The New Tech - View Single Post - HijackThis Log: Self-Guide

**DaveMo~** · Nov 8, 2005, 08:31pm

O2 - Browser Helper Objects

Sample list items:

O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLL
O2 - BHO: (no name) - {1A214F62-47A7-4CA3-9D00-95A3965A8B4A} - C:\PROGRAM FILES\POPUP ELIMINATOR\AUTODISPLAY401.DLL (file missing)
O2 - BHO: MediaLoads Enhanced - {85A702BA-EA8F-4B83-AA07-07A5186ACD7E} - C:\PROGRAM FILES\MEDIALOADS ENHANCED\ME1.DLL

Instructions:
If you don't readily recognize a Browser Helper Object's name, use TonyK's BHO List (official list here) to find it by the class ID (CLSID, the number between curly brackets) to see if it's good or bad. Listed BHO's are tagged X for certified spyware or other malware, L for legitimate items, O for 'open to debate' and ? for BHOs of unknown status.

BHO List Zip File
SpywareInfo BHOs information

-------------------------------------------------------------------------

O3 - IE toolbars

Sample list items:

O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLL
O3 - Toolbar: Popup Eliminator - {86BCA93E-457B-4054-AFB0-E428DA1563E1} - C:\PROGRAM FILES\POPUP ELIMINATOR\PETOOLBAR401.DLL (file missing)
O3 - Toolbar: rzillcgthjx - {5996aaf3-5c08-44a9-ac12-1843fd03df0a} - C:\WINDOWS\APPLICATION DATA\CKSTPRLLNQUL.DLL

Instructions:
If you don't readily recognize a toolbar's name, use TonyK's Toolbar List (link above) to find it by the class ID (CLSID, the number between the curly brackets) to see if it's good or bad. Listed BHO's are tagged X for certified spyware or other malware, L for legitimate items, O for 'open to debate' and ? for BHOs of unknown status.

If it is not on the list, and (1) the name seems to be a random string of characters, and (2) the file is somewhere in a folder named "Application Data", then it is definitely bad and you should have HJT fix it.

Nov 8, 2005, 08:31pm
DaveMo~ Witty Title Posts: 1,548 Name: Dave Karma:	O2 - Browser Helper Objects Sample list items: O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLL O2 - BHO: (no name) - {1A214F62-47A7-4CA3-9D00-95A3965A8B4A} - C:\PROGRAM FILES\POPUP ELIMINATOR\AUTODISPLAY401.DLL (file missing) O2 - BHO: MediaLoads Enhanced - {85A702BA-EA8F-4B83-AA07-07A5186ACD7E} - C:\PROGRAM FILES\MEDIALOADS ENHANCED\ME1.DLL Instructions: If you don't readily recognize a Browser Helper Object's name, use TonyK's BHO List (official list here) to find it by the class ID (CLSID, the number between curly brackets) to see if it's good or bad. Listed BHO's are tagged X for certified spyware or other malware, L for legitimate items, O for 'open to debate' and ? for BHOs of unknown status. BHO List Zip File SpywareInfo BHOs information ------------------------------------------------------------------------- O3 - IE toolbars Sample list items: O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLL O3 - Toolbar: Popup Eliminator - {86BCA93E-457B-4054-AFB0-E428DA1563E1} - C:\PROGRAM FILES\POPUP ELIMINATOR\PETOOLBAR401.DLL (file missing) O3 - Toolbar: rzillcgthjx - {5996aaf3-5c08-44a9-ac12-1843fd03df0a} - C:\WINDOWS\APPLICATION DATA\CKSTPRLLNQUL.DLL Instructions: If you don't readily recognize a toolbar's name, use TonyK's Toolbar List (link above) to find it by the class ID (CLSID, the number between the curly brackets) to see if it's good or bad. Listed BHO's are tagged X for certified spyware or other malware, L for legitimate items, O for 'open to debate' and ? for BHOs of unknown status. If it is not on the list, and (1) the name seems to be a random string of characters, and (2) the file is somewhere in a folder named "Application Data", then it is definitely bad and you should have HJT fix it.