Here's my LOG PLEASE HELP HijackThis v1.97.7

Discussion in 'adware, spyware & hijack cleaning' started by Dellman, Jun 20, 2004.

Thread Status:
Not open for further replies.
  1. Dellman

    Dellman Registered Member

    Joined:
    Jun 20, 2004
    Posts:
    2
    Location:
    wv
    Hello there and thank you for viewing my thread
    I am total lost !
    By reading the post I feel you guys and girls are my best hope

    My home page keeps chanhing back to this
    res://kptdv.dll/index.html#00010

    I have the adware 6.0 6.181 personal
    spysweeper Version 2.6.1 (Build 45) using software definitions 364

    Logfile of HijackThis v1.97.7
    Scan saved at 8:51:17 PM, on 6/20/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\regsvc.exe
    C:\WINDOWS\system32\MSTask.exe
    C:\WINDOWS\system32\stisvc.exe
    C:\WINDOWS\System32\WBEM\WinMgmt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
    C:\WINDOWS\ipwf.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\WINDOWS\system32\cram32.exe
    C:\WINDOWS\system32\javamr32.exe
    C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE
    C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
    C:\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dell.com/search/index.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://kptdv.dll/index.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {26F6F77F-BB62-AC45-2249-A1698510CF0B} - C:\WINDOWS\system32\d3oc32.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
    O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [ipwf.exe] C:\WINDOWS\ipwf.exe
    O4 - HKCU\..\Run: [Spyware Begone] C:\Documents and Settings\default\Desktop\freescan.exe -FastScan
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKLM\..\RunOnce: [iemg.exe] C:\WINDOWS\system32\iemg.exe
    O4 - HKLM\..\RunOnce: [cram32.exe] C:\WINDOWS\system32\cram32.exe
    O4 - HKLM\..\RunOnce: [javamr32.exe] C:\WINDOWS\system32\javamr32.exe
    O4 - HKLM\..\RunOnce: [sysyz.exe] C:\WINDOWS\system32\sysyz.exe
    O4 - HKLM\..\RunOnce: [javaeb.exe] C:\WINDOWS\system32\javaeb.exe
    O4 - HKLM\..\RunOnce: [apird32.exe] C:\WINDOWS\system32\apird32.exe
    O4 - HKLM\..\RunOnce: [apity.exe] C:\WINDOWS\apity.exe
    O4 - HKLM\..\RunOnce: [atlqr32.exe] C:\WINDOWS\system32\atlqr32.exe
    O4 - HKLM\..\RunOnce: [mfckc32.exe] C:\WINDOWS\mfckc32.exe
    O4 - HKLM\..\RunOnce: [syskq.exe] C:\WINDOWS\system32\syskq.exe
    O4 - HKLM\..\RunOnce: [ntju.exe] C:\WINDOWS\system32\ntju.exe
    O4 - HKLM\..\RunOnce: [ntca32.exe] C:\WINDOWS\ntca32.exe
    O4 - HKLM\..\RunOnce: [atlcq32.exe] C:\WINDOWS\atlcq32.exe
    O4 - HKLM\..\RunOnce: [ielf.exe] C:\WINDOWS\ielf.exe
    O4 - HKLM\..\RunOnce: [mfckz32.exe] C:\WINDOWS\mfckz32.exe
    O4 - HKLM\..\RunOnce: [appmr.exe] C:\WINDOWS\appmr.exe
    O4 - HKLM\..\RunOnce: [msom32.exe] C:\WINDOWS\system32\msom32.exe
    O4 - HKLM\..\RunOnce: [sdkgf.exe] C:\WINDOWS\sdkgf.exe
    O4 - HKLM\..\RunOnce: [appyg32.exe] C:\WINDOWS\system32\appyg32.exe
    O4 - HKLM\..\RunOnce: [msyd32.exe] C:\WINDOWS\msyd32.exe
    O4 - HKLM\..\RunOnce: [winej.exe] C:\WINDOWS\system32\winej.exe
    O4 - HKLM\..\RunOnce: [atlow.exe] C:\WINDOWS\atlow.exe
    O4 - HKLM\..\RunOnce: [d3sr32.exe] C:\WINDOWS\system32\d3sr32.exe
    O4 - HKLM\..\RunOnce: [ntkk.exe] C:\WINDOWS\system32\ntkk.exe
    O4 - HKLM\..\RunOnce: [addfh.exe] C:\WINDOWS\addfh.exe
    O4 - HKLM\..\RunOnce: [atlzi32.exe] C:\WINDOWS\atlzi32.exe
    O4 - HKLM\..\RunOnce: [addqq32.exe] C:\WINDOWS\addqq32.exe
    O4 - HKLM\..\RunOnce: [mfceo.exe] C:\WINDOWS\system32\mfceo.exe
    O4 - HKLM\..\RunOnce: [ntqx32.exe] C:\WINDOWS\ntqx32.exe
    O4 - HKLM\..\RunOnce: [crbv32.exe] C:\WINDOWS\crbv32.exe
    O4 - HKLM\..\RunOnce: [ntzs.exe] C:\WINDOWS\ntzs.exe
    O4 - HKLM\..\RunOnce: [appwy32.exe] C:\WINDOWS\system32\appwy32.exe
    O4 - HKLM\..\RunOnce: [d3ni.exe] C:\WINDOWS\d3ni.exe
    O4 - HKLM\..\RunOnce: [crke32.exe] C:\WINDOWS\system32\crke32.exe
    O4 - HKLM\..\RunOnce: [appsd32.exe] C:\WINDOWS\appsd32.exe
    O4 - HKLM\..\RunOnce: [atlqe32.exe] C:\WINDOWS\system32\atlqe32.exe
    O4 - HKLM\..\RunOnce: [ierl32.exe] C:\WINDOWS\ierl32.exe
    O4 - HKLM\..\RunOnce: [ieoe32.exe] C:\WINDOWS\ieoe32.exe
    O4 - HKLM\..\RunOnce: [crra.exe] C:\WINDOWS\system32\crra.exe
    O4 - HKLM\..\RunOnce: [winnm32.exe] C:\WINDOWS\system32\winnm32.exe
    O4 - HKLM\..\RunOnce: [crgf32.exe] C:\WINDOWS\system32\crgf32.exe
    O4 - HKLM\..\RunOnce: [ntux.exe] C:\WINDOWS\system32\ntux.exe
    O4 - HKLM\..\RunOnce: [javahm.exe] C:\WINDOWS\javahm.exe
    O4 - HKLM\..\RunOnce: [addsw.exe] C:\WINDOWS\system32\addsw.exe
    O4 - HKLM\..\RunOnce: [mfcjo32.exe] C:\WINDOWS\system32\mfcjo32.exe
    O4 - HKLM\..\RunOnce: [syswi32.exe] C:\WINDOWS\system32\syswi32.exe
    O4 - HKLM\..\RunOnce: [netqi.exe] C:\WINDOWS\netqi.exe
    O4 - HKLM\..\RunOnce: [d3wz32.exe] C:\WINDOWS\d3wz32.exe
    O4 - HKLM\..\RunOnce: [mfcrj.exe] C:\WINDOWS\system32\mfcrj.exe
    O4 - HKLM\..\RunOnce: [ntpq.exe] C:\WINDOWS\system32\ntpq.exe
    O4 - HKLM\..\RunOnce: [netka.exe] C:\WINDOWS\netka.exe
    O4 - HKLM\..\RunOnce: [ieha32.exe] C:\WINDOWS\system32\ieha32.exe
    O4 - HKLM\..\RunOnce: [mfcip32.exe] C:\WINDOWS\system32\mfcip32.exe
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV03.EXE
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Dell Home (HKCU)
    O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
    O16 - DPF: Dialpad US Java Applet - http://www.dialpad.com/applet/src/vscp.cab
    O16 - DPF: JT's Blocks - http://download.yahoo.com/games/clients/y/bls0_x.cab
    O16 - DPF: Tornado 21 - http://download.yahoo.com/games/clients/y/t21s0_x.cab
    O16 - DPF: Video Poker - http://download.yahoo.com/games/clients/y/vps0_x.cab
    O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
    O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab
    O16 - DPF: Yahoo! Canasta - http://download.yahoo.com/games/clients/y/ys0_x.cab
    O16 - DPF: Yahoo! Checkers - http://download.yahoo.com/games/clients/y/ks0_x.cab
    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab
    O16 - DPF: Yahoo! Chinese Checkers - http://download.games.yahoo.com/games/clients/y/cct0_x.cab
    O16 - DPF: Yahoo! Dominoes - http://download.yahoo.com/games/clients/y/dos0_x.cab
    O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/games/clients/y/dtt1_x.cab
    O16 - DPF: Yahoo! Euchre - http://download.yahoo.com/games/clients/y/es0_x.cab
    O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/flts0_x.cab
    O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs9_x.cab
    O16 - DPF: Yahoo! Gin - http://download.yahoo.com/games/clients/y/ns0_x.cab
    O16 - DPF: Yahoo! Go - http://download.yahoo.com/games/clients/y/gs0_x.cab
    O16 - DPF: Yahoo! Go Fish - http://download.yahoo.com/games/clients/y/zs0_x.cab
    O16 - DPF: Yahoo! Graffiti - http://download.yahoo.com/games/clients/y/grs0_x.cab
    O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks11_x.cab
    O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt0_x.cab
    O16 - DPF: Yahoo! Pool 2 - http://download.yahoo.com/games/clients/y/pos3_x.cab
    O16 - DPF: Yahoo! Reversi - http://download.yahoo.com/games/clients/y/rs0_x.cab
    O16 - DPF: Yahoo! Sheepshead - http://download.yahoo.com/games/clients/y/ds0_x.cab
    O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/games/clients/y/ft3_x.cab
    O16 - DPF: Yahoo! Towers 2.0 - http://download.yahoo.com/games/clients/y/yws0_x.cab
    O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/games/clients/y/ws1_x.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
    O16 - DPF: {0D6451B3-FDDA-11D3-BFEC-00D0B725EB0B} (Yahoo! Vision) - http://download.yahoo.com/dl/fv/yv.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) - http://www.msnbc.com/download/nr1228.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...pple.com/borris/us/win/QuickTimeInstaller.exe
    O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/common/snoopy/iesnoopy.cab
    O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productupdates/content/opuc.cab
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4017/ftp.coupons.com/v3121/cpbrkpie.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37663.5700810185
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
     
  2. Dellman

    Dellman Registered Member

    Joined:
    Jun 20, 2004
    Posts:
    2
    Location:
    wv
    Can one of you experts Plese Help?

    Hello there and thank you for viewing my thread
    I am total lost !
    By reading the post I feel you guys and girls are my best hope

    My home page keeps chanhing back to this
    res://kptdv.dll/index.html#00010

    I have the adware 6.0 6.181 personal
    spysweeper Version 2.6.1 (Build 45) using software definitions 364

    Logfile of HijackThis v1.97.7
    Scan saved at 8:51:17 PM, on 6/20/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\regsvc.exe
    C:\WINDOWS\system32\MSTask.exe
    C:\WINDOWS\system32\stisvc.exe
    C:\WINDOWS\System32\WBEM\WinMgmt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
    C:\WINDOWS\ipwf.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\WINDOWS\system32\cram32.exe
    C:\WINDOWS\system32\javamr32.exe
    C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE
    C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
    C:\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://kptdv.dll/index.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dell.com/search/index.htm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://kptdv.dll/index.html#00010
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\kptdv.dll/sp.html#00010
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {26F6F77F-BB62-AC45-2249-A1698510CF0B} - C:\WINDOWS\system32\d3oc32.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
    O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [ipwf.exe] C:\WINDOWS\ipwf.exe
    O4 - HKCU\..\Run: [Spyware Begone] C:\Documents and Settings\default\Desktop\freescan.exe -FastScan
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKLM\..\RunOnce: [iemg.exe] C:\WINDOWS\system32\iemg.exe
    O4 - HKLM\..\RunOnce: [cram32.exe] C:\WINDOWS\system32\cram32.exe
    O4 - HKLM\..\RunOnce: [javamr32.exe] C:\WINDOWS\system32\javamr32.exe
    O4 - HKLM\..\RunOnce: [sysyz.exe] C:\WINDOWS\system32\sysyz.exe
    O4 - HKLM\..\RunOnce: [javaeb.exe] C:\WINDOWS\system32\javaeb.exe
    O4 - HKLM\..\RunOnce: [apird32.exe] C:\WINDOWS\system32\apird32.exe
    O4 - HKLM\..\RunOnce: [apity.exe] C:\WINDOWS\apity.exe
    O4 - HKLM\..\RunOnce: [atlqr32.exe] C:\WINDOWS\system32\atlqr32.exe
    O4 - HKLM\..\RunOnce: [mfckc32.exe] C:\WINDOWS\mfckc32.exe
    O4 - HKLM\..\RunOnce: [syskq.exe] C:\WINDOWS\system32\syskq.exe
    O4 - HKLM\..\RunOnce: [ntju.exe] C:\WINDOWS\system32\ntju.exe
    O4 - HKLM\..\RunOnce: [ntca32.exe] C:\WINDOWS\ntca32.exe
    O4 - HKLM\..\RunOnce: [atlcq32.exe] C:\WINDOWS\atlcq32.exe
    O4 - HKLM\..\RunOnce: [ielf.exe] C:\WINDOWS\ielf.exe
    O4 - HKLM\..\RunOnce: [mfckz32.exe] C:\WINDOWS\mfckz32.exe
    O4 - HKLM\..\RunOnce: [appmr.exe] C:\WINDOWS\appmr.exe
    O4 - HKLM\..\RunOnce: [msom32.exe] C:\WINDOWS\system32\msom32.exe
    O4 - HKLM\..\RunOnce: [sdkgf.exe] C:\WINDOWS\sdkgf.exe
    O4 - HKLM\..\RunOnce: [appyg32.exe] C:\WINDOWS\system32\appyg32.exe
    O4 - HKLM\..\RunOnce: [msyd32.exe] C:\WINDOWS\msyd32.exe
    O4 - HKLM\..\RunOnce: [winej.exe] C:\WINDOWS\system32\winej.exe
    O4 - HKLM\..\RunOnce: [atlow.exe] C:\WINDOWS\atlow.exe
    O4 - HKLM\..\RunOnce: [d3sr32.exe] C:\WINDOWS\system32\d3sr32.exe
    O4 - HKLM\..\RunOnce: [ntkk.exe] C:\WINDOWS\system32\ntkk.exe
    O4 - HKLM\..\RunOnce: [addfh.exe] C:\WINDOWS\addfh.exe
    O4 - HKLM\..\RunOnce: [atlzi32.exe] C:\WINDOWS\atlzi32.exe
    O4 - HKLM\..\RunOnce: [addqq32.exe] C:\WINDOWS\addqq32.exe
    O4 - HKLM\..\RunOnce: [mfceo.exe] C:\WINDOWS\system32\mfceo.exe
    O4 - HKLM\..\RunOnce: [ntqx32.exe] C:\WINDOWS\ntqx32.exe
    O4 - HKLM\..\RunOnce: [crbv32.exe] C:\WINDOWS\crbv32.exe
    O4 - HKLM\..\RunOnce: [ntzs.exe] C:\WINDOWS\ntzs.exe
    O4 - HKLM\..\RunOnce: [appwy32.exe] C:\WINDOWS\system32\appwy32.exe
    O4 - HKLM\..\RunOnce: [d3ni.exe] C:\WINDOWS\d3ni.exe
    O4 - HKLM\..\RunOnce: [crke32.exe] C:\WINDOWS\system32\crke32.exe
    O4 - HKLM\..\RunOnce: [appsd32.exe] C:\WINDOWS\appsd32.exe
    O4 - HKLM\..\RunOnce: [atlqe32.exe] C:\WINDOWS\system32\atlqe32.exe
    O4 - HKLM\..\RunOnce: [ierl32.exe] C:\WINDOWS\ierl32.exe
    O4 - HKLM\..\RunOnce: [ieoe32.exe] C:\WINDOWS\ieoe32.exe
    O4 - HKLM\..\RunOnce: [crra.exe] C:\WINDOWS\system32\crra.exe
    O4 - HKLM\..\RunOnce: [winnm32.exe] C:\WINDOWS\system32\winnm32.exe
    O4 - HKLM\..\RunOnce: [crgf32.exe] C:\WINDOWS\system32\crgf32.exe
    O4 - HKLM\..\RunOnce: [ntux.exe] C:\WINDOWS\system32\ntux.exe
    O4 - HKLM\..\RunOnce: [javahm.exe] C:\WINDOWS\javahm.exe
    O4 - HKLM\..\RunOnce: [addsw.exe] C:\WINDOWS\system32\addsw.exe
    O4 - HKLM\..\RunOnce: [mfcjo32.exe] C:\WINDOWS\system32\mfcjo32.exe
    O4 - HKLM\..\RunOnce: [syswi32.exe] C:\WINDOWS\system32\syswi32.exe
    O4 - HKLM\..\RunOnce: [netqi.exe] C:\WINDOWS\netqi.exe
    O4 - HKLM\..\RunOnce: [d3wz32.exe] C:\WINDOWS\d3wz32.exe
    O4 - HKLM\..\RunOnce: [mfcrj.exe] C:\WINDOWS\system32\mfcrj.exe
    O4 - HKLM\..\RunOnce: [ntpq.exe] C:\WINDOWS\system32\ntpq.exe
    O4 - HKLM\..\RunOnce: [netka.exe] C:\WINDOWS\netka.exe
    O4 - HKLM\..\RunOnce: [ieha32.exe] C:\WINDOWS\system32\ieha32.exe
    O4 - HKLM\..\RunOnce: [mfcip32.exe] C:\WINDOWS\system32\mfcip32.exe
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\E_SRCV03.EXE
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Dell Home (HKCU)
    O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
    O16 - DPF: Dialpad US Java Applet - http://www.dialpad.com/applet/src/vscp.cab
    O16 - DPF: JT's Blocks - http://download.yahoo.com/games/clients/y/bls0_x.cab
    O16 - DPF: Tornado 21 - http://download.yahoo.com/games/clients/y/t21s0_x.cab
    O16 - DPF: Video Poker - http://download.yahoo.com/games/clients/y/vps0_x.cab
    O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/gam...nts/y/xt0_x.cab
    O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/gam...nts/y/jt0_x.cab
    O16 - DPF: Yahoo! Canasta - http://download.yahoo.com/games/clients/y/ys0_x.cab
    O16 - DPF: Yahoo! Checkers - http://download.yahoo.com/games/clients/y/ks0_x.cab
    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/gam...nts/y/ct1_x.cab
    O16 - DPF: Yahoo! Chinese Checkers - http://download.games.yahoo.com/gam...ts/y/cct0_x.cab
    O16 - DPF: Yahoo! Dominoes - http://download.yahoo.com/games/clients/y/dos0_x.cab
    O16 - DPF: Yahoo! Dots - http://download.games.yahoo.com/gam...ts/y/dtt1_x.cab
    O16 - DPF: Yahoo! Euchre - http://download.yahoo.com/games/clients/y/es0_x.cab
    O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/gam...s/y/flts0_x.cab
    O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs9_x.cab
    O16 - DPF: Yahoo! Gin - http://download.yahoo.com/games/clients/y/ns0_x.cab
    O16 - DPF: Yahoo! Go - http://download.yahoo.com/games/clients/y/gs0_x.cab
    O16 - DPF: Yahoo! Go Fish - http://download.yahoo.com/games/clients/y/zs0_x.cab
    O16 - DPF: Yahoo! Graffiti - http://download.yahoo.com/games/clients/y/grs0_x.cab
    O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks11_x.cab
    O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/gam...nts/y/pt0_x.cab
    O16 - DPF: Yahoo! Pool 2 - http://download.yahoo.com/games/clients/y/pos3_x.cab
    O16 - DPF: Yahoo! Reversi - http://download.yahoo.com/games/clients/y/rs0_x.cab
    O16 - DPF: Yahoo! Sheepshead - http://download.yahoo.com/games/clients/y/ds0_x.cab
    O16 - DPF: Yahoo! Tic-Tac-Toe - http://download.games.yahoo.com/gam...nts/y/ft3_x.cab
    O16 - DPF: Yahoo! Towers 2.0 - http://download.yahoo.com/games/clients/y/yws0_x.cab
    O16 - DPF: Yahoo! Word Racer - http://download.games.yahoo.com/gam...nts/y/ws1_x.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdcco...oad/tgctlcm.cab
    O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
    O16 - DPF: {0D6451B3-FDDA-11D3-BFEC-00D0B725EB0B} (Yahoo! Vision) - http://download.yahoo.com/dl/fv/yv.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/...ector/swdir.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) - http://www.msnbc.com/download/nr1228.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
    O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/c...py/iesnoopy.cab
    O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/product...ontent/opuc.cab
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4...21/cpbrkpie.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...7663.5700810185
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pu...ash/swflash.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuit.../ITDetector.cab
    O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_EN.cab
    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
     
Thread Status:
Not open for further replies.