View Full Version : At the start of logging in there a lot of error message
zerozone
Jan 20, 2007, 04:09 PM
When I log in there a message can't find regedit.exe and want me to search for it.I did search for it , it wasn't miss it at the system32 folder, after that I click OK and then there a lot of error message that display the programs I installed were unknow appication or damaged Also when I try to open appication inside the Control Panel it would said the rundll32.exe is unkonw appication or it damaged.And I can't open any programs in my PC without using some special way. I can open the program files program that I installed but I can't open the appication inisde the Control Panel with the special way.For eample , like user acounts, folder option, display and all those appication that inside Control Panel.
I really need help right now :confused: :confused: :confused: :(
Curlyben
Jan 20, 2007, 04:12 PM
First off try and get ino Safe mode and do a system restore to before this started.
If this fails then try a repair install for your XP first, may just do the trick ;)
Here's (http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/doug92.mspx) the official Micro$oft way of doing a repair install,
And Here's (http://www.geekstogo.com/forum/index.php?showtopic=138) one with screen shots.
Basically this installs windows over the top of your current setup.
So you don't loose any information you already have.
zerozone
Jan 20, 2007, 04:48 PM
I try the system restore but when I right-click on my computer on the properties it said about rundll32 unknown appication or damaged.
I don't have the reboot cd
I hope the hijackthis help
Logfile of HijackThis v1.99.1
Scan saved at 1:05:51 AM, on 8/19/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\system32\server.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\TT\TTraveler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\English\Desktop\hijackthis.exe
O2 - BHO: (no name) - {012E390E-02A4-4B43-8093-C02309B83FB8} - (no file)
O2 - BHO: (no name) - {02242500-2D65-4F82-8C12-402F2C364306} - (no file)
O2 - BHO: (no name) - {03707DDC-E874-4EAE-9FBF-7302D2384522} - (no file)
O2 - BHO: (no name) - {04C6675E-0172-4288-9790-A9379D48F440} - (no file)
O2 - BHO: (no name) - {04E6323D-2C26-41BD-9DA2-9E06076296FE} - (no file)
O2 - BHO: (no name) - {067252A7-DDD2-4D65-9710-82C68B7F5D64} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0
\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {069EAF6E-BB38-42A3-B8C1-3172D9FD1ABF} - (no file)
O2 - BHO: (no name) - {07C70A35-7038-481F-908E-D1340EFA4E49} - (no file)
O2 - BHO: (no name) - {0873E579-15DB-4C1C-84D3-E752E3EC16AE} - (no file)
O2 - BHO: (no name) - {09840E3F-0D0D-494B-B6E7-0367964915EB} - (no file)
O2 - BHO: (no name) - {09DCA9C3-FC14-4E67-AA5C-AA01BF852F78} - (no file)
O2 - BHO: (no name) - {0AF964CF-29DE-4F1E-8F99-5E7DC983756B} - (no file)
O2 - BHO: (no name) - {0AFA70BE-B9D8-4AFE-AAE7-B90DE4901A77} - (no file)
O2 - BHO: xBarHelper.MoveCatchPic - {0CF098A0-CBAC-4EFB-8451-3AFC201C7222}
- (no file)
O2 - BHO: (no name) - {0D5A53BB-7E05-4406-9820-3A8D9BCFD5D6} - (no file)
O2 - BHO: (no name) - {0D620B6C-3E24-4B85-80BC-77CA7AE9D549} - (no file)
O2 - BHO: (no name) - {0DB1F8D6-55CD-4170-B71B-894F7CEA7B21} - (no file)
O2 - BHO: (no name) - {0DB5B04A-3C21-44CF-B4FF-08C79BB65572} - (no file)
O2 - BHO: (no name) - {0E7F508D-F730-46CF-B50D-AC4715D57EDC} - (no file)
O2 - BHO: (no name) - {119B3111-13D4-43AA-8F08-AC5C7036A680} - (no file)
O2 - BHO: (no name) - {129E5A39-640E-474F-B88F-B7D8BC1C4040} - (no file)
O2 - BHO: (no name) - {13720214-B515-4112-B18F-E85076B9C224} - (no file)
O2 - BHO: (no name) - {13777EC9-3516-4A7C-BD89-1B404D2B11D9} - (no file)
O2 - BHO: (no name) - {154A39C9-BEE0-4101-8BCE-92FB3F155BDB} - (no file)
O2 - BHO: (no name) - {163438A1-0E57-495E-AB32-AF464D88929C} - (no file)
O2 - BHO: (no name) - {1635FFDF-ED1B-4621-A96D-00BCFB95491D} - (no file)
O2 - BHO: (no name) - {164E6B19-1EB4-4962-850E-252C71BE083F} - (no file)
O2 - BHO: (no name) - {16BF007E-15CA-4D55-BAAA-4B9C16F9A504} - (no file)
O2 - BHO: (no name) - {173F24B6-A13F-4CF4-97CB-285191BC9AF5} - (no file)
O2 - BHO: (no name) - {17672C2E-04D6-4015-9CF8-C29ABD1AB48B} - (no file)
O2 - BHO: (no name) - {181E3962-F6B0-4D09-954F-A75FFDBE4598} - (no file)
O2 - BHO: (no name) - {1854AA45-AC41-474D-A582-4945EF0AC62E} - (no file)
O2 - BHO: (no name) - {189B961F-B0AA-4BAB-B952-0BB090A4E30F} - (no file)
O2 - BHO: (no name) - {1907757E-F8A0-416D-BCD2-4585C81C1A52} - (no file)
O2 - BHO: (no name) - {1BD203C2-10FC-441D-AE1B-E1D759F39483} - (no file)
O2 - BHO: (no name) - {1BF1F514-B5AE-4041-81FE-370714632D53} - (no file)
O2 - BHO: (no name) - {1C908633-895E-4513-B391-C11F57A8B5A3} - (no file)
O2 - BHO: (no name) - {1D57C6B7-B007-460A-A146-FA90D60DD450} - (no file)
O2 - BHO: (no name) - {1E558F98-BBD6-44D7-89D0-CA1088583371} - (no file)
O2 - BHO: (no name) - {1E56053A-8743-421C-A781-217EB73AEE5D} - (no file)
O2 - BHO: (no name) - {1E97C9B3-A9BA-47B1-A868-A216121542B7} - (no file)
O2 - BHO: (no name) - {1EDA8BC8-153B-475E-9242-00EC191F0C37} - (no file)
O2 - BHO: (no name) - {1F8EAD3A-D83E-4DF6-BE7B-7CA210E371C2} - (no file)
O2 - BHO: (no name) - {2055BD3C-2753-4AA4-A059-D80ECCF16E43} - (no file)
O2 - BHO: (no name) - {205F3725-08DA-45B3-8DAB-D865752D669E} - (no file)
O2 - BHO: (no name) - {205FB932-5174-43DF-82A3-BFE0ABEDD187} - (no file)
O2 - BHO: (no name) - {20D90A04-2B30-4233-B62B-6B8CC6DD6E86} - (no file)
O2 - BHO: (no name) - {222D96EB-9F68-4057-AB24-3206E55AA180} - (no file)
O2 - BHO: (no name) - {225CF4E3-9D8F-40A3-82BF-2614961B70E8} - (no file)
O2 - BHO: (no name) - {227FC3CE-37B6-4DD1-B3F9-557C575D9D30} - (no file)
O2 - BHO: (no name) - {234E2970-CA78-4A56-A17A-182DD3040FCE} - (no file)
O2 - BHO: (no name) - {23AB706D-3049-4AE2-AC8C-3DF1F8832C03} - (no file)
O2 - BHO: (no name) - {23E76FDD-B478-4355-97CE-04CC232D12C7} - (no file)
O2 - BHO: (no name) - {23FA7D6C-561F-4343-A451-E22D5127CE2A} - (no file)
O2 - BHO: (no name) - {2523C7C1-D259-4481-B823-E796CC080116} - (no file)
O2 - BHO: (no name) - {252A764F-07AF-4B48-B955-996286A6A9B2} - (no file)
O2 - BHO: (no name) - {256A1048-5E08-4ABF-B2F0-39479E53E879} - (no file)
O2 - BHO: (no name) - {267D634B-0157-45D9-ABA5-48C4238FA0FD} - (no file)
O2 - BHO: (no name) - {276F5E81-9A6F-49F3-A39D-76A293BDECDF} - (no file)
O2 - BHO: (no name) - {2791CD89-2526-44D8-933F-84F92AE460C7} - (no file)
O2 - BHO: (no name) - {2858DFFF-4CF6-4428-949D-E30B5458E482} - (no file)
O2 - BHO: (no name) - {2889E049-5FE8-4B9A-988A-894332E41FE4} - (no file)
O2 - BHO: (no name) - {29309B80-879B-488C-952C-2801E09D246A} - (no file)
O2 - BHO: (no name) - {2948B2C3-CD48-422C-B75F-41F7D9D70D6B} - (no file)
O2 - BHO: (no name) - {297BBCC5-94CE-42BF-8111-45EFC2D8BF9B} - (no file)
O2 - BHO: (no name) - {29D0D69F-A4A9-4301-AA68-E84794D0A804} - (no file)
O2 - BHO: (no name) - {2B04FF4E-B1EF-461D-8F4E-3EB39D0AF22C} - (no file)
O2 - BHO: (no name) - {2BC6FF33-B6BE-4943-BF53-696A257EBAB8} - (no file)
O2 - BHO: (no name) - {2C8D16C7-59A1-4B93-A5D3-2B5B7E97D7AB} - (no file)
O2 - BHO: (no name) - {2CAA27EB-96C4-48D0-8638-BDF83D0F2C88} - (no file)
O2 - BHO: (no name) - {2D36781C-2CE3-416A-8471-C02C950EEFB8} - (no file)
O2 - BHO: (no name) - {2DAE9147-B238-4070-9FB0-7B3B7ACDB6D7} - (no file)
O2 - BHO: (no name) - {2EB1F737-363D-4AAB-BD74-0854B070FF31} - (no file)
O2 - BHO: (no name) - {2FBA4507-FB53-464D-92D6-C02D31DC95B2} - (no file)
O2 - BHO: (no name) - {3091E448-254F-4978-B71D-276299E4BC76} - (no file)
O2 - BHO: (no name) - {30F35AE6-99FD-43E1-BFA8-BDC2749F266D} - (no file)
O2 - BHO: (no name) - {326B06F4-56D7-467B-A8DF-4374E062B3D2} - (no file)
O2 - BHO: (no name) - {32E3E892-9C06-449C-9475-6564A90336B3} - (no file)
O2 - BHO: (no name) - {32F7C670-36E4-4D16-BCC9-33460A6AB285} - (no file)
O2 - BHO: (no name) - {330063AC-C8D6-4487-A127-2934182C6DE1} - (no file)
O2 - BHO: (no name) - {33205DC4-4152-4E8E-AF47-9B1557033C64} - (no file)
O2 - BHO: (no name) - {3354D697-93C7-4FA3-9B8D-F5CD309F08ED} - (no file)
O2 - BHO: (no name) - {33561269-6AC7-4115-9265-BF04EB9F5FFA} - (no file)
O2 - BHO: (no name) - {343B261B-9B63-4AA9-95F9-6A8977434C80} - (no file)
O2 - BHO: (no name) - {34A25ACA-D5A0-49E0-A4AD-2274177A2AC5} - (no file)
zerozone
Jan 20, 2007, 04:50 PM
O2 - BHO: (no name) - {34C6FD0E-3119-4A1E-9245-1A9A31BA9AFA} - (no file)
O2 - BHO: (no name) - {36912504-88BB-4AA9-B33F-E3F5E41C37A9} - (no file)
O2 - BHO: (no name) - {37CDA469-D63A-415A-B794-C03CDD807D1B} - (no file)
O2 - BHO: (no name) - {39327DCD-2FA0-4743-A8E2-7451AD9977C8} - (no file)
O2 - BHO: (no name) - {39D41D23-52B9-4FDD-B84E-B221F85F67DB} - (no file)
O2 - BHO: (no name) - {3A1AAEFC-43BA-439A-BF04-4614D2EB1B1E} - (no file)
O2 - BHO: (no name) - {3A27780D-4251-4727-BC31-08EA3102BAEC} - (no file)
O2 - BHO: (no name) - {3A3E6FA1-4C1A-4BA3-8662-E81E96EB3A1B} - (no file)
O2 - BHO: (no name) - {3CD03114-B07E-48A9-A815-EBC4EE501926} - (no file)
O2 - BHO: (no name) - {3CDC0E77-D183-44C6-8E87-505D53847A50} - (no file)
O2 - BHO: (no name) - {3D9BBB02-6EAE-45B5-AFA9-8DDC8CE57D33} - (no file)
O2 - BHO: (no name) - {3DD0E544-D399-4A4D-8978-9E1A6DEC8F67} - (no file)
O2 - BHO: (no name) - {3E007E83-95E0-40AF-B418-410A686F79DF} - (no file)
O2 - BHO: (no name) - {3E745FE7-2CC7-4133-BA44-45303B901B73} - (no file)
O2 - BHO: (no name) - {3EC4F673-1675-4E5F-90D8-93B38F123823} - (no file)
O2 - BHO: (no name) - {3F83600E-86EE-4E36-B156-D3B0EFFBAF95} - (no file)
O2 - BHO: (no name) - {400B4633-8ED2-40E9-9BA6-9A7A15C498E0} - (no file)
O2 - BHO: (no name) - {4021967A-2AAA-4138-BEDF-D72D8990BC3A} - (no file)
O2 - BHO: (no name) - {4067237F-D791-4343-BCE0-3A04220B32D1} - (no file)
O2 - BHO:?? é?¨2¨o? - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} -
C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: (no name) - {40A7FD41-C3F2-4D1E-94CE-69801C4E56BC} - (no file)
O2 - BHO: (no name) - {41778537-4EAC-4477-B53B-8596CF43A09C} - (no file)
O2 - BHO: (no name) - {41C22416-FCC1-489A-B7BF-375AC6EEC121} - (no file)
O2 - BHO: (no name) - {4201760B-877E-46C0-A651-9CA567CE7A5F} - (no file)
O2 - BHO: (no name) - {42779D43-DA98-41C5-8B21-93409A658452} - (no file)
O2 - BHO: (no name) - {42BD76C6-29D8-4118-BCA6-8D134566A2F4} - (no file)
O2 - BHO: (no name) - {43555B78-F5BB-4CF1-86E5-F095D5AF432F} - (no file)
O2 - BHO: (no name) - {43C9F3A6-E7BD-40F1-B068-0F8F57EB69C0} - (no file)
O2 - BHO: (no name) - {46775BDB-7F55-452A-B09B-1E9000793807} - (no file)
O2 - BHO: (no name) - {470D2BE8-352E-4102-82F4-5F03C05AEF79} - (no file)
O2 - BHO: (no name) - {4740CD3E-5481-4F9B-8892-8ECAA4667765} - (no file)
O2 - BHO: (no name) - {48934F8C-5244-4849-9E2C-3470C950B6D6} - (no file)
O2 - BHO: (no name) - {4A0CE101-7152-4112-9047-BF7B43003146} - (no file)
O2 - BHO: (no name) - {4A452E41-8F5C-423A-8443-8E716E3137DB} - (no file)
O2 - BHO: (no name) - {4AB539AF-F102-4C06-8DB4-7AA5C26A2FED} - (no file)
O2 - BHO: (no name) - {4B2ED4E1-A08A-4303-BA6D-C9B432E82E13} - (no file)
O2 - BHO: (no name) - {4BF054F2-CD5F-4CD1-A2D6-A1CBDA30AA03} - (no file)
O2 - BHO: (no name) - {4C3D5F78-727E-4D99-BA73-67D81BA63666} - (no file)
O2 - BHO: (no name) - {4DD630ED-A472-462B-9715-179BAA409CCE} - (no file)
O2 - BHO: (no name) - {4E02090F-B4D3-45AE-B6B4-172C4637A998} - (no file)
O2 - BHO: (no name) - {50312432-917C-439E-8005-AE87A517D5EE} - (no file)
O2 - BHO: (no name) - {5050C721-02EC-421B-9CA1-B9C045FA8795} - (no file)
O2 - BHO: (no name) - {50D0F2AC-1F1E-42E2-A0DC-B70FD515C907} - (no file)
O2 - BHO: (no name) - {5257BDE4-94B6-4926-A936-6CA286B52D45} - (no file)
O2 - BHO: (no name) - {529600DE-E2A1-48CF-BE85-CE0090E962F8} - (no file)
O2 - BHO: (no name) - {52D3200D-344D-4268-B0FC-ABE56017DE3E} - (no file)
O2 - BHO: (no name) - {53302F2D-35C6-452A-A6E5-47BDA111F150} - (no file)
O2 - BHO: (no name) - {5357D01F-8BA7-49BE-AAA6-0071CEF29725} - (no file)
O2 - BHO: (no name) - {536CEDD3-F36C-40C6-9DBB-E265A3B9131D} - (no file)
O2 - BHO: (no name) - {53CF1E4D-CA51-4CA5-9ABC-AFBD8E22F0FF} - (no file)
O2 - BHO: (no name) - {54A013E6-B263-479D-8F72-2085B6077355} - (no file)
O2 - BHO: (no name) - {54C4E482-2CE5-4C11-A96D-651C747A28D7} - (no file)
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - (no file)
O2 - BHO: (no name) - {54F279A8-3743-4D16-8B48-7BFE0818B1B4} - (no file)
O2 - BHO: (no name) - {55BC3B60-C9D4-41AC-9B2D-98583795B7F5} - (no file)
O2 - BHO: (no name) - {55E85A18-82DC-47F7-A66D-2DBD1BD2717F} - (no file)
O2 - BHO: (no name) - {5862A8CA-C43A-4722-93BC-81B841E76155} - (no file)
O2 - BHO: (no name) - {589594A1-16F0-4571-B3F5-D98E578A651E} - (no file)
O2 - BHO: (no name) - {594C07F6-A454-4BC8-873B-BCA492BD4087} - (no file)
O2 - BHO: (no name) - {59A483B9-48C5-4221-B3F9-7FBAB66B3741} - (no file)
O2 - BHO: (no name) - {59D51E56-D7FF-40AC-A4C2-5DB7952500E4} - (no file)
O2 - BHO: (no name) - {5AF45E58-EFB7-492F-9681-386A54ED5519} - (no file)
O2 - BHO: (no name) - {5C0307ED-75D5-4477-8A15-6A5C0869E0A8} - (no file)
O2 - BHO: (no name) - {5C341794-9FB0-4324-8B66-F9CF6DA34336} - (no file)
O2 - BHO: (no name) - {5F606A0D-EF55-435F-AFA1-9CFA7A54C9B0} - (no file)
O2 - BHO: (no name) - {6015AC97-BF50-43B0-A714-78CD0CF038AB} - (no file)
O2 - BHO: (no name) - {62BBF89F-C245-4C13-8F75-440254E8CE57} - (no file)
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} -
C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O2 - BHO: (no name) - {66102A41-4094-4BAE-86DC-81BC8F632E45} - (no file)
O2 - BHO: (no name) - {66D8A9B9-672C-47AD-849D-88A423BDD8AC} - (no file)
O2 - BHO: (no name) - {6871CECB-034A-4AEF-A08D-28DECAB9F6C5} - (no file)
O2 - BHO: (no name) - {692B31B9-74D4-4854-8AE9-70C081FFD851} - (no file)
O2 - BHO: (no name) - {6BD43C3D-2D58-4B00-9943-E8F8ACC2897D} - (no file)
O2 - BHO: (no name) - {6C5FDF23-A9B0-49F4-806B-8EF887451E4B} - (no file)
O2 - BHO: (no name) - {6C7DCCEC-5145-4245-93C3-5C1B6EC8D32A} - (no file)
O2 - BHO: (no name) - {6C8C1A65-ED35-4737-9489-2CD3D2FF63D4} - (no file)
O2 - BHO: (no name) - {6CFE0F9B-DDC9-4AFC-9613-483109DC3447} - (no file)
O2 - BHO: (no name) - {6D15ADF7-356D-4C3A-AA16-2AF408953CD0} - (no file)
O2 - BHO: (no name) - {6D7829F4-4623-4404-95BD-240CBFA2EA43} - (no file)
O2 - BHO: (no name) - {6E6F9DDA-5637-4C03-937C-991D6D3990F4} - (no file)
O2 - BHO: (no name) - {6E72F763-EAC6-4008-8B87-11967A9B5B75} - (no file)
O2 - BHO: (no name) - {6E9AFE91-DEF2-4A49-9176-D011ED9F151E} - (no file)
O2 - BHO: (no name) - {6EF78242-7A8F-44F0-BF1A-AA6C591EE82C} - (no file)
O2 - BHO: (no name) - {715EC4B6-E331-462A-B709-EFD0870D0C71} - (no file)
O2 - BHO: (no name) - {716C18EC-0F9A-41EF-914F-7D3FC139615A} - (no file)
O2 - BHO: (no name) - {71B74091-94C9-4F4D-B69E-B258A6CC0E3C} - (no file)
O2 - BHO: (no name) - {71DA6ADD-D7C3-4EC9-89B8-C27107F0100C} - (no file)
O2 - BHO: (no name) - {730B78CE-A91E-4838-8D53-92CDA360E11E} - (no file)
O2 - BHO: (no name) - {733ECEC2-0592-4EBE-9250-475D800F7DAB} - (no file)
O2 - BHO: (no name) - {74134242-41B4-4E7E-A756-CC2889AFFC7C} - (no file)
O2 - BHO: (no name) - {74F04545-8992-49E8-A90F-9CB56D96370A} - (no file)
O2 - BHO: (no name) - {75D09BC1-4005-490A-8A54-BB07C58C5E03} - (no file)
O2 - BHO: (no name) - {76F7CEE4-7858-45F2-A563-13792177FA93} - (no file)
O2 - BHO: (no name) - {776E8F1E-8C0E-481C-975A-A978ED15717B} - (no file)
O2 - BHO: (no name) - {781FAD41-BEC3-4646-8785-D083FAC9EA3C} - (no file)
O2 - BHO: (no name) - {789216B9-36BA-49F4-B2CD-58552F7EED41} - (no file)
O2 - BHO: (no name) - {7A0AE747-E37C-456E-B17D-EDE4188F1E61} - (no file)
O2 - BHO: (no name) - {7BBAF4C6-1B34-4F6C-AB30-3101EB61D0D4} - (no file)
O2 - BHO: (no name) - {7C190127-FC17-4142-A653-833CC269308C} - (no file)
O2 - BHO: (no name) - {7CBAD974-FE3E-4868-ACFE-AE674C0C1061} - (no file)
O2 - BHO: (no name) - {7D1BCA95-CC08-4F7B-8B3F-48111B8ADEFB} - (no file)
O2 - BHO: (no name) - {7E278C80-9BE2-452C-B5B1-4F2FD1897977} - (no file)
O2 - BHO: (no name) - {7EFE5BE9-8833-4D40-831F-6CD95F9A2864} - (no file)
O2 - BHO: (no name) - {7F50C597-8E00-4325-8C38-7C134D10745D} - (no file)
O2 - BHO: (no name) - {7F7473A3-E87E-48A1-A14A-1BB8AADB7B52} - (no file)
O2 - BHO: (no name) - {7FE9BEA7-E62B-4413-BA3F-454148C5CE40} - (no file)
O2 - BHO: (no name) - {816755FF-7C50-4738-A0C9-7CE94A0DBA4B} - (no file)
O2 - BHO: (no name) - {81F90680-BF59-457A-A142-87A86419C8C3} - (no file)
O2 - BHO: (no name) - {82151420-2524-4A6F-AEA9-E2B2EEBEB882} - (no file)
O2 - BHO: (no name) - {82725FDE-B241-4F5B-A777-30B7104363E2} - (no file)
O2 - BHO: (no name) - {82B8F76F-BFFC-4748-8480-21AB750E7212} - (no file)
O2 - BHO: (no name) - {83002E55-211E-4C03-8149-31A132E5BBBB} - (no file)
O2 - BHO: (no name) - {832A5C2F-6157-49F3-8132-4A94E521793E} - (no file)
O2 - BHO: (no name) - {846DE28C-4593-4371-975A-E5B26FD611F2} - (no file)
O2 - BHO: (no name) - {84A34C99-32AF-4DB0-B624-54C458B61E59} - (no file)
O2 - BHO: (no name) - {84C037B5-A15F-4567-B408-4C5379FC102F} - (no file)
O2 - BHO: (no name) - {85045DBC-E0D8-4A69-9424-23B0113BB3BC} - (no file)
O2 - BHO: (no name) - {8688DE4C-DA81-4AD4-8004-E7D4AA0C61FA} - (no file)
O2 - BHO: (no name) - {870C09A7-1A40-47E4-898A-C6023E8278DA} - (no file)
O2 - BHO: (no name) - {872BDBBB-330A-4AC3-93EB-29D9682BD9E8} - (no file)
O2 - BHO: (no name) - {87B3EE1B-0C2D-466F-8CBB-617FB40ED42F} - (no file)
O2 - BHO: (no name) - {87C09D86-275B-4AC2-9DB4-36951F0525F7} - (no file)
O2 - BHO: (no name) - {88673852-9201-4D32-920B-B7ED90F34BB0} - (no file)
O2 - BHO: (no name) - {8894148E-FDB8-4D1E-BABA-350D633AA685} - (no file)
O2 - BHO: (no name) - {8960C768-66B8-4300-AA76-F26703F42967} - (no file)
O2 - BHO: (no name) - {89A9387F-D926-46B3-B874-C3EEC0F46656} - (no file)
O2 - BHO: (no name) - {89CED521-42A7-47EC-B36B-299D07628B0E} - (no file)
O2 - BHO: (no name) - {8A45B4F2-9DA6-4124-9664-969FA301F7B9} - (no file)
O2 - BHO: (no name) - {8B44C18C-8CA1-4010-9321-2CD288481C13} - (no file)
O2 - BHO: (no name) - {8B857F8F-9390-4BC8-8862-A58EE41DDB4C} - (no file)
O2 - BHO: (no name) - {8BBBB7DB-DB02-4BA8-BA62-85DB5FB93A11} - (no file)
O2 - BHO: (no name) - {8C6977DE-FA3F-4D0D-B970-3A51D5D3DC13} - (no file)
O2 - BHO: (no name) - {8CCC2BFE-6AF0-4661-A00C-FF2D0058801A} - (no file)
O2 - BHO: (no name) - {8D4DC5CC-AAE9-468F-B432-8F75C0B9D640} - (no file
zerozone
Jan 20, 2007, 04:51 PM
O2 - BHO: (no name) - {8DBE5981-0A0B-4447-8F00-6AEF1CC89FEE} - (no file)
O2 - BHO: (no name) - {8EC0AEEC-E27A-4269-82A1-1900791EA511} - (no file)
O2 - BHO: (no name) - {8FBFF51B-2B86-40BA-8E3A-9D6048D82F8F} - (no file)
O2 - BHO: (no name) - {904264A7-F753-48FE-BCC6-D66836A99E34} - (no file)
O2 - BHO: (no name) - {906F4245-9DDD-4174-B29B-900BD3238BAD} - (no file)
O2 - BHO: (no name) - {9261014E-E638-4785-BC69-7F0A596FFF77} - (no file)
O2 - BHO: (no name) - {94957B68-BE25-4D6D-8634-A54962BD9896} - (no file)
O2 - BHO: (no name) - {96A80B7B-F23C-464F-9429-AE3EC0F59C0C} - (no file)
O2 - BHO: (no name) - {97444B4B-2279-4DE9-B466-8D4B467BFF8A} - (no file)
O2 - BHO: (no name) - {97492873-8260-4374-ABE7-30CC37EE42B7} - (no file)
O2 - BHO: (no name) - {97E9DB8F-1DCE-4F87-BB2B-4ACA48AA62A6} - (no file)
O2 - BHO: (no name) - {983BD83F-E0DF-4706-B0C2-1F511F7FE806} - (no file)
O2 - BHO: (no name) - {985033B6-8C8A-4AB2-A680-CBB644301640} - (no file)
O2 - BHO: (no name) - {9889DE8A-2F70-4641-B9EE-C05B5274D0A8} - (no file)
O2 - BHO: (no name) - {98F3A887-D14F-44FC-903A-75A76E4EB6D0} - (no file)
O2 - BHO: (no name) - {9918B6B7-705A-4213-8B17-B9F9DAA38564} - (no file)
O2 - BHO: (no name) - {99592C18-88AC-4514-9928-4B9071E62337} - (no file)
O2 - BHO: (no name) - {9A86D6B6-D75E-4ABE-8602-D728927B44CE} - (no file)
O2 - BHO: (no name) - {9B2F0C56-9469-459C-9BC6-9FB4170ED2CE} - (no file)
O2 - BHO: (no name) - {9B4BBAD9-8276-44BC-834F-224E306F4A7F} - (no file)
O2 - BHO: (no name) - {9C2AC5D2-0431-4A93-AA85-4C8A58A9B036} - (no file)
O2 - BHO: (no name) - {9CCF55DB-B0F7-4998-A349-F5E0C8593716} - (no file)
O2 - BHO: (no name) - {9CE172B9-FD77-46C1-818E-C901E3CFE2D2} - (no file)
O2 - BHO: (no name) - {9EB34109-A411-4283-82AF-D6D6B02D5F73} - (no file)
O2 - BHO: (no name) - {A058A108-E764-4EA3-90C3-9A3D4823CF63} - (no file)
O2 - BHO: (no name) - {A162B47B-68CA-4507-A449-7639DAE00E07} - (no file)
O2 - BHO: (no name) - {A1D934F3-CD2B-48DF-9F88-765639368651} - (no file)
O2 - BHO: (no name) - {A37F9763-28DE-4715-B609-1597CA374C81} - (no file)
O2 - BHO: (no name) - {A387A783-BAAC-4955-9E57-69369C531319} - (no file)
O2 - BHO: (no name) - {A3A03816-DFC4-43EC-8850-BCA9F4A6191C} - (no file)
O2 - BHO: (no name) - {A3ED415C-4892-4446-A687-BED125D41964} - (no file)
O2 - BHO: (no name) - {A477A350-39AB-4F84-9953-577017945247} - (no file)
O2 - BHO: (no name) - {A57493D4-1C20-4488-92A7-8EBD4F32A482} - (no file)
O2 - BHO: (no name) - {A588367E-5742-4B99-AB29-0F848094BFC5} - (no file)
O2 - BHO: (no name) - {A5A13BB6-3C23-4D00-80A2-24033B38C098} - (no file)
O2 - BHO: (no name) - {A6BA5276-CFA2-4604-B799-EC92D57BA54B} - (no file)
O2 - BHO: (no name) - {A6CD310F-4213-4AAA-AD8E-052C5B9BE037} - (no file)
O2 - BHO: (no name) - {A78BC0B4-8D39-4382-872E-E51A57F7AAD2} - (no file)
O2 - BHO: (no name) - {A80C994F-C8C7-4DA5-B0C8-8F573F4CDBFD} - (no file)
O2 - BHO: (no name) - {A81B6287-A547-4A69-AE71-51F59CECA36C} - (no file)
O2 - BHO: (no name) - {A87B16A0-9674-4E70-B628-98ED7B60A6BF} - (no file)
O2 - BHO: (no name) - {A944DD11-C8F9-400B-92E9-A59D224D51E6} - (no file)
O2 - BHO: (no name) - {AB891DC8-F32B-4D21-B4E7-95312EF51490} - (no file)
O2 - BHO: (no name) - {ABC3D1D9-B364-452E-90ED-85728B3C9C3F} - (no file)
O2 - BHO: (no name) - {AE1CAB51-657E-420C-991B-4BC5DC67FAB2} - (no file)
O2 - BHO: (no name) - {AF1949A6-0BAD-4F36-8899-72B968C694BC} - (no file)
O2 - BHO: (no name) - {AF288D3A-0FB8-4364-AA22-0A8D3C3F8ECB} - (no file)
O2 - BHO: (no name) - {AF6515F6-621B-44F6-9E86-C4316B396731} - (no file)
O2 - BHO: (no name) - {AF6D4C6A-3CB8-487F-AFC4-80040D687767} - (no file)
O2 - BHO: (no name) - {AF7CD568-3609-49A1-8446-829436A7ADA2} - (no file)
O2 - BHO: (no name) - {B0983DD3-3120-4C74-91BD-3EE4BDAB14A8} - (no file)
O2 - BHO: (no name) - {B17C2430-066A-495D-A37E-8B93FCA50588} - (no file)
O2 - BHO: (no name) - {B287D82E-148F-41B6-884B-D59FB53807E1} - (no file)
O2 - BHO: (no name) - {B2BF2B99-2453-4FD4-AC81-E1E1E91A81E6} - (no file)
O2 - BHO: (no name) - {B302322D-B97E-41A8-91F3-B4928FEFA368} - (no file)
O2 - BHO: (no name) - {B4914B25-5B17-42D9-AE6E-976A75728C9A} - (no file)
O2 - BHO: bingo - {B626AE7E-4F5D-4CD4-B457-D8693015DEFC} - (no file)
O2 - BHO: (no name) - {B7B0352F-FA71-48C3-8514-71282E9F4011} - (no file)
O2 - BHO: (no name) - {B84C36F7-1C94-42C3-BF8D-975DC1212092} - (no file)
O2 - BHO: (no name) - {B89D6987-FF18-4232-93F0-97B26AF10012} - (no file)
O2 - BHO: (no name) - {B8A424BC-2802-4682-A7FE-14D3F3CC79F6} - (no file)
O2 - BHO: (no name) - {B8AAFC55-1558-4243-BC02-845B2F71F1C1} - (no file)
O2 - BHO: (no name) - {B9161B62-9211-4D91-AE6C-91690D2948B5} - (no file)
O2 - BHO: (no name) - {BA4AEA92-9E70-4E99-A845-64A8915B1703} - (no file)
O2 - BHO: (no name) - {BB32445F-27D6-4694-8288-202F6910046D} - (no file)
O2 - BHO: (no name) - {BB92DA9F-8090-461B-918F-0A25E6FF21D5} - (no file)
O2 - BHO: (no name) - {BBF79B70-D13B-4C94-A88B-EEF5CD3A6A33} - (no file)
O2 - BHO: (no name) - {BCBE680B-A090-44E2-BD88-5F1EE3B12D6F} - (no file)
O2 - BHO: (no name) - {BCDF91DF-1E27-4C60-8253-7D03EDBFAD57} - (no file)
O2 - BHO: BrowserProxy4 - {BCF4D74B-E6BD-4C8F-83D7-90D6439705B9} - (no
zerozone
Jan 20, 2007, 04:51 PM
File)
O2 - BHO: (no name) - {BD2DD99C-F756-4E36-AF94-0C29CE6F8A3C} - (no file)
O2 - BHO: (no name) - {BD416A9A-7F01-442A-A71F-092E5BF3AD30} - (no file)
O2 - BHO: (no name) - {BD6730F7-E01A-42DD-BF06-71467650D090} - (no file)
O2 - BHO: (no name) - {BD93E4D7-8ED4-4E60-9021-79F545CCD6D8} - (no file)
O2 - BHO: (no name) - {BDA413B8-3205-45DA-8C4A-8F9C47AC67BA} - (no file)
O2 - BHO: (no name) - {BDEDDB09-922A-44A6-AC61-1EF54E1B2A8B} - (no file)
O2 - BHO: (no name) - {BE68A554-DFD1-4B40-8F9E-E369949F27E4} - (no file)
O2 - BHO: (no name) - {BE8E76F8-E82C-4612-B153-D9B0B517D2A3} - (no file)
O2 - BHO: (no name) - {BEEEB039-4FAA-49B7-BD45-92F6248246B5} - (no file)
O2 - BHO: (no name) - {BEEEDD8A-1638-4B9B-8CB5-B0334A47DB4A} - (no file)
O2 - BHO: (no name) - {BF412CB6-B8A6-48AC-A476-56E279E3EDB3} - (no file)
O2 - BHO: (no name) - {C036A860-8D8D-4052-8E4B-1C6E0336C911} - (no file)
O2 - BHO: (no name) - {C07837E8-E0EB-4413-8DFA-37124C548EA6} - (no file)
O2 - BHO: (no name) - {C2268E46-291D-4A71-A832-EF263DAD7B49} - (no file)
O2 - BHO: (no name) - {C2532B89-22DE-47EB-B977-6719B6AFD3D2} - (no file)
O2 - BHO: (no name) - {C277BDA9-24CD-45EB-AF53-C29D2D50BD3A} - (no file)
O2 - BHO: (no name) - {C27903E4-6823-486A-8BAF-1B780D015F94} - (no file)
O2 - BHO: (no name) - {C2DE2403-D266-448F-8C0A-E9ADA8DF5231} - (no file)
O2 - BHO: (no name) - {C3425576-E7C4-4DB8-9D7E-3B4E2B218C87} - (no file)
O2 - BHO: (no name) - {C386BBA0-FB9E-4676-99D0-DA8CC3BDBB0A} - (no file)
O2 - BHO: (no name) - {C3D32FC7-610C-4DD1-A41F-B30871EC30A2} - (no file)
O2 - BHO: (no name) - {C50C1CA5-45B4-4642-AAF4-4F0C0DD219A8} - (no file)
O2 - BHO: (no name) - {C5DFFE54-B187-4427-8532-B0CB04202B49} - (no file)
O2 - BHO: (no name) - {C5E9BC37-F560-40E9-AC98-17E70757FD7E} - (no file)
O2 - BHO: (no name) - {C68BFE94-CC6C-4AFB-827B-9EE177686B1A} - (no file)
O2 - BHO: (no name) - {C6C58DA6-F37B-4125-932E-DCA8467D7B30} - (no file)
O2 - BHO: (no name) - {C76B0F24-67F9-4D3B-9E30-8D94171DCAB8} - (no file)
O2 - BHO: (no name) - {C8B2859F-187A-4461-9847-9C4B5A9914FD} - (no file)
O2 - BHO: (no name) - {C8D0BFAC-57BA-41F0-AC1E-02D4A26D2A27} - (no file)
O2 - BHO: (no name) - {C8E29169-072C-4D94-B7F3-DF162C4BF3AF} - (no file)
O2 - BHO: (no name) - {C9D4F232-B5C6-4065-BDDC-E3A17A639D4B} - (no file)
O2 - BHO: (no name) - {CB0AD1FF-C852-4192-AE9D-B917A7A2F001} - (no file)
O2 - BHO: (no name) - {CB4C2675-C004-48AF-BF5A-EEBEC9C95EA8} - (no file)
O2 - BHO: (no name) - {CB9BEEC8-1C30-491B-8595-FA781A5FA89F} - (no file)
O2 - BHO: (no name) - {CBD47A83-C4D0-4EE2-ABEA-949BA2D831EE} - (no file)
O2 - BHO: (no name) - {CBE3FF4B-DB02-497F-A6C8-DC6CC801883F} - (no file)
O2 - BHO: (no name) - {CCE4D17B-A22B-4025-AC7A-67300F399681} - (no file)
O2 - BHO: (no name) - {CD16229A-33C0-41CB-B58A-FD12B3D25645} - (no file)
O2 - BHO: (no name) - {CD6F29C7-27E2-4CC9-848E-4250D726362B} - (no file)
O2 - BHO: (no name) - {CD7D5BBF-8332-4EC1-8E08-EFBAADD4A640} - (no file)
O2 - BHO: (no name) - {CE368320-9F19-4230-9D1B-A57B41E17951} - (no file)
O2 - BHO: (no name) - {CE50C8D6-1CC4-4DDB-8B22-F513CAE3180D} - (no file)
O2 - BHO: (no name) - {CF02F652-EEAA-4003-A902-5ED467F7BED2} - (no file)
O2 - BHO: (no name) - {CFBFA62C-2A4D-46D5-A891-1001AC8E259D} - (no file)
O2 - BHO: (no name) - {D029F9D3-CC07-446C-9815-FDE74D83467F} - (no file)
O2 - BHO: (no name) - {D0785CEF-BBC6-4FBE-A279-F3D9B6E32BE5} - (no file)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} -
C:\WINDOWS\downlo~1\cnshook.dll
O2 - BHO: Windows Shell - {D22B05B5-457C-4FC6-8562-190B7615ADCC} - (no
File)
O2 - BHO: Windows Shell - {D2362775-D2A7-4CA0-A206-9CA0919BDFAE} - (no
File)
O2 - BHO: Windows Shell - {D243AFD0-16D4-40AF-9DDC-587F155B937D} - (no
File)
O2 - BHO: Windows Shell - {D306FE0F-DFBA-4AE4-99C0-16A7E7A7A241} - (no
File)
O2 - BHO: Windows Shell - {D3850FEA-99A7-4F96-8128-E216A6D59800} - (no
File)
O2 - BHO: Windows Shell - {D456C230-86AB-41D0-A260-F32B660C8CBF} - (no
File)
O2 - BHO: (no name) - {D4C791DE-D130-44C9-BF07-CE40C8F7287D} - (no file)
O2 - BHO: (no name) - {D4D9795A-B5A0-473B-95BA-DD44F1C6C840} - (no file)
O2 - BHO: (no name) - {D501C0F1-5E13-443E-AA62-ECFCEE46BAA5} - (no file)
O2 - BHO: Windows Shell - {D52F83C6-FC85-482E-BFE4-BCF22CE70404} - (no
File)
O2 - BHO: (no name) - {D6A9D43D-58F5-4A23-9B0C-3962F1FA94CD} - (no file)
O2 - BHO: Windows Shell - {D72664D7-4DF8-409A-9F64-89A3AB9E0E7D} - (no
File)
O2 - BHO: Windows Shell - {D72EDF1A-670A-4884-9461-867AADFE3ACF} - (no
File)
O2 - BHO: Windows Shell - {D757F2A1-8FE1-4AED-B9D7-7033B6AD8C41} - (no
File)
O2 - BHO: (no name) - {D775C9D1-E2DB-460B-B6CF-7878835DD2A6} - (no file)
O2 - BHO: Windows Shell - {D7F4EF0B-3601-40A4-8B76-D45B27499916} - (no
File)
O2 - BHO: Windows Shell - {D7FC60F9-8A46-4AA4-B9ED-1A9A33476053} - (no
File)
O2 - BHO: (no name) - {D870CC55-8157-4DF0-8DC4-3F20314F7ED7} - (no file)
O2 - BHO: Windows Shell - {D8983120-24D1-4156-A232-1B770D614AC5} - (no
File)
O2 - BHO: (no name) - {D97C16E6-AC24-4F0E-BC7E-FE69FAED038C} - (no file)
O2 - BHO: Windows Shell - {D9A8BE2A-F4F5-42E0-B409-9427466064B4} - (no
File)
O2 - BHO: Windows Shell - {D9F1A7E9-74E7-40D5-8D8B-2E51F55F19C9} - (no
File)
O2 - BHO: Windows Shell - {DA62FAE5-F641-4365-9F6A-6FED5FD41A09} - (no
File)
O2 - BHO: Windows Shell - {DA700AA1-FCE2-433B-9385-ADC98C965454} - (no
File)
O2 - BHO: Windows Shell - {DB75A0D1-56DA-4057-9F9B-B313BE22FD22} - (no
File)
O2 - BHO: Windows Shell - {DCB52CB2-76A9-465F-BB77-FCDAA351D995} - (no
File)
O2 - BHO: (no name) - {DCCB8594-C35A-467A-97F2-146D5AE0D03D} - (no file)
O2 - BHO: Windows Shell - {DD78921B-1C80-4B88-AEE4-29382BF42E3C} - (no
File)
O2 - BHO: (no name) - {DE4B6BEE-CD21-433B-A688-A9DF1623BD53} - (no file)
O2 - BHO: (no name) - {DE65DF7F-0D05-407A-98AE-8A7FDE1A07DB} - (no file)
O2 - BHO: (no name) - {DE70F8B4-138A-4CA4-82A7-942EBC631B4B} - (no file)
O2 - BHO: (no name) - {DEB00E16-2FB3-4D87-B4C9-EE5D5E3A42B6} - (no file)
O2 - BHO: (no name) - {DEC665E7-D3ED-44EC-9D0B-E1F17D6F2695} - (no file)
O2 - BHO: (no name) - {DEDF6808-33DB-4C43-AD8B-8AD9FC90486F} - (no file)
O2 - BHO: (no name) - {DF02B0D5-6C62-4652-B1EB-EE0823A6858C} - (no file)
O2 - BHO: (no name) - {DF16F2B8-C875-4F00-ADEE-62AACC646D5E} - (no file)
O2 - BHO: (no name) - {DF576944-E65B-44F7-9C06-5C5E5DB45ADE} - (no file)
O2 - BHO: (no name) - {DF8DF51B-03BC-4937-8CBF-0B3727FBC1FF} - (no file)
O2 - BHO: (no name) - {E045B391-B718-4BA0-AD8B-D577CB2B4889} - (no file)
O2 - BHO: (no name) - {E07A4F85-995F-44DC-A30E-3400405D3354} - (no file)
O2 - BHO: Csyshelper Object - {E16BB625-16F1-4338-AA38-098F6873AC24} -
C:\WINDOWS\system32\syshelper.dll
O2 - BHO: (no name) - {E39EEEFD-EC89-4AA8-BF3B-A80A2C58E659} - (no file)
O2 - BHO: (no name) - {E3D0D63D-BE4B-41FE-92EE-934256C8AA48} - (no file)
O2 - BHO: (no name) - {E44D07EF-786F-4954-A9EF-CCAD130F6A31} - (no file)
O2 - BHO: (no name) - {E4B58EBC-A7FC-428B-BFEA-3CC6FD15BF0F} - (no file)
O2 - BHO: (no name) - {E4C6BCD8-DA56-448F-9639-E0CE91C20D7E} - (no file)
O2 - BHO: (no name) - {E511FAAA-F2B6-494E-A4B8-2E6BC71FD626} - (no file)
O2 - BHO: (no name) - {E53630B3-5058-43D5-97CC-62A9F8DC000F} - (no file)
O2 - BHO: (no name) - {E6DDBDC7-C5FA-4E95-A1BD-FCBFEB927881} - (no file)
O2 - BHO: (no name) - {E7888C50-13CD-41A4-BC13-D83A2B412335} - (no file)
O2 - BHO: (no name) - {E9638D57-EAD9-45D2-BFA5-A36EFBDA464D} - (no file)
O2 - BHO: (no name) - {EA0F6ACB-8713-4E76-8789-0A12482E769F} - (no file)
O2 - BHO: (no name) - {EB3A1B7C-3CBD-440B-9E9F-23FE496EC31B} - (no file)
O2 - BHO: (no name) - {EBCD718D-5910-430A-B6B2-7A2D6ABAB6BA} - (no file)
O2 - BHO: (no name) - {EC8B1B42-A8AF-4911-8855-025EB09165E0} - (no file)
O2 - BHO: (no name) - {ED5B848B-6C53-4713-9B15-E9A702AF7566} - (no file)
O2 - BHO: (no name) - {F0968288-3262-4B77-B09C-68593D89010A} - (no file)
O2 - BHO: (no name) - {F2263E5D-263D-4E9F-8E0E-9A576880F662} - (no file)
O2 - BHO: (no name) - {F26CC31A-C227-4323-A628-802EC658CB35} - (no file)
O2 - BHO: (no name) - {F3341918-A9BF-458D-B1C0-353E02812AAB} - (no file)
O2 - BHO: (no name) - {F3545A95-4FBC-4216-BC2A-2EB734B30C36} - (no file)
O2 - BHO: (no name) - {F488E3FA-E0A7-436C-BC20-7C608660464F} - (no file)
O2 - BHO: (no name) - {F4BF1F30-3506-47DB-ACC3-700AA4CF77B1} - (no file)
O2 - BHO: (no name) - {F58E3883-900C-408E-9975-94681810A382} - (no file)
O2 - BHO: (no name) - {F5EA5C8F-B645-4F62-B2D1-9EFDE67E2BFC} - (no file)
O2 - BHO: (no name) - {F64DAD82-7678-430F-8472-F1675222484B} - (no file)
O2 - BHO: (no name) - {F7455DE9-7164-44DB-A2A8-362E0D3A0B82} - (no file)
O2 - BHO: (no name) - {F898E4E6-708C-4C7F-86B1-B222B6D610E9} - (no file)
O2 - BHO: (no name) - {F9990861-3C05-4B26-9254-D4F1C4F653BE} - (no file)
O2 - BHO: (no name) - {FABA7014-B819-4D4D-96CB-FBB5C112FCD0} - (no file)
O2 - BHO: (no name) - {FB049AB8-8084-4D4E-9E72-9D2DB75BA806} - (no file)
O2 - BHO: (no name) - {FB53FD0E-38A0-4559-9CBE-FBD65146C788} - (no file)
O2 - BHO: (no name) - {FBB9799C-C499-4BD1-8B1E-78AC7F18D258} - (no file)
O2 - BHO: (no name) - {FBC8B0B5-B9BA-46A7-A2C6-7ED5E62B31ED} - (no file)
O2 - BHO: (no name) - {FC062DDD-8636-47D3-8577-DBF0B07099A1} - (no file)
O2 - BHO: (no name) - {FC8F429D-12F5-463F-AF1B-0F7FE84EB872} - (no file)
O2 - BHO: (no name) - {FCDA0D45-6C5B-4A06-84D6-12F7F425C127} - (no file)
O2 - BHO: (no name) - {FDACED69-D5C9-4046-8F1F-DD7469B6C974} - (no file)
O2 - BHO: (no name) - {FDAEA845-764F-4416-8271-1EDBEAB2544D} - (no file)
O2 - BHO: (no name) - {FF5811BC-E2BF-4474-9134-E1771CDE2503} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no
zerozone
Jan 20, 2007, 04:52 PM
file)
O3 - Toolbar:?? é?¨2¨o? - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} -
C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O4 - HKLM\.. \Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\.. \Run: [SecurePCSolutionsBootCheck] C:\Program Files\Secure PC
Solutions\1 Click Fixer PLUS\BootCheck.exe
O4 - HKLM\.. \Run: [1ClickFixerPlus] C:\Program Files\Secure PC Solutions\1
Click Fixer PLUS\1ClickFixerPlus.exe
O4 - HKLM\.. \Run: [SpySweeper] "C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\.. \Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\.. \Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities
2006\MemOptimizer.exe" autostart
O4 - HKCU\.. \Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
present
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2004
\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - C:\Program Files\Thunder
Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - C:\Program
Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program
Files\QQ2004\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\QQ2004
\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program
Files\QQ2004\SendMMS.htm
O9 - Extra button: Instant Messenger - {E5D12C4E-7B4F-11D3-B5C9-
0050045C3C96} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?)
source=cns&btn=yahoomsg (file missing)
O11 - Options group: [!CNS] Chinese keywords
O11 - Options group: [!IESearch]? ¨′?¨¨?? ¨|?
O11 - Options group: [CDNCLIENT] ?D? ¨|?¨a?
O16 - DPF: Yahoo! Go -
http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} -
http://www3.ca.com/securityadvisor/pestscan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/mu
web_site.cab?1097698886951
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v7.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O20 - Winlogon Notify: windows - windows.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! IAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program
Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ClipBook (ClipSrv) - Unknown owner - C:\WINDOWS\system32
\SVCH0ST.EXE (file missing)
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1
\SYMANT~1\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) -
Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software,
Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) -
TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006
\WinStylerThemeSvc.exe
O23 - Service: User Profile Hive Cleanup (UPHClean) - Unknown owner -
C:\Program Files\UPHClean\uphclean.exe (file missing)
Curlyben
Jan 20, 2007, 04:54 PM
Cripes from reading that your machine is FULL of malware and loads of other nasty's.
WHen was the last time you did some SERIOUS maintenance on it??
EVERY one of those 02 BHO MUST BE REMOVED.
System maintenance includes:
Defrag
FULL patching
Virus scanning
Spyware scanning
Removal of rubish files
Defrag is an inbuilt function in XP.
OPen My Computer > Right click C: > Tools Tab and it's there.
To make sure everything is running fine run both anti virus and anti spyware apps in normal AND safe modes. (make sure that they are updated first ! ;)) (AVG (http://free.grisoft.com/doc/1) is good and free AV)
(A couple of good removal tools are Spybot (http://www.safer-networking.org/) and Adaware (http://www.lavasoftusa.com/software/adaware/))
ALso an on line virus and spyware scanner is Trend Housecall (http://housecall.trendmicro.com/)
Just a note; actively running two AV's on one machine can cause problems.
So if you are thinking about it make sure your current one is disabled first.
SAme thing applies to online scanners as well.
Removal of junk files is easy with CCleaner (http://www.ccleaner.com) a free app that does exactly what you neeed.
Curlyben
Jan 20, 2007, 04:58 PM
You also have two AV on your system.
One of which, NORTON must be completely removed before you even think about doing anything else.
Also System Restore is in Start > All Programs > Accessories > System Tools > System restore.
Judging by this scan I'm very surprised you could even log on to this machine.
zerozone
Jan 20, 2007, 06:25 PM
i never do a serious maintenance, i have good reasons:
1)im lazy
2)have a lot of things to do like play games , sleeping, and eating
3) don't know how to do it
i have done with the defrag
i can't remove NORTON because i can't go to the add/remove program in the Control Panel
i go to Start > All Programs > Accessories > System Tools > System restore then a message said c:\window\system32\Restore\rstrui.exe is unkpwn appication or dameaged,also my AVG is only trail version only have 57 days left
for your question
Judging by this scan I'm very surprised you could even log on to this machine. because i care about mine PC a lot, i take care of it with mine heart, o and also mine PC is the best that why i can still log in. :)
that the hijack report after i delete the thing i only delete the 02-BHO with no name, also if i start mine PC next time will those 02 BHO be on list the hijack again?:confused:
Logfile of HijackThis v1.99.1
Scan saved at 2:47:34 AM, on 8/19/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\system32\server.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TT\TTraveler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\Internet Explorer\Connection Wizard\icwx25b.dun
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\English\Desktop\hijackthis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: xBarHelper.MoveCatchPic - {0CF098A0-CBAC-4EFB-8451-3AFC201C7222} - (no file)
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\downlo~1\cnshook.dll
O2 - BHO: Windows Shell - {D22B05B5-457C-4FC6-8562-190B7615ADCC} - (no file)
O2 - BHO: Windows Shell - {D2362775-D2A7-4CA0-A206-9CA0919BDFAE} - (no file)
O2 - BHO: Windows Shell - {D243AFD0-16D4-40AF-9DDC-587F155B937D} - (no file)
O2 - BHO: Windows Shell - {D306FE0F-DFBA-4AE4-99C0-16A7E7A7A241} - (no file)
O2 - BHO: Windows Shell - {D3850FEA-99A7-4F96-8128-E216A6D59800} - (no file)
O2 - BHO: Windows Shell - {D456C230-86AB-41D0-A260-F32B660C8CBF} - (no file)
O2 - BHO: Windows Shell - {D52F83C6-FC85-482E-BFE4-BCF22CE70404} - (no file)
O2 - BHO: Windows Shell - {D72664D7-4DF8-409A-9F64-89A3AB9E0E7D} - (no file)
O2 - BHO: Windows Shell - {D72EDF1A-670A-4884-9461-867AADFE3ACF} - (no file)
O2 - BHO: Windows Shell - {D757F2A1-8FE1-4AED-B9D7-7033B6AD8C41} - (no file)
O2 - BHO: Windows Shell - {D7F4EF0B-3601-40A4-8B76-D45B27499916} - (no file)
O2 - BHO: Windows Shell - {D7FC60F9-8A46-4AA4-B9ED-1A9A33476053} - (no file)
O2 - BHO: Windows Shell - {D8983120-24D1-4156-A232-1B770D614AC5} - (no file)
O2 - BHO: Windows Shell - {D9A8BE2A-F4F5-42E0-B409-9427466064B4} - (no file)
O2 - BHO: Windows Shell - {D9F1A7E9-74E7-40D5-8D8B-2E51F55F19C9} - (no file)
O2 - BHO: Windows Shell - {DA62FAE5-F641-4365-9F6A-6FED5FD41A09} - (no file)
O2 - BHO: Windows Shell - {DA700AA1-FCE2-433B-9385-ADC98C965454} - (no file)
O2 - BHO: Windows Shell - {DB75A0D1-56DA-4057-9F9B-B313BE22FD22} - (no file)
O2 - BHO: Windows Shell - {DCB52CB2-76A9-465F-BB77-FCDAA351D995} - (no file)
O2 - BHO: Windows Shell - {DD78921B-1C80-4B88-AEE4-29382BF42E3C} - (no file)
O2 - BHO: Csyshelper Object - {E16BB625-16F1-4338-AA38-098F6873AC24} - C:\WINDOWS\system32\syshelper.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - (no file)
O4 - HKLM\.. \Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\.. \Run: [SecurePCSolutionsBootCheck] C:\Program Files\Secure PC Solutions\1 Click Fixer PLUS\BootCheck.exe
O4 - HKLM\.. \Run: [1ClickFixerPlus] C:\Program Files\Secure PC Solutions\1 Click Fixer PLUS\1ClickFixerPlus.exe
O4 - HKLM\.. \Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\.. \Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\.. \Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\.. \RunOnce: [CnsHook.dll] regsvr32 /s C:\WINDOWS\downlo~1\CnsHook.dll
O4 - HKCU\.. \Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\.. \Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2004\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\QQ2004\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\QQ2004\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\QQ2004\SendMMS.htm
O9 - Extra button: Yahoo 1G mail - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail) (file missing)
O9 - Extra button: E bazar - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816 (file missing)
O9 - Extra button: Yahoo Assistant - {5D73EE86-05F1-49ed-B850-E423120EC338} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist) (file missing)
O9 - Extra button: (no name) - {6354ABE6-05F1-49ed-B850-E423120EC338} - Yahoo!Widget_Ê×Ò³ (http://cn.widget.yahoo.com/index.htm?source=Cns) (file missing)
O9 - Extra button: Instant Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg) (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair) (file missing)
O9 - Extra 'Tools' menuitem: Repair Browser - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair) (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean) (file missing)
O9 - Extra 'Tools' menuitem: Clean Internet access record - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean) (file missing)
O11 - Options group: [!CNS] Chinese keywords
O11 - Options group: [!IESearch]? ¨′?¨¨?? ¨|?
O11 - Options group: [CDNCLIENT] ?D? ¨|?¨a?
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} - http://www3.ca.com/securityadvisor/pestscan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1097698886951
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v7.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O20 - Winlogon Notify: windows - windows.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! IAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
zerozone
Jan 20, 2007, 06:26 PM
O4 - HKCU\.. \Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2004\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\QQ2004\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\QQ2004\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\QQ2004\SendMMS.htm
O9 - Extra button: Yahoo 1G mail - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail) (file missing)
O9 - Extra button: E bazar - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816 (file missing)
O9 - Extra button: Yahoo Assistant - {5D73EE86-05F1-49ed-B850-E423120EC338} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist) (file missing)
O9 - Extra button: (no name) - {6354ABE6-05F1-49ed-B850-E423120EC338} - Yahoo!Widget_Ê×Ò³ (http://cn.widget.yahoo.com/index.htm?source=Cns) (file missing)
O9 - Extra button: Instant Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg) (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair) (file missing)
O9 - Extra 'Tools' menuitem: Repair Browser - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair) (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean) (file missing)
O9 - Extra 'Tools' menuitem: Clean Internet access record - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean) (file missing)
O11 - Options group: [!CNS] Chinese keywords
O11 - Options group: [!IESearch]? ¨′?¨¨?? ¨|?
O11 - Options group: [CDNCLIENT] ?D? ¨|?¨a?
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} - http://www3.ca.com/securityadvisor/pestscan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1097698886951
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v7.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O20 - Winlogon Notify: windows - windows.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! IAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ClipBook (ClipSrv) - Unknown owner - C:\WINDOWS\system32\SVCH0ST.EXE (file missing)
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: User Profile Hive Cleanup (UPHClean) - Unknown owner - C:\Program Files\UPHClean\uphclean.exe (file missing)
TheSavage
Jan 20, 2007, 06:35 PM
Run your high-jack this log though this tool -- Help2Go - Help2Go Detective (http://www.help2go.com/component/detective/)
Note that its beta
But really with no install disk -- I think your screwed
zerozone
Jan 20, 2007, 07:08 PM
I try the website and deleted everything it tells me to deleted but I can't delete the
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\downlo~1\cnshook.dllafter I used hijack to delete it next time I scan it will be on the list again
TheSavage
Jan 20, 2007, 07:18 PM
Did you follow the directions below the list of things to delete? It told you--
" Suspicious entries have been found in your log. They might be spyware/malware. We advise that you follow all of the directions on this page, and then re-run HijackThis. If you are still seeing this "Suspicious" section, you should go to the Spyware Help section of our site and post your log in a new topic so that our experts can analyze it personally."
Also did you
3) Delete the file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHOOK.DLL
4) Delete the folder C:\PROGRAM FILES\3721\
5) Empty your recycle bin.
6) Run Windows Update and install all critical updates.
7) Make sure your anti-virus program is up to date with the latest patches. If you do not have an anti-virus program, download and install AVG Personal Edition Anti-Virus, which is free.
8) Reboot one last time.
They are experts at reading the highjack logs`s-- not speaking for others here I can just pick out the obvious
zerozone
Jan 20, 2007, 07:26 PM
I didn't find the
" Suspicious entries have been found in your log. They might be spyware/malware. We advise that you follow all of the directions on this page, and then re-run HijackThis. If you are still seeing this "Suspicious" section, you should go to the Spyware Help section of our site and post your log in a new topic so that our experts can analyze it personally." at the website
Here the thing
Logfile of HijackThis v1.99.1
Scan saved at 3:47:54 AM, on 8/19/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\system32\server.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TT\TTraveler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\English\Desktop\hijackthis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\downlo~1\cnshook.dll
O2 - BHO: Csyshelper Object - {E16BB625-16F1-4338-AA38-098F6873AC24} - C:\WINDOWS\system32\syshelper.dll
O4 - HKLM\.. \Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\.. \Run: [SecurePCSolutionsBootCheck] C:\Program Files\Secure PC Solutions\1 Click Fixer PLUS\BootCheck.exe
O4 - HKLM\.. \Run: [1ClickFixerPlus] C:\Program Files\Secure PC Solutions\1 Click Fixer PLUS\1ClickFixerPlus.exe
O4 - HKLM\.. \Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\.. \Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\.. \Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\.. \Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2004\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\QQ2004\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\QQ2004\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\QQ2004\SendMMS.htm
O9 - Extra button: Instant Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - ÑÅ»¢ÖúÊÖ (http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg) (file missing)
O11 - Options group: [!CNS] Chinese keywords
O11 - Options group: [!IESearch]? ¨′?¨¨?? ¨|?
O11 - Options group: [CDNCLIENT] ?D? ¨|?¨a?
O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} - http://www3.ca.com/securityadvisor/pestscan/pestscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1097698886951
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v7.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O20 - Winlogon Notify: windows - windows.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! IAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ClipBook (ClipSrv) - Unknown owner - C:\WINDOWS\system32\SVCH0ST.EXE (file missing)
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: User Profile Hive Cleanup (UPHClean) - Unknown owner - C:\Program Files\UPHClean\uphclean.exe (file missing)
I can't delete the C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHOOK.DLL
Yes I delete the folder 3721, I just hope it be on mine PC again<now it still gone>
I can't update (if you have read the answer I posted before)
Yes mine AVG is the newest
zerozone
Jan 20, 2007, 07:29 PM
When I delete the CNSHOOK.DLL it will reappear after I get out of the folder and come back and it doesn't go to the recycle bin I think it just go some where and than come back
TheSavage
Jan 20, 2007, 07:33 PM
Try to get in safemode now and then delete that file
And run that house call scan again
zerozone
Jan 20, 2007, 08:40 PM
I try but it still came back also I used ad-ware to scan this time
Ad-Aware SE Build 1.06r1
Logfile Created on:Thursday, August 19, 2004 4:36:53 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R145 17.01.2007
References detected during the scan:
CnsMin(TAC index:8):18 total references
MRU List(TAC index:0):1 total references
TheSavage
Jan 20, 2007, 09:01 PM
Ever do the housecall scan in Curleybens post?
Also update and run Webroot Spy Sweeper
zerozone
Jan 20, 2007, 09:04 PM
Yes I have Webroot Spy Sweeper and used it before
Curlyben
Jan 21, 2007, 01:54 PM
I'm sorry to say if your can't find the time to keep your system maintained then you have brought all of this on yourself.
I have given you a whole bunch of excellent resources, I suggest you use them ALL and then post back when you have done so.
While you are at it remove ALL 02, 08, 08 & 11 in the log, they are completely unneeded.
zerozone
Jan 21, 2007, 10:34 PM
I went to Google and search for ways to get rip of the cns and it works but my PC still show up those messages, and mine System Restore is on now
Fr_Chuck
Jan 31, 2007, 07:34 PM
Ok, so you take it to a shop and have them do it, if you don't want to or don't know how