linklist.cc hijack

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

inbigtrouble

Thread Starter
Joined
Apr 9, 2004
Messages
42
Here is the hjt log. can you see whether linklist.cc is present or not? As far as I know the malware file is resk.dll for linklist.cc for my computer. with the help of the pv readme.bat I was able to identify the file but I cannot delete it with killbox

I appreciate the help.

Logfile of HijackThis v1.97.7
Scan saved at 17:06:35, on 13.04.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Toshiba\Toshiba Applet\tpwrsave.exe
C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\[email protected]\[email protected]
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\BAHAR\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [TPWRSAVE] C:\Program Files\Toshiba\Toshiba Applet\tpwrsave.exe -S
O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DpUtil] C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [seticlient] C:\Program Files\[email protected]\[email protected] -min
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Multi Reminders.lnk = C:\Program Files\Multi Reminders\reminder.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38016.298599537
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF84AA48-8F1B-4711-A434-B4AD556534D8}: NameServer = 212.156.4.1,212.156.4.20
 
Joined
Oct 9, 2001
Messages
9,396
Edit: This is one that i am not familiar with...........but these are instructions from shaddowwar and he is the guy who put this fix together.

This thing actively hides from windows so deleteing that way is useless. here is the only way that works.

Please download TheKillbox from here: http://download.broadbandmedic.com/VbStuff/KillBox.zip

Unzip the files to a folder, then double-click on Killbox.exe to run it. In the "Paste Full Path of File to Delete" box, copy and paste the following:

c:\windows\system32\resk.dll

Don't click any of the buttons though, instead please click on the Action menu and choose "Delete on Reboot". On the next screen, click on the File menu and choose "Add File". The c:\windows\system32\resk.dll listing should show up in the window. If that's successful, choose the Action menu and select "Process and Reboot". You'll be prompted to reboot, do so.

When you're back in windows, check to see if there's any change in the search problem and report back.
 

inbigtrouble

Thread Starter
Joined
Apr 9, 2004
Messages
42
good morning. I am very happy to report that I am not hijacked to about:blank this morning. I guess we got rid of that. the linklist.cc remains to be seen as it does not hijack to that page all the time but seems to do it when there is something wrong with the page that I am trying to view. Thanks steve.
 
Joined
Oct 9, 2001
Messages
9,396
Ive just arrived.........let me take a look around the web and see how we are doing.

Dont you dare give up!!
;)
 

inbigtrouble

Thread Starter
Joined
Apr 9, 2004
Messages
42
are the cwshredder people aware of this recurring variant? Is it really this tough to crack this time? good luck to you guys. In the meantime do you have other ideas for the guinea pig? We might as well try those while we wait for the real fix.
 

inbigtrouble

Thread Starter
Joined
Apr 9, 2004
Messages
42
hello

here is the hijack this log. it looks clean to me. but as sure as a lot of other things in life, this about:blank hijack will pop up in a few hours for sure.

Hope you see something in there.

by the way is it normal that I have two svchost.exe's running?

Logfile of HijackThis v1.97.7
Scan saved at 15:37:11, on 19.04.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Downloads\SetiStats\SetiStats.exe
C:\Program Files\Toshiba\Toshiba Applet\tpwrsave.exe
C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\[email protected]\[email protected]
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\3M\PSNLite\PsnLite.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\PROGRA~1\3M\PSNLite\PSNGive.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ICQ\Icq.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Documents and Settings\BAHAR\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [TPWRSAVE] C:\Program Files\Toshiba\Toshiba Applet\tpwrsave.exe -S
O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DpUtil] C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\spguard\spguard.exe /s /r
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [seticlient] C:\Program Files\[email protected]\[email protected] -min
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Multi Reminders.lnk = C:\Program Files\Multi Reminders\reminder.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38016.298599537
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF84AA48-8F1B-4711-A434-B4AD556534D8}: NameServer = 212.156.4.1,212.156.4.20
 

inbigtrouble

Thread Starter
Joined
Apr 9, 2004
Messages
42
hey there steve..just dropped by to let you know that linklist.cc is still intact as well. I have permanent linklist.cc and about:blank... yippeeeee
 
Joined
Jul 26, 2002
Messages
46,349
Let's try this:

Download this zip.

http://www.zero.vulc4n.com/downloads/pv.zip

unzip it to the desktop.

Be sure to have at least 1 internet explorer window open.

Double click on the runme.bat

This will open a command window. In the command window enter the digit 1 by hitting the 1 key on your keyboard and then hit the Enter key.

Notepad will open with a log in it. Please copy and paste the log into this thread.
 

inbigtrouble

Thread Starter
Joined
Apr 9, 2004
Messages
42
I did this this morning and cleaned out resk.dll which seemed to be the problem. everything is serene for the moment including the linklist.cc

Thanks for your help and please elt me know if there are other things that need to be cleaned out

Module information for 'IEXPLORE.EXE'
MODULE BASE SIZE PATH
IEXPLORE.EXE 400000 102400 C:\Program Files\Internet Explorer\IEXPLORE.EXE
ntdll.dll 77f50000 684032 C:\WINDOWS\System32\ntdll.dll
kernel32.dll 77e60000 942080 C:\WINDOWS\system32\kernel32.dll
msvcrt.dll 77c10000 339968 C:\WINDOWS\system32\msvcrt.dll
USER32.dll 77d40000 573440 C:\WINDOWS\system32\USER32.dll
GDI32.dll 7e090000 266240 C:\WINDOWS\system32\GDI32.dll
ADVAPI32.dll 77dd0000 577536 C:\WINDOWS\system32\ADVAPI32.dll
RPCRT4.dll 78000000 552960 C:\WINDOWS\system32\RPCRT4.dll
SHLWAPI.dll 70a70000 413696 C:\WINDOWS\system32\SHLWAPI.dll
SHDOCVW.dll 71700000 1347584 C:\WINDOWS\System32\SHDOCVW.dll
IMM32.DLL 76390000 114688 C:\WINDOWS\System32\IMM32.DLL
LPK.DLL 629c0000 32768 C:\WINDOWS\System32\LPK.DLL
USP10.dll 72fa0000 368640 C:\WINDOWS\System32\USP10.dll
comctl32.dll 71950000 933888 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
SHELL32.dll 773d0000 8331264 C:\WINDOWS\system32\SHELL32.dll
comctl32.dll 77340000 569344 C:\WINDOWS\system32\comctl32.dll
ole32.dll 771b0000 1196032 C:\WINDOWS\system32\ole32.dll
uxtheme.dll 5ad70000 212992 C:\WINDOWS\System32\uxtheme.dll
BROWSEUI.dll 71500000 1036288 C:\WINDOWS\System32\BROWSEUI.dll
browselc.dll 72430000 73728 C:\WINDOWS\System32\browselc.dll
appHelp.dll 75f40000 126976 C:\WINDOWS\system32\appHelp.dll
CLBCATQ.DLL 7c890000 528384 C:\WINDOWS\System32\CLBCATQ.DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll
COMRes.dll 77050000 806912 C:\WINDOWS\System32\COMRes.dll
VERSION.dll 77c00000 28672 C:\WINDOWS\system32\VERSION.dll
msctfime.ime 990000 176128 C:\WINDOWS\System32\msctfime.ime
Msctf.dll 74720000 278528 C:\WINDOWS\System32\Msctf.dll
Msimtf.dll 746f0000 155648 C:\WINDOWS\System32\Msimtf.dll
WININET.dll 63000000 614400 C:\WINDOWS\system32\WININET.dll
CRYPT32.dll 762c0000 557056 C:\WINDOWS\system32\CRYPT32.dll
MSASN1.dll 762a0000 65536 C:\WINDOWS\system32\MSASN1.dll
Secur32.dll 76f90000 65536 C:\WINDOWS\System32\Secur32.dll
cscui.dll 76620000 319488 C:\WINDOWS\System32\cscui.dll
CSCDLL.dll 76600000 110592 C:\WINDOWS\System32\CSCDLL.dll
SETUPAPI.dll 76670000 946176 C:\WINDOWS\System32\SETUPAPI.dll
AcroIEHelper.ocx 10000000 32768 C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
SXS.DLL 75e90000 684032 C:\WINDOWS\System32\SXS.DLL
dlprotect.dll 11000000 192512 C:\Program Files\SpywareGuard\dlprotect.dll
MSVBVM60.DLL 66000000 1384448 C:\WINDOWS\System32\MSVBVM60.DLL
NavShExt.dll 1630000 114688 C:\Program Files\Norton AntiVirus\NavShExt.dll
ccTrust.dll 1650000 106496 C:\WINDOWS\System32\ccTrust.dll
MSVCP60.dll 55900000 397312 C:\WINDOWS\System32\MSVCP60.dll
ATL.DLL 76b20000 86016 C:\WINDOWS\System32\ATL.DLL
urlmon.dll 1a400000 499712 C:\WINDOWS\system32\urlmon.dll
shdoclc.dll 76170000 557056 C:\WINDOWS\System32\shdoclc.dll
XX2GR.DLL 16d0000 253952 C:\Program Files\GetRight\XX2GR.DLL
comdlg32.dll 763b0000 282624 C:\WINDOWS\system32\comdlg32.dll
WINSPOOL.DRV 73000000 143360 C:\WINDOWS\System32\WINSPOOL.DRV
mlang.dll 74770000 585728 C:\WINDOWS\System32\mlang.dll
wsock32.dll 71ad0000 32768 C:\WINDOWS\System32\wsock32.dll
WS2_32.dll 71ab0000 86016 C:\WINDOWS\System32\WS2_32.dll
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\System32\WS2HELP.dll
mswsock.dll 71a50000 241664 C:\WINDOWS\system32\mswsock.dll
wshtcpip.dll 71a90000 32768 C:\WINDOWS\System32\wshtcpip.dll
RASAPI32.DLL 76ee0000 225280 C:\WINDOWS\System32\RASAPI32.DLL
rasman.dll 76e90000 69632 C:\WINDOWS\System32\rasman.dll
NETAPI32.dll 71c20000 319488 C:\WINDOWS\System32\NETAPI32.dll
TAPI32.dll 76eb0000 176128 C:\WINDOWS\System32\TAPI32.dll
rtutils.dll 76e80000 53248 C:\WINDOWS\System32\rtutils.dll
WINMM.dll 76b40000 180224 C:\WINDOWS\System32\WINMM.dll
msi.dll 1f90000 2101248 C:\WINDOWS\System32\msi.dll
sensapi.dll 722b0000 20480 C:\WINDOWS\System32\sensapi.dll
USERENV.dll 75a70000 675840 C:\WINDOWS\system32\USERENV.dll
rsaenh.dll ffd0000 143360 C:\WINDOWS\System32\rsaenh.dll
rasadhlp.dll 76fc0000 20480 C:\WINDOWS\System32\rasadhlp.dll
DNSAPI.dll 76f20000 151552 C:\WINDOWS\System32\DNSAPI.dll
winrnr.dll 76fb0000 28672 C:\WINDOWS\System32\winrnr.dll
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll
mshtml.dll 63580000 2818048 C:\WINDOWS\System32\mshtml.dll
scrauth.dll 2900000 110592 C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll
ScrBlock.dll 2a30000 122880 C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll
wintrust.dll 76c30000 176128 C:\WINDOWS\System32\wintrust.dll
IMAGEHLP.dll 76c90000 139264 C:\WINDOWS\system32\IMAGEHLP.dll
cryptnet.dll 73d50000 65536 C:\WINDOWS\System32\cryptnet.dll
jscript.dll 6b700000 589824 c:\windows\system32\jscript.dll
iepeers.dll 66e50000 241664 C:\WINDOWS\System32\iepeers.dll
MSLS31.DLL 746c0000 159744 C:\WINDOWS\System32\MSLS31.DLL
mshtmled.dll 74cb0000 454656 C:\WINDOWS\System32\mshtmled.dll
wdmaud.drv 72d20000 36864 C:\WINDOWS\System32\wdmaud.drv
msacm32.drv 72d10000 32768 C:\WINDOWS\System32\msacm32.drv
MSACM32.dll 77be0000 81920 C:\WINDOWS\System32\MSACM32.dll
midimap.dll 77bd0000 28672 C:\WINDOWS\System32\midimap.dll
vbscript.dll 73300000 479232 c:\windows\system32\vbscript.dll
Flash.ocx 43c0000 1732608 C:\WINDOWS\System32\macromed\flash\Flash.ocx
ddrawex.dll 65000000 36864 C:\WINDOWS\System32\ddrawex.dll
DDRAW.dll 51000000 290816 C:\WINDOWS\System32\DDRAW.dll
DCIMAN32.dll 73bc0000 24576 C:\WINDOWS\System32\DCIMAN32.dll
MSRATING.DLL 5ff20000 143360 C:\WINDOWS\System32\MSRATING.DLL
msratelc.dll 5ff50000 69632 C:\WINDOWS\System32\msratelc.dll
actxprxy.dll 71d40000 110592 C:\WINDOWS\System32\actxprxy.dll
SwSupport.dll 69000000 57344 C:\WINDOWS\System32\Macromed\Common\SwSupport.dll
dxtrans.dll 6bdd0000 208896 C:\WINDOWS\System32\dxtrans.dll
dxtmsft.dll 6be10000 348160 C:\WINDOWS\System32\dxtmsft.dll
Module information for 'IEXPLORE.EXE'
MODULE BASE SIZE PATH
IEXPLORE.EXE 400000 102400 C:\Program Files\Internet Explorer\IEXPLORE.EXE
ntdll.dll 77f50000 684032 C:\WINDOWS\System32\ntdll.dll
kernel32.dll 77e60000 942080 C:\WINDOWS\system32\kernel32.dll
msvcrt.dll 77c10000 339968 C:\WINDOWS\system32\msvcrt.dll
USER32.dll 77d40000 573440 C:\WINDOWS\system32\USER32.dll
GDI32.dll 7e090000 266240 C:\WINDOWS\system32\GDI32.dll
ADVAPI32.dll 77dd0000 577536 C:\WINDOWS\system32\ADVAPI32.dll
RPCRT4.dll 78000000 552960 C:\WINDOWS\system32\RPCRT4.dll
SHLWAPI.dll 70a70000 413696 C:\WINDOWS\system32\SHLWAPI.dll
SHDOCVW.dll 71700000 1347584 C:\WINDOWS\System32\SHDOCVW.dll
IMM32.DLL 76390000 114688 C:\WINDOWS\System32\IMM32.DLL
LPK.DLL 629c0000 32768 C:\WINDOWS\System32\LPK.DLL
USP10.dll 72fa0000 368640 C:\WINDOWS\System32\USP10.dll
comctl32.dll 71950000 933888 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
SHELL32.dll 773d0000 8331264 C:\WINDOWS\system32\SHELL32.dll
comctl32.dll 77340000 569344 C:\WINDOWS\system32\comctl32.dll
ole32.dll 771b0000 1196032 C:\WINDOWS\system32\ole32.dll
uxtheme.dll 5ad70000 212992 C:\WINDOWS\System32\uxtheme.dll
BROWSEUI.dll 71500000 1036288 C:\WINDOWS\System32\BROWSEUI.dll
browselc.dll 72430000 73728 C:\WINDOWS\System32\browselc.dll
appHelp.dll 75f40000 126976 C:\WINDOWS\system32\appHelp.dll
CLBCATQ.DLL 7c890000 528384 C:\WINDOWS\System32\CLBCATQ.DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll
COMRes.dll 77050000 806912 C:\WINDOWS\System32\COMRes.dll
VERSION.dll 77c00000 28672 C:\WINDOWS\system32\VERSION.dll
msctfime.ime 990000 176128 C:\WINDOWS\System32\msctfime.ime
Msctf.dll 74720000 278528 C:\WINDOWS\System32\Msctf.dll
Msimtf.dll 746f0000 155648 C:\WINDOWS\System32\Msimtf.dll
WININET.dll 63000000 614400 C:\WINDOWS\system32\WININET.dll
CRYPT32.dll 762c0000 557056 C:\WINDOWS\system32\CRYPT32.dll
MSASN1.dll 762a0000 65536 C:\WINDOWS\system32\MSASN1.dll
Secur32.dll 76f90000 65536 C:\WINDOWS\System32\Secur32.dll
cscui.dll 76620000 319488 C:\WINDOWS\System32\cscui.dll
CSCDLL.dll 76600000 110592 C:\WINDOWS\System32\CSCDLL.dll
SETUPAPI.dll 76670000 946176 C:\WINDOWS\System32\SETUPAPI.dll
AcroIEHelper.ocx 10000000 32768 C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
SXS.DLL 75e90000 684032 C:\WINDOWS\System32\SXS.DLL
dlprotect.dll 11000000 192512 C:\Program Files\SpywareGuard\dlprotect.dll
MSVBVM60.DLL 66000000 1384448 C:\WINDOWS\System32\MSVBVM60.DLL
NavShExt.dll 1670000 114688 C:\Program Files\Norton AntiVirus\NavShExt.dll
ccTrust.dll 1690000 106496 C:\WINDOWS\System32\ccTrust.dll
MSVCP60.dll 55900000 397312 C:\WINDOWS\System32\MSVCP60.dll
ATL.DLL 76b20000 86016 C:\WINDOWS\System32\ATL.DLL
urlmon.dll 1a400000 499712 C:\WINDOWS\system32\urlmon.dll
shdoclc.dll 76170000 557056 C:\WINDOWS\System32\shdoclc.dll
XX2GR.DLL 1710000 253952 C:\Program Files\GetRight\XX2GR.DLL
comdlg32.dll 763b0000 282624 C:\WINDOWS\system32\comdlg32.dll
WINSPOOL.DRV 73000000 143360 C:\WINDOWS\System32\WINSPOOL.DRV
mlang.dll 74770000 585728 C:\WINDOWS\System32\mlang.dll
wsock32.dll 71ad0000 32768 C:\WINDOWS\System32\wsock32.dll
WS2_32.dll 71ab0000 86016 C:\WINDOWS\System32\WS2_32.dll
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\System32\WS2HELP.dll
mswsock.dll 71a50000 241664 C:\WINDOWS\system32\mswsock.dll
wshtcpip.dll 71a90000 32768 C:\WINDOWS\System32\wshtcpip.dll
RASAPI32.DLL 76ee0000 225280 C:\WINDOWS\System32\RASAPI32.DLL
rasman.dll 76e90000 69632 C:\WINDOWS\System32\rasman.dll
NETAPI32.dll 71c20000 319488 C:\WINDOWS\System32\NETAPI32.dll
TAPI32.dll 76eb0000 176128 C:\WINDOWS\System32\TAPI32.dll
rtutils.dll 76e80000 53248 C:\WINDOWS\System32\rtutils.dll
WINMM.dll 76b40000 180224 C:\WINDOWS\System32\WINMM.dll
msi.dll 1fd0000 2101248 C:\WINDOWS\System32\msi.dll
sensapi.dll 722b0000 20480 C:\WINDOWS\System32\sensapi.dll
USERENV.dll 75a70000 675840 C:\WINDOWS\system32\USERENV.dll
rsaenh.dll ffd0000 143360 C:\WINDOWS\System32\rsaenh.dll
rasadhlp.dll 76fc0000 20480 C:\WINDOWS\System32\rasadhlp.dll
DNSAPI.dll 76f20000 151552 C:\WINDOWS\System32\DNSAPI.dll
winrnr.dll 76fb0000 28672 C:\WINDOWS\System32\winrnr.dll
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll
mshtml.dll 63580000 2818048 C:\WINDOWS\System32\mshtml.dll
scrauth.dll 2a40000 110592 C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll
ScrBlock.dll 2b70000 122880 C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll
wintrust.dll 76c30000 176128 C:\WINDOWS\System32\wintrust.dll
IMAGEHLP.dll 76c90000 139264 C:\WINDOWS\system32\IMAGEHLP.dll
cryptnet.dll 73d50000 65536 C:\WINDOWS\System32\cryptnet.dll
jscript.dll 6b700000 589824 c:\windows\system32\jscript.dll
MSLS31.DLL 746c0000 159744 C:\WINDOWS\System32\MSLS31.DLL
iepeers.dll 66e50000 241664 C:\WINDOWS\System32\iepeers.dll
mshtmled.dll 74cb0000 454656 C:\WINDOWS\System32\mshtmled.dll
MPR.dll 71b20000 69632 C:\WINDOWS\system32\MPR.dll
drprov.dll 75f60000 24576 C:\WINDOWS\System32\drprov.dll
ntlanman.dll 71c10000 53248 C:\WINDOWS\System32\ntlanman.dll
NETUI0.dll 71cd0000 90112 C:\WINDOWS\System32\NETUI0.dll
NETUI1.dll 71c90000 245760 C:\WINDOWS\System32\NETUI1.dll
NETRAP.dll 71c80000 24576 C:\WINDOWS\System32\NETRAP.dll
SAMLIB.dll 71bf0000 69632 C:\WINDOWS\System32\SAMLIB.dll
davclnt.dll 75f70000 36864 C:\WINDOWS\System32\davclnt.dll
MSGINA.dll 75970000 991232 C:\WINDOWS\System32\MSGINA.dll
WINSTA.dll 76360000 61440 C:\WINDOWS\System32\WINSTA.dll
ODBC32.dll 3c60000 204800 C:\WINDOWS\System32\ODBC32.dll
odbcint.dll 1f850000 90112 C:\WINDOWS\System32\odbcint.dll
wdmaud.drv 72d20000 36864 C:\WINDOWS\System32\wdmaud.drv
msacm32.drv 72d10000 32768 C:\WINDOWS\System32\msacm32.drv
MSACM32.dll 77be0000 81920 C:\WINDOWS\System32\MSACM32.dll
midimap.dll 77bd0000 28672 C:\WINDOWS\System32\midimap.dll
msxml3.dll 72e00000 1134592 C:\WINDOWS\System32\msxml3.dll
Flash.ocx 48a0000 1732608 C:\WINDOWS\System32\macromed\flash\Flash.ocx
ddrawex.dll 65000000 36864 C:\WINDOWS\System32\ddrawex.dll
DDRAW.dll 51000000 290816 C:\WINDOWS\System32\DDRAW.dll
DCIMAN32.dll 73bc0000 24576 C:\WINDOWS\System32\DCIMAN32.dll
vbscript.dll 73300000 479232 c:\windows\system32\vbscript.dll
SwSupport.dll 69000000 57344 C:\WINDOWS\System32\Macromed\Common\SwSupport.dll
actxprxy.dll 71d40000 110592 C:\WINDOWS\System32\actxprxy.dll
 
Joined
Jul 26, 2002
Messages
46,349
You posted the wrong log. You were supposed to click on runme.bat and then enter the digit 1 to get the exporer.dlls. You entered the digit 2 and got the iexplorer.dlls.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top