Options

HijackThis log enclosed

Unknown
edited November 2004 in Spyware & Virus Removal
Hi All,

I'm new here, so first let me say Thanks In Advance for any sugestions you might take the time to offer. I'm helping a friend get her machine back in order. It's been infested with several spyware programs. I've use Ad-Aware and Spybot to get rid of Zango, 180Solutions, & IELoader, but Ibis Toolbar, Alexa, and EZsearchbar persist. Included below you'll find her HijackThis log:

Logfile of HijackThis v1.98.2
Scan saved at 3:02:06 PM, on 11/3/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\PROGRAM FILES\EASY KEYBOARD\EASYKEY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\ALPHA NETWORKS\ANIWZCS SERVICE\WZCSLDR.EXE
C:\PROGRAM FILES\D-LINK\AIR UTILITY\AIRCFG.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
C:\PROGRAM FILES\ADAWARE\AD-AWARE.EXE
C:\TEMP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.searchwww.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Advanced Searchbar - {43F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
F1 - win.ini: run=hpfsched
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
O2 - BHO: (no name) - {BE331416-49C3-8E65-4C7A-8F519FF20ECE} - (no file)
O2 - BHO: (no name) - {6EC7148F-FCD0-90B7-FE5D-3E9D536FF4E1} - C:\WINDOWS\SYSTEM\hqbycfpv.dll
O2 - BHO: (no name) - {69479F4C-B151-9847-0D71-DB6581FE617E} - (no file)
O2 - BHO: (no name) - {EE7DC847-183A-628A-967D-28C51F1BEBCE} - (no file)
O2 - BHO: (no name) - {872AED3C-5F6F-A901-5A0C-E3EDD78A476F} - (no file)
O2 - BHO: (no name) - {076664FA-93CE-84FA-0E72-3499C7B7F845} - (no file)
O2 - BHO: (no name) - {88C6BAC9-C1F0-4DB1-3BDB-5E8F579A36BE} - (no file)
O2 - BHO: (no name) - {F707BB80-2646-3B0F-23FF-052EAC9ACB55} - (no file)
O2 - BHO: (no name) - {1CAD5503-15A8-FD49-E3CA-A314ABDB973D} - (no file)
O2 - BHO: (no name) - {24E638E7-5AF7-90BF-9B1E-A251329D660C} - C:\WINDOWS\SYSTEM\rvgtrizx.dll
O2 - BHO: (no name) - {C3A9BE4C-16A1-CA0F-E0C0-422B70FD68A2} - (no file)
O2 - BHO: (no name) - {A25311F4-FA02-6AA1-284B-DB29B2B4AF64} - (no file)
O2 - BHO: (no name) - {4910A22E-91B0-A024-B80A-61DB01C2D802} - (no file)
O2 - BHO: (no name) - {F7A5F5AF-AFDE-5204-5E93-314426C49404} - C:\WINDOWS\SYSTEM\yczjyhsl.dll
O2 - BHO: (no name) - {F7DD1F57-8D99-C488-0990-D4C39D595180} - C:\WINDOWS\SYSTEM\spcznnhq.dll
O2 - BHO: (no name) - {714341CE-9EBA-9174-ACD1-62C5663EF677} - (no file)
O2 - BHO: (no name) - {D5037AD9-5D55-7687-FB52-7049ABE17F24} - (no file)
O2 - BHO: (no name) - {B41BAFFE-5E24-7E29-90BF-047A5BF87EBA} - (no file)
O2 - BHO: (no name) - {934DE449-6141-7890-9649-9239F7C15026} - (no file)
O2 - BHO: (no name) - {8F27D6EA-EEDA-430B-D565-270D265FC9A8} - (no file)
O2 - BHO: (no name) - {40254976-2816-6BE2-E85C-D953E28C685E} - (no file)
O2 - BHO: (no name) - {A85708FC-030B-0EC4-793C-4FCB21B86FC3} - (no file)
O2 - BHO: (no name) - {A5B07A20-90A4-D93F-B958-E39FCFD5E846} - (no file)
O2 - BHO: (no name) - {18F0E2E1-C499-8AF8-7C81-96AB6F5ED879} - (no file)
O2 - BHO: (no name) - {5D96080A-3178-DBE7-BE34-684C9B7B68CB} - (no file)
O2 - BHO: (no name) - {3250449D-C853-BA32-CC1E-18A95B979741} - (no file)
O2 - BHO: (no name) - {8C3AAC7D-0A35-90C3-9665-48F2689A3C10} - C:\WINDOWS\SYSTEM\qjzshria.dll
O2 - BHO: (no name) - {80E8145D-0E64-A931-CEFB-2CCEFBDEBB8C} - (no file)
O2 - BHO: (no name) - {581A2180-2939-8DE2-9A7B-6BA6C373ACCE} - C:\WINDOWS\SYSTEM\sfyrmwyi.dll
O2 - BHO: (no name) - {4D44D760-3C4B-DE24-5862-F7594C7F9A5E} - (no file)
O2 - BHO: (no name) - {5391731A-A117-482E-582A-CEB1EEC428D9} - (no file)
O2 - BHO: (no name) - {506A653D-AFB1-13A9-1846-63859DE1A15C} - (no file)
O2 - BHO: (no name) - {5862F759-4C7F-9A5E-EF7E-C6274C5EEFD2} - C:\WINDOWS\SYSTEM\zsvkpyjl.dll
O2 - BHO: (no name) - {582ACEB1-EEC4-28D9-C580-232954493257} - C:\WINDOWS\SYSTEM\fnruszug.dll
O2 - BHO: (no name) - {A6A57130-D716-D144-A69B-CD052AF35A4D} - (no file)
O2 - BHO: (no name) - {FD6D6F0F-3790-0EAC-2F6B-1731102745F7} - (no file)
O2 - BHO: (no name) - {910AEFDF-C7D3-7078-2A43-F29BDD8D4F22} - (no file)
O2 - BHO: (no name) - {05AA6449-5C1F-E0CC-5D3D-7C0518A49A64} - (no file)
O2 - BHO: (no name) - {630379DA-DF2F-56E5-9F10-2B07CF5B6125} - (no file)
O2 - BHO: (no name) - {561C02D4-9430-0CEC-A6F0-3FCF53F55C04} - (no file)
O2 - BHO: (no name) - {1F230A94-BCAC-931B-FBB8-648D4F42B085} - (no file)
O2 - BHO: (no name) - {EA706B2D-0F65-D1E2-806A-6E4303B9597E} - (no file)
O2 - BHO: (no name) - {87405CFF-046A-5414-2D31-64D167F1F799} - (no file)
O2 - BHO: (no name) - {8073BFC4-9E9E-EA0A-2D69-8D7945AC6A1E} - (no file)
O2 - BHO: (no name) - {839ACE22-9105-1F8F-EC4D-F8A5950F711C} - (no file)
O2 - BHO: (no name) - {643D9202-856D-6BEE-CE01-7C75AAD6A3DC} - (no file)
O2 - BHO: (no name) - {25938BAA-7C72-31B5-3640-0F82DA68A789} - (no file)
O2 - BHO: (no name) - {C14629A9-8595-8DB3-3A7B-B7CD1CF57020} - (no file)
O2 - BHO: (no name) - {BE209BCC-132F-D92F-FA18-4CA1CA13E9A2} - (no file)
O2 - BHO: (no name) - {8A6CFC65-6467-9776-7F4A-56577F8A929B} - (no file)
O2 - BHO: (no name) - {D48223A3-0F0B-0501-FC84-D2EC38CE19F0} - C:\WINDOWS\SYSTEM\etdzdmzh.dll
O2 - BHO: (no name) - {3DA067C0-E6EB-12F2-B5D1-485EEAF15CC4} - C:\WINDOWS\SYSTEM\crsyafin.dll
O2 - BHO: (no name) - {D7293180-8271-3985-3D68-3E1989319F6E} - C:\WINDOWS\SYSTEM\htukbqwk.dll
O2 - BHO: (no name) - {CD3587E8-A9BF-9BF5-FC3C-FB9415888B75} - C:\WINDOWS\SYSTEM\kcxmtxxu.dll
O2 - BHO: (no name) - {D05C95C5-9C26-CF7B-3DA0-67C0E6EB12F2} - C:\WINDOWS\SYSTEM\owtukaoi.dll
O2 - BHO: (no name) - {FFE16712-D816-3D3C-E230-43AC90A960F6} - C:\WINDOWS\SYSTEM\gfmfkzml.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {2C5EF264-3581-2683-7ACD-4951751DCF35} - C:\WINDOWS\SYSTEM\imhqyhdg.dll
O2 - BHO: (no name) - {0E12F6B2-C8C8-5843-1AD5-0EE74E1B63AE} - C:\WINDOWS\SYSTEM\fndpfvcw.dll
O2 - BHO: (no name) - {51BBA9BE-6850-48F7-F2BF-53BA9DE837F3} - C:\WINDOWS\SYSTEM\pdfvvoaf.dll
O2 - BHO: (no name) - {5448C7F6-D8BA-3F29-F5EA-C64F31EA6B3C} - C:\WINDOWS\SYSTEM\cwbyejqh.dll
O2 - BHO: (no name) - {58847141-1A49-88BF-79A4-E0EA756EB29C} - C:\WINDOWS\SYSTEM\ddbtvwei.dll
O2 - BHO: (no name) - {5B02E1C7-45A7-637A-D1CA-1D7C789BE25C} - C:\WINDOWS\SYSTEM\ewmbpnzl.dll
O2 - BHO: (no name) - {FC122FF9-DCAF-A788-6EB5-10EE5EA77F1E} - C:\WINDOWS\SYSTEM\zmqhitsq.dll
O2 - BHO: (no name) - {46957975-82B2-3474-BF76-9DCC79062443} - C:\WINDOWS\SYSTEM\nfllxqmh.dll
O2 - BHO: (no name) - {0779E4A1-D396-BAF1-6A37-CB8DBDBB06C4} - C:\WINDOWS\SYSTEM\qqfqhjfs.dll
O2 - BHO: (no name) - {82165DB0-EEB2-223E-2298-AA46B2CFC27D} - C:\WINDOWS\SYSTEM\raudpnpd.dll
O2 - BHO: (no name) - {C2C19F35-635B-3737-A25B-34087EEEE704} - C:\WINDOWS\SYSTEM\bxtblpkj.dll
O2 - BHO: (no name) - {03C467C2-BF56-7424-A326-D1CCE350D495} - C:\WINDOWS\SYSTEM\epynyomj.dll
O2 - BHO: (no name) - {C1E91A2B-FB0A-0E45-22D4-2184E52F9E77} - C:\WINDOWS\SYSTEM\hddfutlp.dll
O2 - BHO: (no name) - {C12243D2-D8C3-FFC9-4CD2-C583DD445B73} - C:\WINDOWS\SYSTEM\bihvjrat.dll
O2 - BHO: (no name) - {C2D14DE5-A8E6-D12F-CD60-EB8A0FC46D8B} - C:\WINDOWS\SYSTEM\oxlfrkga.dll
O2 - BHO: (no name) - {C1F9C8DC-C015-A8BB-4D59-D8077604A4FF} - C:\WINDOWS\SYSTEM\ucwjaozn.dll
O2 - BHO: (no name) - {03B5B812-F9C9-D82D-7822-1A4A537ACE0E} - C:\WINDOWS\SYSTEM\rhfkklyl.dll
O2 - BHO: (no name) - {02DD3409-12F7-AFB9-F79A-07C6BAB90681} - C:\WINDOWS\SYSTEM\xnqwtory.dll
O2 - BHO: (no name) - {08D81517-E8B5-662E-28E7-FEEAC093E401} - C:\WINDOWS\SYSTEM\yrfehxgf.dll
O2 - BHO: (no name) - {08113EBE-C570-59B2-D2E4-A26AB8A9A17D} - C:\WINDOWS\SYSTEM\sejleevb.dll
O2 - BHO: (no name) - {C7E4FA39-5247-44B9-5221-19A8EB897DF6} - C:\WINDOWS\SYSTEM\ihsnacav.dll
O2 - BHO: (no name) - {C7BC8043-3A19-6D2C-53A8-AB2C84494683} - C:\WINDOWS\SYSTEM\cbhjayzp.dll
O2 - BHO: (no name) - {C7F4A9EA-97D2-DFB0-7DA5-D02BFB5F037F} - C:\WINDOWS\SYSTEM\vglrpeou.dll
O2 - BHO: (no name) - {0821EB6F-0CFB-F3A9-FDE9-D9ECC8FE2706} - C:\WINDOWS\SYSTEM\fdcpkzra.dll
O2 - BHO: (no name) - {CE866315-DF6A-33E4-95A0-1F2CFDA67D38} - C:\WINDOWS\SYSTEM\yyeutabk.dll
O2 - BHO: (no name) - {8E6ACF41-31CC-3A63-40E1-4DEB425C5FB9} - C:\WINDOWS\SYSTEM\bagzlbuv.dll
O2 - BHO: (no name) - {CE1512C5-A5F5-4FDC-C0A5-D6AD0EFC03BF} - C:\WINDOWS\SYSTEM\lgwxhdpb.dll
O2 - BHO: (no name) - {CE4E3B6D-03AF-C061-EAA2-7B2D0691C0BB} - C:\WINDOWS\SYSTEM\elamecef.dll
O2 - BHO: (no name) - {8E22F7E8-8E86-ACE6-EADE-F16B3A711CB5} - C:\WINDOWS\SYSTEM\vokoizjz.dll
O2 - BHO: (no name) - {076F6A47-49A9-815B-149B-0FEC63E0D738} - C:\WINDOWS\SYSTEM\oskzbcvz.dll
O2 - BHO: (no name) - {C653D573-1B8C-0859-BE5C-3DAD2716B9BA} - C:\WINDOWS\SYSTEM\rdmftdnk.dll
O2 - BHO: (no name) - {0737419F-6CEE-8ED6-699E-6BEE6BCB1B3C} - C:\WINDOWS\SYSTEM\ufgsewgv.dll
O2 - BHO: (no name) - {C68BFE1B-F747-79DC-695A-E02D1F2B7737} - C:\WINDOWS\SYSTEM\liquiccg.dll
O2 - BHO: (no name) - {04F1E85D-E31D-E44C-D1FD-BEF1DBAAA0BA} - C:\WINDOWS\SYSTEM\klvkbijh.dll
O2 - BHO: (no name) - {8EFF6A85-2C7F-D531-4F29-EC2742DDA58F} - C:\WINDOWS\SYSTEM\yzleubvk.dll
O2 - BHO: (no name) - {198D6A2D-F460-4697-CCD5-9A5CA8112BE4} - C:\WINDOWS\SYSTEM\mfkhfchu.dll
O2 - BHO: (no name) - {7963E8B4-9BBB-74E5-5352-11BC74779B65} - C:\WINDOWS\SYSTEM\wxfqipxx.dll
O2 - BHO: (no name) - {07764079-BEC0-85E0-72A3-28B8B7510469} - (no file)
O2 - BHO: (no name) - {E97BAD41-A11C-59DB-A886-1BA017E6C83B} - (no file)
O2 - BHO: (no name) - {D801F93D-A0FC-663B-2FCD-D5CBC31096E4} - (no file)
O2 - BHO: (no name) - {15144B27-69C7-7805-C83F-CBEB52D25417} - (no file)
O2 - BHO: (no name) - {15E84611-6BA9-D406-EF40-CFE92B3B421F} - (no file)
O2 - BHO: (no name) - {2FA252B6-4571-73E6-C0F7-1EC171B2CC38} - (no file)
O2 - BHO: (no name) - {7A2EBB6C-1162-B525-1F08-8111E4443885} - (no file)
O2 - BHO: (no name) - {6ECE738A-6CF2-371B-F642-15C98AA7EE47} - (no file)
O2 - BHO: (no name) - {D314E7E5-122B-183A-260A-C6F04430E4AD} - (no file)
O2 - BHO: (no name) - {61322D38-FE8E-A76A-8EE5-ADDD282C6AB9} - (no file)
O2 - BHO: (no name) - {7BEB39DC-5956-C54B-5F1E-FBB56EA37453} - (no file)
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
O4 - HKLM\..\Run: [Easykey] C:\Program Files\Easy Keyboard\Easykey.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [D-Link Air Utility] c:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: PowerReg Scheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSxdm519
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: ppctlcab -
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://firstmagnus.webex.com/client/latest/webex/ieatgpc.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {99410CDE-6F16-42CE-9D49-3807F78F0287} -

Comments

  • KwitkoKwitko Sheriff of Banning (Retired) By the thing near the stuff Icrontian
    edited November 2004
    Delete the following, then reboot and post a new log:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.searchwww.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: Advanced Searchbar - {43F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
    O2 - BHO: (no name) - {BE331416-49C3-8E65-4C7A-8F519FF20ECE} - (no file)
    O2 - BHO: (no name) - {6EC7148F-FCD0-90B7-FE5D-3E9D536FF4E1} - C:\WINDOWS\SYSTEM\hqbycfpv.dll
    O2 - BHO: (no name) - {69479F4C-B151-9847-0D71-DB6581FE617E} - (no file)
    O2 - BHO: (no name) - {EE7DC847-183A-628A-967D-28C51F1BEBCE} - (no file)
    O2 - BHO: (no name) - {872AED3C-5F6F-A901-5A0C-E3EDD78A476F} - (no file)
    O2 - BHO: (no name) - {076664FA-93CE-84FA-0E72-3499C7B7F845} - (no file)
    O2 - BHO: (no name) - {88C6BAC9-C1F0-4DB1-3BDB-5E8F579A36BE} - (no file)
    O2 - BHO: (no name) - {F707BB80-2646-3B0F-23FF-052EAC9ACB55} - (no file)
    O2 - BHO: (no name) - {1CAD5503-15A8-FD49-E3CA-A314ABDB973D} - (no file)
    O2 - BHO: (no name) - {24E638E7-5AF7-90BF-9B1E-A251329D660C} - C:\WINDOWS\SYSTEM\rvgtrizx.dll
    O2 - BHO: (no name) - {C3A9BE4C-16A1-CA0F-E0C0-422B70FD68A2} - (no file)
    O2 - BHO: (no name) - {A25311F4-FA02-6AA1-284B-DB29B2B4AF64} - (no file)
    O2 - BHO: (no name) - {4910A22E-91B0-A024-B80A-61DB01C2D802} - (no file)
    O2 - BHO: (no name) - {F7A5F5AF-AFDE-5204-5E93-314426C49404} - C:\WINDOWS\SYSTEM\yczjyhsl.dll
    O2 - BHO: (no name) - {F7DD1F57-8D99-C488-0990-D4C39D595180} - C:\WINDOWS\SYSTEM\spcznnhq.dll
    O2 - BHO: (no name) - {714341CE-9EBA-9174-ACD1-62C5663EF677} - (no file)
    O2 - BHO: (no name) - {D5037AD9-5D55-7687-FB52-7049ABE17F24} - (no file)
    O2 - BHO: (no name) - {B41BAFFE-5E24-7E29-90BF-047A5BF87EBA} - (no file)
    O2 - BHO: (no name) - {934DE449-6141-7890-9649-9239F7C15026} - (no file)
    O2 - BHO: (no name) - {8F27D6EA-EEDA-430B-D565-270D265FC9A8} - (no file)
    O2 - BHO: (no name) - {40254976-2816-6BE2-E85C-D953E28C685E} - (no file)
    O2 - BHO: (no name) - {A85708FC-030B-0EC4-793C-4FCB21B86FC3} - (no file)
    O2 - BHO: (no name) - {A5B07A20-90A4-D93F-B958-E39FCFD5E846} - (no file)
    O2 - BHO: (no name) - {18F0E2E1-C499-8AF8-7C81-96AB6F5ED879} - (no file)
    O2 - BHO: (no name) - {5D96080A-3178-DBE7-BE34-684C9B7B68CB} - (no file)
    O2 - BHO: (no name) - {3250449D-C853-BA32-CC1E-18A95B979741} - (no file)
    O2 - BHO: (no name) - {8C3AAC7D-0A35-90C3-9665-48F2689A3C10} - C:\WINDOWS\SYSTEM\qjzshria.dll
    O2 - BHO: (no name) - {80E8145D-0E64-A931-CEFB-2CCEFBDEBB8C} - (no file)
    O2 - BHO: (no name) - {581A2180-2939-8DE2-9A7B-6BA6C373ACCE} - C:\WINDOWS\SYSTEM\sfyrmwyi.dll
    O2 - BHO: (no name) - {4D44D760-3C4B-DE24-5862-F7594C7F9A5E} - (no file)
    O2 - BHO: (no name) - {5391731A-A117-482E-582A-CEB1EEC428D9} - (no file)
    O2 - BHO: (no name) - {506A653D-AFB1-13A9-1846-63859DE1A15C} - (no file)
    O2 - BHO: (no name) - {5862F759-4C7F-9A5E-EF7E-C6274C5EEFD2} - C:\WINDOWS\SYSTEM\zsvkpyjl.dll
    O2 - BHO: (no name) - {582ACEB1-EEC4-28D9-C580-232954493257} - C:\WINDOWS\SYSTEM\fnruszug.dll
    O2 - BHO: (no name) - {A6A57130-D716-D144-A69B-CD052AF35A4D} - (no file)
    O2 - BHO: (no name) - {FD6D6F0F-3790-0EAC-2F6B-1731102745F7} - (no file)
    O2 - BHO: (no name) - {910AEFDF-C7D3-7078-2A43-F29BDD8D4F22} - (no file)
    O2 - BHO: (no name) - {05AA6449-5C1F-E0CC-5D3D-7C0518A49A64} - (no file)
    O2 - BHO: (no name) - {630379DA-DF2F-56E5-9F10-2B07CF5B6125} - (no file)
    O2 - BHO: (no name) - {561C02D4-9430-0CEC-A6F0-3FCF53F55C04} - (no file)
    O2 - BHO: (no name) - {1F230A94-BCAC-931B-FBB8-648D4F42B085} - (no file)
    O2 - BHO: (no name) - {EA706B2D-0F65-D1E2-806A-6E4303B9597E} - (no file)
    O2 - BHO: (no name) - {87405CFF-046A-5414-2D31-64D167F1F799} - (no file)
    O2 - BHO: (no name) - {8073BFC4-9E9E-EA0A-2D69-8D7945AC6A1E} - (no file)
    O2 - BHO: (no name) - {839ACE22-9105-1F8F-EC4D-F8A5950F711C} - (no file)
    O2 - BHO: (no name) - {643D9202-856D-6BEE-CE01-7C75AAD6A3DC} - (no file)
    O2 - BHO: (no name) - {25938BAA-7C72-31B5-3640-0F82DA68A789} - (no file)
    O2 - BHO: (no name) - {C14629A9-8595-8DB3-3A7B-B7CD1CF57020} - (no file)
    O2 - BHO: (no name) - {BE209BCC-132F-D92F-FA18-4CA1CA13E9A2} - (no file)
    O2 - BHO: (no name) - {8A6CFC65-6467-9776-7F4A-56577F8A929B} - (no file)
    O2 - BHO: (no name) - {D48223A3-0F0B-0501-FC84-D2EC38CE19F0} - C:\WINDOWS\SYSTEM\etdzdmzh.dll
    O2 - BHO: (no name) - {3DA067C0-E6EB-12F2-B5D1-485EEAF15CC4} - C:\WINDOWS\SYSTEM\crsyafin.dll
    O2 - BHO: (no name) - {D7293180-8271-3985-3D68-3E1989319F6E} - C:\WINDOWS\SYSTEM\htukbqwk.dll
    O2 - BHO: (no name) - {CD3587E8-A9BF-9BF5-FC3C-FB9415888B75} - C:\WINDOWS\SYSTEM\kcxmtxxu.dll
    O2 - BHO: (no name) - {D05C95C5-9C26-CF7B-3DA0-67C0E6EB12F2} - C:\WINDOWS\SYSTEM\owtukaoi.dll
    O2 - BHO: (no name) - {FFE16712-D816-3D3C-E230-43AC90A960F6} - C:\WINDOWS\SYSTEM\gfmfkzml.dll
    O2 - BHO: (no name) - {2C5EF264-3581-2683-7ACD-4951751DCF35} - C:\WINDOWS\SYSTEM\imhqyhdg.dll
    O2 - BHO: (no name) - {0E12F6B2-C8C8-5843-1AD5-0EE74E1B63AE} - C:\WINDOWS\SYSTEM\fndpfvcw.dll
    O2 - BHO: (no name) - {51BBA9BE-6850-48F7-F2BF-53BA9DE837F3} - C:\WINDOWS\SYSTEM\pdfvvoaf.dll
    O2 - BHO: (no name) - {5448C7F6-D8BA-3F29-F5EA-C64F31EA6B3C} - C:\WINDOWS\SYSTEM\cwbyejqh.dll
    O2 - BHO: (no name) - {58847141-1A49-88BF-79A4-E0EA756EB29C} - C:\WINDOWS\SYSTEM\ddbtvwei.dll
    O2 - BHO: (no name) - {5B02E1C7-45A7-637A-D1CA-1D7C789BE25C} - C:\WINDOWS\SYSTEM\ewmbpnzl.dll
    O2 - BHO: (no name) - {FC122FF9-DCAF-A788-6EB5-10EE5EA77F1E} - C:\WINDOWS\SYSTEM\zmqhitsq.dll
    O2 - BHO: (no name) - {46957975-82B2-3474-BF76-9DCC79062443} - C:\WINDOWS\SYSTEM\nfllxqmh.dll
    O2 - BHO: (no name) - {0779E4A1-D396-BAF1-6A37-CB8DBDBB06C4} - C:\WINDOWS\SYSTEM\qqfqhjfs.dll
    O2 - BHO: (no name) - {82165DB0-EEB2-223E-2298-AA46B2CFC27D} - C:\WINDOWS\SYSTEM\raudpnpd.dll
    O2 - BHO: (no name) - {C2C19F35-635B-3737-A25B-34087EEEE704} - C:\WINDOWS\SYSTEM\bxtblpkj.dll
    O2 - BHO: (no name) - {03C467C2-BF56-7424-A326-D1CCE350D495} - C:\WINDOWS\SYSTEM\epynyomj.dll
    O2 - BHO: (no name) - {C1E91A2B-FB0A-0E45-22D4-2184E52F9E77} - C:\WINDOWS\SYSTEM\hddfutlp.dll
    O2 - BHO: (no name) - {C12243D2-D8C3-FFC9-4CD2-C583DD445B73} - C:\WINDOWS\SYSTEM\bihvjrat.dll
    O2 - BHO: (no name) - {C2D14DE5-A8E6-D12F-CD60-EB8A0FC46D8B} - C:\WINDOWS\SYSTEM\oxlfrkga.dll
    O2 - BHO: (no name) - {C1F9C8DC-C015-A8BB-4D59-D8077604A4FF} - C:\WINDOWS\SYSTEM\ucwjaozn.dll
    O2 - BHO: (no name) - {03B5B812-F9C9-D82D-7822-1A4A537ACE0E} - C:\WINDOWS\SYSTEM\rhfkklyl.dll
    O2 - BHO: (no name) - {02DD3409-12F7-AFB9-F79A-07C6BAB90681} - C:\WINDOWS\SYSTEM\xnqwtory.dll
    O2 - BHO: (no name) - {08D81517-E8B5-662E-28E7-FEEAC093E401} - C:\WINDOWS\SYSTEM\yrfehxgf.dll
    O2 - BHO: (no name) - {08113EBE-C570-59B2-D2E4-A26AB8A9A17D} - C:\WINDOWS\SYSTEM\sejleevb.dll
    O2 - BHO: (no name) - {C7E4FA39-5247-44B9-5221-19A8EB897DF6} - C:\WINDOWS\SYSTEM\ihsnacav.dll
    O2 - BHO: (no name) - {C7BC8043-3A19-6D2C-53A8-AB2C84494683} - C:\WINDOWS\SYSTEM\cbhjayzp.dll
    O2 - BHO: (no name) - {C7F4A9EA-97D2-DFB0-7DA5-D02BFB5F037F} - C:\WINDOWS\SYSTEM\vglrpeou.dll
    O2 - BHO: (no name) - {0821EB6F-0CFB-F3A9-FDE9-D9ECC8FE2706} - C:\WINDOWS\SYSTEM\fdcpkzra.dll
    O2 - BHO: (no name) - {CE866315-DF6A-33E4-95A0-1F2CFDA67D38} - C:\WINDOWS\SYSTEM\yyeutabk.dll
    O2 - BHO: (no name) - {8E6ACF41-31CC-3A63-40E1-4DEB425C5FB9} - C:\WINDOWS\SYSTEM\bagzlbuv.dll
    O2 - BHO: (no name) - {CE1512C5-A5F5-4FDC-C0A5-D6AD0EFC03BF} - C:\WINDOWS\SYSTEM\lgwxhdpb.dll
    O2 - BHO: (no name) - {CE4E3B6D-03AF-C061-EAA2-7B2D0691C0BB} - C:\WINDOWS\SYSTEM\elamecef.dll
    O2 - BHO: (no name) - {8E22F7E8-8E86-ACE6-EADE-F16B3A711CB5} - C:\WINDOWS\SYSTEM\vokoizjz.dll
    O2 - BHO: (no name) - {076F6A47-49A9-815B-149B-0FEC63E0D738} - C:\WINDOWS\SYSTEM\oskzbcvz.dll
    O2 - BHO: (no name) - {C653D573-1B8C-0859-BE5C-3DAD2716B9BA} - C:\WINDOWS\SYSTEM\rdmftdnk.dll
    O2 - BHO: (no name) - {0737419F-6CEE-8ED6-699E-6BEE6BCB1B3C} - C:\WINDOWS\SYSTEM\ufgsewgv.dll
    O2 - BHO: (no name) - {C68BFE1B-F747-79DC-695A-E02D1F2B7737} - C:\WINDOWS\SYSTEM\liquiccg.dll
    O2 - BHO: (no name) - {04F1E85D-E31D-E44C-D1FD-BEF1DBAAA0BA} - C:\WINDOWS\SYSTEM\klvkbijh.dll
    O2 - BHO: (no name) - {8EFF6A85-2C7F-D531-4F29-EC2742DDA58F} - C:\WINDOWS\SYSTEM\yzleubvk.dll
    O2 - BHO: (no name) - {198D6A2D-F460-4697-CCD5-9A5CA8112BE4} - C:\WINDOWS\SYSTEM\mfkhfchu.dll
    O2 - BHO: (no name) - {7963E8B4-9BBB-74E5-5352-11BC74779B65} - C:\WINDOWS\SYSTEM\wxfqipxx.dll
    O2 - BHO: (no name) - {07764079-BEC0-85E0-72A3-28B8B7510469} - (no file)
    O2 - BHO: (no name) - {E97BAD41-A11C-59DB-A886-1BA017E6C83B} - (no file)
    O2 - BHO: (no name) - {D801F93D-A0FC-663B-2FCD-D5CBC31096E4} - (no file)
    O2 - BHO: (no name) - {15144B27-69C7-7805-C83F-CBEB52D25417} - (no file)
    O2 - BHO: (no name) - {15E84611-6BA9-D406-EF40-CFE92B3B421F} - (no file)
    O2 - BHO: (no name) - {2FA252B6-4571-73E6-C0F7-1EC171B2CC38} - (no file)
    O2 - BHO: (no name) - {7A2EBB6C-1162-B525-1F08-8111E4443885} - (no file)
    O2 - BHO: (no name) - {6ECE738A-6CF2-371B-F642-15C98AA7EE47} - (no file)
    O2 - BHO: (no name) - {D314E7E5-122B-183A-260A-C6F04430E4AD} - (no file)
    O2 - BHO: (no name) - {61322D38-FE8E-A76A-8EE5-ADDD282C6AB9} - (no file)
    O2 - BHO: (no name) - {7BEB39DC-5956-C54B-5F1E-FBB56EA37453} - (no file)
    O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSxdm519
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

    O16 - DPF: {99410CDE-6F16-42CE-9D49-3807F78F0287} -
  • SkyWriter
    edited November 2004
    Thanks Kwitko for the suggestions. I did as you suggested - the result of which is that the previously broken Internet Explorer is functional again, but the Ibis Toolbar and EzSearchbar are still hanging around (according to Ad-Aware).

    I'm enclosing below the latest HijackThis log.

    Thanks again for all your help... it's great to have the browser back. Trying to launch it over the past several days has just caused it to freeze after a few seconds and bring the machine to knees speed-wise.


    Logfile of HijackThis v1.98.2
    Scan saved at 11:27:53 AM, on 11/4/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
    C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\ATICWD32.EXE
    C:\WINDOWS\SYSTEM\ATITASK.EXE
    C:\PROGRAM FILES\EASY KEYBOARD\EASYKEY.EXE
    C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\ALPHA NETWORKS\ANIWZCS SERVICE\WZCSLDR.EXE
    C:\PROGRAM FILES\D-LINK\AIR UTILITY\AIRCFG.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
    C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
    C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
    C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
    C:\TEMP\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.earthlink.net
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - Default URLSearchHook is missing
    F1 - win.ini: run=hpfsched
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O2 - BHO: (no name) - {BE331416-49C3-8E65-4C7A-8F519FF20ECE} - (no file)
    O2 - BHO: (no name) - {6EC7148F-FCD0-90B7-FE5D-3E9D536FF4E1} - C:\WINDOWS\SYSTEM\hqbycfpv.dll (file missing)
    O2 - BHO: (no name) - {07764079-BEC0-85E0-72A3-28B8B7510469} - (no file)
    O2 - BHO: (no name) - {69479F4C-B151-9847-0D71-DB6581FE617E} - (no file)
    O2 - BHO: (no name) - {EE7DC847-183A-628A-967D-28C51F1BEBCE} - (no file)
    O2 - BHO: (no name) - {872AED3C-5F6F-A901-5A0C-E3EDD78A476F} - (no file)
    O2 - BHO: (no name) - {076664FA-93CE-84FA-0E72-3499C7B7F845} - (no file)
    O2 - BHO: (no name) - {88C6BAC9-C1F0-4DB1-3BDB-5E8F579A36BE} - (no file)
    O2 - BHO: (no name) - {F707BB80-2646-3B0F-23FF-052EAC9ACB55} - (no file)
    O2 - BHO: (no name) - {1CAD5503-15A8-FD49-E3CA-A314ABDB973D} - (no file)
    O2 - BHO: (no name) - {24E638E7-5AF7-90BF-9B1E-A251329D660C} - C:\WINDOWS\SYSTEM\rvgtrizx.dll (file missing)
    O2 - BHO: (no name) - {E97BAD41-A11C-59DB-A886-1BA017E6C83B} - (no file)
    O2 - BHO: (no name) - {C3A9BE4C-16A1-CA0F-E0C0-422B70FD68A2} - (no file)
    O2 - BHO: (no name) - {A25311F4-FA02-6AA1-284B-DB29B2B4AF64} - (no file)
    O2 - BHO: (no name) - {4910A22E-91B0-A024-B80A-61DB01C2D802} - (no file)
    O2 - BHO: (no name) - {F7A5F5AF-AFDE-5204-5E93-314426C49404} - C:\WINDOWS\SYSTEM\yczjyhsl.dll (file missing)
    O2 - BHO: (no name) - {F7DD1F57-8D99-C488-0990-D4C39D595180} - C:\WINDOWS\SYSTEM\spcznnhq.dll (file missing)
    O2 - BHO: (no name) - {D801F93D-A0FC-663B-2FCD-D5CBC31096E4} - (no file)
    O2 - BHO: (no name) - {15144B27-69C7-7805-C83F-CBEB52D25417} - (no file)
    O2 - BHO: (no name) - {714341CE-9EBA-9174-ACD1-62C5663EF677} - (no file)
    O2 - BHO: (no name) - {D5037AD9-5D55-7687-FB52-7049ABE17F24} - (no file)
    O2 - BHO: (no name) - {B41BAFFE-5E24-7E29-90BF-047A5BF87EBA} - (no file)
    O2 - BHO: (no name) - {934DE449-6141-7890-9649-9239F7C15026} - (no file)
    O2 - BHO: (no name) - {8F27D6EA-EEDA-430B-D565-270D265FC9A8} - (no file)
    O2 - BHO: (no name) - {40254976-2816-6BE2-E85C-D953E28C685E} - (no file)
    O2 - BHO: (no name) - {A85708FC-030B-0EC4-793C-4FCB21B86FC3} - (no file)
    O2 - BHO: (no name) - {A5B07A20-90A4-D93F-B958-E39FCFD5E846} - (no file)
    O2 - BHO: (no name) - {18F0E2E1-C499-8AF8-7C81-96AB6F5ED879} - (no file)
    O2 - BHO: (no name) - {5D96080A-3178-DBE7-BE34-684C9B7B68CB} - (no file)
    O2 - BHO: (no name) - {3250449D-C853-BA32-CC1E-18A95B979741} - (no file)
    O2 - BHO: (no name) - {8C3AAC7D-0A35-90C3-9665-48F2689A3C10} - C:\WINDOWS\SYSTEM\qjzshria.dll (file missing)
    O2 - BHO: (no name) - {80E8145D-0E64-A931-CEFB-2CCEFBDEBB8C} - (no file)
    O2 - BHO: (no name) - {581A2180-2939-8DE2-9A7B-6BA6C373ACCE} - C:\WINDOWS\SYSTEM\sfyrmwyi.dll (file missing)
    O2 - BHO: (no name) - {4D44D760-3C4B-DE24-5862-F7594C7F9A5E} - (no file)
    O2 - BHO: (no name) - {5391731A-A117-482E-582A-CEB1EEC428D9} - (no file)
    O2 - BHO: (no name) - {506A653D-AFB1-13A9-1846-63859DE1A15C} - (no file)
    O2 - BHO: (no name) - {5862F759-4C7F-9A5E-EF7E-C6274C5EEFD2} - C:\WINDOWS\SYSTEM\zsvkpyjl.dll (file missing)
    O2 - BHO: (no name) - {582ACEB1-EEC4-28D9-C580-232954493257} - C:\WINDOWS\SYSTEM\fnruszug.dll (file missing)
    O2 - BHO: (no name) - {15E84611-6BA9-D406-EF40-CFE92B3B421F} - (no file)
    O2 - BHO: (no name) - {2FA252B6-4571-73E6-C0F7-1EC171B2CC38} - (no file)
    O2 - BHO: (no name) - {7A2EBB6C-1162-B525-1F08-8111E4443885} - (no file)
    O2 - BHO: (no name) - {A6A57130-D716-D144-A69B-CD052AF35A4D} - (no file)
    O2 - BHO: (no name) - {FD6D6F0F-3790-0EAC-2F6B-1731102745F7} - (no file)
    O2 - BHO: (no name) - {910AEFDF-C7D3-7078-2A43-F29BDD8D4F22} - (no file)
    O2 - BHO: (no name) - {05AA6449-5C1F-E0CC-5D3D-7C0518A49A64} - (no file)
    O2 - BHO: (no name) - {630379DA-DF2F-56E5-9F10-2B07CF5B6125} - (no file)
    O2 - BHO: (no name) - {561C02D4-9430-0CEC-A6F0-3FCF53F55C04} - (no file)
    O2 - BHO: (no name) - {1F230A94-BCAC-931B-FBB8-648D4F42B085} - (no file)
    O2 - BHO: (no name) - {EA706B2D-0F65-D1E2-806A-6E4303B9597E} - (no file)
    O2 - BHO: (no name) - {87405CFF-046A-5414-2D31-64D167F1F799} - (no file)
    O2 - BHO: (no name) - {8073BFC4-9E9E-EA0A-2D69-8D7945AC6A1E} - (no file)
    O2 - BHO: (no name) - {839ACE22-9105-1F8F-EC4D-F8A5950F711C} - (no file)
    O2 - BHO: (no name) - {643D9202-856D-6BEE-CE01-7C75AAD6A3DC} - (no file)
    O2 - BHO: (no name) - {25938BAA-7C72-31B5-3640-0F82DA68A789} - (no file)
    O2 - BHO: (no name) - {C14629A9-8595-8DB3-3A7B-B7CD1CF57020} - (no file)
    O2 - BHO: (no name) - {BE209BCC-132F-D92F-FA18-4CA1CA13E9A2} - (no file)
    O2 - BHO: (no name) - {8A6CFC65-6467-9776-7F4A-56577F8A929B} - (no file)
    O2 - BHO: (no name) - {D48223A3-0F0B-0501-FC84-D2EC38CE19F0} - C:\WINDOWS\SYSTEM\etdzdmzh.dll (file missing)
    O2 - BHO: (no name) - {3DA067C0-E6EB-12F2-B5D1-485EEAF15CC4} - C:\WINDOWS\SYSTEM\crsyafin.dll (file missing)
    O2 - BHO: (no name) - {D7293180-8271-3985-3D68-3E1989319F6E} - C:\WINDOWS\SYSTEM\htukbqwk.dll (file missing)
    O2 - BHO: (no name) - {CD3587E8-A9BF-9BF5-FC3C-FB9415888B75} - C:\WINDOWS\SYSTEM\kcxmtxxu.dll (file missing)
    O2 - BHO: (no name) - {D05C95C5-9C26-CF7B-3DA0-67C0E6EB12F2} - C:\WINDOWS\SYSTEM\owtukaoi.dll (file missing)
    O2 - BHO: (no name) - {FFE16712-D816-3D3C-E230-43AC90A960F6} - C:\WINDOWS\SYSTEM\gfmfkzml.dll (file missing)
    O2 - BHO: (no name) - {2C5EF264-3581-2683-7ACD-4951751DCF35} - C:\WINDOWS\SYSTEM\imhqyhdg.dll (file missing)
    O2 - BHO: (no name) - {0E12F6B2-C8C8-5843-1AD5-0EE74E1B63AE} - C:\WINDOWS\SYSTEM\fndpfvcw.dll (file missing)
    O2 - BHO: (no name) - {51BBA9BE-6850-48F7-F2BF-53BA9DE837F3} - C:\WINDOWS\SYSTEM\pdfvvoaf.dll (file missing)
    O2 - BHO: (no name) - {5448C7F6-D8BA-3F29-F5EA-C64F31EA6B3C} - C:\WINDOWS\SYSTEM\cwbyejqh.dll (file missing)
    O2 - BHO: (no name) - {58847141-1A49-88BF-79A4-E0EA756EB29C} - C:\WINDOWS\SYSTEM\ddbtvwei.dll (file missing)
    O2 - BHO: (no name) - {5B02E1C7-45A7-637A-D1CA-1D7C789BE25C} - C:\WINDOWS\SYSTEM\ewmbpnzl.dll (file missing)
    O2 - BHO: (no name) - {FC122FF9-DCAF-A788-6EB5-10EE5EA77F1E} - C:\WINDOWS\SYSTEM\zmqhitsq.dll (file missing)
    O2 - BHO: (no name) - {46957975-82B2-3474-BF76-9DCC79062443} - C:\WINDOWS\SYSTEM\nfllxqmh.dll (file missing)
    O2 - BHO: (no name) - {0779E4A1-D396-BAF1-6A37-CB8DBDBB06C4} - C:\WINDOWS\SYSTEM\qqfqhjfs.dll (file missing)
    O2 - BHO: (no name) - {82165DB0-EEB2-223E-2298-AA46B2CFC27D} - C:\WINDOWS\SYSTEM\raudpnpd.dll (file missing)
    O2 - BHO: (no name) - {C2C19F35-635B-3737-A25B-34087EEEE704} - C:\WINDOWS\SYSTEM\bxtblpkj.dll (file missing)
    O2 - BHO: (no name) - {03C467C2-BF56-7424-A326-D1CCE350D495} - C:\WINDOWS\SYSTEM\epynyomj.dll (file missing)
    O2 - BHO: (no name) - {C1E91A2B-FB0A-0E45-22D4-2184E52F9E77} - C:\WINDOWS\SYSTEM\hddfutlp.dll (file missing)
    O2 - BHO: (no name) - {C12243D2-D8C3-FFC9-4CD2-C583DD445B73} - C:\WINDOWS\SYSTEM\bihvjrat.dll (file missing)
    O2 - BHO: (no name) - {C2D14DE5-A8E6-D12F-CD60-EB8A0FC46D8B} - C:\WINDOWS\SYSTEM\oxlfrkga.dll (file missing)
    O2 - BHO: (no name) - {C1F9C8DC-C015-A8BB-4D59-D8077604A4FF} - C:\WINDOWS\SYSTEM\ucwjaozn.dll (file missing)
    O2 - BHO: (no name) - {03B5B812-F9C9-D82D-7822-1A4A537ACE0E} - C:\WINDOWS\SYSTEM\rhfkklyl.dll (file missing)
    O2 - BHO: (no name) - {02DD3409-12F7-AFB9-F79A-07C6BAB90681} - C:\WINDOWS\SYSTEM\xnqwtory.dll (file missing)
    O2 - BHO: (no name) - {08D81517-E8B5-662E-28E7-FEEAC093E401} - C:\WINDOWS\SYSTEM\yrfehxgf.dll (file missing)
    O2 - BHO: (no name) - {08113EBE-C570-59B2-D2E4-A26AB8A9A17D} - C:\WINDOWS\SYSTEM\sejleevb.dll (file missing)
    O2 - BHO: (no name) - {C7E4FA39-5247-44B9-5221-19A8EB897DF6} - C:\WINDOWS\SYSTEM\ihsnacav.dll (file missing)
    O2 - BHO: (no name) - {C7BC8043-3A19-6D2C-53A8-AB2C84494683} - C:\WINDOWS\SYSTEM\cbhjayzp.dll (file missing)
    O2 - BHO: (no name) - {C7F4A9EA-97D2-DFB0-7DA5-D02BFB5F037F} - C:\WINDOWS\SYSTEM\vglrpeou.dll (file missing)
    O2 - BHO: (no name) - {0821EB6F-0CFB-F3A9-FDE9-D9ECC8FE2706} - C:\WINDOWS\SYSTEM\fdcpkzra.dll (file missing)
    O2 - BHO: (no name) - {CE866315-DF6A-33E4-95A0-1F2CFDA67D38} - C:\WINDOWS\SYSTEM\yyeutabk.dll (file missing)
    O2 - BHO: (no name) - {8E6ACF41-31CC-3A63-40E1-4DEB425C5FB9} - C:\WINDOWS\SYSTEM\bagzlbuv.dll (file missing)
    O2 - BHO: (no name) - {CE1512C5-A5F5-4FDC-C0A5-D6AD0EFC03BF} - C:\WINDOWS\SYSTEM\lgwxhdpb.dll (file missing)
    O2 - BHO: (no name) - {CE4E3B6D-03AF-C061-EAA2-7B2D0691C0BB} - C:\WINDOWS\SYSTEM\elamecef.dll (file missing)
    O2 - BHO: (no name) - {8E22F7E8-8E86-ACE6-EADE-F16B3A711CB5} - C:\WINDOWS\SYSTEM\vokoizjz.dll (file missing)
    O2 - BHO: (no name) - {076F6A47-49A9-815B-149B-0FEC63E0D738} - C:\WINDOWS\SYSTEM\oskzbcvz.dll (file missing)
    O2 - BHO: (no name) - {C653D573-1B8C-0859-BE5C-3DAD2716B9BA} - C:\WINDOWS\SYSTEM\rdmftdnk.dll (file missing)
    O2 - BHO: (no name) - {0737419F-6CEE-8ED6-699E-6BEE6BCB1B3C} - C:\WINDOWS\SYSTEM\ufgsewgv.dll (file missing)
    O2 - BHO: (no name) - {C68BFE1B-F747-79DC-695A-E02D1F2B7737} - C:\WINDOWS\SYSTEM\liquiccg.dll (file missing)
    O2 - BHO: (no name) - {6ECE738A-6CF2-371B-F642-15C98AA7EE47} - (no file)
    O2 - BHO: (no name) - {D314E7E5-122B-183A-260A-C6F04430E4AD} - (no file)
    O2 - BHO: (no name) - {61322D38-FE8E-A76A-8EE5-ADDD282C6AB9} - (no file)
    O2 - BHO: (no name) - {7BEB39DC-5956-C54B-5F1E-FBB56EA37453} - (no file)
    O2 - BHO: (no name) - {04F1E85D-E31D-E44C-D1FD-BEF1DBAAA0BA} - C:\WINDOWS\SYSTEM\klvkbijh.dll (file missing)
    O2 - BHO: (no name) - {8EFF6A85-2C7F-D531-4F29-EC2742DDA58F} - C:\WINDOWS\SYSTEM\yzleubvk.dll (file missing)
    O2 - BHO: (no name) - {198D6A2D-F460-4697-CCD5-9A5CA8112BE4} - C:\WINDOWS\SYSTEM\mfkhfchu.dll (file missing)
    O2 - BHO: (no name) - {7963E8B4-9BBB-74E5-5352-11BC74779B65} - C:\WINDOWS\SYSTEM\wxfqipxx.dll (file missing)
    O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
    O2 - BHO: (no name) - {B6598677-4B54-42A9-BA67-8B64E3FCD92D} - (no file)
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
    O4 - HKLM\..\Run: [AtiKey] Atitask.exe
    O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
    O4 - HKLM\..\Run: [Easykey] C:\Program Files\Easy Keyboard\Easykey.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
    O4 - HKLM\..\Run: [D-Link Air Utility] c:\Program Files\D-Link\Air Utility\AirCFG.exe
    O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
    O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Startup: PowerReg Scheduler.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: ppctlcab -
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://firstmagnus.webex.com/client/latest/webex/ieatgpc.cab
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
    O16 - DPF: {99410CDE-6F16-42CE-9D49-3807F78F0287} -
  • SpywareShooterSpywareShooter 127.0.0.1
    edited November 2004
    Ahhh! All of the no names/no files are hurting my eyes ;D

    O2 - BHO: (no name) - {BE331416-49C3-8E65-4C7A-8F519FF20ECE} - (no file)
    O2 - BHO: (no name) - {6EC7148F-FCD0-90B7-FE5D-3E9D536FF4E1} - C:\WINDOWS\SYSTEM\hqbycfpv.dll (file missing)
    O2 - BHO: (no name) - {07764079-BEC0-85E0-72A3-28B8B7510469} - (no file)
    O2 - BHO: (no name) - {69479F4C-B151-9847-0D71-DB6581FE617E} - (no file)
    O2 - BHO: (no name) - {EE7DC847-183A-628A-967D-28C51F1BEBCE} - (no file)
    O2 - BHO: (no name) - {872AED3C-5F6F-A901-5A0C-E3EDD78A476F} - (no file)
    O2 - BHO: (no name) - {076664FA-93CE-84FA-0E72-3499C7B7F845} - (no file)
    O2 - BHO: (no name) - {88C6BAC9-C1F0-4DB1-3BDB-5E8F579A36BE} - (no file)
    O2 - BHO: (no name) - {F707BB80-2646-3B0F-23FF-052EAC9ACB55} - (no file)
    O2 - BHO: (no name) - {1CAD5503-15A8-FD49-E3CA-A314ABDB973D} - (no file)
    O2 - BHO: (no name) - {24E638E7-5AF7-90BF-9B1E-A251329D660C} - C:\WINDOWS\SYSTEM\rvgtrizx.dll (file missing)
    O2 - BHO: (no name) - {E97BAD41-A11C-59DB-A886-1BA017E6C83B} - (no file)
    O2 - BHO: (no name) - {C3A9BE4C-16A1-CA0F-E0C0-422B70FD68A2} - (no file)
    O2 - BHO: (no name) - {A25311F4-FA02-6AA1-284B-DB29B2B4AF64} - (no file)
    O2 - BHO: (no name) - {4910A22E-91B0-A024-B80A-61DB01C2D802} - (no file)
    O2 - BHO: (no name) - {F7A5F5AF-AFDE-5204-5E93-314426C49404} - C:\WINDOWS\SYSTEM\yczjyhsl.dll (file missing)
    O2 - BHO: (no name) - {F7DD1F57-8D99-C488-0990-D4C39D595180} - C:\WINDOWS\SYSTEM\spcznnhq.dll (file missing)
    O2 - BHO: (no name) - {D801F93D-A0FC-663B-2FCD-D5CBC31096E4} - (no file)
    O2 - BHO: (no name) - {15144B27-69C7-7805-C83F-CBEB52D25417} - (no file)
    O2 - BHO: (no name) - {714341CE-9EBA-9174-ACD1-62C5663EF677} - (no file)
    O2 - BHO: (no name) - {D5037AD9-5D55-7687-FB52-7049ABE17F24} - (no file)
    O2 - BHO: (no name) - {B41BAFFE-5E24-7E29-90BF-047A5BF87EBA} - (no file)
    O2 - BHO: (no name) - {934DE449-6141-7890-9649-9239F7C15026} - (no file)
    O2 - BHO: (no name) - {8F27D6EA-EEDA-430B-D565-270D265FC9A8} - (no file)
    O2 - BHO: (no name) - {40254976-2816-6BE2-E85C-D953E28C685E} - (no file)
    O2 - BHO: (no name) - {A85708FC-030B-0EC4-793C-4FCB21B86FC3} - (no file)
    O2 - BHO: (no name) - {A5B07A20-90A4-D93F-B958-E39FCFD5E846} - (no file)
    O2 - BHO: (no name) - {18F0E2E1-C499-8AF8-7C81-96AB6F5ED879} - (no file)
    O2 - BHO: (no name) - {5D96080A-3178-DBE7-BE34-684C9B7B68CB} - (no file)
    O2 - BHO: (no name) - {3250449D-C853-BA32-CC1E-18A95B979741} - (no file)
    O2 - BHO: (no name) - {8C3AAC7D-0A35-90C3-9665-48F2689A3C10} - C:\WINDOWS\SYSTEM\qjzshria.dll (file missing)
    O2 - BHO: (no name) - {80E8145D-0E64-A931-CEFB-2CCEFBDEBB8C} - (no file)
    O2 - BHO: (no name) - {581A2180-2939-8DE2-9A7B-6BA6C373ACCE} - C:\WINDOWS\SYSTEM\sfyrmwyi.dll (file missing)
    O2 - BHO: (no name) - {4D44D760-3C4B-DE24-5862-F7594C7F9A5E} - (no file)
    O2 - BHO: (no name) - {5391731A-A117-482E-582A-CEB1EEC428D9} - (no file)
    O2 - BHO: (no name) - {506A653D-AFB1-13A9-1846-63859DE1A15C} - (no file)
    O2 - BHO: (no name) - {5862F759-4C7F-9A5E-EF7E-C6274C5EEFD2} - C:\WINDOWS\SYSTEM\zsvkpyjl.dll (file missing)
    O2 - BHO: (no name) - {582ACEB1-EEC4-28D9-C580-232954493257} - C:\WINDOWS\SYSTEM\fnruszug.dll (file missing)
    O2 - BHO: (no name) - {15E84611-6BA9-D406-EF40-CFE92B3B421F} - (no file)
    O2 - BHO: (no name) - {2FA252B6-4571-73E6-C0F7-1EC171B2CC38} - (no file)
    O2 - BHO: (no name) - {7A2EBB6C-1162-B525-1F08-8111E4443885} - (no file)
    O2 - BHO: (no name) - {A6A57130-D716-D144-A69B-CD052AF35A4D} - (no file)
    O2 - BHO: (no name) - {FD6D6F0F-3790-0EAC-2F6B-1731102745F7} - (no file)
    O2 - BHO: (no name) - {910AEFDF-C7D3-7078-2A43-F29BDD8D4F22} - (no file)
    O2 - BHO: (no name) - {05AA6449-5C1F-E0CC-5D3D-7C0518A49A64} - (no file)
    O2 - BHO: (no name) - {630379DA-DF2F-56E5-9F10-2B07CF5B6125} - (no file)
    O2 - BHO: (no name) - {561C02D4-9430-0CEC-A6F0-3FCF53F55C04} - (no file)
    O2 - BHO: (no name) - {1F230A94-BCAC-931B-FBB8-648D4F42B085} - (no file)
    O2 - BHO: (no name) - {EA706B2D-0F65-D1E2-806A-6E4303B9597E} - (no file)
    O2 - BHO: (no name) - {87405CFF-046A-5414-2D31-64D167F1F799} - (no file)
    O2 - BHO: (no name) - {8073BFC4-9E9E-EA0A-2D69-8D7945AC6A1E} - (no file)
    O2 - BHO: (no name) - {839ACE22-9105-1F8F-EC4D-F8A5950F711C} - (no file)
    O2 - BHO: (no name) - {643D9202-856D-6BEE-CE01-7C75AAD6A3DC} - (no file)
    O2 - BHO: (no name) - {25938BAA-7C72-31B5-3640-0F82DA68A789} - (no file)
    O2 - BHO: (no name) - {C14629A9-8595-8DB3-3A7B-B7CD1CF57020} - (no file)
    O2 - BHO: (no name) - {BE209BCC-132F-D92F-FA18-4CA1CA13E9A2} - (no file)
    O2 - BHO: (no name) - {8A6CFC65-6467-9776-7F4A-56577F8A929B} - (no file)
    O2 - BHO: (no name) - {D48223A3-0F0B-0501-FC84-D2EC38CE19F0} - C:\WINDOWS\SYSTEM\etdzdmzh.dll (file missing)
    O2 - BHO: (no name) - {3DA067C0-E6EB-12F2-B5D1-485EEAF15CC4} - C:\WINDOWS\SYSTEM\crsyafin.dll (file missing)
    O2 - BHO: (no name) - {D7293180-8271-3985-3D68-3E1989319F6E} - C:\WINDOWS\SYSTEM\htukbqwk.dll (file missing)
    O2 - BHO: (no name) - {CD3587E8-A9BF-9BF5-FC3C-FB9415888B75} - C:\WINDOWS\SYSTEM\kcxmtxxu.dll (file missing)
    O2 - BHO: (no name) - {D05C95C5-9C26-CF7B-3DA0-67C0E6EB12F2} - C:\WINDOWS\SYSTEM\owtukaoi.dll (file missing)
    O2 - BHO: (no name) - {FFE16712-D816-3D3C-E230-43AC90A960F6} - C:\WINDOWS\SYSTEM\gfmfkzml.dll (file missing)
    O2 - BHO: (no name) - {2C5EF264-3581-2683-7ACD-4951751DCF35} - C:\WINDOWS\SYSTEM\imhqyhdg.dll (file missing)
    O2 - BHO: (no name) - {0E12F6B2-C8C8-5843-1AD5-0EE74E1B63AE} - C:\WINDOWS\SYSTEM\fndpfvcw.dll (file missing)
    O2 - BHO: (no name) - {51BBA9BE-6850-48F7-F2BF-53BA9DE837F3} - C:\WINDOWS\SYSTEM\pdfvvoaf.dll (file missing)
    O2 - BHO: (no name) - {5448C7F6-D8BA-3F29-F5EA-C64F31EA6B3C} - C:\WINDOWS\SYSTEM\cwbyejqh.dll (file missing)
    O2 - BHO: (no name) - {58847141-1A49-88BF-79A4-E0EA756EB29C} - C:\WINDOWS\SYSTEM\ddbtvwei.dll (file missing)
    O2 - BHO: (no name) - {5B02E1C7-45A7-637A-D1CA-1D7C789BE25C} - C:\WINDOWS\SYSTEM\ewmbpnzl.dll (file missing)
    O2 - BHO: (no name) - {FC122FF9-DCAF-A788-6EB5-10EE5EA77F1E} - C:\WINDOWS\SYSTEM\zmqhitsq.dll (file missing)
    O2 - BHO: (no name) - {46957975-82B2-3474-BF76-9DCC79062443} - C:\WINDOWS\SYSTEM\nfllxqmh.dll (file missing)
    O2 - BHO: (no name) - {0779E4A1-D396-BAF1-6A37-CB8DBDBB06C4} - C:\WINDOWS\SYSTEM\qqfqhjfs.dll (file missing)
    O2 - BHO: (no name) - {82165DB0-EEB2-223E-2298-AA46B2CFC27D} - C:\WINDOWS\SYSTEM\raudpnpd.dll (file missing)
    O2 - BHO: (no name) - {C2C19F35-635B-3737-A25B-34087EEEE704} - C:\WINDOWS\SYSTEM\bxtblpkj.dll (file missing)
    O2 - BHO: (no name) - {03C467C2-BF56-7424-A326-D1CCE350D495} - C:\WINDOWS\SYSTEM\epynyomj.dll (file missing)
    O2 - BHO: (no name) - {C1E91A2B-FB0A-0E45-22D4-2184E52F9E77} - C:\WINDOWS\SYSTEM\hddfutlp.dll (file missing)
    O2 - BHO: (no name) - {C12243D2-D8C3-FFC9-4CD2-C583DD445B73} - C:\WINDOWS\SYSTEM\bihvjrat.dll (file missing)
    O2 - BHO: (no name) - {C2D14DE5-A8E6-D12F-CD60-EB8A0FC46D8B} - C:\WINDOWS\SYSTEM\oxlfrkga.dll (file missing)
    O2 - BHO: (no name) - {C1F9C8DC-C015-A8BB-4D59-D8077604A4FF} - C:\WINDOWS\SYSTEM\ucwjaozn.dll (file missing)
    O2 - BHO: (no name) - {03B5B812-F9C9-D82D-7822-1A4A537ACE0E} - C:\WINDOWS\SYSTEM\rhfkklyl.dll (file missing)
    O2 - BHO: (no name) - {02DD3409-12F7-AFB9-F79A-07C6BAB90681} - C:\WINDOWS\SYSTEM\xnqwtory.dll (file missing)
    O2 - BHO: (no name) - {08D81517-E8B5-662E-28E7-FEEAC093E401} - C:\WINDOWS\SYSTEM\yrfehxgf.dll (file missing)
    O2 - BHO: (no name) - {08113EBE-C570-59B2-D2E4-A26AB8A9A17D} - C:\WINDOWS\SYSTEM\sejleevb.dll (file missing)
    O2 - BHO: (no name) - {C7E4FA39-5247-44B9-5221-19A8EB897DF6} - C:\WINDOWS\SYSTEM\ihsnacav.dll (file missing)
    O2 - BHO: (no name) - {C7BC8043-3A19-6D2C-53A8-AB2C84494683} - C:\WINDOWS\SYSTEM\cbhjayzp.dll (file missing)
    O2 - BHO: (no name) - {C7F4A9EA-97D2-DFB0-7DA5-D02BFB5F037F} - C:\WINDOWS\SYSTEM\vglrpeou.dll (file missing)
    O2 - BHO: (no name) - {0821EB6F-0CFB-F3A9-FDE9-D9ECC8FE2706} - C:\WINDOWS\SYSTEM\fdcpkzra.dll (file missing)
    O2 - BHO: (no name) - {CE866315-DF6A-33E4-95A0-1F2CFDA67D38} - C:\WINDOWS\SYSTEM\yyeutabk.dll (file missing)
    O2 - BHO: (no name) - {8E6ACF41-31CC-3A63-40E1-4DEB425C5FB9} - C:\WINDOWS\SYSTEM\bagzlbuv.dll (file missing)
    O2 - BHO: (no name) - {CE1512C5-A5F5-4FDC-C0A5-D6AD0EFC03BF} - C:\WINDOWS\SYSTEM\lgwxhdpb.dll (file missing)
    O2 - BHO: (no name) - {CE4E3B6D-03AF-C061-EAA2-7B2D0691C0BB} - C:\WINDOWS\SYSTEM\elamecef.dll (file missing)
    O2 - BHO: (no name) - {8E22F7E8-8E86-ACE6-EADE-F16B3A711CB5} - C:\WINDOWS\SYSTEM\vokoizjz.dll (file missing)
    O2 - BHO: (no name) - {076F6A47-49A9-815B-149B-0FEC63E0D738} - C:\WINDOWS\SYSTEM\oskzbcvz.dll (file missing)
    O2 - BHO: (no name) - {C653D573-1B8C-0859-BE5C-3DAD2716B9BA} - C:\WINDOWS\SYSTEM\rdmftdnk.dll (file missing)
    O2 - BHO: (no name) - {0737419F-6CEE-8ED6-699E-6BEE6BCB1B3C} - C:\WINDOWS\SYSTEM\ufgsewgv.dll (file missing)
    O2 - BHO: (no name) - {C68BFE1B-F747-79DC-695A-E02D1F2B7737} - C:\WINDOWS\SYSTEM\liquiccg.dll (file missing)
    O2 - BHO: (no name) - {6ECE738A-6CF2-371B-F642-15C98AA7EE47} - (no file)
    O2 - BHO: (no name) - {D314E7E5-122B-183A-260A-C6F04430E4AD} - (no file)
    O2 - BHO: (no name) - {61322D38-FE8E-A76A-8EE5-ADDD282C6AB9} - (no file)
    O2 - BHO: (no name) - {7BEB39DC-5956-C54B-5F1E-FBB56EA37453} - (no file)
    O2 - BHO: (no name) - {04F1E85D-E31D-E44C-D1FD-BEF1DBAAA0BA} - C:\WINDOWS\SYSTEM\klvkbijh.dll (file missing)
    O2 - BHO: (no name) - {8EFF6A85-2C7F-D531-4F29-EC2742DDA58F} - C:\WINDOWS\SYSTEM\yzleubvk.dll (file missing)
    O2 - BHO: (no name) - {198D6A2D-F460-4697-CCD5-9A5CA8112BE4} - C:\WINDOWS\SYSTEM\mfkhfchu.dll (file missing)
    O2 - BHO: (no name) - {7963E8B4-9BBB-74E5-5352-11BC74779B65} - C:\WINDOWS\SYSTEM\wxfqipxx.dll (file missing)
    O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
    O2 - BHO: (no name) - {B6598677-4B54-42A9-BA67-8B64E3FCD92D} - (no file)
    O16 - DPF: {99410CDE-6F16-42CE-9D49-3807F78F0287} -

    Fix those entries then reboot and post a new log.
  • SkyWriter
    edited November 2004
    Hi SpywareShooter,

    You wrote: "Ahhh! All of the no names/no files are hurting my eyes" and then instructed "Fix those entries then reboot and post a new log."

    I could only assume that by "Fix those" you meant for me to delete them and that's what I did. Those that were listed as "File Missing" disappeared, but each time I reboot, about 50 of those BHOs return. This happens whether or not I delete the entries manually or use Hijack This to "Fix checked" and whether they're deleted in Normal or Safe modes.

    When I delete them, I can run Ad-Aware and there is no sign of either EzSearchbar or the Ibis Toolbar. However, each time I reboot the BHOs return and the spyware shows in Ad-Aware again.

    Here's a copy of the log prior to reboot without the BHOs... and all you need do is add back about 50 of the BHOs and you'll have what the log looks like after reboot. I can't make them stay away permanently. Any suggestions?


    Logfile of HijackThis v1.98.2
    Scan saved at 1:53:53 PM, on 11/6/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\TEMP\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BIGGG Timberrr says "Here's WINKING at you Baby!"
    R3 - Default URLSearchHook is missing
    F1 - win.ini: run=hpfsched
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
    O4 - HKLM\..\Run: [AtiKey] Atitask.exe
    O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
    O4 - HKLM\..\Run: [Easykey] C:\Program Files\Easy Keyboard\Easykey.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
    O4 - HKLM\..\Run: [D-Link Air Utility] c:\Program Files\D-Link\Air Utility\AirCFG.exe
    O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
    O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Startup: PowerReg Scheduler.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: ppctlcab -
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://firstmagnus.webex.com/client/latest/webex/ieatgpc.cab
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
    O16 - DPF: {99410CDE-6F16-42CE-9D49-3807F78F0287} -
Sign In or Register to comment.