Here's my LOG PLEASE HELP HijackThis v1.97.7

Discussion in 'adware, spyware & hijack cleaning' started by Dellman, Jun 20, 2004.

Thread Status:
Not open for further replies.
  1. Dellman

    Dellman Registered Member

    Joined:
    Jun 20, 2004
    Posts:
    2
    Location:
    wv
    Hello there and thank you for viewing my thread
    I am total lost !
    By reading the post I feel you guys and girls are my best hope

    My home page keeps chanhing back to this
    res://kptdv.dll/index.html#00010

    I have the adware 6.0 6.181 personal
    spysweeper Version 2.6.1 (Build 45) using software definitions 364

    Logfile of HijackThis v1.97.7
    Scan saved at 8:51:17 PM, on 6/20/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\regsvc.exe
    C:\WINDOWS\system32\MSTask.exe
    C:\WINDOWS\system32\stisvc.exe
    C:\WINDOWS\System32\WBEM\WinMgmt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
    C:\WINDOWS\ipwf.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\WINDOWS\system32\cram32.exe
    C:\WINDOWS\system32\javamr32.exe
    C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE
    C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
    C:\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dell.com/search/index.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://kptdv.dll/index.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {26F6F77F-BB62-AC45-2249-A1698510CF0B} - C:\WINDOWS\system32\d3oc32.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
    O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [ipwf.exe] C:\WINDOWS\ipwf.exe
    O4 - HKCU\..\Run: [Spyware Begone] C:\Documents and Settings\default\Desktop\freescan.exe -FastScan
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKLM\..\RunOnce: [iemg.exe] C:\WINDOWS\system32\iemg.exe
    O4 - HKLM\..\RunOnce: [cram32.exe] C:\WINDOWS\system32\cram32.exe
    O4 - HKLM\..\RunOnce: [javamr32.exe] C:\WINDOWS\system32\javamr32.exe
    O4 - HKLM\..\RunOnce: [sysyz.exe] C:\WINDOWS\system32\sysyz.exe
    O4 - HKLM\..\RunOnce: [javaeb.exe] C:\WINDOWS\system32\javaeb.exe
    O4 - HKLM\..\RunOnce: [apird32.exe] C:\WINDOWS\system32\apird32.exe
    O4 - HKLM\..\RunOnce: [apity.exe] C:\WINDOWS\apity.exe
    O4 - HKLM\..\RunOnce: [atlqr32.exe] C:\WINDOWS\system32\atlqr32.exe
    O4 - HKLM\..\RunOnce: [mfckc32.exe] C:\WINDOWS\mfckc32.exe
    O4 - HKLM\..\RunOnce: [syskq.exe] C:\WINDOWS\system32\syskq.exe
    O4 - HKLM\..\RunOnce: [ntju.exe] C:\WINDOWS\system32\ntju.exe
    O4 - HKLM\..\RunOnce: [ntca32.exe] C:\WINDOWS\ntca32.exe
    O4 - HKLM\..\RunOnce: [atlcq32.exe] C:\WINDOWS\atlcq32.exe
    O4 - HKLM\..\RunOnce: [ielf.exe] C:\WINDOWS\ielf.exe
    O4 - HKLM\..\RunOnce: [mfckz32.exe] C:\WINDOWS\mfckz32.exe
    O4 - HKLM\..\RunOnce: [appmr.exe] C:\WINDOWS\appmr.exe
    O4 - HKLM\..\RunOnce: [msom32.exe] C:\WINDOWS\system32\msom32.exe
    O4 - HKLM\..\RunOnce: [sdkgf.exe] C:\WINDOWS\sdkgf.exe
    O4 - HKLM\..\RunOnce: [appyg32.exe] C:\WINDOWS\system32\appyg32.exe
    O4 - HKLM\..\RunOnce: [msyd32.exe] C:\WINDOWS\msyd32.exe
    O4 - HKLM\..\RunOnce: [winej.exe] C:\WINDOWS\system32\winej.exe
    O4 - HKLM\..\RunOnce: [atlow.exe] C:\WINDOWS\atlow.exe
    O4 - HKLM\..\RunOnce: [d3sr32.exe] C:\WINDOWS\system32\d3sr32.exe
    O4 - HKLM\..\RunOnce: [ntkk.exe] C:\WINDOWS\system32\ntkk.exe
    O4 - HKLM\..\RunOnce: [addfh.exe] C:\WINDOWS\addfh.exe
    O4 - HKLM\..\RunOnce: [atlzi32.exe] C:\WINDOWS\atlzi32.exe
    O4 - HKLM\..\RunOnce: [addqq32.exe] C:\WINDOWS\addqq32.exe
    O4 - HKLM\..\RunOnce: [mfceo.exe] C:\WINDOWS\system32\mfceo.exe
    O4 - HKLM\..\RunOnce: [ntqx32.exe] C:\WINDOWS\ntqx32.exe
    O4 - HKLM\..\RunOnce: [crbv32.exe] C:\WINDOWS\crbv32.exe
    O4 - HKLM\..\RunOnce: [ntzs.exe] C:\WINDOWS\ntzs.exe
    O4 - HKLM\..\RunOnce: [appwy32.exe] C:\WINDOWS\system32\appwy32.exe
    O4 - HKLM\..\RunOnce: [d3ni.exe] C:\WINDOWS\d3ni.exe
    O4 - HKLM\..\RunOnce: [crke32.exe] C:\WINDOWS\system32\crke32.exe
    O4 - HKLM\..\RunOnce: [appsd32.exe] C:\WINDOWS\appsd32.exe
    O4 - HKLM\..\RunOnce: [atlqe32.exe] C:\WINDOWS\system32\atlqe32.exe
    O4 - HKLM\..\RunOnce: [ierl32.exe] C:\WINDOWS\ierl32.exe
    O4 - HKLM\..\RunOnce: [ieoe32.exe] C:\WINDOWS\ieoe32.exe
    O4 - HKLM\..\RunOnce: [crra.exe] C:\WINDOWS\system32\crra.exe
    O4 - HKLM\..\RunOnce: [winnm32.exe] C:\WINDOWS\system32\winnm32.exe
    O4 - HKLM\..\RunOnce: [crgf32.exe] C:\WINDOWS\system32\crgf32.exe
    O4 - HKLM\..\RunOnce: [ntux.exe] C:\WINDOWS\system32\ntux.exe
    O4 - HKLM\..\RunOnce: [javahm.exe] C:\WINDOWS\javahm.exe
    O4 - HKLM\..\RunOnce: [addsw.exe] C:\WINDOWS\system32\addsw.exe
    O4 - HKLM\..\RunOnce: [mfcjo32.exe] C:\WINDOWS\system32\mfcjo32.exe
    O4 - HKLM\..\RunOnce: [syswi32.exe] C:\WINDOWS\system32\syswi32.exe
    O4 - HKLM\..\RunOnce: [netqi.exe] C:\WINDOWS\netqi.exe
    O4 - HKLM\..\RunOnce: [d3wz32.exe] C:\WINDOWS\d3wz32.exe
    O4 - HKLM\..\RunOnce: [mfcrj.exe] C:\WINDOWS\system32\mfcrj.exe
    O4 - HKLM\..\RunOnce: [ntpq.exe] C:\WINDOWS\system32\ntpq.exe
    O4 - HKLM\..\RunOnce: [netka.exe] C:\WINDOWS\netka.exe
    O4 - HKLM\..\RunOnce: [ieha32.exe] C:\WINDOWS\system32\ieha32.exe
    O4 - HKLM\..\RunOnce: [mfcip32.exe] C:\WINDOWS\system32\mfcip32.exe
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV03.EXE
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Dell Home (HKCU)
    O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
    O16 - DPF: Dialpad US Java Applet - http://www.dialpad.com/applet/src/vscp.cab
    O16 - DPF: JT's Blocks - http://download.yahoo.com/games/clients/y/bls0_x.cab
    O16 - DPF: Tornado 21 - http://download.yahoo.com/games/clients/y/t21s0_x.cab
    O16 - DPF: Video Poker - http://download.yahoo.com/games/clients/y/vps0_x.cab
    O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
    O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
    O16 - DPF: Yahoo! Canasta - http://download.yahoo.com/games/clients/y/ys0_x.cab
    O16 - DPF: Yahoo! Checkers - http://download.yahoo.com/games/clients/y/ks0_x.cab
    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab
    O16 - DPF: Yahoo! Chinese Checkers - http://download.games.yahoo.com/games/clients/y/cct0_x.cab
    O16 - DPF: Yahoo! Dominoes - http://download.yahoo.com/games/clients/y/dos0_x.cab
    O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/games/clients/y/dtt1_x.cab
    O16 - DPF: Yahoo! Euchre - http://download.yahoo.com/games/clients/y/es0_x.cab
    O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/flts0_x.cab
    O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs9_x.cab
    O16 - DPF: Yahoo! Gin - http://download.yahoo.com/games/clients/y/ns0_x.cab
    O16 - DPF: Yahoo! Go - http://download.yahoo.com/games/clients/y/gs0_x.cab
    O16 - DPF: Yahoo! Go Fish - http://download.yahoo.com/games/clients/y/zs0_x.cab
    O16 - DPF: Yahoo! Graffiti - http://download.yahoo.com/games/clients/y/grs0_x.cab
    O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks11_x.cab
    O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt0_x.cab
    O16 - DPF: Yahoo! Pool 2 - http://download.yahoo.com/games/clients/y/pos3_x.cab
    O16 - DPF: Yahoo! Reversi - http://download.yahoo.com/games/clients/y/rs0_x.cab
    O16 - DPF: Yahoo! Sheepshead - http://download.yahoo.com/games/clients/y/ds0_x.cab
    O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/games/clients/y/ft3_x.cab
    O16 - DPF: Yahoo! Towers 2.0 - http://download.yahoo.com/games/clients/y/yws0_x.cab
    O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/ws1_x.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
    O16 - DPF: {0D6451B3-FDDA-11D3-BFEC-00D0B725EB0B} (Yahoo! Vision) - http://download.yahoo.com/dl/fv/yv.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) - http://www.msnbc.com/download/nr1228.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...pple.com/borris/us/win/QuickTimeInstaller.exe
    O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/common/snoopy/iesnoopy.cab
    O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productupdates/content/opuc.cab
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4017/ftp.coupons.com/v3121/cpbrkpie.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37663.5700810185
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
     
    Dellman, Jun 20, 2004
    #1
  2. Dellman

    Dellman Registered Member

    Joined:
    Jun 20, 2004
    Posts:
    2
    Location:
    wv
    Can one of you experts Plese Help?

    Hello there and thank you for viewing my thread
    I am total lost !
    By reading the post I feel you guys and girls are my best hope

    My home page keeps chanhing back to this
    res://kptdv.dll/index.html#00010

    I have the adware 6.0 6.181 personal
    spysweeper Version 2.6.1 (Build 45) using software definitions 364

    Logfile of HijackThis v1.97.7
    Scan saved at 8:51:17 PM, on 6/20/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\regsvc.exe
    C:\WINDOWS\system32\MSTask.exe
    C:\WINDOWS\system32\stisvc.exe
    C:\WINDOWS\System32\WBEM\WinMgmt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
    C:\WINDOWS\ipwf.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\WINDOWS\system32\cram32.exe
    C:\WINDOWS\system32\javamr32.exe
    C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE
    C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
    C:\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dell.com/search/index.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://kptdv.dll/index.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {26F6F77F-BB62-AC45-2249-A1698510CF0B} - C:\WINDOWS\system32\d3oc32.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
    O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [ipwf.exe] C:\WINDOWS\ipwf.exe
    O4 - HKCU\..\Run: [Spyware Begone] C:\Documents and Settings\default\Desktop\freescan.exe -FastScan
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKLM\..\RunOnce: [iemg.exe] C:\WINDOWS\system32\iemg.exe
    O4 - HKLM\..\RunOnce: [cram32.exe] C:\WINDOWS\system32\cram32.exe
    O4 - HKLM\..\RunOnce: [javamr32.exe] C:\WINDOWS\system32\javamr32.exe
    O4 - HKLM\..\RunOnce: [sysyz.exe] C:\WINDOWS\system32\sysyz.exe
    O4 - HKLM\..\RunOnce: [javaeb.exe] C:\WINDOWS\system32\javaeb.exe
    O4 - HKLM\..\RunOnce: [apird32.exe] C:\WINDOWS\system32\apird32.exe
    O4 - HKLM\..\RunOnce: [apity.exe] C:\WINDOWS\apity.exe
    O4 - HKLM\..\RunOnce: [atlqr32.exe] C:\WINDOWS\system32\atlqr32.exe
    O4 - HKLM\..\RunOnce: [mfckc32.exe] C:\WINDOWS\mfckc32.exe
    O4 - HKLM\..\RunOnce: [syskq.exe] C:\WINDOWS\system32\syskq.exe
    O4 - HKLM\..\RunOnce: [ntju.exe] C:\WINDOWS\system32\ntju.exe
    O4 - HKLM\..\RunOnce: [ntca32.exe] C:\WINDOWS\ntca32.exe
    O4 - HKLM\..\RunOnce: [atlcq32.exe] C:\WINDOWS\atlcq32.exe
    O4 - HKLM\..\RunOnce: [ielf.exe] C:\WINDOWS\ielf.exe
    O4 - HKLM\..\RunOnce: [mfckz32.exe] C:\WINDOWS\mfckz32.exe
    O4 - HKLM\..\RunOnce: [appmr.exe] C:\WINDOWS\appmr.exe
    O4 - HKLM\..\RunOnce: [msom32.exe] C:\WINDOWS\system32\msom32.exe
    O4 - HKLM\..\RunOnce: [sdkgf.exe] C:\WINDOWS\sdkgf.exe
    O4 - HKLM\..\RunOnce: [appyg32.exe] C:\WINDOWS\system32\appyg32.exe
    O4 - HKLM\..\RunOnce: [msyd32.exe] C:\WINDOWS\msyd32.exe
    O4 - HKLM\..\RunOnce: [winej.exe] C:\WINDOWS\system32\winej.exe
    O4 - HKLM\..\RunOnce: [atlow.exe] C:\WINDOWS\atlow.exe
    O4 - HKLM\..\RunOnce: [d3sr32.exe] C:\WINDOWS\system32\d3sr32.exe
    O4 - HKLM\..\RunOnce: [ntkk.exe] C:\WINDOWS\system32\ntkk.exe
    O4 - HKLM\..\RunOnce: [addfh.exe] C:\WINDOWS\addfh.exe
    O4 - HKLM\..\RunOnce: [atlzi32.exe] C:\WINDOWS\atlzi32.exe
    O4 - HKLM\..\RunOnce: [addqq32.exe] C:\WINDOWS\addqq32.exe
    O4 - HKLM\..\RunOnce: [mfceo.exe] C:\WINDOWS\system32\mfceo.exe
    O4 - HKLM\..\RunOnce: [ntqx32.exe] C:\WINDOWS\ntqx32.exe
    O4 - HKLM\..\RunOnce: [crbv32.exe] C:\WINDOWS\crbv32.exe
    O4 - HKLM\..\RunOnce: [ntzs.exe] C:\WINDOWS\ntzs.exe
    O4 - HKLM\..\RunOnce: [appwy32.exe] C:\WINDOWS\system32\appwy32.exe
    O4 - HKLM\..\RunOnce: [d3ni.exe] C:\WINDOWS\d3ni.exe
    O4 - HKLM\..\RunOnce: [crke32.exe] C:\WINDOWS\system32\crke32.exe
    O4 - HKLM\..\RunOnce: [appsd32.exe] C:\WINDOWS\appsd32.exe
    O4 - HKLM\..\RunOnce: [atlqe32.exe] C:\WINDOWS\system32\atlqe32.exe
    O4 - HKLM\..\RunOnce: [ierl32.exe] C:\WINDOWS\ierl32.exe
    O4 - HKLM\..\RunOnce: [ieoe32.exe] C:\WINDOWS\ieoe32.exe
    O4 - HKLM\..\RunOnce: [crra.exe] C:\WINDOWS\system32\crra.exe
    O4 - HKLM\..\RunOnce: [winnm32.exe] C:\WINDOWS\system32\winnm32.exe
    O4 - HKLM\..\RunOnce: [crgf32.exe] C:\WINDOWS\system32\crgf32.exe
    O4 - HKLM\..\RunOnce: [ntux.exe] C:\WINDOWS\system32\ntux.exe
    O4 - HKLM\..\RunOnce: [javahm.exe] C:\WINDOWS\javahm.exe
    O4 - HKLM\..\RunOnce: [addsw.exe] C:\WINDOWS\system32\addsw.exe
    O4 - HKLM\..\RunOnce: [mfcjo32.exe] C:\WINDOWS\system32\mfcjo32.exe
    O4 - HKLM\..\RunOnce: [syswi32.exe] C:\WINDOWS\system32\syswi32.exe
    O4 - HKLM\..\RunOnce: [netqi.exe] C:\WINDOWS\netqi.exe
    O4 - HKLM\..\RunOnce: [d3wz32.exe] C:\WINDOWS\d3wz32.exe
    O4 - HKLM\..\RunOnce: [mfcrj.exe] C:\WINDOWS\system32\mfcrj.exe
    O4 - HKLM\..\RunOnce: [ntpq.exe] C:\WINDOWS\system32\ntpq.exe
    O4 - HKLM\..\RunOnce: [netka.exe] C:\WINDOWS\netka.exe
    O4 - HKLM\..\RunOnce: [ieha32.exe] C:\WINDOWS\system32\ieha32.exe
    O4 - HKLM\..\RunOnce: [mfcip32.exe] C:\WINDOWS\system32\mfcip32.exe
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV03.EXE
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Dell Home (HKCU)
    O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
    O16 - DPF: Dialpad US Java Applet - http://www.dialpad.com/applet/src/vscp.cab
    O16 - DPF: JT's Blocks - http://download.yahoo.com/games/clients/y/bls0_x.cab
    O16 - DPF: Tornado 21 - http://download.yahoo.com/games/clients/y/t21s0_x.cab
    O16 - DPF: Video Poker - http://download.yahoo.com/games/clients/y/vps0_x.cab
    O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/gam...nts/y/xt0_x.cab
    O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/gam...nts/y/jt0_x.cab
    O16 - DPF: Yahoo! Canasta - http://download.yahoo.com/games/clients/y/ys0_x.cab
    O16 - DPF: Yahoo! Checkers - http://download.yahoo.com/games/clients/y/ks0_x.cab
    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/gam...nts/y/ct1_x.cab
    O16 - DPF: Yahoo! Chinese Checkers - http://download.games.yahoo.com/gam...ts/y/cct0_x.cab
    O16 - DPF: Yahoo! Dominoes - http://download.yahoo.com/games/clients/y/dos0_x.cab
    O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/gam...ts/y/dtt1_x.cab
    O16 - DPF: Yahoo! Euchre - http://download.yahoo.com/games/clients/y/es0_x.cab
    O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/gam...s/y/flts0_x.cab
    O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs9_x.cab
    O16 - DPF: Yahoo! Gin - http://download.yahoo.com/games/clients/y/ns0_x.cab
    O16 - DPF: Yahoo! Go - http://download.yahoo.com/games/clients/y/gs0_x.cab
    O16 - DPF: Yahoo! Go Fish - http://download.yahoo.com/games/clients/y/zs0_x.cab
    O16 - DPF: Yahoo! Graffiti - http://download.yahoo.com/games/clients/y/grs0_x.cab
    O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks11_x.cab
    O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/gam...nts/y/pt0_x.cab
    O16 - DPF: Yahoo! Pool 2 - http://download.yahoo.com/games/clients/y/pos3_x.cab
    O16 - DPF: Yahoo! Reversi - http://download.yahoo.com/games/clients/y/rs0_x.cab
    O16 - DPF: Yahoo! Sheepshead - http://download.yahoo.com/games/clients/y/ds0_x.cab
    O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/gam...nts/y/ft3_x.cab
    O16 - DPF: Yahoo! Towers 2.0 - http://download.yahoo.com/games/clients/y/yws0_x.cab
    O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/gam...nts/y/ws1_x.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdcco...oad/tgctlcm.cab
    O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
    O16 - DPF: {0D6451B3-FDDA-11D3-BFEC-00D0B725EB0B} (Yahoo! Vision) - http://download.yahoo.com/dl/fv/yv.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/...ector/swdir.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) - http://www.msnbc.com/download/nr1228.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
    O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/c...py/iesnoopy.cab
    O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/product...ontent/opuc.cab
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4...21/cpbrkpie.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...7663.5700810185
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pu...ash/swflash.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuit.../ITDetector.cab
    O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
     
    Dellman, Jun 21, 2004
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...