1. What is Trojan.Zlob?
It is closely connected to rogue anti-spyware software (Antivirgear, Virusray, Virusprotectpro) as it is displaying fake "your computer is infected" security alerts and warnings similar to original Microsoft Windows alerts. Clicking on fake alert, corrupt anti-spyware application may be downloaded and installed or user can be directed to rogue software website persuading him to buy licensed version. Software downloads and installations are performed without user consent or agreement. Trojan.Zlob can infect the system under cover of video codecs which are required in order to watch movies (usually adult oriented).
2. How to remove Trojan.Zlob:
- Internet connection might be disabled or Internet browser might be blocked by Trojan.Zlob, so it won't be possible to download any files to infected computer. In this case please download all files required for Trojan.Zlob removal to another computer and then transfer them on the infected one using CD/DVD or USB flash drive.
- To remove Trojan.Zlob download Spyware Doctor and install the program (for the installation guide click here). Before installation, make sure all other programs and windows are closed.
-
After the installation, computer scan should be started automatically. If so, please move to the next step. If not, click "Status" on the left side menu and press "Scan Now" button to run computer scanner as shown in the picture below:
-
After the scan has been completed and scan results have been generated, press "Fix Checked" button to remove Trojan.Zlob.
- Restart the computer to complete Trojan.Zlob removal procedure.
3. Trojan.Zlob files:
__bho_dll__.dll, advrepdow.dll, advrepgds.dll, advrepgpd.dll, advrepkon.dll, advrepnok.dll, advreprwd.dll, advrepvto.dll, afxp.dll, blopenvtok.dll, bndsrdkq.dll, bndsrfst.dll, bndsrgxt.dll, bndsrkfq.dll, bndsrkwm.dll, bndsrmnf.dll, bndsronw.dll, bndsrpfn.dll, bndsrsqo.dll, bndsrsvk.dll, bndsrtvd.dll, bndsrvnl.dll, bndsrvqt.dll, bndsrvqw.dll, bndsrwgo.dll, bndsrwlq.dll, ddesupport.dll, div32.dll, dntpkwodpx.dll, duocore.dll, flx*.dll (* - random digit), hp****.tmp (* - random char or digit), hp100.tmp, htunistock.dll, ictmdl.dll, ieffse32.dll, iesbpl.dll, iesplg.dll, iesplugin.dll, iesup.dll, ietools.dll, ievpnctrl.dll, ipwypkmg.dll, ipwypktx.dll, ipwyprkg.dll, ipwyptfg.dll, ipwypwpk.dll, isfmdl.dll, ixt*.dll (* - random digit), movctrlflm.dll, movctrlfqd.dll, movctrlknq.dll, movctrlnkd.dll, movctrlqtn.dll, movctrlswd.dll, movctrlwxq.dll, mscore.dll, msdn.dll, mxduo.dll, nsduo.dll, nssfrch.dll, ntspkfnd.dll, ntspkfxt.dll, ntspklqs.dll, ntspkmxl.dll, ntspknlg.dll, ntspksgp.dll, oprevfqv.dll, oprevgkx.dll, oprevmqp.dll, oprevnpx.dll, oprevpfm.dll, oprevtdp.dll, oprevxlw.dll, optnet.dll, popnetdpt.dll, popnetgdv.dll, popnetgqt.dll, popnetkqw.dll, popnetksd.dll, popnetmtq.dll, popnetnfv.dll, popnetnlf.dll, popnetnmo.dll, popnetnpr.dll, popnetxog.dll, pssmart.dll, pssms.dll, qnxplugin.dll, SafetyBar.dll, sconf32.dll, Security Toolbar.dll, soundplugin.dll, splug.dll, tlhelper.dll, ttvbonfvm.dll, ttvbonpwx.dll, ttvbonsmf.dll, ttvbontvm.dll, ttvbonvgl.dll, tunistock.dll, vipextgpk.dll, vipextmdx.dll, vipextmnq.dll, vipextmst.dll, vipextndl.dll, vipextnog.dll, vipextoxn.dll, vipextpnk.dll, vipextqtr.dll, vpsnetwork.dll, werbetdqw.dll, werbetknp.dll, werbetpwg.dll, wnsp.dll, wowsupport.dll, wscmp.dll4. Hijackthis entries:
O2 Entries: |
O2 - BHO: MSVPS System - {CF368FC4-3241-409B-B1D6-0EA4FE33A555} - C:\WINDOWS\advrepdow.dll |
O2 - BHO: MSVPS System - {FC91E698-C4BA-4564-9B85-659E38FCE154} - C:\WINDOWS\advrepgds.dll |
O2 - BHO: MSVPS System - {93205C3F-1221-43F4-847F-007C6A4CE9A5} - C:\WINDOWS\advrepgpd.dll |
O2 - BHO: MSVPS System - {6BE306E6-555D-41B1-98FF-6453622F4F4B} - C:\WINDOWS\advrepkon.dll |
O2 - BHO: MSVPS System - {CFF8726A-9262-441C-8163-C6371E9EDE47} - C:\WINDOWS\advrepnok.dll |
O2 - BHO: MSVPS System - {7A22D62B-562F-4D55-8B1E-3AAA6C2BA688} - C:\WINDOWS\advreprwd.dll |
O2 - BHO: MSVPS System - {E6E59F48-7BF8-4BEE-B906-273526C25DA4} - C:\WINDOWS\advrepvto.dll |
O2 - BHO: MSVPS System - {ECBD04D1-1133-4480-8A8C-BC9FDD54D6C1} - C:\WINDOWS\afxp.dll |
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsrdkq.dll |
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\Windows\bndsrgxt.dll |
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsrkwm.dll |
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsronw.dll |
O2 - BHO: MSVPS System - {C4F4DBBD-4A4C-4B40-97DA-2FE06DBB2901} - C:\WINDOWS\bndsrsqo.dll |
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsrtvd.dll |
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsrvnl.dll |
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsrvqt.dll |
O2 - BHO: MSVPS System - {3ADCBC16-19FA-4C59-9C22-E17C71B5FD7A} - C:\WINDOWS\bndsrwlq.dll |
O2 - BHO: MSVPS System - {15272B08-F6FE-4E71-B2BD-A59AD23EBE3C} - C:\WINNT\bndsrfst.dll |
O2 - BHO: MSVPS System - {15272B08-F6FE-4E71-B2BD-A59AD23EBE3C} - C:\WINDOWS\bndsrkfq.dll |
O2 - BHO: MSVPS System - {15272B08-F6FE-4E71-B2BD-A59AD23EBE3C} - C:\WINDOWS\bndsrmnf.dll |
O2 - BHO: MSVPS System - {15272B08-F6FE-4E71-B2BD-A59AD23EBE3C} - C:\WINDOWS\bndsrpfn.dll |
O2 - BHO: MSVPS System - {C4F4DBBD-4A4C-4B40-97DA-2FE06DBB2901} - C:\WINDOWS\bndsrsqo.dll |
O2 - BHO: MSVPS System - {C4F4DBBD-4A4C-4B40-97DA-2FE06DBB2901} - C:\WINNT\bndsrwgo.dll |
O2 - BHO: MSVPS System - {05F79890-CFA6-4D53-87BC-2F390DA6645E} - C:\WINDOWS\bndsrsvk.dll |
O2 - BHO: MSVPS System - {05F79890-CFA6-4D53-87BC-2F390DA6645E} - C:\WINDOWS\bndsrvqw.dll |
O2 - BHO: MSVPS System - {100B21CD-3B97-44FB-B1C0-EA6249E482E8} - C:\WINDOWS\ddesupport.dll * |
* can also be found under these CLSIDs: |
{8E6CFDFE-79A8-421C-B854-04081690CE6B} |
{49CF52D7-8D58-4E22-A874-AAD721F5B523} |
{A5CBE954-5DEA-4073-A404-382B3F3AD6FA} |
O2 - BHO: MSVPS System - {E4BAF378-7320-4A48-91DD-D9CCDDF6458E} - C:\WINDOWS\__bho_dll__.dll * |
* can also be found under these CLSIDs: |
{E4BAF378-7320-4A48-91DD-D9CCDDF6458E} |
O2 - BHO: MSVPS System - {428FA4A4-C8EC-427C-85DE-11C80F67893A} - D:\WINDOWS\div32.dll * |
* can also be found under these CLSIDs: |
{0D5227BF-0C5B-4EA8-833C-FE09F1496F39} |
{ECBD04D1-1133-4480-8A8C-BC9FDD54D6C1} |
O2 - BHO: MSVPS System - {7AF59C20-A1D8-4C1C-927A-99DD9F2A9E0B} - C:\WINDOWS\duocore.dll * |
* can also be found under these CLSIDs: |
{47C54F02-1B28-45F1-AE46-B5CDFB6E7926} |
{283A0EE3-2CC1-45AB-8207-B1D7B69C7F83} |
{208D7BCC-9857-4C9E-823B-D04E72490A67} |
O2 - BHO: MSVPS System - {2724E072-19D0-486d-A819-9D914191AE92} - C:\WINDOWS\ietools.dll |
O2 - BHO: MSVPS System - {7E1C6E3E-FD4E-42C8-B60B-5EC7D23728D2} - C:\WINDOWS\ipwypkmg.dll |
O2 - BHO: MSVPS System - {9F2EA14C-CC8D-4EC6-B8F9-90760A3DAF9E} - C:\WINDOWS\ipwypktx.dll |
O2 - BHO: MSVPS System - {3C33240D-D292-4E3C-BB5C-3EC6541B0480} - C:\WINDOWS\ipwyptfg.dll |
O2 - BHO: MSVPS System - {1BD6031F-BD9B-4DDF-A164-1D3A6701F374} - C:\WINDOWS\ipwypwpk.dll |
O2 - BHO: MSVPS System - {AC546B33-036A-41DA-B1CC-C1D15659520E} - C:\WINDOWS\movctrlflm.dll |
O2 - BHO: MSVPS System - {AC546B33-036A-41DA-B1CC-C1D15659520E} - C:\WINDOWS\movctrlknq.dll |
O2 - BHO: MSVPS System - {6EB10F79-5E53-4F76-B146-409EFCDCB957} - C:\WINDOWS\movctrlfqd.dll |
O2 - BHO: MSVPS System - {077F45D5-5CC9-4FC8-A7BB-9D79836A6066} - C:\WINDOWS\movctrlnkd.dll |
O2 - BHO: MSVPS System - {24038BE3-4EF2-41E2-A603-4CE3BDD9E874} - C:\WINDOWS\movctrlqtn.dll |
O2 - BHO: MSVPS System - {64DE95E5-0A25-4DD9-A472-97BC1D419101} - C:\WINDOWS\movctrlswd.dll |
O2 - BHO: MSVPS System - {90CF5384-7C70-4CD6-A30D-B2F14537B5C3} - C:\WINDOWS\movctrlwxq.dll |
O2 - BHO: MSVPS System - {428FA4A4-C8EC-427C-85DE-11C80F67893A} - C:\WINDOWS\mscore.dll * |
* can also be found under these CLSIDs: |
{31CBB13B-244D-4C44-AED5-DCAD70F66281} |
O2 - BHO: MSVPS System - {D76F06D4-1659-482d-BCB2-3F731BFE0941} - C:\WINDOWS\msdn.dll * |
* can also be found under these CLSIDs: |
{BC305684-8946-4d65-AB1D-10AE276D87ED} |
O2 - BHO: MSDNS System - {27A7FB75-FB40-4f94-BCF6-4945BCC8BAAF} - C:\WINDOWS\tlhelper.dll |
O2 - BHO: MSVPS System - {F4CF814F-970F-405D-A42C-0CE06EB97373} - C:\WINDOWS\mxduo.dll * |
* can also be found under these CLSIDs: |
{208D7BCC-9857-4C9E-823B-D04E72490A67} |
O2 - BHO: MSVPS System - {695A94FD-15D0-4ED7-8F40-D2B3BDC42C15} - C:\WINDOWS\nsduo.dll |
* can also be found under these CLSIDs: |
{3CB70CC2-303F-4A6C-824D-013AE8CFDB6B} |
{ACD85107-9CF9-4C9E-B0B7-39940A0017C0} |
{60D3EC53-56A8-46A8-9D01-1AB64410665C} |
{31CBB13B-244D-4C44-AED5-DCAD70F66281} |
{88418AA3-16F5-4FC2-A9D8-90B1266DF841} |
O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - C:\WINDOWS\wnsp.dll |
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspkfnd.dll |
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspkfxt.dll |
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspklqs.dll |
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspkmxl.dll |
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspknlg.dll |
O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspksgp.dll |
O2 - BHO: MSVPS System - {D5375315-6567-4DCA-8344-C78AA4B89C11} - C:\Windows\oprevfqv.dll |
O2 - BHO: MSVPS System - {1658DABA-FC4C-46C6-BC48-246CFEA0C436} - C:\WINDOWS\oprevgkx.dll |
O2 - BHO: HTGTUP System - {6C7A1C43-D86E-49D4-A66E-8EF0DCFCBB71} - C:\WINDOWS\oprevmqp.dll |
O2 - BHO: MSVPS System - {6C7A1C43-D86E-49D4-A66E-8EF0DCFCBB71} - C:\WINDOWS\oprevmqp.dll * |
* can also be found under these CLSIDs: |
{27A5292F-0C87-4E81-A34E-3131DBFCE994} |
O2 - BHO: MSVPS System - {27A5292F-0C87-4E81-A34E-3131DBFCE994} - C:\WINDOWS\oprevxlw.dll |
O2 - BHO: MSVPS System - {F675EED8-4A4B-4A11-801B-08297749B83D} - C:\WINDOWS\oprevnpx.dll |
O2 - BHO: MSVPS System - {3CE12841-9438-48A0-9DA9-D3D2D3D562CC} - C:\WINDOWS\oprevpfm.dll |
O2 - BHO: MSVPS System - {2D42D689-4B94-4734-92C2-606FC5F4C15D} - C:\WINDOWS\oprevtdp.dll |
O2 - BHO: MSVPS System - {9C985AC6-A138-4EAB-B10A-DC522F755146} - C:\WINDOWS\popnetdpt.dll |
O2 - BHO: MSVPS System - {B35BBAFB-6C86-4EC4-919C-C3FFF30A6CA2} - C:\WINDOWS\popnetgdv.dll |
O2 - BHO: MSVPS System - {C6C7C348-C2F9-4465-9B41-121C467CC4E5} - C:\WINDOWS\popnetgqt.dll |
O2 - BHO: MSVPS System - {A4D00A75-F69A-49FD-9058-AB925712CCFF} - C:\WINDOWS\popnetkqw.dll |
O2 - BHO: MSVPS System - {ACB1497A-9869-44DE-8EBF-7CA6FAC1C2A5} - C:\WINDOWS\popnetksd.dll |
O2 - BHO: MSVPS System - {6A78E352-B1FA-4C18-9C48-96DD03979770} - C:\WINDOWS\popnetmtq.dll |
O2 - BHO: MSVPS System - {48F763FA-3001-4C76-90E5-61FD87440AC8} - C:\WINDOWS\popnetnfv.dll |
O2 - BHO: MSVPS System - {AEAAD087-D66D-4FA3-A366-8F47C32E9E5F} - C:\WINDOWS\popnetnlf.dll |
O2 - BHO: MSVPS System - {05D77B1C-2E50-4C37-B094-3D5695D688F8} - C:\WINDOWS\popnetnmo.dll |
O2 - BHO: MSVPS System - {31E3F653-ED88-4355-B83E-FB263CD355E3} - I:\WINDOWS\popnetnpr.dll |
O2 - BHO: MSVPS System - {D3A3BB03-15BF-4C5B-A01A-4F376C62CBF3} - C:\WINDOWS\popnetxog.dll |
O2 - BHO: MSVPS System - {23649336-4FC4-411C-84EE-6A2B51CE5E23} - C:\WINDOWS\pssmart.dll |
O2 - BHO: MSVPS System - {23649336-4FC4-411C-84EE-6A2B51CE5E23} - C:\WINDOWS\iesup.dll * |
* can also be found under these CLSIDs: |
{16789285-C094-4aa6-88B9-2BB9DC13A485} |
O2 - BHO: MSVPS System - {16789285-C094-4aa6-88B9-2BB9DC13A485} - C:\WINDOWS\pssms.dll |
O2 - BHO: MSVPS System - {16789285-C094-4aa6-88B9-2BB9DC13A485} - C:\WINDOWS\ievpnctrl.dll |
O2 - BHO: MSVPS System - {4118A625-1B64-4ED1-A2E9-76DEC529D2D2} - C:\WINDOWS\qnxplugin.dll * |
* can also be found under these CLSIDs: |
{D3936AE2-494C-4D80-A4A3-702B63C30104} |
{335C00B1-DB93-4EEA-8A75-C9EA3B67E895} |
{6F4DB301-0698-4AF4-A8A2-473996DF425A} |
{C87D64B5-DF92-4703-90CB-B465B6982941} |
O2 - BHO: MSVPS System - {2C014816-5BD4-4166-85EA-62FE05E517C3} - C:\WINDOWS\sconf32.dll * |
* can also be found under these CLSIDs: |
{AF12CF13-DC3B-461C-B5CE-894806C15303} |
O2 - BHO: MSVPS System - {409A84F7-AF3F-4474-8A8A-0F8A1229AFE4} - C:\WINDOWS\soundplugin.dll * |
* can also be found under these CLSIDs: |
{85E659D3-E110-4CE7-9D99-416FD61A1720} |
O2 - BHO: MSVPS System - {218B7D50-BC37-4FA8-A57F-6E8DE692BD79} - C:\WINDOWS\vpsnetwork.dll * |
* can also be found under these CLSIDs: |
{A1770FD6-A7CB-44DA-AD2C-692D2A2B521B} |
{E4BAF378-7320-4A48-91DD-D9CCDDF6458E} |
O2 - BHO: MSVPS System - {A477EBE4-ABE9-4A9D-B1B4-0EB1D0D025CE} - C:\WINDOWS\werbetdqw.dll |
O2 - BHO: MSVPS System - {7EB8B2AC-28EE-45F1-9834-418FC9D72DDF} - C:\Windows\werbetpwg.dll |
O2 - BHO: MSVPS System - {2724E072-19D0-486d-A819-9D914191AE92} - C:\WINDOWS\wowsupport.dll |
O2 - BHO: MSVPS System - {5EF40AC5-1BBE-4436-A9E3-F129C0D605D8} - C:\WINDOWS\vipextoxn.dll |
O2 - BHO: MSVPS System - {3C778520-106E-438B-9417-3D86B7108978} - C:\WINDOWS\ipwyprkg.dll |
O2 - BHO: MSVPS System - {6162F78D-ACF0-424F-BDF2-F73484EE91EC} - C:\WINDOWS\werbetknp.dll |
O2 - BHO: MSVPS System - {00A00BA9-9D58-4B56-8FC6-C280650A8BD7} - C:\WINDOWS\vipextpnk.dll |
O2 - BHO: OFK System - {014F04C1-4440-4901-9A39-D08B116C1BA0} - C:\WINDOWS\vipextgpk.dll |
O2 - BHO: OFK System - {CD592DBF-7138-4805-A93B-B9491B6E53FC} - C:\WINDOWS\vipextmdx.dll |
O2 - BHO: OFK System - {2B159383-78BB-4D21-A799-95AABC81ACED} - C:\WINDOWS\vipextmst.dll |
O2 - BHO: OFK System - {B46BB2AD-089A-43B6-988F-C92C7C9AA206} - C:\WINDOWS\vipextndl.dll |
O2 - BHO: OFK System - {C5994F58-9261-4D5A-B80F-2708472E774E} - C:\WINDOWS\vipextnog.dll |
O2 - BHO: OFK System - {D1BA579A-D4E3-4B66-9FDC-0CD11600729F} - C:\WINDOWS\vipextqtr.dll |
O2 - BHO: OFK System - {FDCD4D78-718F-4943-A6FB-478DD1AD406B} - C:\WINDOWS\vipextmnq.dll |
O2 - BHO: OFK System - {F08487B1-AFEC-45CF-B2E9-D05DEE137D22} - C:\WINDOWS\blopenvtok.dll |
O2 - BHO: (no name) - {7fcf04b6-6354-47ef-b45e-a48268e92757} - C:\WINDOWS\system32\ixt*.dll (* - random digit) * |
* can also be found under these CLSIDs: |
{873EB32D-AE1A-4183-89BD-45A77F761BE4} |
{A43385F0-7113-496D-96D7-B9B550E3FCCA} |
{C3703265-4671-4858-92A4-CBA6A7B3BB45} |
{39F25B12-74FF-4079-A51F-1D70F5B08B84} |
{755BBD1A-AA59-456C-AFEB-B4C42C4DCB6F} |
{67270207-B9EE-4D26-9270-860FDB060CA1} |
{18668683-731C-48FA-B1B9-AD013748FB00} |
{F4D74AAA-A178-4463-846B-B4BC87A024E0} |
O2 - BHO: (no name) - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp |
* can also be found under these CLSIDs: |
{6AB7158B-4BFF-4160-AD7D-4D622DF548CF} |
{686A161D-5BD1-4999-8832-6393F41E564C} |
{F7D40011-29BB-43EB-9C97-875CE89E9E36} |
O2 - BHO: (no name) - {7A8F5B7A-A74F-495E-8A33-DF6226D2BAD8} - C:\Program Files\Video ActiveX Access\iesplg.dll * |
* can also be found under these CLSIDs: |
{B8C5186E-EC37-4889-9C2E-F73649FFB7BB} |
{CDE8EAB9-CEF3-4885-B12F-26960A25C800} |
{36ADA89D-2440-4DC4-820A-3A05E8630935} |
{184746EC-9E9D-4C7D-B9E7-9039EBD801A9} |
{E26CEADA-67B0-4543-BE8B-307F00265118} |
{D61D7E1A-6613-49CA-B6F9-51DB248E209D} |
{34E6F97C-34E0-4CE5-B92B-F83634BEDC01} |
{5DDE5591-A8AB-4897-93EF-1E4E943F85A7} |
{1C3C4699-B285-475F-BE47-0B26088CE876} |
O2 - BHO: (no name) - {D579A683-0CC7-4023-BAE7-0544D0D1DA3A} - C:\Program Files\Online Video Add-on\isfmdl.dll * |
* can also be found under these CLSIDs: |
{CFE15135-C591-4000-A55E-A50E5F9F82BC} |
{B499D34E-58EF-4927-AB9F-7AF52B2C4C82} |
{43BF8E0C-886D-4103-8DDB-2DFE0E8A0168} |
{D1BD315B-8706-4C47-B443-A0784865CD04} |
{23B760D6-C98B-450B-9B32-26C7775CDF83} |
{F44D8E66-7BB6-49BD-A924-5E0368C00FD1} |
{E8249E69-A809-4544-832F-64EB65747A92} |
O2 - BHO: HomepageBHO - {724510c3-f3c8-4fb7-879a-d99f29008a2f} - C:\WINDOWS\system32\hp****.tmp (* - random char or digit) * |
* can also be found under these CLSIDs: |
{1CA480CD-C0E5-4548-874E-B85B17905B3A} |
{27150F81-0877-42E9-AF13-55E5A3439A26} |
{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} |
O2 - BHO: ieffse32.msdn_hlp - {C1C6426B-FB16-4123-ACBE-74D94FB0E663} - C:\WINDOWS\system32\ieffse32.dll |
O2 - BHO: Nothing - {7a932ed2-1737-4ab8-b84d-c71779958551} - C:\WINDOWS\System32\hp****.tmp (* - random char or digit) * |
* can also be found under these CLSIDs: |
{8D83B16E-0DE1-452B-AC52-96EC0B34AA4B} |
{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E} |
{B0398ECA-0BCD-4645-8261-5E9DC70248D0} |
{F79FD28E-36EE-4989-AA61-9DD8E30A82FA} |
O2 - BHO: (no name) - {7EE94915-EBF1-4bb6-AA0E-84292442543C} - C:\WINDOWS\System32\flx*.dll (* - random digit) |
O2 - BHO: BDEX System - {202EBB90-ABD4-46CC-BB5A-4F0ECC67B331} - C:\Windows\ttvbonvgl.dll |
O2 - BHO: BDEX System - {62EA9201-8CC7-4199-AC30-7744F836322E} - C:\WINDOWS\ttvbontvm.dll |
O2 - BHO: BDEX System - {0B241FD4-1EA1-4238-B505-07A484C49D1A} - C:\WINDOWS\ttvbonsmf.dll |
O2 - BHO: BDEX System - {821386B0-9AB4-484F-B543-D3AA1A1A5589} - C:\WINDOWS\ttvbonpwx.dll |
O2 - BHO: BDEX System - {7875DBFF-6B8A-4B74-B8A2-E2DBF657CA03} - C:\WINDOWS\ttvbonfvm.dll |
O2 - BHO: SXG Advisor - {EF39E67B-8383-4A49-AAC6-29349FA7F623} - C:\WINDOWS\dntpkwodpx.dll |
O2 Entries: |
O3 - Toolbar: The htunistock - {C58A4487-4C2E-45E4-9E3A-52B3A23CC396} - C:\WINDOWS\htunistock.dll |
O3 - Toolbar: The htunistock - {C58A4487-4C2E-45E4-9E3A-52B3A23CC396} - C:\WINDOWS\tunistock.dll |
O3 - Toolbar: &WinSec Toolbar - {3F5A62E2-51F2-11D3-A075-CC7364CAE42A} - C:\WINDOWS\system32\wscmp.dll |
O3 - Toolbar: IE Custom Tools - {41F6170D-6AF8-4188-8D92-9DDAB3C71A78} - C:\Program Files\Online Video Add-on\ictmdl.dll * |
* can also be found under these CLSIDs: |
{23ED2206-856D-461A-BBCF-1C2466AC5AE3} |
{062F3F8B-CB94-4D76-A98A-EF800A438F01} |
{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16} |
{70CC76D5-A4EE-4F25-9931-B109A63E298E} |
{EFAF6EA3-615D-4F83-8748-2F7A576FCEA6} |
O3 - Toolbar: Protection Bar - {d1ac752e-883f-4ed8-8828-b618c3a72152} - C:\Program Files\IntCodec\iesplugin.dll * |
* can also be found under these CLSIDs: |
{A2595F37-48D0-46A1-9B51-478591A97764} |
{860C2F6B-CA82-4282-9187-BECCBB66F0AF} |
{FE2D25C1-C1DB-4B5E-9390-AF1CB5302F32} |
{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5} |
{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} |
{44D22A64-2399-4EDF-8B32-F2C729C1E8A7} |
{8AED5DF3-6E0B-4930-B1A5-F8AA8D757497} |
{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F} |
{74A49269-9779-48B4-A0E6-3A5AF2A3ADE6} |
{96EBBE6A-2864-4345-B32B-26EE9BE524B5} |
{5D4831E0-5A7C-4A46-AFD5-A79AB8CE36C2} |
{84938242-5C5B-4A55-B6B9-A1507543B418} |
{BF1CED2C-4B3F-4079-A330-864EDA5A4CFF} |
O3 - Toolbar: Protection Bar - {F0993251-2512-4710-AF6E-0A13EA199D02} - C:\Program Files\Protection Tools\splug.dll |
O3 - Toolbar: Protection Bar - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - C:\Program Files\Video ActiveX Access\iesbpl.dll * |
* can also be found under these CLSIDs: |
{DF4E7A0C-E233-4906-B4C1-A404356541FF} |
{29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} |
{CC18AE76-7E65-4258-A193-9EA0C52DA6B8} |
{F06E2ABE-3A50-4079-BE25-FC100D9EAA25} |
O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - C:\Program Files\Safety Bar\SafetyBar.dll * |
* can also be found under these CLSIDs: |
{FBEA0445-4C4A-4136-864A-C72A4A182A84} |
{18668683-731C-48FA-B1B9-AD013748FB00} |
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll |
O3 - Toolbar: The nssfrch - {2106BEDE-F5E8-4DE8-A081-A7E5EAD1529B} - C:\WINDOWS\nssfrch.dll * |
* can also be found under these CLSIDs: |
{DF0ACE0C-4A3F-4A1F-8676-BA16DEB23C70} |
{7D61C1B5-86AF-439F-9ACF-D19FDB5F55CC} |
{AC9BBDB2-8FCD-49C8-96F7-CC3CF7B453CD} |
{1699137C-B90E-4488-97BC-575C896C2B5C} |
{61AB8A39-FCCB-47CC-BAF3-750D1834E773} |
O3 - Toolbar: The optnet - {B02534D7-8D91-49BE-A864-97DFB8E0BAB4} - C:\WINDOWS\optnet.dll |
O3 - Toolbar: The htunistock - {B02534D7-8D91-49BE-A864-97DFB8E0BAB4} - C:\WINDOWS\optnet.dll |