|
|
|||||||
| Spyware Cleaning Section Closed!! |
| Notice: The spyware cleaning (HijackThis) section is closed. Wilders Security no longer provides one on one spyware cleaning assistance. Please see this announcement for a list of websites that provide such services. |
|
|
Thread Tools | Search this Thread |
|
#1
June 20th, 2004, 09:29 PM
|
|||
|
|||
Here's my LOG PLEASE HELP HijackThis v1.97.7
Hello there and thank you for viewing my thread
I am total lost ! By reading the post I feel you guys and girls are my best hope My home page keeps chanhing back to this res://kptdv.dll/index.html#00010 I have the adware 6.0 6.181 personal spysweeper Version 2.6.1 (Build 45) using software definitions 364 Logfile of HijackThis v1.97.7 Scan saved at 8:51:17 PM, on 6/20/2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\PROGRA~1\Grisoft\AVG6\avgserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\regsvc.exe C:\WINDOWS\system32\MSTask.exe C:\WINDOWS\system32\stisvc.exe C:\WINDOWS\System32\WBEM\WinMgmt.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\P2P Networking\P2P Networking.exe C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe C:\Program Files\Dell AIO Printer A940\dlbabmon.exe C:\WINDOWS\ipwf.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe C:\WINDOWS\system32\cram32.exe C:\WINDOWS\system32\javamr32.exe C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dell.com/search/index.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://kptdv.dll/index.html#00010 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\kptdv.dll/sp.html#00010 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {26F6F77F-BB62-AC45-2249-A1698510CF0B} - C:\WINDOWS\system32\d3oc32.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [ipwf.exe] C:\WINDOWS\ipwf.exe O4 - HKCU\..\Run: [Spyware Begone] C:\Documents and Settings\default\Desktop\freescan.exe -FastScan O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0 O4 - HKLM\..\RunOnce: [iemg.exe] C:\WINDOWS\system32\iemg.exe O4 - HKLM\..\RunOnce: [cram32.exe] C:\WINDOWS\system32\cram32.exe O4 - HKLM\..\RunOnce: [javamr32.exe] C:\WINDOWS\system32\javamr32.exe O4 - HKLM\..\RunOnce: [sysyz.exe] C:\WINDOWS\system32\sysyz.exe O4 - HKLM\..\RunOnce: [javaeb.exe] C:\WINDOWS\system32\javaeb.exe O4 - HKLM\..\RunOnce: [apird32.exe] C:\WINDOWS\system32\apird32.exe O4 - HKLM\..\RunOnce: [apity.exe] C:\WINDOWS\apity.exe O4 - HKLM\..\RunOnce: [atlqr32.exe] C:\WINDOWS\system32\atlqr32.exe O4 - HKLM\..\RunOnce: [mfckc32.exe] C:\WINDOWS\mfckc32.exe O4 - HKLM\..\RunOnce: [syskq.exe] C:\WINDOWS\system32\syskq.exe O4 - HKLM\..\RunOnce: [ntju.exe] C:\WINDOWS\system32\ntju.exe O4 - HKLM\..\RunOnce: [ntca32.exe] C:\WINDOWS\ntca32.exe O4 - HKLM\..\RunOnce: [atlcq32.exe] C:\WINDOWS\atlcq32.exe O4 - HKLM\..\RunOnce: [ielf.exe] C:\WINDOWS\ielf.exe O4 - HKLM\..\RunOnce: [mfckz32.exe] C:\WINDOWS\mfckz32.exe O4 - HKLM\..\RunOnce: [appmr.exe] C:\WINDOWS\appmr.exe O4 - HKLM\..\RunOnce: [msom32.exe] C:\WINDOWS\system32\msom32.exe O4 - HKLM\..\RunOnce: [sdkgf.exe] C:\WINDOWS\sdkgf.exe O4 - HKLM\..\RunOnce: [appyg32.exe] C:\WINDOWS\system32\appyg32.exe O4 - HKLM\..\RunOnce: [msyd32.exe] C:\WINDOWS\msyd32.exe O4 - HKLM\..\RunOnce: [winej.exe] C:\WINDOWS\system32\winej.exe O4 - HKLM\..\RunOnce: [atlow.exe] C:\WINDOWS\atlow.exe O4 - HKLM\..\RunOnce: [d3sr32.exe] C:\WINDOWS\system32\d3sr32.exe O4 - HKLM\..\RunOnce: [ntkk.exe] C:\WINDOWS\system32\ntkk.exe O4 - HKLM\..\RunOnce: [addfh.exe] C:\WINDOWS\addfh.exe O4 - HKLM\..\RunOnce: [atlzi32.exe] C:\WINDOWS\atlzi32.exe O4 - HKLM\..\RunOnce: [addqq32.exe] C:\WINDOWS\addqq32.exe O4 - HKLM\..\RunOnce: [mfceo.exe] C:\WINDOWS\system32\mfceo.exe O4 - HKLM\..\RunOnce: [ntqx32.exe] C:\WINDOWS\ntqx32.exe O4 - HKLM\..\RunOnce: [crbv32.exe] C:\WINDOWS\crbv32.exe O4 - HKLM\..\RunOnce: [ntzs.exe] C:\WINDOWS\ntzs.exe O4 - HKLM\..\RunOnce: [appwy32.exe] C:\WINDOWS\system32\appwy32.exe O4 - HKLM\..\RunOnce: [d3ni.exe] C:\WINDOWS\d3ni.exe O4 - HKLM\..\RunOnce: [crke32.exe] C:\WINDOWS\system32\crke32.exe O4 - HKLM\..\RunOnce: [appsd32.exe] C:\WINDOWS\appsd32.exe O4 - HKLM\..\RunOnce: [atlqe32.exe] C:\WINDOWS\system32\atlqe32.exe O4 - HKLM\..\RunOnce: [ierl32.exe] C:\WINDOWS\ierl32.exe O4 - HKLM\..\RunOnce: [ieoe32.exe] C:\WINDOWS\ieoe32.exe O4 - HKLM\..\RunOnce: [crra.exe] C:\WINDOWS\system32\crra.exe O4 - HKLM\..\RunOnce: [winnm32.exe] C:\WINDOWS\system32\winnm32.exe O4 - HKLM\..\RunOnce: [crgf32.exe] C:\WINDOWS\system32\crgf32.exe O4 - HKLM\..\RunOnce: [ntux.exe] C:\WINDOWS\system32\ntux.exe O4 - HKLM\..\RunOnce: [javahm.exe] C:\WINDOWS\javahm.exe O4 - HKLM\..\RunOnce: [addsw.exe] C:\WINDOWS\system32\addsw.exe O4 - HKLM\..\RunOnce: [mfcjo32.exe] C:\WINDOWS\system32\mfcjo32.exe O4 - HKLM\..\RunOnce: [syswi32.exe] C:\WINDOWS\system32\syswi32.exe O4 - HKLM\..\RunOnce: [netqi.exe] C:\WINDOWS\netqi.exe O4 - HKLM\..\RunOnce: [d3wz32.exe] C:\WINDOWS\d3wz32.exe O4 - HKLM\..\RunOnce: [mfcrj.exe] C:\WINDOWS\system32\mfcrj.exe O4 - HKLM\..\RunOnce: [ntpq.exe] C:\WINDOWS\system32\ntpq.exe O4 - HKLM\..\RunOnce: [netka.exe] C:\WINDOWS\netka.exe O4 - HKLM\..\RunOnce: [ieha32.exe] C:\WINDOWS\system32\ieha32.exe O4 - HKLM\..\RunOnce: [mfcip32.exe] C:\WINDOWS\system32\mfcip32.exe O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV03.EXE O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Dell Home (HKCU) O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net O16 - DPF: Dialpad US Java Applet - http://www.dialpad.com/applet/src/vscp.cab O16 - DPF: JT's Blocks - http://download.yahoo.com/games/clients/y/bls0_x.cab O16 - DPF: Tornado 21 - http://download.yahoo.com/games/clients/y/t21s0_x.cab O16 - DPF: Video Poker - http://download.yahoo.com/games/clients/y/vps0_x.cab O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/game...ts/y/xt0_x.cab O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/game...ts/y/jt0_x.cab O16 - DPF: Yahoo! Canasta - http://download.yahoo.com/games/clients/y/ys0_x.cab O16 - DPF: Yahoo! Checkers - http://download.yahoo.com/games/clients/y/ks0_x.cab O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/game...ts/y/ct1_x.cab O16 - DPF: Yahoo! Chinese Checkers - http://download.games.yahoo.com/game...s/y/cct0_x.cab O16 - DPF: Yahoo! Dominoes - http://download.yahoo.com/games/clients/y/dos0_x.cab O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/game...s/y/dtt1_x.cab O16 - DPF: Yahoo! Euchre - http://download.yahoo.com/games/clients/y/es0_x.cab O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/game.../y/flts0_x.cab O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs9_x.cab O16 - DPF: Yahoo! Gin - http://download.yahoo.com/games/clients/y/ns0_x.cab O16 - DPF: Yahoo! Go - http://download.yahoo.com/games/clients/y/gs0_x.cab O16 - DPF: Yahoo! Go Fish - http://download.yahoo.com/games/clients/y/zs0_x.cab O16 - DPF: Yahoo! Graffiti - http://download.yahoo.com/games/clients/y/grs0_x.cab O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks11_x.cab O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/game...ts/y/pt0_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.yahoo.com/games/clients/y/pos3_x.cab O16 - DPF: Yahoo! Reversi - http://download.yahoo.com/games/clients/y/rs0_x.cab O16 - DPF: Yahoo! Sheepshead - http://download.yahoo.com/games/clients/y/ds0_x.cab O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/game...ts/y/ft3_x.cab O16 - DPF: Yahoo! Towers 2.0 - http://download.yahoo.com/games/clients/y/yws0_x.cab O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/game...ts/y/ws1_x.cab O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdccom...ad/tgctlcm.cab O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab O16 - DPF: {0D6451B3-FDDA-11D3-BFEC-00D0B725EB0B} (Yahoo! Vision) - http://download.yahoo.com/dl/fv/yv.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...ctor/swdir.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) - http://www.msnbc.com/download/nr1228.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/co...y/iesnoopy.cab O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productu...ntent/opuc.cab O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/40...1/cpbrkpie.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...663.5700810185 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub...sh/swflash.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN.cab O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab |
|
#2
June 21st, 2004, 09:19 PM
|
|||
|
|||
|
Can one of you experts Plese Help?
Hello there and thank you for viewing my thread
I am total lost ! By reading the post I feel you guys and girls are my best hope My home page keeps chanhing back to this res://kptdv.dll/index.html#00010 I have the adware 6.0 6.181 personal spysweeper Version 2.6.1 (Build 45) using software definitions 364 Logfile of HijackThis v1.97.7 Scan saved at 8:51:17 PM, on 6/20/2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\PROGRA~1\Grisoft\AVG6\avgserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\regsvc.exe C:\WINDOWS\system32\MSTask.exe C:\WINDOWS\system32\stisvc.exe C:\WINDOWS\System32\WBEM\WinMgmt.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\P2P Networking\P2P Networking.exe C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe C:\Program Files\Dell AIO Printer A940\dlbabmon.exe C:\WINDOWS\ipwf.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe C:\WINDOWS\system32\cram32.exe C:\WINDOWS\system32\javamr32.exe C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dell.com/search/index.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://kptdv.dll/index.html#00010 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\kptdv.dll/sp.html#00010 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {26F6F77F-BB62-AC45-2249-A1698510CF0B} - C:\WINDOWS\system32\d3oc32.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [ipwf.exe] C:\WINDOWS\ipwf.exe O4 - HKCU\..\Run: [Spyware Begone] C:\Documents and Settings\default\Desktop\freescan.exe -FastScan O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0 O4 - HKLM\..\RunOnce: [iemg.exe] C:\WINDOWS\system32\iemg.exe O4 - HKLM\..\RunOnce: [cram32.exe] C:\WINDOWS\system32\cram32.exe O4 - HKLM\..\RunOnce: [javamr32.exe] C:\WINDOWS\system32\javamr32.exe O4 - HKLM\..\RunOnce: [sysyz.exe] C:\WINDOWS\system32\sysyz.exe O4 - HKLM\..\RunOnce: [javaeb.exe] C:\WINDOWS\system32\javaeb.exe O4 - HKLM\..\RunOnce: [apird32.exe] C:\WINDOWS\system32\apird32.exe O4 - HKLM\..\RunOnce: [apity.exe] C:\WINDOWS\apity.exe O4 - HKLM\..\RunOnce: [atlqr32.exe] C:\WINDOWS\system32\atlqr32.exe O4 - HKLM\..\RunOnce: [mfckc32.exe] C:\WINDOWS\mfckc32.exe O4 - HKLM\..\RunOnce: [syskq.exe] C:\WINDOWS\system32\syskq.exe O4 - HKLM\..\RunOnce: [ntju.exe] C:\WINDOWS\system32\ntju.exe O4 - HKLM\..\RunOnce: [ntca32.exe] C:\WINDOWS\ntca32.exe O4 - HKLM\..\RunOnce: [atlcq32.exe] C:\WINDOWS\atlcq32.exe O4 - HKLM\..\RunOnce: [ielf.exe] C:\WINDOWS\ielf.exe O4 - HKLM\..\RunOnce: [mfckz32.exe] C:\WINDOWS\mfckz32.exe O4 - HKLM\..\RunOnce: [appmr.exe] C:\WINDOWS\appmr.exe O4 - HKLM\..\RunOnce: [msom32.exe] C:\WINDOWS\system32\msom32.exe O4 - HKLM\..\RunOnce: [sdkgf.exe] C:\WINDOWS\sdkgf.exe O4 - HKLM\..\RunOnce: [appyg32.exe] C:\WINDOWS\system32\appyg32.exe O4 - HKLM\..\RunOnce: [msyd32.exe] C:\WINDOWS\msyd32.exe O4 - HKLM\..\RunOnce: [winej.exe] C:\WINDOWS\system32\winej.exe O4 - HKLM\..\RunOnce: [atlow.exe] C:\WINDOWS\atlow.exe O4 - HKLM\..\RunOnce: [d3sr32.exe] C:\WINDOWS\system32\d3sr32.exe O4 - HKLM\..\RunOnce: [ntkk.exe] C:\WINDOWS\system32\ntkk.exe O4 - HKLM\..\RunOnce: [addfh.exe] C:\WINDOWS\addfh.exe O4 - HKLM\..\RunOnce: [atlzi32.exe] C:\WINDOWS\atlzi32.exe O4 - HKLM\..\RunOnce: [addqq32.exe] C:\WINDOWS\addqq32.exe O4 - HKLM\..\RunOnce: [mfceo.exe] C:\WINDOWS\system32\mfceo.exe O4 - HKLM\..\RunOnce: [ntqx32.exe] C:\WINDOWS\ntqx32.exe O4 - HKLM\..\RunOnce: [crbv32.exe] C:\WINDOWS\crbv32.exe O4 - HKLM\..\RunOnce: [ntzs.exe] C:\WINDOWS\ntzs.exe O4 - HKLM\..\RunOnce: [appwy32.exe] C:\WINDOWS\system32\appwy32.exe O4 - HKLM\..\RunOnce: [d3ni.exe] C:\WINDOWS\d3ni.exe O4 - HKLM\..\RunOnce: [crke32.exe] C:\WINDOWS\system32\crke32.exe O4 - HKLM\..\RunOnce: [appsd32.exe] C:\WINDOWS\appsd32.exe O4 - HKLM\..\RunOnce: [atlqe32.exe] C:\WINDOWS\system32\atlqe32.exe O4 - HKLM\..\RunOnce: [ierl32.exe] C:\WINDOWS\ierl32.exe O4 - HKLM\..\RunOnce: [ieoe32.exe] C:\WINDOWS\ieoe32.exe O4 - HKLM\..\RunOnce: [crra.exe] C:\WINDOWS\system32\crra.exe O4 - HKLM\..\RunOnce: [winnm32.exe] C:\WINDOWS\system32\winnm32.exe O4 - HKLM\..\RunOnce: [crgf32.exe] C:\WINDOWS\system32\crgf32.exe O4 - HKLM\..\RunOnce: [ntux.exe] C:\WINDOWS\system32\ntux.exe O4 - HKLM\..\RunOnce: [javahm.exe] C:\WINDOWS\javahm.exe O4 - HKLM\..\RunOnce: [addsw.exe] C:\WINDOWS\system32\addsw.exe O4 - HKLM\..\RunOnce: [mfcjo32.exe] C:\WINDOWS\system32\mfcjo32.exe O4 - HKLM\..\RunOnce: [syswi32.exe] C:\WINDOWS\system32\syswi32.exe O4 - HKLM\..\RunOnce: [netqi.exe] C:\WINDOWS\netqi.exe O4 - HKLM\..\RunOnce: [d3wz32.exe] C:\WINDOWS\d3wz32.exe O4 - HKLM\..\RunOnce: [mfcrj.exe] C:\WINDOWS\system32\mfcrj.exe O4 - HKLM\..\RunOnce: [ntpq.exe] C:\WINDOWS\system32\ntpq.exe O4 - HKLM\..\RunOnce: [netka.exe] C:\WINDOWS\netka.exe O4 - HKLM\..\RunOnce: [ieha32.exe] C:\WINDOWS\system32\ieha32.exe O4 - HKLM\..\RunOnce: [mfcip32.exe] C:\WINDOWS\system32\mfcip32.exe O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV03.EXE O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Dell Home (HKCU) O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net O16 - DPF: Dialpad US Java Applet - http://www.dialpad.com/applet/src/vscp.cab O16 - DPF: JT's Blocks - http://download.yahoo.com/games/clients/y/bls0_x.cab O16 - DPF: Tornado 21 - http://download.yahoo.com/games/clients/y/t21s0_x.cab O16 - DPF: Video Poker - http://download.yahoo.com/games/clients/y/vps0_x.cab O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/gam...nts/y/xt0_x.cab O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/gam...nts/y/jt0_x.cab O16 - DPF: Yahoo! Canasta - http://download.yahoo.com/games/clients/y/ys0_x.cab O16 - DPF: Yahoo! Checkers - http://download.yahoo.com/games/clients/y/ks0_x.cab O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/gam...nts/y/ct1_x.cab O16 - DPF: Yahoo! Chinese Checkers - http://download.games.yahoo.com/gam...ts/y/cct0_x.cab O16 - DPF: Yahoo! Dominoes - http://download.yahoo.com/games/clients/y/dos0_x.cab O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/gam...ts/y/dtt1_x.cab O16 - DPF: Yahoo! Euchre - http://download.yahoo.com/games/clients/y/es0_x.cab O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/gam...s/y/flts0_x.cab O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs9_x.cab O16 - DPF: Yahoo! Gin - http://download.yahoo.com/games/clients/y/ns0_x.cab O16 - DPF: Yahoo! Go - http://download.yahoo.com/games/clients/y/gs0_x.cab O16 - DPF: Yahoo! Go Fish - http://download.yahoo.com/games/clients/y/zs0_x.cab O16 - DPF: Yahoo! Graffiti - http://download.yahoo.com/games/clients/y/grs0_x.cab O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks11_x.cab O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/gam...nts/y/pt0_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.yahoo.com/games/clients/y/pos3_x.cab O16 - DPF: Yahoo! Reversi - http://download.yahoo.com/games/clients/y/rs0_x.cab O16 - DPF: Yahoo! Sheepshead - http://download.yahoo.com/games/clients/y/ds0_x.cab O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/gam...nts/y/ft3_x.cab O16 - DPF: Yahoo! Towers 2.0 - http://download.yahoo.com/games/clients/y/yws0_x.cab O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/gam...nts/y/ws1_x.cab O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdcco...oad/tgctlcm.cab O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab O16 - DPF: {0D6451B3-FDDA-11D3-BFEC-00D0B725EB0B} (Yahoo! Vision) - http://download.yahoo.com/dl/fv/yv.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/...ector/swdir.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) - http://www.msnbc.com/download/nr1228.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/c...py/iesnoopy.cab O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/product...ontent/opuc.cab O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4...21/cpbrkpie.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...7663.5700810185 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pu...ash/swflash.cab O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuit.../ITDetector.cab O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN.cab O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
