-D767-F3C7-AF22C0FBA643} - C:\WINDOWS\atleu32.dll
O2 - BHO: Class - {AEE963C3-B79E-B7F1-4CBF-657FECF4CE92} - C:\WINDOWS\system32\appin.dll
O2 - BHO: Class - {AF21BBF6-248D-FEC6-977C-E433AC049B4A} - C:\WINDOWS\system32\addkd.dll
O2 - BHO: Class - {AF24C0CC-264C-C2F6-6BBC-FF4A88C674D6} - C:\WINDOWS\atlmo.dll
O2 - BHO: Class - {AF9E4499-5741-2FA8-A50F-64532BF9D788} - C:\WINDOWS\mshz.dll
O2 - BHO: Class - {B064CDCC-4563-66B0-0A96-37CF520ADED6} - C:\WINDOWS\system32\winwo32.dll
O2 - BHO: Class - {B0957B29-6605-0ACF-0683-0B29FEADFBE3} - C:\WINDOWS\system32\sysds.dll
O2 - BHO: Class - {B0FD6320-27E9-F236-D46C-1DBD5BB05BC1} - C:\WINDOWS\system32\apipi.dll
O2 - BHO: Class - {B264D484-9FD0-1008-BB3F-897E9586D92D} - C:\WINDOWS\system32\appvv.dll
O2 - BHO: Class - {B2D696D0-91BB-1E7F-44BB-A44FB1038DDF} - C:\WINDOWS\sdkio.dll
O2 - BHO: Class - {B31A4C19-741A-B567-F0E0-A2C7CDED6BD1} - C:\WINDOWS\system32\mfcjp32.dll
O2 - BHO: Class - {B3203551-0B4E-FCF6-9876-7B853EEBCC3F} - C:\WINDOWS\mfcdy.dll
O2 - BHO: Class - {B4C91D4F-8735-A88D-E8BE-4D168226F78A} - C:\WINDOWS\system32\d3rf32.dll
O2 - BHO: Class - {B5280A99-D3D1-117F-31CD-AB87AE880429} - C:\WINDOWS\crky.dll
O2 - BHO: Class - {B538BB10-3165-F984-CC16-9066CAB6B092} - C:\WINDOWS\netsn.dll
O2 - BHO: Class - {B58B9B1C-55D9-1746-5D04-4AD3FEBB33BE} - C:\WINDOWS\system32\netvf32.dll
O2 - BHO: Class - {B66EAEC2-2CE6-1697-9346-9B1E60E39650} - C:\WINDOWS\system32\msav.dll
O2 - BHO: Class - {B75BCD02-ABA7-9B5A-4478-A8AD97904CAC} - C:\WINDOWS\addnh32.dll
O2 - BHO: Class - {B796461E-A644-4E39-1933-D7EA1A81BA8E} - C:\WINDOWS\mfcmc.dll
O2 - BHO: Class - {B7C5F0FA-A733-E146-85CE-933DC6846D60} - C:\WINDOWS\ieij32.dll
O2 - BHO: Class - {B825595B-2058-BCA4-1A37-31A9B58CD033} - C:\WINDOWS\system32\winsp32.dll
O2 - BHO: Class - {B877A895-E66D-9B51-2A5E-B2821E0C16B0} - C:\WINDOWS\atlrd32.dll
O2 - BHO: Class - {B89B5A4B-A477-CC8D-A74D-8A1989AEEB9C} - C:\WINDOWS\system32\sysjf.dll
O2 - BHO: Class - {B9E4D006-7A30-6772-18E7-A2C7B4E14473} - C:\WINDOWS\javads.dll
O2 - BHO: Class - {B9FBC1A6-6B9A-7B6E-DE5D-CCFDD33AD068} - C:\WINDOWS\system32\appfl.dll
O2 - BHO: Class - {B9FBCC0E-658E-7FF9-97B0-FE0DA15F0299} - C:\WINDOWS\system32\mfcin32.dll
O2 - BHO: Class - {BB007F00-66B3-C207-453B-7CE8EDD79624} - C:\WINDOWS\sysqr32.dll
O2 - BHO: Class - {BB48572C-295E-5F17-1B6B-3589DA7CAB9B} - C:\WINDOWS\system32\sysox32.dll
O2 - BHO: Class - {BB5A0FC4-FCAF-FA07-2E59-B4F763DA2F07} - C:\WINDOWS\system32\sdkwd.dll
O2 - BHO: Class - {BBF5E38D-037F-77FE-1BD4-D0175630EF03} - C:\WINDOWS\apitm.dll
O2 - BHO: Class - {BC92A8D6-EC15-3C14-13BB-52BEF3DFBFA6} - C:\WINDOWS\mswg32.dll
O2 - BHO: Class - {BCC63AE6-D49C-A710-E427-27B59630AB82} - C:\WINDOWS\netbv32.dll
O2 - BHO: (no name) - {BD9FC8CA-2B4C-538D-74D9-3F302EFCBC86} - (no file)
O2 - BHO: Class - {BE086B08-211D-FFA7-7138-00EA0ABD2480} - C:\WINDOWS\system32\addfo.dll
O2 - BHO: Class - {BE109F8B-9C0D-8B9B-9B55-F31A546042B6} - C:\WINDOWS\winoo.dll
O2 - BHO: Class - {BE14A955-DD6C-A165-6A81-393FF536A2E2} - C:\WINDOWS\system32\ntbj.dll
O2 - BHO: Class - {BFA7FB09-7AC3-95E9-2881-B1966F738029} - C:\WINDOWS\winon32.dll
O2 - BHO: Class - {BFAA3D4F-3121-6765-035E-63AE94A824A9} - C:\WINDOWS\msnr32.dll
O2 - BHO: Class - {C2CC1826-44AA-2597-F243-7FEE13F6D54D} - C:\WINDOWS\system32\sdkrd.dll
O2 - BHO: Class - {C35E61AF-D4CC-C616-D8F0-C6D3B83A1702} - C:\WINDOWS\ntau.dll
O2 - BHO: Class - {C388D48F-0D9E-D287-957F-C50854563DE8} - C:\WINDOWS\netxm.dll
O2 - BHO: Class - {C3F84830-18F3-1D3D-C769-86D58A213F17} - C:\WINDOWS\apphd32.dll
O2 - BHO: Class - {C47E6517-9FEE-B27A-3EA8-BB572B11D25B} - C:\WINDOWS\system32\iehy.dll
O2 - BHO: Class - {C5E8FB41-08A4-948D-D9CA-321F51984943} - C:\WINDOWS\system32\apipr32.dll
O2 - BHO: Class - {C680FC92-CC8D-3933-941C-DB2ADEAD27D8} - C:\WINDOWS\javasi.dll
O2 - BHO: Class - {C682057F-E371-B29A-848C-7D9B32E2DD9C} - C:\WINDOWS\system32\appkm.dll
O2 - BHO: Class - {C6A53716-4EDC-CC43-99E1-9DBC615B7F1D} - C:\WINDOWS\system32\ntvd32.dll
O2 - BHO: Class - {C71388B9-CAAF-E409-BCE8-33736697C205} - C:\WINDOWS\appyu32.dll
O2 - BHO: Class - {C7B0E086-75CE-E71D-0DDA-51166A3A3D0F} - C:\WINDOWS\system32\mfced32.dll
O2 - BHO: Class - {C8F47880-52EF-4AA6-8D33-E43E9369AC13} - C:\WINDOWS\system32\ieui.dll
O2 - BHO: Class - {C91C2B34-D631-75C3-CD74-32FA1B2B0372} - C:\WINDOWS\system32\addyr32.dll
O2 - BHO: Class - {CA212655-5E8E-FD47-2580-32B04CA0E0B7} - C:\WINDOWS\d3qn.dll
O2 - BHO: Class - {CA9321F5-9849-30AD-6D1F-008B13CFD1D4} - C:\WINDOWS\ipdd.dll
O2 - BHO: Class - {CAEBAB9D-5B6A-D04D-3DF1-1992B30E11BB} - C:\WINDOWS\system32\applx.dll
O2 - BHO: Class - {CBAF5FF2-257D-3BA9-7FC4-8176A9916FCD} - C:\WINDOWS\d3vx.dll
O2 - BHO: Class - {CBBEC243-B125-F6CB-20B6-4A6446E07C07} - C:\WINDOWS\msci32.dll
O2 - BHO: Class - {CBCAC426-4AC6-B6CA-5FEB-39407E41AE7C} - C:\WINDOWS\ieue32.dll
O2 - BHO: Class - {CBD77B3F-8090-DD29-E058-34289DE3949A} - C:\WINDOWS\msbu32.dll
O2 - BHO: Class - {CC2E5D02-E711-BE07-3647-61D1BB49E8ED} - C:\WINDOWS\atlcx32.dll
O2 - BHO: Class - {CC67C393-741E-9B61-DB09-E37FD3F55B9B} - C:\WINDOWS\system32\ntxt32.dll
O2 - BHO: Class - {CC8F52DA-21F1-1A00-1DF7-6E14B89A961B} - C:\WINDOWS\system32\apito32.dll
O2 - BHO: Class - {CDB321C3-65E6-FD4B-0966-70348178E22A} - C:\WINDOWS\system32\appty32.dll
O2 - BHO: Class - {CDCF6DC4-9E36-A15E-5E68-4B01DC737125} - C:\WINDOWS\system32\winys.dll
O2 - BHO: Class - {CE4EFCA5-BE39-72B1-86A3-43F1C9A037D4} - C:\WINDOWS\msup.dll
O2 - BHO: Class - {CE7A710F-55BC-4498-742A-FEB5AF0058EF} - C:\WINDOWS\system32\crab32.dll
O2 - BHO: Class - {CE7F55BB-9429-AC8A-D9FC-39604EE56230} - C:\WINDOWS\ipql32.dll
O2 - BHO: Class - {CF3F3E61-9595-B4D3-EC0A-2911D33AF9CA} - C:\WINDOWS\netwx.dll
O2 - BHO: Class - {CFBA6A8B-141A-EFF7-2284-53A16D783BE4} - C:\WINDOWS\system32\d3pj32.dll
O2 - BHO: Class - {CFC2CF30-BAD3-6B1F-4A72-6F6A8D1F61C6} - C:\WINDOWS\crqs32.dll
O2 - BHO: Class - {D010E2E2-A168-789D-9E57-563AC50A66D0} - C:\WINDOWS\ntlb32.dll
O2 - BHO: Class - {D1B08BEF-61F3-13A0-6BCC-CB7E58770653} - C:\WINDOWS\netrz32.dll
O2 - BHO: Class - {D1DC71DB-95AD-1742-1B05-0653ADF80398} - C:\WINDOWS\sdkcf.dll
O2 - BHO: Class - {D1F50E66-9069-E055-C419-5AF69B876F46} - C:\WINDOWS\system32\apicr32.dll
O2 - BHO: Class - {D24C63AD-A963-E031-6313-22AD11D24EF1} - C:\WINDOWS\system32\ipgy32.dll
O2 - BHO: Class - {D4CB4CF2-3A32-88F6-F529-198F1CBBD1A6} - C:\WINDOWS\javamp.dll
O2 - BHO: Class - {D61D1D35-032C-D543-DA97-C2A2B06597AC} - C:\WINDOWS\system32\sdkto.dll
O2 - BHO: Class - {D7C24EDA-2656-4823-DC8B-F199CF3E738A} - C:\WINDOWS\system32\d3bg.dll
O2 - BHO: Class - {D8017933-B2A5-8733-0290-960149CE4D0D} - C:\WINDOWS\mfclh32.dll
O2 - BHO: Class - {D822CDEB-8143-2AA7-E4BB-E2055B7F4CCF} - C:\WINDOWS\system32\ipid32.dll
O2 - BHO: Class - {D824CB60-CF53-9F73-1BD8-6286E09FCF52} - C:\WINDOWS\system32\atlpl32.dll
O2 - BHO: Class - {D878BBC9-1D4B-1169-6016-5902B7CCFC40} - C:\WINDOWS\system32\sysjl.dll
O2 - BHO: Class - {D8F83F56-26F9-C667-A9AA-64C24DF449D6} - C:\WINDOWS\system32\ipql.dll
O2 - BHO: Class - {D9E4FCE9-DD60-AD26-B07D-BFB00720C50B} - C:\WINDOWS\system32\ipsr32.dll
O2 - BHO: Class - {D9F1ED10-B3DA-B8A9-67B7-86AA485C18AF} - C:\WINDOWS\system32\crkw.dll
O2 - BHO: Class - {DA50B851-33CA-06EB-529C-7E0AD96F9CAC} - C:\WINDOWS\atlbn.dll
O2 - BHO: Class - {DA69B6C4-9CB8-E5E8-026E-66C0112155F6} - C:\WINDOWS\system32\neton.dll
O2 - BHO: Class - {DABFBD59-CC8B-0E4D-60D9-8C44B013EAEF} - C:\WINDOWS\system32\addkn32.dll
O2 - BHO: Class - {DBD77B54-39C0-3D05-7A8D-1B1016FA7380} - C:\WINDOWS\system32\ieoh32.dll
O2 - BHO: Class - {DC0E40FD-D633-7594-A016-624F4172C934} - C:\WINDOWS\javaku.dll
O2 - BHO: Class - {DC42B4BF-AEBD-5A1A-288E-435E8D572F2A} - C:\WINDOWS\system32\syszz32.dll
O2 - BHO: Class - {DCA24E10-9BF9-9CE6-DD3F-572B605B86BB} - C:\WINDOWS\system32\atlac32.dll
O2 - BHO: Class - {DD27625A-DB28-F315-0405-729F194BD480} - C:\WINDOWS\system32\javati32.dll
O2 - BHO: Class - {DD499CA0-63C5-BE6B-7B26-F81AF2321007} - C:\WINDOWS\system32\atlqn.dll
O2 - BHO: Class - {DD4E4285-FC77-25C4-758D-88C44D92F004} - C:\WINDOWS\ntew32.dll
O2 - BHO: Class - {DD57FEDD-5FE0-0AED-E965-E1FF1402070E} - C:\WINDOWS\system32\crce.dll
O2 - BHO: Class - {DD7C6A5A-CDEA-97AD-3B53-18A2321EE6F6} - C:\WINDOWS\criu32.dll
O2 - BHO: Class - {DE3AE878-C016-F46D-089A-80B24A7316D7} - C:\WINDOWS\system32\addpv32.dll
O2 - BHO: Class - {DE9E19CF-4511-CFDF-5432-EABB6602A7D8} - C:\WINDOWS\system32\ipiq32.dll
O2 - BHO: Class - {DED9B197-A97B-8EB4-D4C0-1E70C2D3CFF5} - C:\WINDOWS\system32\sysfd32.dll
O2 - BHO: Class - {DF668E96-27EB-767C-CDC7-40ADB11675F2} - C:\WINDOWS\system32\iehr.dll
O2 - BHO: Class - {DFD60C9F-2B34-B4BD-B915-227AB606A962} - C:\WINDOWS\ntrk.dll
O2 - BHO: Class - {E04B2E72-AF5D-42B4-27C2-1DFBEB4A9650} - C:\WINDOWS\ipad.dll
O2 - BHO: Class - {E04CC398-6D86-A823-890A-29F8D27B4B0A} - C:\WINDOWS\netod32.dll
O2 - BHO: Class - {E07D9064-AD32-E4F4-6A8B-A5DBD4D56770} - C:\WINDOWS\system32\javain32.dll
O2 - BHO: Class - {E0B3C0A8-3E9A-3AAB-F740-EFF74FBA6985} - C:\WINDOWS\ipkd32.dll
O2 - BHO: Class - {E14797E4-9E5E-0402-9342-8ED990B9E13F} - C:\WINDOWS\system32\mfcnw32.dll
O2 - BHO: Class - {E15E1E91-0FD3-9AEB-0959-00933AADA0C4} - C:\WINDOWS\system32\addqf32.dll
O2 - BHO: Class - {E16A73BF-9FF9-43CE-8578-8DF8D3508388} - C:\WINDOWS\system32\sdkax32.dll
O2 - BHO: Class - {E2440651-7FE0-4276-6917-766C9FA742A6} - C:\WINDOWS\system32\sdkon32.dll
O2 - BHO: Class - {E2E6C0E2-FA3A-8992-181C-3BA9E7ED6D56} - C:\WINDOWS\mfcqi32.dll
O2 - BHO: Class - {E2F0712F-9E43-CF54-86D0-C0E27572FBE1} - C:\WINDOWS\system32\crvu32.dll
O2 - BHO: Class - {E44D3492-E63F-A52F-8235-06D2B331C92A} - C:\WINDOWS\system32\appnb32.dll
O2 - BHO: Class - {E558C92A-26ED-983A-0F8B-64C91ED05AE9} - C:\WINDOWS\javadc.dll
O2 - BHO: Class - {E57CF4E2-608E-1F55-6A8B-10D3B7AD07E2} - C:\WINDOWS\system32\sysre32.dll
O2 - BHO: Class - {E58BBC7E-7207-D1BE-CE98-6CC37B27883D} - C:\WINDOWS\system32\d3cj32.dll
O2 - BHO: Class - {E5AC69B4-006E-2FF7-BB25-3C43062AD4EF} - C:\WINDOWS\mfczj32.dll
O2 - BHO: Class - {E5F0C91D-B125-C770-69FE-FB3428702538} - C:\WINDOWS\system32\sysnv.dll
O2 - BHO: Class - {E60D7284-3090-534F-5C3A-08BCBA772F9C} - C:\WINDOWS\system32\netld.dll
O2 - BHO: Class - {E616513A-40E1-2657-5238-EAF908483D9A} - C:\WINDOWS\system32\sysim32.dll
O2 - BHO: Class - {E686FA0B-6D47-10E4-FC7D-A620410395A5} - C:\WINDOWS\system32\mfcjs.dll
O2 - BHO: Class - {E85DB2A8-73A7-0E64-0B9F-3B3DF072FE21} - C:\WINDOWS\system32\sysum32.dll
O2 - BHO: Class - {E8B2A684-D6D8-C5EA-F174-952A69CDEAD1} - C:\WINDOWS\system32\apidg.dll
O2 - BHO: Class - {EA197903-5454-DCA0-1431-906504E5199D} - C:\WINDOWS\system32\msjw32.dll
O2 - BHO: Class - {EAF79499-1766-EB48-D04E-2CDD27C0DD4C} - C:\WINDOWS\ntrz32.dll
O2 - BHO: Class - {EB3F1F3A-312D-1F0B-BE12-33935E41A208} - C:\WINDOWS\system32\atlnq32.dll
O2 - BHO: Class - {EB53464A-65A2-9AA0-C376-11ADD5428232} - C:\WINDOWS\appeb.dll
O2 - BHO: Class - {EB619721-7FA1-13F4-FCC7-F7910CF00AC8} - C:\WINDOWS\system32\addaj32.dll
O2 - BHO: Class - {EB6F84A8-01F1-4D7E-CBCE-4B02B1BB0094} - C:\WINDOWS\system32\nthz32.dll
O2 - BHO: Class - {EB875E59-D1A2-BEDD-B6E0-01204A789601} - C:\WINDOWS\system32\crko32.dll
O2 - BHO: Class - {EBA74261-7CAA-F270-26F4-4E2A669761D1} - C:\WINDOWS\ntne.dll
O2 - BHO: Class - {EBB58D88-B4D1-648E-CB8F-D10EF01B83E5} - C:\WINDOWS\system32\addhm.dll
O2 - BHO: Class - {EC0BF822-7720-175B-2901-9FA68F761D30} - C:\WINDOWS\d3op.dll
O2 - BHO: Class - {EDD6C5EA-5F3E-7B1D-A3D0-9E3A169E6444} - C:\WINDOWS\systb.dll (file missing)
O2 - BHO: Class - {EF4B1BBF-9691-E915-81F6-F75B7DD313AA} - C:\WINDOWS\ieva32.dll
O2 - BHO: Class - {EF56697C-5109-5395-6FE2-E92AAFF48176} - C:\WINDOWS\mfcwk32.dll
O2 - BHO: Class - {EFD32CB9-039B-2B11-A357-D6D56A398537} - C:\WINDOWS\appqz32.dll
O2 - BHO: Class - {EFD4E5E6-F6FA-35B8-21D0-795BD90D0719} - C:\WINDOWS\javakd32.dll
O2 - BHO: Class - {EFEBB260-C21E-967D-CA15-0C1770C3C5C5} - C:\WINDOWS\mfcsd.dll
O2 - BHO: Class - {F1895589-F7BC-679C-6B28-F8543FF20375} - C:\WINDOWS\d3lq32.dll
O2 - BHO: Class - {F1EB7ABF-6A20-18CA-0717-32A5D07D7B75} - C:\WINDOWS\appap32.dll
O2 - BHO: Class - {F20341B7-4D4B-5B61-38C8-74F9630B49F0} - C:\WINDOWS\system32\winkc32.dll
O2 - BHO: Class - {F20ED84C-D847-D6C7-F794-2ED9DCB4B4D1} - C:\WINDOWS\javapa.dll
O2 - BHO: Class - {F3A0E4F7-5A26-16D7-F285-82AF755C81E0} - C:\WINDOWS\system32\netjj32.dll
O2 - BHO: Class - {F3E960E4-F8DE-2718-D510-335C5E2FEB9F} - C:\WINDOWS\d3zu32.dll
O2 - BHO: Class - {F45672AA-5BCB-168F-8F4C-4B17FD2623E8} - C:\WINDOWS\msmf.dll
O2 - BHO: Class - {F46FA47B-6291-D27B-D125-BCEEBB49E346} - C:\WINDOWS\ierw.dll
O2 - BHO: Class - {F4A41C9A-A713-9C96-601E-1966003429F8} - C:\WINDOWS\addiu.dll
O2 - BHO: Class - {F52A683D-86BC-5DC9-8231-5370AB157678} - C:\WINDOWS\system32\ipti.dll
O2 - BHO: Class - {F5593432-5366-0A96-4CF5-94D4D166B10C} - C:\WINDOWS\system32\d3wz.dll
O2 - BHO: Class - {F62510CB-ED83-E3EF-9E28-73519F1B7A0C} - C:\WINDOWS\d3ft32.dll
O2 - BHO: Class - {F69AC43F-54FB-0910-EFEE-6455168C3713} - C:\WINDOWS\ipxm.dll
O2 - BHO: Class - {F6CB920B-A4A6-46E0-C07F-F02819E65389} - C:\WINDOWS\winka32.dll
O2 - BHO: Class - {F6F49380-F6BB-3D04-920B-C960D86C67BC} - C:\WINDOWS\addve32.dll
O2 - BHO: Class - {F72B1F16-5DA1-0CE7-8A46-761D0FBCADC7} - C:\WINDOWS\system32\netpz32.dll
O2 - BHO: Class - {F74D5213-8A18-F9CF-E487-AA203A37CEB8} - C:\WINDOWS\system32\addwf.dll
O2 - BHO: Class - {F822BF6C-BD82-883D-1146-288575F3091D} - C:\WINDOWS\system32\winiw.dll
O2 - BHO: Class - {F82406AA-AA26-0FEF-2943-600622AB7AB5} - C:\WINDOWS\iesd.dll
O2 - BHO: Class - {F8F78A55-0101-C0E3-D286-3EADE0CB6313} - C:\WINDOWS\addgz32.dll
O2 - BHO: Class - {F9D982F9-B035-9FE7-9252-71E960E1F3E5} - C:\WINDOWS\system32\neteq.dll
O2 - BHO: Class - {FAA44DA8-BC87-EAF8-DE08-0B6C7CABB256} - C:\WINDOWS\sdkuv.dll
O2 - BHO: Class - {FB9C0E2C-9054-C0EA-4D57-F9CCE6487636} - C:\WINDOWS\system32\ipau.dll
O2 - BHO: Class - {FBC1B2FF-838B-6257-27F0-2FD318F49B54} - C:\WINDOWS\system32\appwg.dll
O2 - BHO: Class - {FBF77D9B-CA17-A517-257C-C38A16C5AD4F} - C:\WINDOWS\mfcae32.dll
O2 - BHO: Class - {FC5F4FD2-9814-9658-709F-821EB79F97AB} - C:\WINDOWS\javatk.dll
O2 - BHO: Class - {FC69783B-05C2-F77D-6E0B-9055DEF49D6C} - C:\WINDOWS\system32\sysef32.dll
O2 - BHO: Class - {FC72CC24-F754-BD19-FD0E-852C1775E57D} - C:\WINDOWS\system32\netox32.dll
O2 - BHO: Class - {FC933F3B-F61C-174E-C6CD-8A9A8ECDD4A8} - C:\WINDOWS\winrc.dll
O2 - BHO: Class - {FD33DF99-7965-02B4-4056-996478BCDA14} - C:\WINDOWS\ntfp.dll
O2 - BHO: (no name) - {FD4A74BF-5712-24E2-4DA7-6711D4FD291B} - (no file)
O2 - BHO: Class - {FE3D33D0-958B-2C94-A4A8-DB4A4566ED06} - C:\WINDOWS\system32\ieto32.dll
O2 - BHO: Class - {FF3F0D99-BB3D-8567-11A3-BD77E0658DEA} - C:\WINDOWS\atlze32.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [winwx.exe] C:\WINDOWS\system32\winwx.exe
O4 - HKLM\..\Run: [ntge.exe] C:\WINDOWS\ntge.exe
O4 - HKLM\..\Run: [d3az.exe] C:\WINDOWS\system32\d3az.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

Close all browser and other windows except for HijackThis, and click "Fix Checked

Go to start >run and type: services.msc and click OK

Scroll down in that list and look if the following services are present:

Network Security Service (NSS)

Remote Procedure Call (RPC) Helper

Workstation NetLogon Service

Please make sure it is exactly the same written as above, because there are also legit services that look similar to the ones above, make sure you choose the right one!! For example, there's also a legit service called Remote Procedure Call (RPC), without the word Helper in it. That is a good one, so please don't select that one.

Doubleclick on it/them once found . In the window that will appear, click on "Stop" (if not greyed out) and change the Startup Type to disabled.

Click apply and OK and close all open windows.

Start Cwshredder and click FIX NOT scan

Doubleclick on HSfix on your desktop and say YES when ask to merge into registry

Now run ATFCleaner again

Start Ewido Anti-Malware

  • Click on scanner. (Note: Do not start any programs or open any windows while Ewido is scanning)
  • Click on Complete System Scan, the scan will now begin.
  • While the scan is in progress you will be promted to clean files, click OK.
  • When it asks if you want to clean the first file, put a checkmark in the lower left corner of the box that says "Perform action on all infections", then choose clean and click OK.
  • Once the scan has completed, there will be a button located at the bottom of the screen named Save Report.
  • Click Save Report.
  • Now save the report .txt file to your desktop.
  • Close Ewido

When Ewido is finished scanning; reboot back to normal mode.

Post

  • The Ewido log
  • A new HijackThis log

in your next reply here.

Edited by jwbirdsong
Link to post
Share on other sites

hey jw....i tried to send the posts but they were to big apparently--i dont know what to do so i'll send it in 2 parts if i can...

also...there was 1 thing on the list you gave me that wasnt there to check.

"04-HKLM\..Run:[winwx.exe]C:WINDOWS\system32\winwx.exe"

hope thats a good thing.

( part 1 )

---------------------------------------------------------

ewido anti-malware - Scan report

---------------------------------------------------------

+ Created on: 12:38:41 AM, 1/31/2006

+ Report-Checksum: 140791F

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{01198741-DBE0-E6F4-9DBE-877B61FB1D1D} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{03BFEDA6-8678-C773-5452-E7082FCA1BD7} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{0B936818-A83D-004A-625A-757B4D758CC6} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{0E37D9E0-99E3-DA14-3197-60132338963E} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{1323178D-09E3-B628-CC3A-95630B64B7DA} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{1486290A-90C1-388F-ADC8-6BFAA6B057E8} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{1E920882-80EF-BD61-DBBD-0847C13D1197} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{22E7067A-283F-CF1C-4373-210A97C38BDB} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{30C5202D-2CDD-8C6D-6CD3-86CBAC73988B} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{4904C579-9366-3B77-3148-9401DBD4A5AA} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{4A210C09-C3AE-D36C-3EC5-0D7723985463} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{4A5DA6C7-CAFA-ADBE-1CBD-9DB325C4EB88} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{5345A51F-E5D0-5A0D-1418-A1C95C417E3C} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{65D75D06-7395-6352-09CD-E13B9059EFE9} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{786A41BB-009D-DD27-EA3E-15DCD01EC75C} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{792A038A-9C16-9885-5B25-CE939788172A} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{792E2C95-AEBD-D9B8-E958-AD1BB5A3D9BA} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{8669ABB2-7410-3460-F449-E119DCA24CC4} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{8D01C3C9-547A-12EE-5401-4B29F8F98176} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{8E183E4D-1A0C-3195-3741-BBEABE2CBCD0} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{932ECF21-1DCB-F962-4C70-56830E2BD255} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{99B1E639-DCA2-2C21-013F-DEF4B5729CA9} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{9EDC0D8F-954E-A638-C240-D52042910A62} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{A01394EE-8B14-B1D4-AE65-22E7424A71D0} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{A5B3B4A7-6BD2-E7CE-E654-7A1D658D1BB3} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{ABFF8236-DCBD-E17B-0A69-6FD85FA199FE} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{B38F516E-48F2-CDBB-7D76-E0CFBCDBEE45} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{BCA18F7D-4CAB-D300-286E-432722FFB0FB} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{C5E66D21-FF6E-2881-4046-8D0402A4597D} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{D02510A9-69A7-24D5-85DA-D3EC8E911C73} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{D223F02D-058E-2CFE-D02D-81826009252B} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{D75B9D6B-FB2A-EE40-24DA-791D27C77147} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{E65FC41A-89B3-21B7-1EB6-E92DA3645370} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{F704A16D-BA8A-0DD4-CB9E-F0FA4A957D8D} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{F7B868F8-EA98-86A3-D29E-5BCE94E2DD6A} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{F80F0D50-2D6C-75C3-606A-3DFE0F4FC5D0} -> Spyware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{FC955BB2-DAA2-E394-1DD3-E8A207B823A6} -> Spyware.BetterInternet : Cleaned with backup

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214602-278.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214602-366.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214602-887.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214602-899.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214604-538.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214605-368.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214605-886.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214606-279.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214606-841.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214614-719.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214615-961.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214617-985.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214619-741.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214621-432.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214621-912.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214623-513.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214623-746.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214624-459.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214625-499.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214627-986.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214629-269.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214631-756.dll -> Downloader.WinShow.bg : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214632-913.dll -> Downloader.Agent.bc : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214634-403.dll -> Downloader.WinShow.bg : Cleaned with backup

C:\Documents and Settings\Owner\Desktop\backups\backup-20060130-214637-851.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\addav.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addbm.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addbo32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addbr32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addbu.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addbz.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addcc32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addct32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\adddj.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\adddl.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\adddv32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addem.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\adden32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addgf32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addgs32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addhc.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addhg.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addin32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addis32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addjo.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addjz.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addkb32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addkd32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addkn32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addky.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addlf32.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\addlo.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addly.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addmh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addmt32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addmz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addnn.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addqx32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addrd.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addrq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addsq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addsx32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addsy.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addud.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addui32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addul32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addur.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\addvg.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\addwk.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addwp.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addws32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addwu.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addxy32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addyc32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addye.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addyh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addyu32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\addyy32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\addzy32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apiaj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apiak.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apiam.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apian32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apiaw.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apibj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apibl.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apibu32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apicq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apidh32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apids.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apids32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apidu32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apiee.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apieh.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apifb32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apifd32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apifp32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apigb.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apige32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apigo.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apihz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apiip32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apije32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apijh.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apily32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apimb32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apime.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apimx32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apipa.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apipa32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apipf.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apirm.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apiro32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apisq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apist32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apisy.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apitq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apiur32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apiuw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apivc32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apivg32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apivl32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apixq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apixx.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apiyf.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apiyh.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apizl32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appae.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appbm32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appbv.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appcb32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appck.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appdf.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apped32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appfq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appfz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appgl.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appgt.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appht.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apphw.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apphz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appic.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appig32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appiw.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appix32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appje32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appjh32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appkd32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appkw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appky.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\applf32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appll.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appln.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appmc.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appmm.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appnp.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appoo.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appoq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appoy.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apppl.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apppm32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appqm.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appqz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appsw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apptd.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appth.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appth32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\apptq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\apptu.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appug32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appvb.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appvo32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appvq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appvy32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appwv32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\appxs.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appyj32.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\appyr.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\appyw32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlag.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlbj32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlca32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlci.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlcq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atldh.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlds32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlhb.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlhj32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlhs.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atljh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atljl.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atljz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlkb.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlky.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atllc32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atllk.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlls32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlmn.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlmq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlnd.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlnf.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlni.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlnw.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlor32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlou32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlov32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlpb.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlpq.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlqc32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlqj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlqo.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlqs32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlqw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlqz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlrd.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlry.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlsf32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlte.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atltf.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atltm32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atltp.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atltp32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlty32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atluo.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlur.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atluw.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlva.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlvp32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlwp32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlxa32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlxb32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlxy.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\atlyw.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlyx.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlzd32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\atlzl.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ccqsy.dll -> Hijacker.Small : Cleaned with backup

C:\WINDOWS\crar.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crau32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\craz32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crdj32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crdm.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crdn32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crdy.exe -> Downloader.Agent.bq : Cleaned with backup

C:\WINDOWS\cree32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\cref32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\creh.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\cres32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crfy32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crgg.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crgn32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crgw.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crgy.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crhx32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crib32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\cril.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\cril32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\criz32.exe -> Downloader.Agent.bq : Cleaned with backup

C:\WINDOWS\crkc32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crky.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crla32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crmf.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crml32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crmu.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crmz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crnj.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crnp.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crns32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\croa32.exe -> Downloader.Agent.bq : Cleaned with backup

C:\WINDOWS\croj32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\cros.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crow.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crpu32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crpz32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crqa.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crql32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crqs32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crqy32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crry.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crsb.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crsg32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crso32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crst.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crtk.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crtp.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crud32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crvj32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crvq.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crwn.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crxa.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crxp.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crxq32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\crxs32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\crzn.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\cznlp.dll -> Adware.SearchPage : Cleaned with backup

C:\WINDOWS\d3ap.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3as32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3av.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3bb.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3bl32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3bn.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3cd32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3cm.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3cp32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3cy.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\d3dh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3ea32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3em.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3fh.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3fy.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3gi.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3gt.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3gv32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3hb32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3hg.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3ho32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3ih32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3il.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3jl.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3kb.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3kd32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3lq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3lu32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3ly32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3mc32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3ou.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3ph.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3pj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3pu32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3qh32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3qz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3re32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3rh32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3sg32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3sh.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3ta.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3ti32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3tw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3ua32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3ui.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3uw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3vr32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3wa.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3wy.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3xa.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3xq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3yb32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\d3yc.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3yt.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3yt32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\d3zn.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\dzsqe.dll -> Hijacker.Small : Cleaned with backup

C:\WINDOWS\hcjmy.dll -> Adware.SearchPage : Cleaned with backup

C:\WINDOWS\ieaj32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ieal.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieat.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iebb.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iech32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ieco.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iecu.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieda.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iedd.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iedh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iefj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iegz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iehl.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iehn32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieho.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iejs.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iekv.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iela.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ielb.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iels.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ielx.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iemh32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iemr.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iemu.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iemv.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ienz32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ieon32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iepn32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieqa.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ieqg.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieqi32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieqk.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieqy32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ierb.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ierl.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ierw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iesy.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ietw.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\ietw32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieuo.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieuu.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ievf.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iewj32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iewv.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iexd32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iexh32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iexj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iexq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ieyf.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ieyf32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iezl.exe -> Downloader.Agent.bq : Cleaned with backup

C:\WINDOWS\iezm.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iezm32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iezp.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iezt32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ifrdy.dll -> Hijacker.Small : Cleaned with backup

C:\WINDOWS\ipae.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipbl32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipbq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipbu.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipcg.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipck32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipdd.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipdn.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipej32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipen32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipfb.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipfz.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipgm.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iphd.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iphf.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iphk.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iphu32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipir32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipjj32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipkc.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipks.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipks32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipku.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iplv32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipmh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipmj32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipms.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipog32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipoo.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ippg.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ippo.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ippx32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipqa.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipqk32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipqp.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipqy32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iprx.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipss32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\iptx32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipul.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipvo.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipwf.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipwl.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipwn32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipws32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipxj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipxs.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipxv.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipxy32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipyh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipyl32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipyq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipyt.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipyt32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipyy.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ipza32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipzh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipzk.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ipzs32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\iwako.dll -> Hijacker.Small : Cleaned with backup

C:\WINDOWS\javabg.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javabi.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javabl.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javacq.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javacv.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javadi32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javadl32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javaek.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javafu32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javahe32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javahz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javaig.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javail32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javajh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javajj.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javajx.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javalj.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javall32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javame.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javamh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javamw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javamz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javans.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javant.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javanu.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javaog32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javaoi.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javaoo32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javaoq32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javaow.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javard.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javarw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javasi32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javasu.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javatb.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javatw.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javaur.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javava.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javavk32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javawd32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javawf32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javawn.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javaxm.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javays.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javayx.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\javazb32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javazn32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\javazr32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\kslyp.dll -> Adware.SearchPage : Cleaned with backup

C:\WINDOWS\lstnh.dll -> Hijacker.Small : Cleaned with backup

C:\WINDOWS\mfcae32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcai32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcan.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcaw.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcbq32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcco32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcdg.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcdx.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfceh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfces32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcet32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcew32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcfl32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcga32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcgy.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfchb32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfchh32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfchj32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcif32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcih32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcjk.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcjm.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfckl.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcle.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfclm32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfclo.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfclu.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfclz32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcma.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcmc32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcmt32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcnb.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcnf.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcnq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcnr32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcnw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcol32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcpf32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcpx32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcpz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcql32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcrj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcsg.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfctd32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfctr32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcuw.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfcvm32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mfcvo.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mfczk.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mjkwr.dll -> Adware.SearchPage : Cleaned with backup

C:\WINDOWS\msap.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msbq32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mscd32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mscj.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msda32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msdq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msea.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msfb32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msfc.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msfh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msgz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mshc.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msho32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mshz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msia.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msie32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msiu.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msjj32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msjq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mslb.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mslv32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msmd32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msmn32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msni.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msnk.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msnl.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msoo.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mspf32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mspg32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mspj32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msqy.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msrj32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msrt32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mstg32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msti32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mstr32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msts32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mstu32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mstz.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msua32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mswg32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mswm32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mswp.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mswu32.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\mswy.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msxf.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msxg32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msxz.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msyb32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msyc32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\msyt.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msyv32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\msyw32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mszf32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\mszp32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mszq32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\mszz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netaq32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netbp32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netda32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netdc.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netdc32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netdm.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netdt32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netex32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netez32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netfc.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netff32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netgd32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netgh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netgr.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netgt32.dll -> Downloader.Agent.bc : Cleaned with backup

C:\WINDOWS\netgt32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netgx.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\nethc.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\nethf32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\nethl32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\nethm.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\nethn.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netjo32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netjq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netjz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netkm32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netkp.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netkz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netmz.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netmz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netnm32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netof32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netpo.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netqp.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netrd.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netrd32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netrn32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netsp32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netsq.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netto32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netuv.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netvv32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netwx.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netxs32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\netye.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netyt.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\netzs32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\nhxyz.dll -> Adware.SearchPage : Cleaned with backup

C:\WINDOWS\nngzj.dll -> Adware.SearchPage : Cleaned with backup

C:\WINDOWS\nqpag.dll -> Hijacker.Small : Cleaned with backup

C:\WINDOWS\ntay32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ntbw.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ntca.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ntce.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ntcj.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ntcw32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ntcz32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\nten.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ntew32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ntex32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ntfb32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ntfh32.exe -> Trojan.Agent.bi : Cleaned with backup

C:\WINDOWS\ntfn32.exe -> Downloader.Agent.td : Cleaned with backup

C:\WINDOWS\ntfo.exe -> Troj

Link to post
Share on other sites

Large files like that Ewido log you can ATTACH here,, make sure you use the ADDREPLY button NOT fastreply. then look for file attachment button at bottom of your text box.

I would like to see the whole Ewido log but I MUST see a Hijackthis log..if you can, post the HJT and attach the Ewido log in next post

Link to post
Share on other sites

hjt log....Will try the ewido log next time...Thks man!...so far you guys are simply awsome.

Do you have an answer on the donating question previously asked?

hardracer

Logfile of HijackThis v1.99.1

Scan saved at 12:45:05 AM, on 1/31/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O2 - BHO: Class - {4E427CC3-007C-CF57-560B-01C45449CF0D} - C:\WINDOWS\system32\ntxq.dll (file missing)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart

O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll

O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab'>http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Remote Procedure Call (RPC) Helper ( 11F

Link to post
Share on other sites

Go to Start > Run and type "Services.msc" (without quotes) then hit Ok

Scroll down and find the below services:

Remote Procedure Call (RPC) Helper

When you find it, double-click on it. In the next window that opens, under the General tab click the Stop button, then click the drop-down box to change the Startup Type to Disabled. Now hit Apply and then Ok.

Open HiJackThis, click on "None of the above, just start the program". Now, click on the "Config" button (bottom right), then click on "Misc Tools", then click on "Delete an NT Service" a window will pop up. Enter the below item into that field (make sure there are NO spaces before or after the name):

Remote Procedure Call (RPC) Helper

Click OK.

It should pull up information about the service, then ask if you want to reboot. Click YES.

Open HijackThis and check the following

O2 - BHO: Class - {4E427CC3-007C-CF57-560B-01C45449CF0D} - C:\WINDOWS\system32\ntxq.dll (file missing)

O2 - BHO: Class - {4E427CC3-007C-CF57-560B-01C45449CF0D} - C:\WINDOWS\system32\ntxq.dll (file missing)

O2 - BHO: Class - {4E427CC3-007C-CF57-560B-01C45449CF0D} - C:\WINDOWS\system32\ntxq.dll (file missing)

Close all browser and other windows except for HijackThis, and click "Fix Checked".

run this online virus scan: ActiveScan

  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
    - Enter your Country
    - Enter your State/Province
    - Enter your e-mail address and click send(*NOTE it's perfectly safe to do so..You will NOT be spammed from this)
    - Select either Home User or Company
  • Click the big Scan Now button
  • If/when you get a notice that Panda wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on Local Disks to start the scan
  • When the scan completes, if anything is detected, click the See Report button, then Save Report and save it to a convenient location like your desktop.

Post a new HJT and the results from Panda

Donate link is HERE

Edited by jwbirdsong
Link to post
Share on other sites

here is my hjt log....i didnt do the activescan..cause i dont particularly like that product and i dont like giving out my email all that much.isnt ewido doing the same thing?

i got the ball rolling on the donation already also.computer seems to be runnin in top shape again now.

the rpc helper was already disable it said,and when i went to do what u said about removing an "nt"service" it said it couldnt find it in the registry..is this alreday gone?

i still cant thank you enough for getting my comp back up to par..thank you so much

hardracer

Logfile of HijackThis v1.99.1

Scan saved at 12:46:44 PM, on 2/4/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\System32\ctfmon.exe

C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

C:\Program Files\EarthLink TotalAccess\TaskPanl.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe

C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe

c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe

C:\Program Files\MSN\MSNCoreFiles\msn.exe

C:\WINDOWS\System32\rsvp.exe

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart

O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll

O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Link to post
Share on other sites

No, the online scan will find things that Ewido doesn't, that's why we use them....what would be the point of recommending them if it did same thing as Ewido? For as badly infected as you were we need all the resources we can get to make sure you are no longer infected in any way

KAV is just about as thorough and, I don't believe you need to enter your Email addy for it..try HERE

Link to post
Share on other sites

you were right jw,kaspersky is a great program and no email like ya said.

kas scan did show some more stuff in my comp.its huge

quick question tho:how come norton didnt detect any of the stuff that i've encountered on my comp?

heres the scan results(if i do it right--really no good at this stuff)

thanks again man!

hardracer

Link to post
Share on other sites

Got the KAV results....while many of the results are in your SystemResore and HJT backup..there are still a goodly number to deal with..

Download KillBox http://www.downloads.subratam.org/KillBox.zip.

Place it in a folder on your Desktop.

Help with unzipping files is HERE

In the main screen of Pocket KillBox, go to Tools in the top menu bar, and select: Delete Temp Files.Use the drop down box and clear ALL profiles this way.

Back at the main Killbox screen check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'.Left click and drag the cursor throught the enrire list (160entries)to hilite them; then Right click and select copy. Go back to KillBox. Go to File->Paste from Clipboard and then hit the button with a red circle and white X. Confirm to delete and when asked if you want to reboot, say Yes:

C:\WINDOWS\addbl.exe

C:\WINDOWS\addcp.exe

C:\WINDOWS\addnf32.exe

C:\WINDOWS\addpa32.exe

C:\WINDOWS\addwo32.exe

C:\WINDOWS\addxk32.exe

C:\WINDOWS\addzp.exe

C:\WINDOWS\apiej32.exe

C:\WINDOWS\apifn.exe

C:\WINDOWS\apijo32.exe

C:\WINDOWS\apioq.exe

C:\WINDOWS\apira32.exe

C:\WINDOWS\apivi.exe

C:\WINDOWS\apixj32.exe

C:\WINDOWS\appjg.exe

C:\WINDOWS\appmh.exe

C:\WINDOWS\appqj32.exe

C:\WINDOWS\atlgc32.exe

C:\WINDOWS\atlir32.exe

C:\WINDOWS\atlkb32.dll

C:\WINDOWS\atlwk32.exe

C:\WINDOWS\atlzn.exe

C:\WINDOWS\atlzt32.ex

C:\WINDOWS\crsg32.dll

C:\WINDOWS\crxb.exe

C:\WINDOWS\crxd32.exe

C:\WINDOWS\d3fb.exe

C:\WINDOWS\d3fh32.exe

C:\WINDOWS\d3gn32.exe

C:\WINDOWS\d3hx32.exe

C:\WINDOWS\d3mw32.exe

C:\WINDOWS\d3sf32.exe

C:\WINDOWS\Downloaded Program Files\f22776.exe

C:\WINDOWS\ielj.exe

C:\WINDOWS\ielo.exe

C:\WINDOWS\iemi.dll

C:\WINDOWS\ieqh.exe

C:\WINDOWS\iery32.exe

C:\WINDOWS\iezd.exe

C:\WINDOWS\ipcl32.exe

C:\WINDOWS\ipnf.exe

C:\WINDOWS\ipwp.exe

C:\WINDOWS\ipya32.exe

C:\WINDOWS\ipzm.dll

C:\WINDOWS\javaan32.exe

C:\WINDOWS\javaaz.exe

C:\WINDOWS\javajv32.exe

C:\WINDOWS\javamy.exe

C:\WINDOWS\javaou32.exe

C:\WINDOWS\KB891711.log

C:\WINDOWS\KB893756.log

C:\WINDOWS\mfcdu.exe

C:\WINDOWS\mfcip.exe

C:\WINDOWS\mfcjk32.dll

C:\WINDOWS\mfcnh32.exe

C:\WINDOWS\msbr.exe

C:\WINDOWS\mskm32.exe

C:\WINDOWS\msof32.exe

C:\WINDOWS\msuf.exe

C:\WINDOWS\msvq32.exe

C:\WINDOWS\netke32.exe

C:\WINDOWS\netvz32.exe

C:\WINDOWS\ntbu.exe

C:\WINDOWS\nthi.exe

C:\WINDOWS\ntqg.exe

C:\WINDOWS\nttz32.exe

C:\WINDOWS\n_gxuetw.dat

C:\WINDOWS\sdknf32.dl

C:\WINDOWS\sdkql32.dll

C:\WINDOWS\sdkqq.exe

C:\WINDOWS\sdkrt32.dll

C:\WINDOWS\sdktj32.exe

C:\WINDOWS\sdktt32.exe

C:\WINDOWS\sdkup32.exe

C:\WINDOWS\setupapi.log

C:\WINDOWS\sysac.exe

C:\WINDOWS\sysio32.exe

C:\WINDOWS\sysju32.exe

C:\WINDOWS\syslo.dll

C:\WINDOWS\sysrw.exe

C:\WINDOWS\system32\addad32.exe

C:\WINDOWS\system32\addnb32.exe

C:\WINDOWS\system32\addpo32.exe

C:\WINDOWS\system32\addxt.exe

C:\WINDOWS\system32\apifb.exe

C:\WINDOWS\system32\apifd.exe

C:\WINDOWS\system32\apihd.exe

C:\WINDOWS\system32\apips.dll

C:\WINDOWS\system32\apiqz.exe

C:\WINDOWS\system32\appfc32.exe

C:\WINDOWS\system32\appfo.exe

C:\WINDOWS\system32\appmq32.exe

C:\WINDOWS\system32\appsl32.exe

C:\WINDOWS\system32\atlfa32.exe

C:\WINDOWS\system32\atljb32.exe

C:\WINDOWS\system32\atloe.exe

C:\WINDOWS\system32\atlva32.exe

C:\WINDOWS\system32\crcj.exe

C:\WINDOWS\system32\crgu32.exe

C:\WINDOWS\system32\crif.exe

C:\WINDOWS\system32\crlf32.exe

C:\WINDOWS\system32\crmi.exe

C:\WINDOWS\system32\crqe32.dll

C:\WINDOWS\system32\crqt.exe

C:\WINDOWS\system32\crrg.exe

C:\WINDOWS\system32\cruv32.dll

C:\WINDOWS\system32\crzl.exe

C:\WINDOWS\system32\crzr32.exe

C:\WINDOWS\system32\d3dk.exe

C:\WINDOWS\system32\d3fo32.exe

C:\WINDOWS\system32\iecm.dll

C:\WINDOWS\system32\iegr32.exe

C:\WINDOWS\system32\ieit.exe

C:\WINDOWS\system32\ienn32.exe

C:\WINDOWS\system32\ipiu32.exe

C:\WINDOWS\system32\ipjd32.exe

C:\WINDOWS\system32\ipvj.exe

C:\WINDOWS\system32\javacp.exe

C:\WINDOWS\system32\javaps32.exe

C:\WINDOWS\system32\javayy.exe

C:\WINDOWS\system32\mfcbh.exe

C:\WINDOWS\system32\mfcbw.exe

C:\WINDOWS\system32\mfcma32.dll

C:\WINDOWS\system32\mfcsn.exe

C:\WINDOWS\system32\mfcxw.exe

C:\WINDOWS\system32\msta.exe

C:\WINDOWS\system32\msui.exe

C:\WINDOWS\system32\msvd.exe

C:\WINDOWS\system32\msxp32.exe

C:\WINDOWS\system32\netdw32.exe

C:\WINDOWS\system32\neteu32.exe

C:\WINDOWS\system32\nethw.exe

C:\WINDOWS\system32\netiu32.exe

C:\WINDOWS\system32\netlj32.exe

C:\WINDOWS\system32\netzk32.exe

C:\WINDOWS\system32\ntcd.dll

C:\WINDOWS\system32\ntev32.exe

C:\WINDOWS\system32\sdkhq32.dll

C:\WINDOWS\system32\sdkjh.exe

C:\WINDOWS\system32\sdktl.exe

C:\WINDOWS\system32\sdkwa.exe

C:\WINDOWS\system32\sdkww.dll

C:\WINDOWS\system32\sdkye32.exe

C:\WINDOWS\system32\syseb.exe

C:\WINDOWS\system32\sysky32.exe

C:\WINDOWS\system32\syslv32.exe

C:\WINDOWS\system32\syssk.exe

C:\WINDOWS\system32\systf32.exe

C:\WINDOWS\system32\systh32.exe

C:\WINDOWS\system32\systs32.exe

C:\WINDOWS\system32\systu.exe

C:\WINDOWS\system32\winha32.exe

C:\WINDOWS\system32\winhm.exe

C:\WINDOWS\system32\winiy.exe

C:\WINDOWS\system32\winlp32.exe

C:\WINDOWS\system32\winys.exe

C:\WINDOWS\system32\winzq32.exe

C:\WINDOWS\winac.exe

C:\WINDOWS\wingf32.exe

C:\WINDOWS\winvf32.exe

If you get a PendingOperations message, ignore/close it and restart your computer manually.

Then paste a FINAL(?) HijackThis log....

Once the log is cleaned we'll celan out some of the other stuff like system restore and HJT backup..then you should get a clean(ish) KAV scan

Link to post
Share on other sites

ok jw---did wat u said,kinda difficult for me but i did it...ya

and heres the hjt log just afterwards..certainly much shorter than the original huh...lol

had my wife send off the donation today(ill send more when its all fixed up)..ur doin a super job...thks man--ur guys site rocks!

hard

Logfile of HijackThis v1.99.1

Scan saved at 6:07:17 PM, on 2/9/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\System32\ctfmon.exe

C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

C:\Program Files\EarthLink TotalAccess\TaskPanl.exe

C:\WINDOWS\System32\javaw.exe

C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\MSN\MSNCoreFiles\msn.exe

C:\WINDOWS\System32\wuauclt.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart

O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll

O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kav...can_unicode.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Link to post
Share on other sites

Every thing is looking pretty good.

Manually delete everything in C:\Documents and Settings\Owner\Desktop\backups\

Thats all the backups from HJT...

Let's clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)

  • 1. Turn off System Restore.
    • On the Desktop, right-click My Computer.
      Click Properties.
      Click the System Restore tab.
      Check Turn off System Restore.
      Click Apply, and then click OK.

2. Restart your computer.

3. Turn ON System Restore.

  • On the Desktop, right-click My Computer.
    Click Properties.
    Click the System Restore tab.
    UN-Check Turn off System Restore.
    Click Apply, and then click OK.

System Restore will now be active again.

Now if you would humour me would you download a new copy of AboutBuster and try to run it in Safemode..post the log from it..I believe it will run.

Link to post
Share on other sites

hi jw!

i did wat u said about doing the system restore...but....about blaster still shows (run-time error "6") message...wont run.i ran an ewido and hjt scan again---(didnt like what i was seeing as i turned on the comp today)----(kinda slow)

ewido showed 30 somthing infections again(all cws)says it cleaned them with backups.i cant find where this backup folder is to delete them again.

i went to do a kaspersky scan again and it seemed like the comp just froze up---so i quit.(i will do it again though).

how does this crap keep getting into my system?

i need this stuff to cease..as it really irritates me to no end.i got other questions but ill do them in an email.

anyways ill post what i got.-----thks man!

hard

Logfile of HijackThis v1.99.1

Scan saved at 1:22:31 PM, on 2/12/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\windows\system\hpsysdrv.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

C:\Program Files\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\System32\ctfmon.exe

C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

C:\Program Files\EarthLink TotalAccess\TaskPanl.exe

C:\Program Files\Sprint DSL virtual assistant\bin\SprintVirtualAssistant.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\Sprint DSL virtual assistant\bin\mpbtn.exe

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

c:\PROGRA~1\HEWLET~1\HPINST~1\common\MOTIVE~1.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\MSN\MSNCoreFiles\msn.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.earthlink.net/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SPRINT~1\SMARTB~1\SprintDSLAlert.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart

O4 - Global Startup: Sprint virtual assistant.lnk = C:\Program Files\Sprint DSL virtual assistant\bin\matcli.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll

O12 - Plugin for .png: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kav...can_unicode.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab

O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab' rel="external nofollow">http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.hp.com/ediags/dd/instal...edsolutions.cab

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?326

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

---------------------------------------------------------

ewido anti-malware - Scan report

---------------------------------------------------------

+ Created on: 2:32:16 PM, 2/12/2006

+ Report-Checksum: 79C05A84

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{11B2E5EC-FEC2-6294-86A4-95682319ABD2} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{11B80E45-BEC0-8756-1DFA-87AE79FA25EC} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{28A9AC69-9562-7657-FFA5-4E4541172B83} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{2CA0CAD1-B247-07AB-7C43-FD61C655D5E2} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{2D8F6DAA-6B2C-D070-B2CB-029A9926F9E4} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{461C9660-1084-FA67-7AF6-27FEB941E6E8} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{4F766EC4-211C-AC42-9FA4-99E5B875A4CF} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{538D316B-A3A2-1200-EE47-1BEF8BCDD755} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{55C8C6D7-0FC7-6CAC-AA38-69CB63141D4E} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{57C0C13E-E95C-411D-BCD9-A537E6B2AA24} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{5ED0322D-E61A-0915-184A-5DEFC6990411} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{696F735F-7662-8432-DD3E-DAA24E182345} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{6D782F8C-5DE2-3548-935C-FEBC16AA150D} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{6E3BDCC0-A228-DCB8-7E88-ECF18F0D9B1C} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{7204E2C9-DF95-CE70-794E-1F3F2AD1DE08} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{825929FA-938D-0933-A4AB-393513D1CAF5} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{87993483-A3AD-794F-F265-DD005BD9116B} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{95A3F09B-4262-4283-DBCC-7F94A44A9BA9} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{983D1105-2366-D1D5-E5DA-05F4CC5CDA8E} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{99F991F4-B99D-9CF6-C0E1-008449A5E64C} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{A6BCE966-302E-BD8D-25BA-12F8C7148266} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{AB8477A9-6521-5711-E5B4-DF3AC41BCC8E} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{BFB065A2-4F3C-61BB-4A5B-FA6D452D3EAC} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{C2D3D802-55DE-AF83-8D28-DCB9E085F258} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{D0F03457-32E5-5715-6CDD-72C94F05ABBE} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{D6EF05C6-13C4-35B7-58BF-46C5B6FB102B} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{D89FEB47-489B-5DB5-8F56-21233C5B92D4} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{F710B350-342B-CDD4-0BB3-EFD563F6AFF2} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{F76604BF-96C5-81C9-07E5-094D1BB88043} -> Adware.CoolWebSearch : Cleaned with backup

HKLM\SOFTWARE\Classes\CLSID\{FF394C8B-7899-97DB-8475-1BD5A14319C2} -> Adware.CoolWebSearch : Cleaned with backup

C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup

C:\WINDOWS\{177FBEC1-91ED-4F62-808C-F78829F3C6F3}.dat:hyhws -> Downloader.Agent.td : Cleaned with backup

::Report End

post-120-1139774241_thumb.jpg

post-120-1139774241_thumb.jpg

Link to post
Share on other sites

FWIW those entries found by Ewido are all just bastardized registry entries left over from previous infections..Now that the infection is gone Ewido cleans the registry entries up...

You show no signs of any new/reinfection

Let's try a little housekeeping and see if we can get your speed up a bit.

Go to "Start" -> "Run" and type in the box: "cleanmgr". Let it scan your system for files to remove. Make sure these 3 are checked and then press "Ok" to remove:

  • Temporary Files
  • Temporary Internet Files
  • Recycle Bin

You can also check Any/All/none of the following for removal with HijackThis.

All of the following are UN-needed to run at startup. They can be ran as needed; saving system resources for better uses.

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe

O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart

Close all browser and other windows except for HijackThis, and click "Fix Checked".

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.