Username:    Password:    Remember me        
Google
 

FixIEDef© v1.3 (File Version: 1.3.14.4193) [2008-05-04]
(Windows 2000/XP/2003/Vista 32-bit)

FAKE ALERTS | HIJACKTHIS ENTRIES | DOWNLOAD | INSTRUCTIONS | THANKS | CHANGE LOG | REPORT BUGS

NOTE: FixIEDef supports Non-English language systems.

Warning: This is an Unicode compiled script and will not run on Win9x/ME.

This tool removes AntiSpyPro, Files Secure, IE AntiVirus, IEDefender, and Malware Bell. Eliminates the "Fake Alerts" generated by Trojan-Downloader.Win32.Delf. Removes Trojan-Downloader.Win32.Delf from the system.

Fake Alerts:

Internet Explorer IeDefender PopUp
NOTICE: Your system is infected and your computer performance is not at the highest level.
Full system optimization will greatly increase your computer's performance and prevent data loss.

Would you like to install IE Defender to clear your computer's performance now for free? (Recommended)

Internet Explorer Zlob-X.a PopUp
Your system is probably infected with the latest version of Trojan.Zlob-X.a.
Full system optimization will greatly increase your computer's performance and prevent data loss.

Click OK to download antispyware software! (Recommended)

Internet Explorer Agent.akk PopUp
Your browser was hijacked by Trojan.Win32.Agent.akk
You need to clean your system immediately, in other case it can be crashed soon!

Click OK to download the high-tech antispyware protection software! (Recommended)

Internet Explorer Obfuscated.gx PopUp
Your browser was infected by Trojan.Win32.Obfuscated.gx
You need to clean your system immediately, in other case it can be crashed soon!

Click OK to download the high-tech antispyware protection software! (Recommended)

Internet Explorer LinkReplacer PopUp
Your browser was hijacked by Trojan.Win32.LinkReplacer
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Internet Explorer StarField PopUp
Your computer was infected by Trojan.Win32.StarField
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Internet Explorer Trojanm.Agent PopUp
Your browser was hijacked by Trojan.Agent
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Internet Explorer Trojan.Win32.Gorshok.a PopUp
Your browser was hijacked by Trojan.Win32.Gorshok.a
You need to clean your system immediately, in other case it can be crashed soon!

Click OK to download the high-tech antispyware protection software! (Recommended)

Internet Explorer Worm.Win32.Sober PopUp
Your browser was hijacked by Worm.Win32.Sober
You need to clean your system immediately, in other case it can be crashed soon!

Click OK to download the high-tech antispyware protection software! (Recommended)

Internet Explorer Trojan.Win32.Startpage.fq PopUp
Your browser was infected by Trojan.Win32.Startpage.fq
You need to clean your system immediately, in other case it can be crashed soon!

Click OK to download the high-tech antispyware protection software! (Recommended)

Internet Explorer Trojan.Vundo PopUp
Your browser was infected by Trojan.Vundo
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Internet Explorer Trojan.KillAV PopUp
Your browser was infected by Trojan.KillAV
You need to clean your system immediately, in other case it can be crashed soon!

Click OK to download the high-tech antispyware protection software! (Recommended)

Internet Explorer Trojan.Win32.Patched PopUp
Your computer has been infected by Trojan.Win32.Patched
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Internet Explorer Trojan.Win32.CP4000 PopUp
Your PC is infected by malware - Trojan.Win32.CP4000
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Internet Explorer Win32/Qoologic PopUp
Your PC is infected by malware - Win32/Qoologic
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Internet Explorer Trojan Win32.Murlo PopUp
Your computer was infected by trojan Win32.Murlo (unknown variant).
It's dangerous for your system (critical files can be lost)!

Click OK to download the antispyware program to clean your system! (Recommended)

Internet Explorer Unknown Trojan PopUp
Your computer was infected by unknown trojan
It's dangerous for your system (critical files can be lost)!

Click OK to download the antispyware program to clean your system! (Recommended)

Fake Alert Dangerous Trojan
Your system was infected by dangerous Trojan.
Note: Your critical files can be lost!

Click OK to download antimalware application to clean your system! (Recommended)

Fake Alert Dangerous Trojan Image 1
Your browser was hijacked by a Dangerous Virus.
Note: Your critical files can be lost!

Click OK to download the antispyware program to clean your computer! (Recommended)

Fake Alert Dangerous Trojan Image 2
Your computer was infected with a Dangerous Virus.
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Fake Alert Spyworm.Win32 Image 1
Your browser was hijacked by Spyworm.Win32.
Note: Your critical files can be lost!

Click OK to download the antispyware program to clean your computer! (Recommended)

Fake Alert Spyworm.Win32 Image 2
Your computer was infected with Spyworm.Win32.
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

Fake Alert Worm.Win32.Netbooster Image 1
Your browser was hijacked by Worm.Win32.Netbooster.
Note: Your critical files can be lost!

Click OK to download the antispyware program to clean your computer! (Recommended)

Fake Alert Worm.Win32.Netbooster Image 2
Your computer was infected with Worm.Win32.Netbooster.
It's dangerous for your system, some files can be lost and your browser can be slow!

Click OK to download the antispyware program to clean your computer! (Recommended)

HijackThis Entries:

O2 - BHO: Adobe PDF Reader Link Helper - {358A14C3-CB2F-4366-9A6C-1AEB63F0B036} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {427DA36C-DC88-48D4-B090-1FD304BECAB2} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {445A3D12-EBA3-4054-AB54-587BF3FF40EA} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {44970071-468F-432F-8F5E-429B2414619A} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {463F66BC-3B6F-4FDE-969C-94F594FECE07} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {54A98DD5-0357-4EF1-A698-BB08E73CF725} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {5CF87193-FD1E-4400-863D-FD9AFC5F402F} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {6FA2DDCA-DD68-4E58-9CF6-005B10D60F31} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {8CF21D67-EDE6-4BBC-A009-D2CF3AAA0AE2} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {A8607BAF-0EB3-473C-84C9-F3A5B901A796} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {B782EDE4-CCB3-4E3E-981F-96C68116F38C} - C:\WINDOWS\System32\AcroIeHelp.dll
O2 - BHO: Adobe PDF Reader Link Helper - {B782EDE4-CCB3-4E3E-981F-96C68116F38C} - C:\WINDOWS\System32\AcroIeHelpU2.dll
O2 - BHO: Adobe PDF Reader Link Helper - {D79145D5-535E-4B27-BCD3-9AFBB326829C} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {DA67288F-069B-449D-BA4C-0CE0C3C42265} - C:\WINDOWS\AcroIEHelper.dll
O2 - BHO: 3GP - {5D67E2E7-0C2B-4491-87C4-37F2AC6033D2} - C:\WINDOWS\System32\a3gpcodec.dll
O2 - BHO: AlphaDivX - {3B236BEE-8200-421D-919D-CA17D5739D8F} - C:\WINDOWS\System32\aDivX.dll
O2 - BHO: BetaDivX - {48BF2BC0-2945-11D8-8CAC-00080FC65465} - C:\WINDOWS\System32\IR9V0_QCX.dll
O2 - BHO: BetaDivX - {D99BACC6-6289-4D4F-8BAF-4192016AF547} - C:\WINDOWS\System32\bDivX.dll
O2 - BHO: FireFox Viewer - {8883BBC2-E716-4C98-B12C-BB40B4A415ED} - C:\WINDOWS\corpol.dll
O2 - BHO: FLW Viewer - {1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E} - C:\WINDOWS\cndr32a.dll
O2 - BHO: FLW Viewer - {2B53C730-8A79-4E13-A35F-3E41CA13E12F} - C:\WINDOWS\cndr32a.dll
O2 - BHO: FLW Viewer - {38E4618F-E3E4-42E9-925F-6B02C798BD94} - C:\WINDOWS\cndr32a.dll
O2 - BHO: FLW Viewer - {8D820860-2FA8-49A8-8809-B450ED80D3BB} - C:\WINDOWS\cndr32a.dll
O2 - BHO: IE Config Tools - {E780E148-0BAC-4654-81A4-8A649F4D4A90} - C:\WINDOWS\mscfg32.dll
O2 - BHO: IE plugin - {17A1DBB5-DAD8-4E78-BF7E-9BE4B965408B} - C:\WINDOWS\pmspl.dll
O2 - BHO: IE plugin - {6F6D1C90-7BEE-4A15-8DAB-9C37A643FD3A} - C:\WINDOWS\pmspl.dll
O2 - BHO: IE plugin - {D17CFF74-A19C-4C36-821A-E074E4F889CA} - C:\WINDOWS\pmspl.dll
O2 - BHO: IE plugin - {E856E05E-1B91-4339-9EFC-9A3308CB5491} - C:\WINDOWS\pmspl.dll
O2 - BHO: IE plugin - {FF5137B5-C506-4D9B-8682-E0BE4675B899} - C:\WINDOWS\pmspl.dll
O2 - BHO: IntelVideoCodec - {04F7FAC5-F506-4F29-9094-9CB9144B192C} - C:\WINDOWS\System32\IntelVideo.dll
O2 - BHO: IntelVideoCodec - {33A12BEB-3219-4CA8-99B4-733192704C62} - C:\WINDOWS\System32\IntelVideoDivX.dll
O2 - BHO: IntelVideoCodec - {AF36E90A-44CA-4EE3-B578-C07383623217} - C:\WINDOWS\System32\Video32.dll
O2 - BHO: Media Codec - {50B051EE-8EF3-4D58-828D-74F0D1FFE4AA} - C:\WINDOWS\kiasys.dll
O2 - BHO: Media Codec - {53C4786E-B8BC-4245-97C4-C4AFFE28A8CA} - C:\WINDOWS\kiasys.dll
O2 - BHO: Media Codec - {547F4E57-9025-403B-B619-073854A60DA1} - C:\WINDOWS\kiasys.dll
O2 - BHO: Media Codec - {8B580E40-6B46-44C8-9E80-A5AD6E1D1035} - C:\WINDOWS\kiasys.dll
O2 - BHO: Media Codec - {C41A222A-B516-4190-B0B7-0AF2CE7F5C28} - C:\WINDOWS\kiasys.dll
O2 - BHO: Media Player Classic - {486D0362-657B-4771-B56D-AE29AA31B78B} - C:\WINDOWS\ausctv32a.dll
O2 - BHO: Media Player Classic - {5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4} - C:\WINDOWS\ausctv32a.dll
O2 - BHO: Media Player Classic - {CE0487CA-8B02-431E-BA63-D38844E020B5} - C:\WINDOWS\ausctv32a.dll
O2 - BHO: Media Player Codec - {3084A75F-5350-4D8B-BC5F-6B378035C133} - C:\WINDOWS\dsaip32b.dll
O2 - BHO: Media Player Codec - {54202673-BD70-423C-AE57-5B2354567629} - C:\WINDOWS\dsaip32b.dll
O2 - BHO: Media Player Codec - {687A466A-D7CB-4FDF-965C-92462A82D7F0} - C:\WINDOWS\dsaip32b.dll
O2 - BHO: Media Player Codec - {8B65F8A9-BAD5-4261-BB6F-25B2020C3098} - C:\WINDOWS\dsaip32b.dll
O2 - BHO: Media Player Codec - {B4EF0D13-5359-457D-BA85-C110AEC377B5} - C:\WINDOWS\dsaip32b.dll
O2 - BHO: Mp3 Video - {2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99} - C:\WINDOWS\System32\VideoMP3.dll
O2 - BHO: Mp3 Video - {5DE176A4-B5FF-4D50-B084-E047526B8E97} - C:\WINDOWS\System32\VideoMP3.dll
O2 - BHO: Mp3 Video - {6FFE49B7-F475-4EAB-8E80-E5D74C4E8D5F} - C:\WINDOWS\System32\VideoMP3.dll
O2 - BHO: Mp3 Video - {D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF} - C:\WINDOWS\System32\mp3avi.dll
O2 - BHO: Mp3 Video - {9A1EF21C-B0D4-4EB0-894F-CBAE2F4D0A82} - C:\WINDOWS\System32\mp3avi.dll
O2 - BHO: MS Video Control 1.0 - {2A4601BC-8376-422D-A2FC-DDF0A40570BD} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {2E09C916-948C-42AF-8451-17B1439DFFD5} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {4E21495F-0004-4614-9DC9-6B8F7E5024F5} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {54629298-47B2-4F79-BC62-7B3648D70020} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {708F8B95-4012-4A3A-9494-5EEE5F8CC89E} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {853D915E-40FF-4125-996E-89DD934B2060} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {96074552-3830-40E3-8274-FB9E092F04EC} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {C3253D15-672D-46D5-8FE1-3FAB8E291E4F} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {CAD36397-AF2B-4F5D-9172-1D3874222A23} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {CBC3486E-92D1-419D-BEBF-D3D972B87902} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {E76AA4DA-7388-4D1E-B7E4-CC809F4E8F1B} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {E9601C0B-FA98-4E6D-A015-AE5B43F47962} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {EEBA7DF1-A821-469A-BD31-206AD73CFA9B} - C:\WINDOWS\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {F7B62E04-C4AF-4814-88EE-D5EBDBAD6387} - C:\WINDOWS\msvidc32.dll
O2 - BHO: Office toolbar - {14F4D69C-EDB0-434D-BF44-1EECCCD3418E} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {26121617-90C5-41D3-B52D-133D49A36AE7} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {4722D065-A352-42FB-924C-EAEF5A1AE571} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {472BC14C-6464-4FDF-A12A-A057CDCD9C58} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {4F9FD315-1C7C-477B-A65D-E66570DF2677} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {59607689-0CC6-4187-B7E7-03084228E7EE} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {88452E1F-D91A-4A66-AA39-FD53F15B13AF} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {AB51078F-7E35-49E2-8B26-7BB98321E066} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0} - C:\WINDOWS\sysosa.dll
O2 - BHO: Office toolbar - {F0B18D6F-3541-4AB4-A231-79F15FA29ED1} - C:\WINDOWS\sysosa.dll
O2 - BHO: OGG Viewer - {7AB85EC7-22E7-4B5D-89DA-A9EBD1AF3520} - C:\WINDOWS\oggview.dll
O2 - BHO: OGG Viewer - {82FE0677-75EC-49BF-83E9-A815F68F6212} - C:\WINDOWS\oggview.dll
O2 - BHO: OGG Viewer - {90F39E5A-1C6C-4597-8B59-9AED38E88387} - C:\WINDOWS\oggview.dll
O2 - BHO: OGG Viewer - {FBFE32FE-4ED6-4099-A087-8C238B714831} - C:\WINDOWS\oggview.dll
O2 - BHO: PCTools - {5C8494A5-7525-46B3-94C2-2F734EEBD48B} - C:\WINDOWS\netweb64c.dll
O2 - BHO: PCTools - {5C8494A5-7525-46B3-94C2-2F734EEBD48B} - C:\WINDOWS\sysapi32a.dll
O2 - BHO: PCTools - {C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9} - C:\WINDOWS\pctools.dll
O2 - BHO: PDS Viewer - {37CEA8AE-2C1F-4F88-8362-0BFFBA53D2FD} - C:\WINDOWS\pdswin.dll
O2 - BHO: PDS Viewer - {5CB10D4A-0C14-4546-865D-935ECBFFA346} - C:\WINDOWS\pdswin.dll
O2 - BHO: PDS Viewer - {E2278F85-4584-4BEE-928C-600B38C385C1} - C:\WINDOWS\pdswin.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_de16.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_de32.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_de64.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_uk16.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_uk32.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_uk64.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_us16.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_us32.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simop_us64.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_de16.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_de32.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_de64.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_uk16.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_uk32.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_uk64.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_us16.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_us32.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - C:\Windows\simku_us64.dll
O2 - BHO: PLAsim plugin - {7753B2C4-8E27-4CEC-87EB-2739480D8A11} - C:\WINDOWS\poswin.dll
O2 - BHO: PLAsim plugin - {F60777DA-D6A6-40F6-B665-6F361C1017B6} - C:\WINDOWS\poswin.dll
O2 - BHO: Player - {22347AEE-A37A-45D3-8804-FDC7F9289CE1} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {242C7F77-BDAC-48B9-89E2-42940CBAE846} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {72AC05E3-89FD-42BB-A646-C2EE381A4908} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {8109B74C-F63F-43EA-84A4-3D43351C4021} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {83FD1F86-B40A-41EE-8512-929F005ED2A8} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {84885FC9-44B0-4953-98F9-166E048B7052} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {99F785E5-5394-4826-A515-034A34A36377} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {AAED19A0-D72D-4AD1-8F94-B53D36C835A7} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {B5307BCB-64A5-4416-9BC2-5AF01DB90123} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {BA2020CE-AF34-4B1A-82D4-507C7F002079} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {D989E9EA-8F56-4864-A1EA-2F9059A421BE} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {E5AF0624-F539-47D9-BA37-D8B339E858F4} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {F3DDAB38-C6E3-4EF8-A543-6E8625A61D93} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {FAB71C44-8C45-43EF-B1BE-2E33076166D4} - C:\WINDOWS\orgnavi.dll
O2 - BHO: Player - {FC2458DB-B263-48C5-A106-0651B05DF38C} - C:\WINDOWS\orgnavi.dll
O2 - BHO: player addon - {1E40AD15-4280-428A-9A26-AB96F9DA2ACE} - C:\WINDOWS\oggview32.dll
O2 - BHO: player addon - {4EBAA7B0-740D-4CFA-9455-5C233BB354E1} - C:\WINDOWS\oggview32.dll
O2 - BHO: player addon - {6A219F2A-3ECA-4258-9A8A-FD7312EB7391} - C:\WINDOWS\oggview32.dll
O2 - BHO: player addon - {819EFD78-6FD4-42EF-9030-F6DAB24BB9F0} - C:\WINDOWS\oggview32.dll
O2 - BHO: player addon - {9DEC81A1-919F-41F0-A983-7F202E3EBBB3} - C:\WINDOWS\oggview32.dll
O2 - BHO: player addon - {E90BBB19-1B2E-42C0-8BFF-AFC6984247DD} - C:\WINDOWS\oggview32.dll
O2 - BHO: POS plugin - {369A87BB-07DF-4AB6-B23D-B5BF81338572} - C:\WINDOWS\poswin.dll
O2 - BHO: pwn plugin - {4AAC4708-FE47-4B80-92EF-47406444DDD2} - C:\WINDOWS\pwnbho.dll
O2 - BHO: pwn plugin - {7E24E909-FB8A-4837-9DF7-05E7587CB26C} - C:\WINDOWS\pwnbho.dll
O2 - BHO: PWS.LD.Pinch - {649E2DCE-1AD1-470B-ACC8-42842396A94C} - C:\WINDOWS\nydo32r.dll
O2 - BHO: Rates - {038F228B-EED3-4A87-A565-F88FC99EBA91} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {04B0AACB-ADE6-45C7-9989-7836E8DC8C3D} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {113F2B42-FD88-45F6-9DEB-2D3463A8FC71} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {395E5A32-A265-451E-BCA2-679BC11361B1} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {47EFD4AD-CB46-4549-B24B-CEE415394C56} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {4E45C414-5019-4966-9013-6950C35E6C06} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {553084D1-0E86-4358-AA1C-BB19B42AF28F} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {5C28ED27-37BE-40EA-9AEB-FCC19F72682F} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {64CB443E-9F44-4A05-929F-CCC315F21E21} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {6CA6DDF4-8904-4179-A45D-91438342F83A} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {834B0DD4-3A68-4F58-B265-D9FDB3D8F88B} - C:\WINDOWS\toprates.dll
O2 - BHO: Rates - {F325C9B7-4876-4665-895B-674D657645C2} - C:\WINDOWS\toprates.dll
O2 - BHO: RealMedia - {0EEDB911-C5FA-486F-8334-57288578C627} - C:\WINDOWS\System32\XunLeiBHO_Now.dll
O2 - BHO: RealMedia - {87B570FB-D2CF-4D3C-8E1B-E1E7018BBA95} - C:\WINDOWS\System32\dx50codec.dll
O2 - BHO: Sofos - {B49949CA-3062-4FA3-A24A-E27BAFD7C940} - C:\WINDOWS\sofos16x.dll
O2 - BHO: Sofos - {44B1C291-CF3E-4B66-8BAB-31040FDC30A9} - C:\WINDOWS\sofos32x.dll
O2 - BHO: Sofos - {73776361-F206-4A50-9687-801C6FE9BA31} - C:\WINDOWS\sofos32x.dll
O2 - BHO: Sofos - {D6848354-33D9-4E22-B94D-91A727129920} - C:\WINDOWS\sofos32x.dll
O2 - BHO: Sofos - {E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C} - C:\WINDOWS\sofos32x.dll
O2 - BHO: SSVHelper - {69F6C0AE-0C78-4999-B6D1-62932A265C5D} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: SSVHelper - {907C8FB0-1205-4189-99C9-9E8DA884B0B0} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: SSVHelper - {96488BA0-1A53-4583-8AC8-DB77560E8876} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: System DivX4 - {0459F04A-F7CC-4F98-B66E-E19690702AE4} - C:\WINDOWS\System32\sysvideo32.dll
O2 - BHO: System DivX4 - {052FB21E-D259-485E-AA2A-FDD489D090F9} - C:\WINDOWS\System32\sysvideo32.dll
O2 - BHO: System DivX4 - {2FA3B736-1AC7-454D-8E94-8BA8158BF064} - C:\WINDOWS\System32\sysvideo32.dll
O2 - BHO: System DivX4 - {71314E7C-1713-49FA-90F2-54D275023981} - C:\WINDOWS\System32\sysvideo32.dll
O2 - BHO: Sysem Player - {2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D} - C:\WINDOWS\sysvol32.dll
O2 - BHO: Sysem Player - {861EA552-6309-490A-AC97-1F574E730CF1} - C:\WINDOWS\sysvol32.dll
O2 - BHO: Sysem Player - {D70E28A7-AA79-4D62-A59F-87024840BB62} - C:\WINDOWS\sysvol32.dll
O2 - BHO: Sysem Player - {EDB33932-35A4-4566-9FBC-5750DCAF8F89} - C:\WINDOWS\sysvol32.dll
O2 - BHO: Video - {02788C74-8A3E-455D-9820-59784297DF96} - C:\WINDOWS\stream32a.dll
O2 - BHO: Video - {04A67DA5-880B-452F-B193-463452C40B41} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: Video - {0F596190-DEC2-4D19-AB43-50B54243923F} - C:\WINDOWS\windivx.dll
O2 - BHO: Video - {14A6B963-7C6C-414B-B5BD-9CD0929F928F} - C:\WINDOWS\stream32a.dll
O2 - BHO: Video - {15EB9F40-D775-4463-B75B-8687B3C66BB7} - C:\WINDOWS\msvideo.dll
O2 - BHO: Video - {15FEB658-AACC-412E-BC13-D54CFD74A8F6} - C:\WINDOWS\stream32a.dll
O2 - BHO: Video - {323301C5-CB6B-490C-B59F-E7FAD4D69C93} - C:\WINDOWS\?????16.dll
O2 - BHO: Video - {323301C5-CB6B-490C-B59F-E7FAD4D69C93} - C:\WINDOWS\?????32.dll
O2 - BHO: Video - {323301C5-CB6B-490C-B59F-E7FAD4D69C93} - C:\WINDOWS\?????64.dll
O2 - BHO: Video - {38329D14-1302-4CA7-BEE4-C954516C43B3} - C:\WINDOWS\windivx.dll
O2 - BHO: Video - {4AB15165-917A-4AE4-AE42-7FF13F61805B} - C:\WINDOWS\windivx.dll
O2 - BHO: Video - {632F6863-1E54-49FC-A72F-BDEE592EAD52} - C:\WINDOWS\windivx.dll
O2 - BHO: Video - {6430CCA7-032A-4EB0-BCFF-838998E73EF5} - C:\WINDOWS\stream32a.dll
O2 - BHO: Video - {6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A} - C:\WINDOWS\msvideo.dll
O2 - BHO: Video - {80590BC5-F4BA-4AD1-B216-C19EE86E2A77} - C:\WINDOWS\msvideo.dll
O2 - BHO: Video - {95E1D855-9232-48F7-80D9-1ADB65B7939C} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: Video - {BC37F38C-D37C-46FC-AC8D-93ABBCE72947} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: Video - {BC462E4B-C520-4CA9-B1EC-A7DD36FD6D0A} - C:\WINDOWS\windivx.dll
O2 - BHO: Video - {D0995F82-90C7-4C78-9B4C-C1700FB8B120} - C:\WINDOWS\windivx.dll
O2 - BHO: Video - {DA40137D-AE41-4148-BFEC-916B326D5BBD} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: Video - {F5E81149-92B2-47D2-A12B-1B966AB46EA7} - C:\WINDOWS\windivx.dll
O2 - BHO: Video - {FF5137B5-C506-4D9B-8682-E0BE4675B899} - C:\WINDOWS\pmspl.dll
O2 - BHO: Video BHO - {681147C4-D615-461A-960F-655871E315C3} - C:\WINDOWS\{RANDOM}16.dll
O2 - BHO: Video BHO - {681147C4-D615-461A-960F-655871E315C3} - C:\WINDOWS\{RANDOM)32.dll
O2 - BHO: Video BHO - {681147C4-D615-461A-960F-655871E315C3} - C:\WINDOWS\{RANDOM}64.dll
O2 - BHO: VideoData - {15977918-3A04-4982-8E45-EDC618371EBE} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: VideoData - {E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: VideoData - {F856BB9E-855B-498D-883E-3509C550A031} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: VideoInput - {AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4} - C:\WINDOWS\{RANDOM}.dll
O2 - BHO: Video decompressor - {0B686DCA-F3F7-4829-8EB4-B453EEEA7B05} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video decompressor - {12723304-463C-4377-8FEE-FCAB14BF8083} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video decompressor - {490BE71A-AAA4-4616-B6C8-4847CA2972D0} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video decompressor - {5792244C-2237-459B-8E84-FA78184843A8} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video decompressor - {A69E182D-F9CA-4B90-80E9-854CBACCD73B} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video decompressor - {F38636ED-E66E-4A37-822E-0C01F64D6605} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video decompressor - {FB8BB59E-86A8-46CC-9CB9-7307737E7C46} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video decompressor - {FCE457AD-1CFC-4DC7-98DA-047AF95F8B98} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video decompressor - {FD807848-4DCB-43F8-8D98-BD32382E5CEB} - C:\WINDOWS\pandsf.dll
O2 - BHO: Video DivX 3.12 - {09D72564-27E2-4F12-8AB6-03F83E4567DE} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {16096942-15C5-4629-BD81-00A46B2408CA} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {17D562A6-DA3D-4F87-B659-86CD06473AB5} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {26B1DC31-2051-49DD-AEA6-368E702E5B63} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {29C79434-BA0A-4A48-A451-70F19B4A4925} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {36490B2D-77CC-4CC2-B6A6-8A16EC550DAB} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {7A23A1E8-B2AB-4C50-AD12-9E19B747E17C} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {A6D91DAC-AF0D-4DC0-99A8-D7DD836FA34D} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {B6F7666D-887D-45D9-BD0F-9D4CC771A63D} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {BB2A8FD4-B015-43C4-A282-904FDF8B2F09} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {DA927154-CC3A-41A7-9246-CE35FE2E6477} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {E4DF0054-13B7-4A75-967E-1CC787C69FAA} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {F02B8C83-C817-4EA2-A499-29257DA0373A} - C:\WINDOWS\System32\sysdivx.dll
O2 - BHO: Video On-line - {032706C0-EB72-4DF0-ABF6-B89958D2A6CC} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {065B1210-E57F-41AD-90C5-F70D63388640} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {323301C5-CB6B-490C-B59F-E7FAD4D69C93} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {333E0189-EB79-4D24-BA64-FAF768284313} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {66D69CC1-5373-4730-AB8E-24D2AB7FF95F} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {741403DD-46A4-4D58-8FA7-427335C3BBF6} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {7E4C5F57-FF13-4006-A5F6-BE97D9CD6261} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {A9A82440-64E7-4177-86AE-B58DEE731AF3} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {BD907325-42B2-4077-BA63-F636B627C998} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Video On-line - {EF425F00-2D4C-4273-A610-3403026681A6} - C:\WINDOWS\System32\PowerVideo.dll
O2 - BHO: Web Search - {6A719349-BDF5-4268-9019-4ACA0C2562D2} - C:\WINDOWS\websrc32.dll
O2 - BHO: Web Search - {B3E45A9B-7756-46A2-AB14-90175CD374F9} - C:\WINDOWS\websrc32.dll
O2 - BHO: Web Search - {D54F0577-8770-4A63-B926-6A640ED57F06} - C:\WINDOWS\websrc32.dll
O2 - BHO: Windows Media Player - {61FEBF12-793B-4D8A-8513-D1814FE2A395} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {7CF52009-F408-49AE-BBCB-6279CB53BB42} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {7DB0A0E2-FD42-43AE-A12A-760DBBC3C876} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {8161DF25-78BD-412D-8B45-87EFD0839BC6} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {8388F272-9EDA-4F4E-88FD-4711CBA4BA2B} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {8E9C2138-EFA4-4B14-9062-7FD1F7C10E82} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {AFCB0C91-199F-4C49-9F62-09F8CBDAD17A} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {C7E9503C-DA29-4183-8FA9-978C32852C20} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {D480850D-85D1-4836-9AEA-86C185CDAE29} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {D5A7151F-58D0-4AC8-9329-BEDD59625679} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {E01D62BE-3C96-4165-A54F-1A51CD75D6F9} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {F3167A8F-30FF-4BA1-9FF8-03568E53BC1A} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: Windows Media Player - {F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA} - C:\WINDOWS\wmpdxm.dll
O2 - BHO: WinSurf - {11160F05-7B64-4E5C-9C42-C69E2C78CE14} - C:\WINDOWS\winsurf.dll
O2 - BHO: WinSurf - {1F91C786-BBA0-41D2-8B3D-B88242677BAC} - C:\WINDOWS\winsurf.dll
O2 - BHO: WinSurf - {48D8CC16-82FD-4C1B-B3FF-F706C8E75399} - C:\WINDOWS\winsurf.dll
O2 - BHO: WinSurf - {53E30863-280F-4CFA-99AB-55CAEB95271C} - C:\WINDOWS\ps16sys.dll

Download:

Use this URL to Download the latest version:
http://downloads.malwareteks.com/FixIEDef.exe

Mirrors: Alternate official download locations for FixIEDef.exe
http://it-mate.co.uk/downloads/fixiedef/fixiedef.exe
http://hosts-file.net/download/fixiedef/fixiedef.exe
http://avant.it-mate.co.uk/?c=Download&f=Tools/FixIEDef
http://archives.mysteryfcm.co.uk/?f=Security/AntiMalware/Antispyware/FixIEDef

Instructions:

  1. Download FixIEDef.exe by ShadowPuterDude to the Desktop.


  2. Double-click FixIEDef.

    3. FixIEDef ExeFile Image
  3. Click 'OK'

    4. FixIEDef About Image
  4. Click 'Scan'

    5. FixIEDef Main Screen
  5. Click 'OK'

    6. FixIEDef Main Screen

    FixIEDef File Scan

    FixIEDef Registry Scan

    WARNING: FixIEDef will kill all copies of Internet Explorer and Explorer that are running, during removal of malicious files. The icons and Start Menu on your Desktop will not be visible while FixIEDef is removing malicious files. This is necessary to remove parts of the infection that would otherwise not be removed.

  6. Click Exit once FixIEDef displays the All Finished message.

    7. FixIEDef All Finished
  7. Post the FixIEDef log file, located on the Desktop.

    8. FixIEDef Log

    People I Wish to Recognize:
    MysteryFCM (it-mate.co.uk) - for graciously providing download mirrors.
    Nellie2 (malwareremoval.com) - for giving FixIEDef it's original exposure to the Malware Fighting Community in her blog.
    Chaslang (MajorGeeks.com) - for the use of DisableUAC.reg and EnableUAC.reg Windows Vista registry patches; and as always sharing his vast knowledge and his mentorship.
    Halo (MajorGeeks.com) - for testing on Vista x86.
    nosirrah (CastleCops.com and Malwarebytes.org) - Due to his uncanny ability to locate the "Fake Codecs", the FixIEDef database wouldn't be half as large.
    miekiemoes (SpywareInfo.com and many other sites) - for giving FixIEDef additional exposure, her contributions to the FixIEDef database and sharing material.
    Blair (GeekstoGo.com) - for giving FixIEDef additional exposure.
    Bill Castner (aumha.net) - being one of the very first to pick up on and use FixIEDef.
    Katana (SecurityCadets.com) - locating a logic error in the file operations.
    Mosaic1 - pointing me in the right direction on how to include language support for non-English Systems.
    S!Ri - for allowing me to adapt GetPaths.vbs for use in FixIEDef and his contributions to the FixIEDef database.
    Tony Klein - for his contributions to the FixIEDef Database and sharing material
    G.Sandler (a.k.a CreatoR) - FixIEDef incorporates ProcessPathExists AutoIt UDF by CreatoR

    Report all bugs in the BugTracker entry for FixIEDef: >> HERE <<

    Malware Complaints Banner

< ASAP Member Sites | Privacy Policy | Infected? | Want to Help? | Software Piracy | Malware Complaints | About Us | Contact Us | Terms of Service >

Content Copyright 2006-2008 - MalwareTeks
This site is powered by e107, which is released under the terms of the GNU GPL License.


Banner