Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

HJT log--Searchaid & cool www search

Started by zepledin2 , Jan 09 2006 01:31 PM

  • This topic is locked This topic is locked
5 replies to this topic

#1 zepledin2

zepledin2

    New Member

  • New Member
  • Pip
  • 2 posts

Posted 09 January 2006 - 01:31 PM

History of computer: It's been up stairs as a second computer along with three older kids and access to internet for 2 years. Its a mess! :rofl:

IE will not work at all, so I guess thats why I'm unable to do any kind of windows updates or IE updates.

Have scaned with Panda06, Spybot S&D, Adaware SE.

I'm using Firefox with NoScript as my default broswer.

Keep getting "Explorer-this program has performed an illegal operation and will be shut down" when I open Windows Explorer, Network Neighborhood, Control Panel and more. It never shuts down though.

Keep seeing ref's. to Searchaid and coolwwwsearch

Logfile of HijackThis v1.99.1
Scan saved at 9:36:01 AM, on 1/9/2006
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA TITANIUM 2006 ANTIVIRUS + ANTISPYWARE\PAVFNSVR.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA TITANIUM 2006 ANTIVIRUS + ANTISPYWARE\PSIMSVC.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA TITANIUM 2006 ANTIVIRUS + ANTISPYWARE\FIREWALL\PNMSRV.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA TITANIUM 2006 ANTIVIRUS + ANTISPYWARE\TPSRV9X.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\EXPLORER.EXE
C:\MY DOCUMENTS\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure.html
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {F0FEAC69-B908-0A98-E707-86A79716D60E} - (no file)
O2 - BHO: Class - {877180E2-E50E-B6C8-70AE-236CC50DEFE9} - C:\WINDOWS\NTKH.DLL
O2 - BHO: (no name) - {C3967791-2E22-44BF-0AAB-3986EB6567DE} - (no file)
O2 - BHO: Class - {68258D5A-F48D-99E0-FFBF-35C3BFB74C94} - C:\WINDOWS\SYSTEM\ADDBM.DLL
O2 - BHO: Class - {3FF58C8E-86CB-B3F0-4262-DBB2C226A24E} - C:\WINDOWS\SYSTEM\SDKXG32.DLL
O2 - BHO: Class - {DFA15372-1741-EE58-9093-BD54D3229D22} - C:\WINDOWS\SYSXP32.DLL
O2 - BHO: (no name) - {313A1462-9B9F-3D33-B911-4D6198542621} - (no file)
O2 - BHO: Class - {0F1C3739-CC5D-6992-6F47-EE686EE4D193} - C:\WINDOWS\IEBD.DLL
O2 - BHO: Class - {CF30C520-DB2C-D18C-D86C-3486CBAC7398} - C:\WINDOWS\MSII.DLL
O2 - BHO: Class - {B2AB2982-601E-5168-7D51-BB031849B2AE} - C:\WINDOWS\SYSTEM\IEPB.DLL
O2 - BHO: (no name) - {9AC37E11-63C7-D3E6-8EAE-1319DCCFBDC1} - (no file)
O2 - BHO: Class - {42591F48-5938-46D1-B6DE-6A4542AEEAE7} - C:\WINDOWS\SYSTEM\NETNE.DLL
O2 - BHO: (no name) - {50B9D3EB-DAA2-54F6-5C19-8EE4DF6C6816} - (no file)
O2 - BHO: (no name) - {DD478A26-F514-E7E5-4A2D-4C8BA7FE16E3} - (no file)
O2 - BHO: (no name) - {058680EF-4C0E-9D88-7204-989DB27DFD59} - (no file)
O2 - BHO: Class - {9941F477-C8DB-4323-B820-B2AA41985140} - C:\WINDOWS\SYSVS32.DLL
O2 - BHO: Class - {8C429E39-0027-6104-934B-688569E6CE85} - C:\WINDOWS\SYSTEM\CRLI32.DLL
O2 - BHO: (no name) - {AD1A5142-02FA-2B34-366C-42627D9A045A} - (no file)
O2 - BHO: Class - {9647685F-668D-744B-560A-B905B504CC73} - C:\WINDOWS\CRDM32.DLL
O2 - BHO: Class - {0A71F855-C41B-33E9-BCAE-A757CE743090} - C:\WINDOWS\SYSTEM\SDKZD32.DLL
O2 - BHO: Class - {AF316680-ABFA-0627-B83B-E621AB550B83} - C:\WINDOWS\SYSTEM\MFCNJ.DLL
O2 - BHO: Class - {8260058E-BDBF-3E7C-DE87-716A144C19AA} - C:\WINDOWS\MFCAC32.DLL
O2 - BHO: (no name) - {42B7ADE0-CB9C-C85D-CE5C-16848697ADC6} - (no file)
O2 - BHO: Class - {27A8CAC2-029A-02AD-86D0-9B28F264AB06} - C:\WINDOWS\APIFD.DLL
O2 - BHO: (no name) - {87424B02-2FF6-09E1-E738-007E72109D83} - (no file)
O2 - BHO: Class - {D883CF02-7708-B4A7-E427-6CDEDB30AD25} - C:\WINDOWS\CRYN.DLL
O2 - BHO: Class - {2591D279-B7C3-5368-10B2-3F539F8F16DA} - C:\WINDOWS\SYSTEM\SDKTR32.DLL
O2 - BHO: Class - {B29E2A41-3C97-6262-2570-4FA07C68DEF1} - C:\WINDOWS\IPLX32.DLL
O2 - BHO: Class - {DBEFBC94-6EB0-A0C2-A2F9-33402AC42257} - C:\WINDOWS\WINWR32.DLL
O2 - BHO: Class - {AC8A5462-8F37-344F-B586-830E4534194F} - C:\WINDOWS\SYSTEM\JAVANC32.DLL
O2 - BHO: Class - {A818BD85-2B41-49E4-B9F9-80D9FBF83E60} - C:\WINDOWS\MFCYW32.DLL
O2 - BHO: Class - {32F9881D-46C9-A2D4-0B4E-FE08760083C7} - C:\WINDOWS\SYSTEM\MSKR32.DLL
O2 - BHO: Class - {02FB0926-449D-9940-6228-B032F8AF2310} - C:\WINDOWS\IPEG.DLL
O2 - BHO: Class - {4257FD6F-CC6E-C899-A041-064CA1A2E04A} - C:\WINDOWS\SYSBG32.DLL
O2 - BHO: Class - {60E27602-D57E-AE87-A18C-7E8AD993769E} - C:\WINDOWS\SYSTEM\ADDZK.DLL
O2 - BHO: Class - {1B0690C2-D68C-8EBD-7D78-D5657204C867} - C:\WINDOWS\SYSTEM\ADDWL32.DLL
O2 - BHO: (no name) - {D880E649-6073-8D01-04CC-3F321F6D56A5} - (no file)
O2 - BHO: (no name) - {D5622A73-BE5E-84D8-3B85-F319536A4696} - (no file)
O2 - BHO: Class - {4315B49B-5E29-196D-8255-596EEBB27DB0} - C:\WINDOWS\SYSTEM\APIGO.DLL
O2 - BHO: (no name) - {9ACA1819-E278-D81D-4318-5EBA73955C06} - (no file)
O2 - BHO: Class - {57FDE903-AAC0-B3E7-73BF-3516CC3EA006} - C:\WINDOWS\D3NB.DLL
O2 - BHO: (no name) - {4A9BAEEA-80CE-F915-C956-CB828B05C828} - (no file)
O2 - BHO: Class - {302FCDF6-C3B8-FDEF-DB33-BD6C8D4D3F17} - C:\WINDOWS\MFCCD.DLL
O2 - BHO: Class - {E3713D32-4404-118A-8F1C-4EDBD1BFEE70} - C:\WINDOWS\MSEV32.DLL
O2 - BHO: (no name) - {70958982-9286-4C4E-3FD3-FEC16A115FBF} - (no file)
O2 - BHO: Class - {11802ED9-3867-ABE3-A987-236735D2AA6D} - C:\WINDOWS\MSRW32.DLL
O2 - BHO: Class - {36989DAB-C7E2-EAF6-F1DE-822DB29A73A1} - C:\WINDOWS\SYSTEM\ADDMY32.DLL
O2 - BHO: Class - {4D3C5204-6F62-C647-8CC8-1C8D0356D793} - C:\WINDOWS\SYSTEM\MFCSO32.DLL
O2 - BHO: (no name) - {D5656802-6E90-5AEE-E0B5-D63166B32D47} - (no file)
O2 - BHO: Class - {323461F8-C4ED-40ED-89AD-3C46C8C5C391} - C:\WINDOWS\SYSTEM\CRPE32.DLL
O2 - BHO: Class - {3D27AF80-5B86-E341-1D1E-A168E9F69A97} - C:\WINDOWS\SYSTEM\NTYE.DLL
O2 - BHO: (no name) - {ED094E2D-10B1-7DB1-84CC-C1B055BABB7C} - (no file)
O2 - BHO: Class - {EB4C24C6-8760-33E9-55DD-EF05BB597CB7} - C:\WINDOWS\SYSTEM\CRGA32.DLL
O2 - BHO: Class - {C8ECE32F-6478-B278-BA63-C2FD89E2DCF5} - C:\WINDOWS\IENL.DLL
O2 - BHO: Class - {D83BDA67-495F-DD27-4634-7E43FDC68512} - C:\WINDOWS\WINKK32.DLL
O2 - BHO: Class - {984540E0-884A-7144-C86A-1A24E5141AF4} - C:\WINDOWS\MSQD32.DLL
O2 - BHO: Class - {D30D9A80-D84C-22CB-4882-BEE7E98A4ABB} - C:\WINDOWS\SYSTEM\SYSKO32.DLL
O2 - BHO: Class - {350532CD-75B4-6538-D634-37371144B27B} - C:\WINDOWS\SYSTEM\SDKPS32.DLL
O2 - BHO: (no name) - {2FCA3DE0-0928-B4AD-0D83-44697B4D7A24} - (no file)
O2 - BHO: Class - {BB7B5AD0-8481-4F5C-C00C-F6ED8E8BC959} - C:\WINDOWS\MSDY32.DLL
O2 - BHO: (no name) - {846F9A8E-E7DB-6F52-C00E-3F1ED8F8566C} - (no file)
O2 - BHO: Class - {68DEB7E7-FF84-6FBF-8005-38C8F6C8C156} - C:\WINDOWS\SYSTEM\IEFG.DLL
O2 - BHO: Class - {457204A3-D057-DA0A-92D9-6A514CDA3935} - C:\WINDOWS\SYSTEM\JAVAGV.DLL
O2 - BHO: Class - {F02D53A4-55DD-DBCC-7B6E-DF81C6992B27} - C:\WINDOWS\SYSTEM\MFCAM32.DLL
O2 - BHO: Class - {199436BD-DDF4-FB81-ABEF-204A5E343DBA} - C:\WINDOWS\SYSTEM\SYSEQ32.DLL
O2 - BHO: Class - {F81AE7DA-0793-DCBE-A432-2B2256B00899} - C:\WINDOWS\SYSTEM\MFCGU.DLL
O2 - BHO: Class - {5B4A9897-830C-1425-A652-0441F30ED5F0} - C:\WINDOWS\SYSTEM\SYSQP.DLL
O2 - BHO: Class - {C8BD4A98-45A5-E2AA-83C5-0A9AB8F19874} - C:\WINDOWS\WINHX32.DLL
O2 - BHO: Class - {71E7D52D-B823-C3C8-463F-905929086C42} - C:\WINDOWS\CRDD.DLL
O2 - BHO: (no name) - {58C2CEEB-3398-44B4-EDC9-257D82F705C5} - (no file)
O2 - BHO: (no name) - {0661D7C2-371C-C623-4982-2277DF99E129} - (no file)
O2 - BHO: Class - {D53BE37F-3A2E-270B-1A0A-66FD4B4BEE2F} - C:\WINDOWS\SYSEU32.DLL
O2 - BHO: (no name) - {1676763F-15C3-F5F2-9C0B-0631705661ED} - (no file)
O2 - BHO: Class - {604133F1-BF83-5ACA-2FE2-2B601C6A7458} - C:\WINDOWS\MFCIG.DLL
O2 - BHO: Class - {9E10B616-D6A4-32D5-95E7-6F227792C942} - C:\WINDOWS\D3II.DLL
O2 - BHO: Class - {61ACFD2D-92CF-C5C4-3EBB-7C236D3C5D81} - C:\WINDOWS\MSZN32.DLL
O2 - BHO: Class - {38C73996-E168-5BB1-D9B4-B8A69B4A3A6E} - C:\WINDOWS\SYSTEM\NETRE.DLL
O2 - BHO: Class - {EDF98A97-347E-607F-3CF0-0C3A19C2F759} - C:\WINDOWS\APPJE.DLL
O2 - BHO: (no name) - {EB4984A7-E07D-81B0-20C5-79624CAB8546} - (no file)
O2 - BHO: Class - {73A30E12-BF8F-41BB-916F-3B8603733986} - C:\WINDOWS\MFCFZ.DLL
O2 - BHO: Class - {B8830155-DABD-263E-9DB0-B251233F575C} - C:\WINDOWS\NETLX32.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {9676F784-5E6F-5C0B-13BE-ABEE4D4B4CB9} - (no file)
O2 - BHO: Class - {BEE6507E-E22F-4057-B4EB-80D82AB79254} - C:\WINDOWS\SYSTEM\D3SH.DLL
O2 - BHO: Class - {8849FD03-210F-3BC3-0713-DAC7CE7DD7AA} - C:\WINDOWS\D3DY.DLL
O2 - BHO: (no name) - {55E6CF7B-F013-B32D-B116-5147DD5BB2CC} - (no file)
O2 - BHO: Class - {E168F5FE-B4ED-8F84-E177-9057DA13933B} - C:\WINDOWS\APPVP.DLL
O2 - BHO: (no name) - {3AB81A3F-29D3-3712-1003-FEEBCCE5DFCA} - (no file)
O2 - BHO: Class - {A18BCBCE-8140-1854-2B7C-AE957E632346} - C:\WINDOWS\IPOO32.DLL
O2 - BHO: Class - {15C0BAD6-8D62-14B0-A3D9-92B7B4068490} - C:\WINDOWS\SDKJM.DLL
O2 - BHO: (no name) - {4D48529B-74F6-988B-1896-ABE0AA392AA1} - (no file)
O2 - BHO: (no name) - {A0D55CE9-E968-13A1-3898-FAA6E0792A89} - (no file)
O2 - BHO: Class - {EE37178B-E57C-4045-A483-E895595C72A5} - C:\WINDOWS\SDKFI.DLL
O2 - BHO: Class - {70874CBA-0534-0937-C204-E964541DEFC2} - C:\WINDOWS\SYSTEM\D3LC.DLL
O2 - BHO: (no name) - {ABE16C73-0350-87B7-654E-B07CF1F9FEF4} - (no file)
O2 - BHO: (no name) - {D12625AE-A957-757E-90B7-0FFA44B59314} - (no file)
O2 - BHO: (no name) - {979130FE-70C0-35E6-DFA3-4D4D55876849} - (no file)
O2 - BHO: Class - {CF4A2BF9-1C8A-40FB-DD55-D8DD4A74353E} - C:\WINDOWS\SYSTEM\NETIN32.DLL
O2 - BHO: Class - {6D3484AA-897D-AAF0-2D5F-04315F3B78D6} - C:\WINDOWS\SYSTEM\APPWR.DLL
O2 - BHO: Class - {00DD5500-8540-964C-2DA8-C829F9E58A84} - C:\WINDOWS\SYSTEM\NTFJ.DLL
O2 - BHO: Class - {BFA3E662-C8F6-5C22-9ADF-B7966E2436A3} - C:\WINDOWS\CRIM32.DLL
O2 - BHO: Class - {94C95AEA-D4CE-1EAF-5BAA-C6A9B84AD4E1} - C:\WINDOWS\MSKT32.DLL
O2 - BHO: Class - {EDB24B4A-5518-2545-0E95-1D954338745B} - C:\WINDOWS\SYSTEM\MFCZF.DLL
O2 - BHO: Class - {544CE33A-3E2B-DD6E-6F2E-B4A652372823} - C:\WINDOWS\SYSTEM\IEDD.DLL
O2 - BHO: Class - {2EE372A9-F742-A756-3400-3B92D79058A4} - C:\WINDOWS\SYSTEM\NETZU32.DLL
O2 - BHO: (no name) - {3206201D-4F85-F4B0-FA14-44773AFDF8DD} - (no file)
O2 - BHO: (no name) - {CC492B23-D765-1168-B1BB-2E0624A5E876} - (no file)
O2 - BHO: (no name) - {16A2ED8F-7E38-F255-D8EC-1D7C0C21F0FE} - (no file)
O2 - BHO: (no name) - {A6EFC404-D77D-C47E-F197-7B6BE2C7DB41} - (no file)
O2 - BHO: Class - {197F1C5B-757E-57B4-95EB-8831A16AFF22} - C:\WINDOWS\SYSTEM\ADDDZ32.DLL
O2 - BHO: Class - {94E17571-D9E8-A5B3-5EB9-0650B535AD4D} - C:\WINDOWS\SYSTEM\SYSUO32.DLL
O2 - BHO: Class - {3AEB4A53-5AC6-45A2-CC21-455FE967B86C} - C:\WINDOWS\SYSAF32.DLL
O2 - BHO: Class - {95965495-1470-4C61-CFC6-92CC68BB586B} - C:\WINDOWS\APIXO.DLL
O2 - BHO: (no name) - {75B83DE1-EE63-9125-A5C5-B6C6535B830E} - (no file)
O2 - BHO: Class - {172BF5DA-BFE0-84B4-A970-868C5009C873} - C:\WINDOWS\MFCOU.DLL
O2 - BHO: (no name) - {0D5FEF0C-8D31-3E41-E5DD-61BB7F0D7988} - (no file)
O2 - BHO: Class - {6813A243-6455-01F2-5ABA-4D5390F9C114} - C:\WINDOWS\IPIA.DLL
O2 - BHO: Class - {5FF8C9B6-66D9-0935-85FA-279CD1EB0EFD} - C:\WINDOWS\SYSTEM\APPQC.DLL
O2 - BHO: (no name) - {64A6ABE0-9644-5928-19BA-9CBAE0E5D13F} - (no file)
O2 - BHO: Class - {97D1E70A-CDA3-7B91-2D6D-8510ABA72E5D} - C:\WINDOWS\D3TM.DLL
O2 - BHO: (no name) - {92785D9A-20BA-33B7-8258-1F1AF4B27CD0} - (no file)
O2 - BHO: Class - {235AB52C-4D84-90AC-02AE-C710CD028699} - C:\WINDOWS\CRAB32.DLL
O2 - BHO: (no name) - {499C9352-48E9-5912-C965-897AC38DF6D1} - (no file)
O2 - BHO: Class - {16D199C7-F235-942C-E7CD-484759928237} - C:\WINDOWS\D3HT.DLL
O2 - BHO: Class - {992CAC4E-B9AA-BEDD-46A2-6F805F48E963} - C:\WINDOWS\SYSTEM\APIHT.DLL
O2 - BHO: (no name) - {88D23398-80FD-CCFF-2845-80C3E94F818D} - (no file)
O2 - BHO: Class - {3092B7EA-5B4B-9AC9-8BD7-63446D574263} - C:\WINDOWS\SYSTEM\MFCFN.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [PavProc] "C:\Program Files\Common Files\Panda Software\PavShld\PavPrS9x.exe"
O4 - HKLM\..\RunServices: [PAVFNSVR] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PavFnSvr.exe"
O4 - HKLM\..\RunServices: [PSIMSVC] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\PSIMSVC.exe"
O4 - HKLM\..\RunServices: [PNMSRV] "c:\program files\panda software\panda titanium 2006 antivirus + antispyware\firewall\PNMSRV.EXE"
O4 - HKLM\..\RunServices: [TPSrv9x] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv9x.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O12 - Plugin for .midi: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {D600B8BE-E2C0-11D0-82C0-00A0C91F048A} - http://broadcast.mic...ta/ssct1960.CAB
O16 - DPF: {BD1F006E-174F-11D2-95C0-00C04F9A8CFA} (SurveyCtl Class) - http://activex.micro...ards/Survey.cab
O16 - DPF: {8FBFE5FF-5E98-11D3-80AF-00C04FCFBC72} (SurveyCtl35 Class) - http://activex.micro...izards/sw35.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://63.175.96.152...sCamControl.ocx
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - http://activex.micro...eb/ikcntrls.cab
O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.15...tiveXImgCtl.CAB
O16 - DPF: {935E891B-7F5B-4F5E-B0E4-FF5D03462541} (YaYaEng Control) - http://www.yaya.com/...122/YaYaEng.cab
O16 - DPF: {5CE8C9BE-B561-4311-8C03-D6F6C1CAF7E1} (CSND_AX.ctlCSND_AX) - http://www3.compaq.c...ect/CSND_AX.CAB
O16 - DPF: {F554B9AB-E6C9-4FA6-BFE7-B3CB24AD5027} (MSN Money Charting) - http://fdl.msn.com/p...10/investor.cab
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} - http://www.wildtange...soft/wtinst.cab
O16 - DPF: {A23D7C20-CABA-11CF-A5D4-00AA00A47DD2} (Popup Window Object) - http://activex.micro...86/iepopwnd.cab
O16 - DPF: {99B42120-6EC7-11CF-A6C7-00AA00A47DD2} (Label Object) - http://activex.micro...x86/ielabel.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) - http://a840.g.akamai...uditControl.cab
O16 - DPF: {DED22F57-FEE2-11D0-953B-00C04FD9152D} (CarPoint Auto-Pricer Control) - http://carpoint.msn..../autopricer.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150...ip/RdxIE601.cab
O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) - http://http.gamezone...0.20/tukati.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.madonion...lobal/msc34.cab
O19 - User stylesheet: (file missing)
O21 - SSODL: System - {C7D026FB-5563-4EA6-9FFA-181A67FC4C15} - (no file)

    Advertisements

Register to Remove

#2 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 09 January 2006 - 01:48 PM

Errrrrrrr, hmmmmmmmm what can I say. To be honest it may be easier to wipe your hard drive and start over as this machine has so much garbage floating around in it.

But lets give it a shot.

Do you have anything disbaled in start up? If say make sure that everything is enabled for next Hijackthis scan.

Please download and run CWShredder. Make sure that all browser windows are closed with the exception of Cwshredder and choose FIX.

http://www.majorgeek...7fd6b3ff02edc90

REBOOT

Close all browser windows and then open Hijackthis. Put a check beside these lines and choose FIX

R1 - HKCU\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure.html

R3 - Default URLSearchHook is missing


O2 - BHO: (no name) - {F0FEAC69-B908-0A98-E707-86A79716D60E} - (no file)
O2 - BHO: Class - {877180E2-E50E-B6C8-70AE-236CC50DEFE9} - C:\WINDOWS\NTKH.DLL
O2 - BHO: (no name) - {C3967791-2E22-44BF-0AAB-3986EB6567DE} - (no file)
O2 - BHO: Class - {68258D5A-F48D-99E0-FFBF-35C3BFB74C94} - C:\WINDOWS\SYSTEM\ADDBM.DLL
O2 - BHO: Class - {3FF58C8E-86CB-B3F0-4262-DBB2C226A24E} - C:\WINDOWS\SYSTEM\SDKXG32.DLL
O2 - BHO: Class - {DFA15372-1741-EE58-9093-BD54D3229D22} - C:\WINDOWS\SYSXP32.DLL
O2 - BHO: (no name) - {313A1462-9B9F-3D33-B911-4D6198542621} - (no file)
O2 - BHO: Class - {0F1C3739-CC5D-6992-6F47-EE686EE4D193} - C:\WINDOWS\IEBD.DLL
O2 - BHO: Class - {CF30C520-DB2C-D18C-D86C-3486CBAC7398} - C:\WINDOWS\MSII.DLL
O2 - BHO: Class - {B2AB2982-601E-5168-7D51-BB031849B2AE} - C:\WINDOWS\SYSTEM\IEPB.DLL
O2 - BHO: (no name) - {9AC37E11-63C7-D3E6-8EAE-1319DCCFBDC1} - (no file)
O2 - BHO: Class - {42591F48-5938-46D1-B6DE-6A4542AEEAE7} - C:\WINDOWS\SYSTEM\NETNE.DLL
O2 - BHO: (no name) - {50B9D3EB-DAA2-54F6-5C19-8EE4DF6C6816} - (no file)
O2 - BHO: (no name) - {DD478A26-F514-E7E5-4A2D-4C8BA7FE16E3} - (no file)
O2 - BHO: (no name) - {058680EF-4C0E-9D88-7204-989DB27DFD59} - (no file)
O2 - BHO: Class - {9941F477-C8DB-4323-B820-B2AA41985140} - C:\WINDOWS\SYSVS32.DLL
O2 - BHO: Class - {8C429E39-0027-6104-934B-688569E6CE85} - C:\WINDOWS\SYSTEM\CRLI32.DLL
O2 - BHO: (no name) - {AD1A5142-02FA-2B34-366C-42627D9A045A} - (no file)
O2 - BHO: Class - {9647685F-668D-744B-560A-B905B504CC73} - C:\WINDOWS\CRDM32.DLL
O2 - BHO: Class - {0A71F855-C41B-33E9-BCAE-A757CE743090} - C:\WINDOWS\SYSTEM\SDKZD32.DLL
O2 - BHO: Class - {AF316680-ABFA-0627-B83B-E621AB550B83} - C:\WINDOWS\SYSTEM\MFCNJ.DLL
O2 - BHO: Class - {8260058E-BDBF-3E7C-DE87-716A144C19AA} - C:\WINDOWS\MFCAC32.DLL
O2 - BHO: (no name) - {42B7ADE0-CB9C-C85D-CE5C-16848697ADC6} - (no file)
O2 - BHO: Class - {27A8CAC2-029A-02AD-86D0-9B28F264AB06} - C:\WINDOWS\APIFD.DLL
O2 - BHO: (no name) - {87424B02-2FF6-09E1-E738-007E72109D83} - (no file)
O2 - BHO: Class - {D883CF02-7708-B4A7-E427-6CDEDB30AD25} - C:\WINDOWS\CRYN.DLL
O2 - BHO: Class - {2591D279-B7C3-5368-10B2-3F539F8F16DA} - C:\WINDOWS\SYSTEM\SDKTR32.DLL
O2 - BHO: Class - {B29E2A41-3C97-6262-2570-4FA07C68DEF1} - C:\WINDOWS\IPLX32.DLL
O2 - BHO: Class - {DBEFBC94-6EB0-A0C2-A2F9-33402AC42257} - C:\WINDOWS\WINWR32.DLL
O2 - BHO: Class - {AC8A5462-8F37-344F-B586-830E4534194F} - C:\WINDOWS\SYSTEM\JAVANC32.DLL
O2 - BHO: Class - {A818BD85-2B41-49E4-B9F9-80D9FBF83E60} - C:\WINDOWS\MFCYW32.DLL
O2 - BHO: Class - {32F9881D-46C9-A2D4-0B4E-FE08760083C7} - C:\WINDOWS\SYSTEM\MSKR32.DLL
O2 - BHO: Class - {02FB0926-449D-9940-6228-B032F8AF2310} - C:\WINDOWS\IPEG.DLL
O2 - BHO: Class - {4257FD6F-CC6E-C899-A041-064CA1A2E04A} - C:\WINDOWS\SYSBG32.DLL
O2 - BHO: Class - {60E27602-D57E-AE87-A18C-7E8AD993769E} - C:\WINDOWS\SYSTEM\ADDZK.DLL
O2 - BHO: Class - {1B0690C2-D68C-8EBD-7D78-D5657204C867} - C:\WINDOWS\SYSTEM\ADDWL32.DLL
O2 - BHO: (no name) - {D880E649-6073-8D01-04CC-3F321F6D56A5} - (no file)
O2 - BHO: (no name) - {D5622A73-BE5E-84D8-3B85-F319536A4696} - (no file)
O2 - BHO: Class - {4315B49B-5E29-196D-8255-596EEBB27DB0} - C:\WINDOWS\SYSTEM\APIGO.DLL
O2 - BHO: (no name) - {9ACA1819-E278-D81D-4318-5EBA73955C06} - (no file)
O2 - BHO: Class - {57FDE903-AAC0-B3E7-73BF-3516CC3EA006} - C:\WINDOWS\D3NB.DLL
O2 - BHO: (no name) - {4A9BAEEA-80CE-F915-C956-CB828B05C828} - (no file)
O2 - BHO: Class - {302FCDF6-C3B8-FDEF-DB33-BD6C8D4D3F17} - C:\WINDOWS\MFCCD.DLL
O2 - BHO: Class - {E3713D32-4404-118A-8F1C-4EDBD1BFEE70} - C:\WINDOWS\MSEV32.DLL
O2 - BHO: (no name) - {70958982-9286-4C4E-3FD3-FEC16A115FBF} - (no file)
O2 - BHO: Class - {11802ED9-3867-ABE3-A987-236735D2AA6D} - C:\WINDOWS\MSRW32.DLL
O2 - BHO: Class - {36989DAB-C7E2-EAF6-F1DE-822DB29A73A1} - C:\WINDOWS\SYSTEM\ADDMY32.DLL
O2 - BHO: Class - {4D3C5204-6F62-C647-8CC8-1C8D0356D793} - C:\WINDOWS\SYSTEM\MFCSO32.DLL
O2 - BHO: (no name) - {D5656802-6E90-5AEE-E0B5-D63166B32D47} - (no file)
O2 - BHO: Class - {323461F8-C4ED-40ED-89AD-3C46C8C5C391} - C:\WINDOWS\SYSTEM\CRPE32.DLL
O2 - BHO: Class - {3D27AF80-5B86-E341-1D1E-A168E9F69A97} - C:\WINDOWS\SYSTEM\NTYE.DLL
O2 - BHO: (no name) - {ED094E2D-10B1-7DB1-84CC-C1B055BABB7C} - (no file)
O2 - BHO: Class - {EB4C24C6-8760-33E9-55DD-EF05BB597CB7} - C:\WINDOWS\SYSTEM\CRGA32.DLL
O2 - BHO: Class - {C8ECE32F-6478-B278-BA63-C2FD89E2DCF5} - C:\WINDOWS\IENL.DLL
O2 - BHO: Class - {D83BDA67-495F-DD27-4634-7E43FDC68512} - C:\WINDOWS\WINKK32.DLL
O2 - BHO: Class - {984540E0-884A-7144-C86A-1A24E5141AF4} - C:\WINDOWS\MSQD32.DLL
O2 - BHO: Class - {D30D9A80-D84C-22CB-4882-BEE7E98A4ABB} - C:\WINDOWS\SYSTEM\SYSKO32.DLL
O2 - BHO: Class - {350532CD-75B4-6538-D634-37371144B27B} - C:\WINDOWS\SYSTEM\SDKPS32.DLL
O2 - BHO: (no name) - {2FCA3DE0-0928-B4AD-0D83-44697B4D7A24} - (no file)
O2 - BHO: Class - {BB7B5AD0-8481-4F5C-C00C-F6ED8E8BC959} - C:\WINDOWS\MSDY32.DLL
O2 - BHO: (no name) - {846F9A8E-E7DB-6F52-C00E-3F1ED8F8566C} - (no file)
O2 - BHO: Class - {68DEB7E7-FF84-6FBF-8005-38C8F6C8C156} - C:\WINDOWS\SYSTEM\IEFG.DLL
O2 - BHO: Class - {457204A3-D057-DA0A-92D9-6A514CDA3935} - C:\WINDOWS\SYSTEM\JAVAGV.DLL
O2 - BHO: Class - {F02D53A4-55DD-DBCC-7B6E-DF81C6992B27} - C:\WINDOWS\SYSTEM\MFCAM32.DLL
O2 - BHO: Class - {199436BD-DDF4-FB81-ABEF-204A5E343DBA} - C:\WINDOWS\SYSTEM\SYSEQ32.DLL
O2 - BHO: Class - {F81AE7DA-0793-DCBE-A432-2B2256B00899} - C:\WINDOWS\SYSTEM\MFCGU.DLL
O2 - BHO: Class - {5B4A9897-830C-1425-A652-0441F30ED5F0} - C:\WINDOWS\SYSTEM\SYSQP.DLL
O2 - BHO: Class - {C8BD4A98-45A5-E2AA-83C5-0A9AB8F19874} - C:\WINDOWS\WINHX32.DLL
O2 - BHO: Class - {71E7D52D-B823-C3C8-463F-905929086C42} - C:\WINDOWS\CRDD.DLL
O2 - BHO: (no name) - {58C2CEEB-3398-44B4-EDC9-257D82F705C5} - (no file)
O2 - BHO: (no name) - {0661D7C2-371C-C623-4982-2277DF99E129} - (no file)
O2 - BHO: Class - {D53BE37F-3A2E-270B-1A0A-66FD4B4BEE2F} - C:\WINDOWS\SYSEU32.DLL
O2 - BHO: (no name) - {1676763F-15C3-F5F2-9C0B-0631705661ED} - (no file)
O2 - BHO: Class - {604133F1-BF83-5ACA-2FE2-2B601C6A7458} - C:\WINDOWS\MFCIG.DLL
O2 - BHO: Class - {9E10B616-D6A4-32D5-95E7-6F227792C942} - C:\WINDOWS\D3II.DLL
O2 - BHO: Class - {61ACFD2D-92CF-C5C4-3EBB-7C236D3C5D81} - C:\WINDOWS\MSZN32.DLL
O2 - BHO: Class - {38C73996-E168-5BB1-D9B4-B8A69B4A3A6E} - C:\WINDOWS\SYSTEM\NETRE.DLL
O2 - BHO: Class - {EDF98A97-347E-607F-3CF0-0C3A19C2F759} - C:\WINDOWS\APPJE.DLL
O2 - BHO: (no name) - {EB4984A7-E07D-81B0-20C5-79624CAB8546} - (no file)
O2 - BHO: Class - {73A30E12-BF8F-41BB-916F-3B8603733986} - C:\WINDOWS\MFCFZ.DLL
O2 - BHO: Class - {B8830155-DABD-263E-9DB0-B251233F575C} - C:\WINDOWS\NETLX32.DLL
O2 - BHO: (no name) - {9676F784-5E6F-5C0B-13BE-ABEE4D4B4CB9} - (no file)
O2 - BHO: Class - {BEE6507E-E22F-4057-B4EB-80D82AB79254} - C:\WINDOWS\SYSTEM\D3SH.DLL
O2 - BHO: Class - {8849FD03-210F-3BC3-0713-DAC7CE7DD7AA} - C:\WINDOWS\D3DY.DLL
O2 - BHO: (no name) - {55E6CF7B-F013-B32D-B116-5147DD5BB2CC} - (no file)
O2 - BHO: Class - {E168F5FE-B4ED-8F84-E177-9057DA13933B} - C:\WINDOWS\APPVP.DLL
O2 - BHO: (no name) - {3AB81A3F-29D3-3712-1003-FEEBCCE5DFCA} - (no file)
O2 - BHO: Class - {A18BCBCE-8140-1854-2B7C-AE957E632346} - C:\WINDOWS\IPOO32.DLL
O2 - BHO: Class - {15C0BAD6-8D62-14B0-A3D9-92B7B4068490} - C:\WINDOWS\SDKJM.DLL
O2 - BHO: (no name) - {4D48529B-74F6-988B-1896-ABE0AA392AA1} - (no file)
O2 - BHO: (no name) - {A0D55CE9-E968-13A1-3898-FAA6E0792A89} - (no file)
O2 - BHO: Class - {EE37178B-E57C-4045-A483-E895595C72A5} - C:\WINDOWS\SDKFI.DLL
O2 - BHO: Class - {70874CBA-0534-0937-C204-E964541DEFC2} - C:\WINDOWS\SYSTEM\D3LC.DLL
O2 - BHO: (no name) - {ABE16C73-0350-87B7-654E-B07CF1F9FEF4} - (no file)
O2 - BHO: (no name) - {D12625AE-A957-757E-90B7-0FFA44B59314} - (no file)
O2 - BHO: (no name) - {979130FE-70C0-35E6-DFA3-4D4D55876849} - (no file)
O2 - BHO: Class - {CF4A2BF9-1C8A-40FB-DD55-D8DD4A74353E} - C:\WINDOWS\SYSTEM\NETIN32.DLL
O2 - BHO: Class - {6D3484AA-897D-AAF0-2D5F-04315F3B78D6} - C:\WINDOWS\SYSTEM\APPWR.DLL
O2 - BHO: Class - {00DD5500-8540-964C-2DA8-C829F9E58A84} - C:\WINDOWS\SYSTEM\NTFJ.DLL
O2 - BHO: Class - {BFA3E662-C8F6-5C22-9ADF-B7966E2436A3} - C:\WINDOWS\CRIM32.DLL
O2 - BHO: Class - {94C95AEA-D4CE-1EAF-5BAA-C6A9B84AD4E1} - C:\WINDOWS\MSKT32.DLL
O2 - BHO: Class - {EDB24B4A-5518-2545-0E95-1D954338745B} - C:\WINDOWS\SYSTEM\MFCZF.DLL
O2 - BHO: Class - {544CE33A-3E2B-DD6E-6F2E-B4A652372823} - C:\WINDOWS\SYSTEM\IEDD.DLL
O2 - BHO: Class - {2EE372A9-F742-A756-3400-3B92D79058A4} - C:\WINDOWS\SYSTEM\NETZU32.DLL
O2 - BHO: (no name) - {3206201D-4F85-F4B0-FA14-44773AFDF8DD} - (no file)
O2 - BHO: (no name) - {CC492B23-D765-1168-B1BB-2E0624A5E876} - (no file)
O2 - BHO: (no name) - {16A2ED8F-7E38-F255-D8EC-1D7C0C21F0FE} - (no file)
O2 - BHO: (no name) - {A6EFC404-D77D-C47E-F197-7B6BE2C7DB41} - (no file)
O2 - BHO: Class - {197F1C5B-757E-57B4-95EB-8831A16AFF22} - C:\WINDOWS\SYSTEM\ADDDZ32.DLL
O2 - BHO: Class - {94E17571-D9E8-A5B3-5EB9-0650B535AD4D} - C:\WINDOWS\SYSTEM\SYSUO32.DLL
O2 - BHO: Class - {3AEB4A53-5AC6-45A2-CC21-455FE967B86C} - C:\WINDOWS\SYSAF32.DLL
O2 - BHO: Class - {95965495-1470-4C61-CFC6-92CC68BB586B} - C:\WINDOWS\APIXO.DLL
O2 - BHO: (no name) - {75B83DE1-EE63-9125-A5C5-B6C6535B830E} - (no file)
O2 - BHO: Class - {172BF5DA-BFE0-84B4-A970-868C5009C873} - C:\WINDOWS\MFCOU.DLL
O2 - BHO: (no name) - {0D5FEF0C-8D31-3E41-E5DD-61BB7F0D7988} - (no file)
O2 - BHO: Class - {6813A243-6455-01F2-5ABA-4D5390F9C114} - C:\WINDOWS\IPIA.DLL
O2 - BHO: Class - {5FF8C9B6-66D9-0935-85FA-279CD1EB0EFD} - C:\WINDOWS\SYSTEM\APPQC.DLL
O2 - BHO: (no name) - {64A6ABE0-9644-5928-19BA-9CBAE0E5D13F} - (no file)
O2 - BHO: Class - {97D1E70A-CDA3-7B91-2D6D-8510ABA72E5D} - C:\WINDOWS\D3TM.DLL
O2 - BHO: (no name) - {92785D9A-20BA-33B7-8258-1F1AF4B27CD0} - (no file)
O2 - BHO: Class - {235AB52C-4D84-90AC-02AE-C710CD028699} - C:\WINDOWS\CRAB32.DLL
O2 - BHO: (no name) - {499C9352-48E9-5912-C965-897AC38DF6D1} - (no file)
O2 - BHO: Class - {16D199C7-F235-942C-E7CD-484759928237} - C:\WINDOWS\D3HT.DLL
O2 - BHO: Class - {992CAC4E-B9AA-BEDD-46A2-6F805F48E963} - C:\WINDOWS\SYSTEM\APIHT.DLL
O2 - BHO: (no name) - {88D23398-80FD-CCFF-2845-80C3E94F818D} - (no file)
O2 - BHO: Class - {3092B7EA-5B4B-9AC9-8BD7-63446D574263} - C:\WINDOWS\SYSTEM\MFCFN.DLL

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O15 - Trusted IP range: 206.161.125.149

O16 - DPF: {D600B8BE-E2C0-11D0-82C0-00A0C91F048A} - http://broadcast.mic...ta/ssct1960.CAB
O16 - DPF: {BD1F006E-174F-11D2-95C0-00C04F9A8CFA} (SurveyCtl Class) - http://activex.micro...ards/Survey.cab
O16 - DPF: {8FBFE5FF-5E98-11D3-80AF-00C04FCFBC72} (SurveyCtl35 Class) - http://activex.micro...izards/sw35.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://63.175.96.152...sCamControl.ocx
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - http://activex.micro...eb/ikcntrls.cab
O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.15...tiveXImgCtl.CAB
O16 - DPF: {935E891B-7F5B-4F5E-B0E4-FF5D03462541} (YaYaEng Control) - http://www.yaya.com/...122/YaYaEng.cab
O16 - DPF: {5CE8C9BE-B561-4311-8C03-D6F6C1CAF7E1} (CSND_AX.ctlCSND_AX) - http://www3.compaq.c...ect/CSND_AX.CAB
O16 - DPF: {F554B9AB-E6C9-4FA6-BFE7-B3CB24AD5027} (MSN Money Charting) - http://fdl.msn.com/p...10/investor.cab
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} - http://www.wildtange...soft/wtinst.cab
O16 - DPF: {A23D7C20-CABA-11CF-A5D4-00AA00A47DD2} (Popup Window Object) - http://activex.micro...86/iepopwnd.cab
O16 - DPF: {99B42120-6EC7-11CF-A6C7-00AA00A47DD2} (Label Object) - http://activex.micro...x86/ielabel.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) - http://a840.g.akamai...uditControl.cab
O16 - DPF: {DED22F57-FEE2-11D0-953B-00C04FD9152D} (CarPoint Auto-Pricer Control) - http://carpoint.msn..../autopricer.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150...ip/RdxIE601.cab
O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) - http://http.gamezone...0.20/tukati.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.madonion...lobal/msc34.cab

O19 - User stylesheet: (file missing)

O21 - SSODL: System - {C7D026FB-5563-4EA6-9FFA-181A67FC4C15} - (no file)

Reboot.

Please download Asquared from the link below.

http://www.emsisoft....tware/download/

Safe it to your desktop. Next open and check for updates.

Boot to safe mode (tap f8 while bios loads)

Then scan your system (this will take some time) after the scan is compelte allow it to fix what it has found. If there is something that it can not clean please let me know what it was.

Then reboot and post a new hijackthis log.

Edited by Siggyx, 09 January 2006 - 01:50 PM.

#3 zepledin2

zepledin2

    New Member

  • New Member
  • Pip
  • 2 posts

Posted 09 January 2006 - 03:47 PM

I tried to use the restore disk before posting here, but I can't even get that to work. Must be, I don't know something to do with IE not working maybe. Well I tried installing cwshredder and got the illeagal operation and will be shut down pop-up tried again and got this "Another instance of CoolWebSearch Trojan Remover may "already already" running" So I did a search in windows explorer, and found nothing for cwshredder exept the file I just down loaded. Remember this is a spare computer, so bring it on :)

#4 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 09 January 2006 - 08:10 PM

Ok then use hijackthis and remove what I requested and then a new log please.

#5 zepledin

zepledin

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 10 January 2006 - 11:54 AM

Hi siggyx, I found an old backup file in win-rescue98, gave it a shot and it worked. Its still loaded with nasties, but its workable now. I have to reinstall Norton since the win & ini. files for startup are tied to it now. Then I will do a uninstall of norton and see how it starts up. Right now Spybot is doing a scan on starup as it requested to do last night after a scan I ran. I will hold off on doing the reinstall of Norton or anything else intill I hear back from you. THANKS FOR YOUR HELP PS. I no longer have a paypal account, due to some MLM programs I'm with. But I will look at other options in the donation area, or just use my wife's paypal account. This service you guys provide is great! And needs to be supported for those who will be here after me.

#6 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 11 January 2006 - 07:36 PM

Glad we could be of assistance. This topic is now closed. If you wish it reopened, please send us an email (Click for address) with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Make sure you use proper prevention to keep from having problems occur to your computer in the future.

Coyote's Installed programs for prevention:

http://forums.tomcoy...showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·