 |  |  |  |  |  |  |  |
No Desktop, No Start Menu, Explorer & IExplore wont work
 |
Not sure if it's a virus or a problem with my disk, but it does sound similar to some previous problems in the forum (no desktop, no start menu, explorer and iexplore wont load)
I can run programs via task mananger / run and cmd, etc, disk doe churn quite a bit.
I've run a chkdsk which found nothing.
Here's my Log file, would be most appreciated if the people in the know could have a look at it.
Thanks
Elliot
Logfile of HijackThis v1.98.2
Scan saved at 12:28:52, on 09/09/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
I:\WINNT\System32\smss.exe
I:\WINNT\system32\winlogon.exe
I:\WINNT\system32\services.exe
I:\WINNT\system32\lsass.exe
I:\WINNT\System32\termsrv.exe
I:\WINNT\system32\svchost.exe
I:\WINNT\system32\spoolsv.exe
I:\WINNT\System32\msdtc.exe
I:\Program Files\Network ICE\BlackICE\blackd.exe
I:\WINNT\System32\cisvc.exe
I:\PROGRA~1\DIRECT~1\DUService.exe
I:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
I:\WINNT\System32\svchost.exe
I:\WINNT\System32\llssrv.exe
i:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
I:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe
C:\mysql\bin\mysqld-nt.exe
I:\PROGRA~1\Navnt\navapsvc.exe
I:\PROGRA~1\Navnt\npssvc.exe
I:\WINNT\PMJ151LA.BIN
I:\WINNT\system32\regsvc.exe
I:\WINNT\system32\MSTask.exe
I:\WINNT\System32\snmp.exe
I:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
I:\WINNT\system32\stisvc.exe
I:\WINNT\System32\WBEM\WinMgmt.exe
I:\Program Files\ORL\VNC\WinVNC.exe
I:\WINNT\System32\mspmspsv.exe
I:\WINNT\system32\svchost.exe
I:\WINNT\system32\Dfssvc.exe
I:\WINNT\System32\inetsrv\inetinfo.exe
I:\WINNT\System32\mqsvc.exe
I:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
I:\PROGRA~1\MICROS~4\MSSQL\binn\sqlagent.exe
I:\WINNT\system32\svchost.exe
I:\WINNT\System32\svchost.exe
I:\PROGRA~1\Navnt\alertsvc.exe
I:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
I:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe
I:\WINNT\System32\cidaemon.exe
I:\WINNT\System32\cidaemon.exe
I:\WINNT\system32\taskmgr.exe
I:\WINNT\system32\rundll32.exe
I:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
I:\WINNT\system32\cmd.exe
I:\virus\HijackThis19802.exe
I:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BTopenworld
O1 - Hosts: 213.86.184.157 prelive.gamer.tv
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C0B4D50-E0B9-F120-BBD9-7D47BC106A0D} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - I:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\winnt\downloaded program files\googletoolbar1.dll
O2 - BHO: (no name) - {DDFA9CC1-788B-4C1C-A449-A6A1A1668FA8} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - I:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - I:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\winnt\downloaded program files\googletoolbar1.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] I:\PROGRA~1\ZipCD\directcd.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NPS Event Checker] I:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [Norton eMail Protect] I:\Program Files\Navnt\POProxy.exe
O4 - HKLM\..\Run: [DUControl] I:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [XTNDConnect PC - ErPhn2] I:\PROGRA~1\COMMON~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe
O4 - HKLM\..\Run: [TkBellExe] I:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [NeroCheck] I:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] I:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "I:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [WinVNC] "I:\Program Files\ORL\VNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [BJCFD] I:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [RoboForm] "I:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: DLHelperEXE.exe
O4 - Startup: OCRAWARE.lnk = I:\OPLIMIT\OCRAWARE.EXE
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: Scanner Detector.lnk = I:\Program Files\ScanSuite\SDetect.exe
O4 - Startup: WinMySQLadmin.lnk = C:\mysql\bin\winmysqladmin.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = I:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlackICE PC Protection.lnk = I:\Program Files\Network ICE\BlackICE\blackice.exe
O4 - Global Startup: BTTray.lnk = I:\Program Files\Widcomm\Bluetooth Software\BTTray.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = I:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = I:\Program Files\Navnt\navapw32.exe
O4 - Global Startup: Phone Connection Monitor.lnk = I:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
O4 - Global Startup: Service Manager.lnk = I:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Document Tree - I:\WINNT\web\tree.htm
O8 - Extra context menu item: &Google Search - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Customize Menu &4 - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms &] - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms &[ - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Similar Pages - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: View Partial So&urce - I:\WINNT\web\source.htm
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {438AFBA1-B0CB-11d2-9214-00104B3BCE5F} - I:\WINNT\web\tree.htm
O9 - Extra 'Tools' menuitem: &Document Tree - {438AFBA1-B0CB-11d2-9214-00104B3BCE5F} - I:\WINNT\web\tree.htm
O9 - Extra button: Look for Spybot-S&&D updates - {694C6F76-6553-6173-6B69-613445766572} - %windir%\web\spybotsd-updates.htm (file missing)
O9 - Extra 'Tools' menuitem: Look for Spybot-S&&D updates - {694C6F76-6553-6173-6B69-613445766572} - %windir%\web\spybotsd-updates.htm (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - I:\WINNT\System32\Shdocvw.dll
O12 - Plugin for .spop: I:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - http://us.dl1.yimg.com/download.yaho.../bty/yinst.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} - http://207.188.7.150/24031ca91b3d109...tzip/RdxIE.cab
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - http://moneymanager.egg.com/activex/accounttracking.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - http://www.ea.com/downloads/games/co...y/iesnoopy.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/navclient/.../GoogleNav.cab
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.homeusersoftware.com/diskhealth.cab
O16 - DPF: {7380B862-BA18-4529-8972-C66B82AA5D1D} (AccountTracking Class) - http://moneymanager.egg.com/customer...nttracking.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/F...ansferCtrl.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhel...6/dlhelper.cab
O16 - DPF: {B71A4857-57D1-11D2-821F-000086075197} (Mabry InternetFTP/X COM Object) - http://os2000b.now.com/download/FtpX.DLL
O16 - DPF: {B71A485A-57D1-11D2-821F-000086075197} (Mabry Internet FTP/X Control) - http://icf.gamer.tv/download/FtpX.ocx
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://rms.twii.net/Viewers/ActiveXV...iveXViewer.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://captainhook.microgaming.com/...ok/FlashAX.cab
O16 - DPF: {EB587E81-5B71-45C2-90EA-DD77637E0C3D} (ocxMenu.ocxMenuUserControl) - http://icf.gamer.tv/download/ocxMenu.CAB
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - i:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
I can run programs via task mananger / run and cmd, etc, disk doe churn quite a bit.
I've run a chkdsk which found nothing.
Here's my Log file, would be most appreciated if the people in the know could have a look at it.
Thanks
Elliot
Logfile of HijackThis v1.98.2
Scan saved at 12:28:52, on 09/09/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
I:\WINNT\System32\smss.exe
I:\WINNT\system32\winlogon.exe
I:\WINNT\system32\services.exe
I:\WINNT\system32\lsass.exe
I:\WINNT\System32\termsrv.exe
I:\WINNT\system32\svchost.exe
I:\WINNT\system32\spoolsv.exe
I:\WINNT\System32\msdtc.exe
I:\Program Files\Network ICE\BlackICE\blackd.exe
I:\WINNT\System32\cisvc.exe
I:\PROGRA~1\DIRECT~1\DUService.exe
I:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
I:\WINNT\System32\svchost.exe
I:\WINNT\System32\llssrv.exe
i:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
I:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe
C:\mysql\bin\mysqld-nt.exe
I:\PROGRA~1\Navnt\navapsvc.exe
I:\PROGRA~1\Navnt\npssvc.exe
I:\WINNT\PMJ151LA.BIN
I:\WINNT\system32\regsvc.exe
I:\WINNT\system32\MSTask.exe
I:\WINNT\System32\snmp.exe
I:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
I:\WINNT\system32\stisvc.exe
I:\WINNT\System32\WBEM\WinMgmt.exe
I:\Program Files\ORL\VNC\WinVNC.exe
I:\WINNT\System32\mspmspsv.exe
I:\WINNT\system32\svchost.exe
I:\WINNT\system32\Dfssvc.exe
I:\WINNT\System32\inetsrv\inetinfo.exe
I:\WINNT\System32\mqsvc.exe
I:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
I:\PROGRA~1\MICROS~4\MSSQL\binn\sqlagent.exe
I:\WINNT\system32\svchost.exe
I:\WINNT\System32\svchost.exe
I:\PROGRA~1\Navnt\alertsvc.exe
I:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
I:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe
I:\WINNT\System32\cidaemon.exe
I:\WINNT\System32\cidaemon.exe
I:\WINNT\system32\taskmgr.exe
I:\WINNT\system32\rundll32.exe
I:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
I:\WINNT\system32\cmd.exe
I:\virus\HijackThis19802.exe
I:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BTopenworld
O1 - Hosts: 213.86.184.157 prelive.gamer.tv
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C0B4D50-E0B9-F120-BBD9-7D47BC106A0D} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - I:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\winnt\downloaded program files\googletoolbar1.dll
O2 - BHO: (no name) - {DDFA9CC1-788B-4C1C-A449-A6A1A1668FA8} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - I:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - I:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\winnt\downloaded program files\googletoolbar1.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] I:\PROGRA~1\ZipCD\directcd.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NPS Event Checker] I:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [Norton eMail Protect] I:\Program Files\Navnt\POProxy.exe
O4 - HKLM\..\Run: [DUControl] I:\PROGRA~1\DIRECT~1\DUControl.exe
O4 - HKLM\..\Run: [XTNDConnect PC - ErPhn2] I:\PROGRA~1\COMMON~1\XCPCSync\TRANSL~1\ErPhn2\ErTray.exe
O4 - HKLM\..\Run: [TkBellExe] I:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [NeroCheck] I:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] I:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "I:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [WinVNC] "I:\Program Files\ORL\VNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [BJCFD] I:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "I:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [RoboForm] "I:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: DLHelperEXE.exe
O4 - Startup: OCRAWARE.lnk = I:\OPLIMIT\OCRAWARE.EXE
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: Scanner Detector.lnk = I:\Program Files\ScanSuite\SDetect.exe
O4 - Startup: WinMySQLadmin.lnk = C:\mysql\bin\winmysqladmin.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = I:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlackICE PC Protection.lnk = I:\Program Files\Network ICE\BlackICE\blackice.exe
O4 - Global Startup: BTTray.lnk = I:\Program Files\Widcomm\Bluetooth Software\BTTray.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = I:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = I:\Program Files\Navnt\navapw32.exe
O4 - Global Startup: Phone Connection Monitor.lnk = I:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
O4 - Global Startup: Service Manager.lnk = I:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Document Tree - I:\WINNT\web\tree.htm
O8 - Extra context menu item: &Google Search - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Customize Menu &4 - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms &] - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms &[ - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Similar Pages - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://i:\winnt\downloaded program files\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: View Partial So&urce - I:\WINNT\web\source.htm
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {438AFBA1-B0CB-11d2-9214-00104B3BCE5F} - I:\WINNT\web\tree.htm
O9 - Extra 'Tools' menuitem: &Document Tree - {438AFBA1-B0CB-11d2-9214-00104B3BCE5F} - I:\WINNT\web\tree.htm
O9 - Extra button: Look for Spybot-S&&D updates - {694C6F76-6553-6173-6B69-613445766572} - %windir%\web\spybotsd-updates.htm (file missing)
O9 - Extra 'Tools' menuitem: Look for Spybot-S&&D updates - {694C6F76-6553-6173-6B69-613445766572} - %windir%\web\spybotsd-updates.htm (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - I:\WINNT\System32\Shdocvw.dll
O12 - Plugin for .spop: I:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - http://us.dl1.yimg.com/download.yaho.../bty/yinst.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} - http://207.188.7.150/24031ca91b3d109...tzip/RdxIE.cab
O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - http://moneymanager.egg.com/activex/accounttracking.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - http://www.ea.com/downloads/games/co...y/iesnoopy.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/navclient/.../GoogleNav.cab
O16 - DPF: {6FB9FE59-7D3B-483D-9909-C870BE5AFA1F} (DiskHealth Class) - http://www.homeusersoftware.com/diskhealth.cab
O16 - DPF: {7380B862-BA18-4529-8972-C66B82AA5D1D} (AccountTracking Class) - http://moneymanager.egg.com/customer...nttracking.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/F...ansferCtrl.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhel...6/dlhelper.cab
O16 - DPF: {B71A4857-57D1-11D2-821F-000086075197} (Mabry InternetFTP/X COM Object) - http://os2000b.now.com/download/FtpX.DLL
O16 - DPF: {B71A485A-57D1-11D2-821F-000086075197} (Mabry Internet FTP/X Control) - http://icf.gamer.tv/download/FtpX.ocx
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://rms.twii.net/Viewers/ActiveXV...iveXViewer.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://captainhook.microgaming.com/...ok/FlashAX.cab
O16 - DPF: {EB587E81-5B71-45C2-90EA-DD77637E0C3D} (ocxMenu.ocxMenuUserControl) - http://icf.gamer.tv/download/ocxMenu.CAB
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - i:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
|
Similar Threads
- PLEASE HELP (Viruses, Spyware and other Nasties)
- no desktop, or start menu PLEASE HELP i will love u (Viruses, Spyware and other Nasties)
- Hijack This Log. Desktop & Start Menu Shortcuts won't work (Viruses, Spyware and other Nasties)
- Nothing Will Open On Desktop/Start Menu. Freezes. HELP! (Viruses, Spyware and other Nasties)
- Issues with Start Menu and Desktop Shortcuts (Viruses, Spyware and other Nasties)
- start menu, desktop, and internet explorer not working (Viruses, Spyware and other Nasties)
- lost my desktop and start menu (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: lost my desktop and start menu
- Next Thread: Getting rid of ABI Sys. Spyware
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare domains e-mafia education email europe exam facebook fancheckvirus gaming gtaiv halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses war warning windows worm yahoo zeroday