Pieter_Arntz
December 1st, 2003, 09:50 AM
This one is showing up very frequently.
In HijackThis fix the R0/R1 items pointing to searchcentrix.com
And the BHO that starts it:
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-DFF7-EC6BF4D5FA7D} - C:\WINDOWS\gsim.dll
Other BHO's that are planted by searchcentrix:
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FB-EF60B19DA02A} - C:\WINNT\system32\wzhelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-D1F7-EB6DB99AA97D} - C:\WINDOWS\DOWNLO~1\somatic.dll***
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-D7E4-F660B597BF2A} - C:\WINDOWS\SYSTEM\WEBALIZE.DLL
O2 - BHO: (no name) - {CD2A865B-6C0F-44F9-BAA1-7CDB31E04BC8} - C:\WINDOWS\System32\BarBHO.dll
Not yet confirmed, but very likely other variants:
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-98F7-EB6DB99AA93B} - C:\WINDOWS\System32\ifsomatic.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FB-EF60B19DBC34} - C:\WINDOWS\System32\ifhelper.dll
******
HTH,
Pieter
In HijackThis fix the R0/R1 items pointing to searchcentrix.com
And the BHO that starts it:
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-DFF7-EC6BF4D5FA7D} - C:\WINDOWS\gsim.dll
Other BHO's that are planted by searchcentrix:
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FB-EF60B19DA02A} - C:\WINNT\system32\wzhelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-D1F7-EB6DB99AA97D} - C:\WINDOWS\DOWNLO~1\somatic.dll***
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-D7E4-F660B597BF2A} - C:\WINDOWS\SYSTEM\WEBALIZE.DLL
O2 - BHO: (no name) - {CD2A865B-6C0F-44F9-BAA1-7CDB31E04BC8} - C:\WINDOWS\System32\BarBHO.dll
Not yet confirmed, but very likely other variants:
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-98F7-EB6DB99AA93B} - C:\WINDOWS\System32\ifsomatic.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FB-EF60B19DBC34} - C:\WINDOWS\System32\ifhelper.dll
******
HTH,
Pieter