943,822 Members | Top Members by Rank

Hardware and Software > Microsoft Windows > Viruses, Spyware and other Nasties > My HJT log
Ad:
Permalink
Jun 20th, 2004
0

My HJT log

Expand Post »
I came to this forum looking for help & found many useful tidbits of info.I have downloaded & ran spybot S&D,CWShredder & HJT.When I tried to run Spybot the 2nd time I got parameter 89 changed & a message in what I think is german.Here is HJT log any help would be greatly appreciated.

Logfile of HijackThis v1.97.7
Scan saved at 4:26:25 PM, on 20/06/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\JAVASF32.EXE
C:\WINDOWS\SYSTEM\ADDLW32.EXE
C:\WINDOWS\SYSTEM\SYSRI.EXE
C:\WINDOWS\SYSTEM\WINSH.EXE
C:\WINDOWS\ATLNG32.EXE
C:\WINDOWS\SYSTEM\IEHY.EXE
C:\WINDOWS\SYSTEM\APPYG32.EXE
C:\WINDOWS\SYSTEM\IEJC32.EXE
C:\WINDOWS\NTNA.EXE
C:\WINDOWS\SYSTEM\IPNM.EXE
C:\WINDOWS\SYSTEM\CRTU32.EXE
C:\WINDOWS\SYSTEM\APIJE32.EXE
C:\WINDOWS\NETYA32.EXE
C:\WINDOWS\SYSTEM\JAVAFU32.EXE
C:\WINDOWS\SYSTEM\NETHO.EXE
C:\WINDOWS\SYSTEM\D3XJ32.EXE
C:\WINDOWS\SYSTEM\CRES.EXE
C:\WINDOWS\SYSTEM\IEHL.EXE
C:\WINDOWS\ADDHE.EXE
C:\WINDOWS\SYSTEM\D3XD.EXE
C:\WINDOWS\SYSKY.EXE
C:\WINDOWS\APPUL32.EXE
C:\WINDOWS\SYSTEM\IPEJ.EXE
C:\WINDOWS\APIVA.EXE
C:\WINDOWS\SYSTEM\SYSZS.EXE
C:\WINDOWS\SYSWD.EXE
C:\WINDOWS\CRYE32.EXE
C:\WINDOWS\SYSTEM\APIJO.EXE
C:\WINDOWS\IEIQ32.EXE
C:\WINDOWS\SYSTEM\IEKC.EXE
C:\WINDOWS\WINGV.EXE
C:\WINDOWS\SYSTEM\D3ZX.EXE
C:\WINDOWS\SYSTEM\MSXN32.EXE
C:\WINDOWS\WINCQ.EXE
C:\WINDOWS\SYSTEM\SYSJK32.EXE
C:\WINDOWS\SYSTEM\SYSPJ32.EXE
C:\WINDOWS\SYSTEM\SYSBK.EXE
C:\WINDOWS\WINTU32.EXE
C:\WINDOWS\NTTM32.EXE
C:\WINDOWS\WINRI32.EXE
C:\WINDOWS\APPZG.EXE
C:\WINDOWS\WINAZ.EXE
C:\WINDOWS\NETBB.EXE
C:\WINDOWS\SYSTEM\IPZD.EXE
C:\WINDOWS\SYSTEM\WINMU.EXE
C:\WINDOWS\APINO.EXE
C:\WINDOWS\SYSTEM\MSRR32.EXE
C:\WINDOWS\SYSOQ32.EXE
C:\WINDOWS\SYSTEM\IEGQ.EXE
C:\WINDOWS\SYSTEM\APPVO.EXE
C:\WINDOWS\JAVAZG32.EXE
C:\WINDOWS\SYSTEM\NTAH.EXE
C:\WINDOWS\SYSTEM\IEOU32.EXE
C:\WINDOWS\MFCQQ32.EXE
C:\WINDOWS\NETIE.EXE
C:\WINDOWS\SYSTEM\D3VJ.EXE
C:\WINDOWS\SYSTEM\NETCP32.EXE
C:\WINDOWS\SYSTEM\NETPG32.EXE
C:\WINDOWS\JAVAQT32.EXE
C:\WINDOWS\APPEU32.EXE
C:\WINDOWS\NTWY.EXE
C:\WINDOWS\IEXA.EXE
C:\WINDOWS\SYSHN32.EXE
C:\WINDOWS\SYSTEM\IEQG.EXE
C:\WINDOWS\SYSTEM\JAVAPR.EXE
C:\WINDOWS\SYSTEM\ADDJC.EXE
C:\WINDOWS\SYSTEM\SDKXH32.EXE
C:\WINDOWS\SYSTEM\SYSSH32.EXE
C:\WINDOWS\MSBN32.EXE
C:\WINDOWS\SYSTEM\D3CL.EXE
C:\WINDOWS\SYSTEM\IEAP32.EXE
C:\WINDOWS\ATLSE.EXE
C:\WINDOWS\SYSTEM\SDKIZ.EXE
C:\WINDOWS\SYSTEM\MSMB.EXE
C:\WINDOWS\SYSTEM\SDKTY.EXE
C:\WINDOWS\SYSYM.EXE
C:\WINDOWS\IEBV32.EXE
C:\WINDOWS\APIZU.EXE
C:\WINDOWS\SYSTEM\JAVADG32.EXE
C:\WINDOWS\SYSTEM\ATLYW.EXE
C:\WINDOWS\IEOE32.EXE
C:\WINDOWS\SYSTEM\IECJ32.EXE
C:\WINDOWS\SDKYB32.EXE
C:\WINDOWS\WINDE.EXE
C:\WINDOWS\IEND.EXE
C:\WINDOWS\SYSTEM\NTAR.EXE
C:\WINDOWS\SYSTEM\WINYO.EXE
C:\WINDOWS\SYSTEM\IEUN32.EXE
C:\WINDOWS\SYSTEM\SYSIW32.EXE
C:\WINDOWS\APPSB32.EXE
C:\WINDOWS\SYSTEM\MFCLV.EXE
C:\WINDOWS\NETXM32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\JAVATK.EXE
C:\WINDOWS\SDKSB.EXE
C:\WINDOWS\SYSTEM\APPFI.EXE
C:\WINDOWS\D3LK32.EXE
C:\WINDOWS\SYSTEM\JAVAHG32.EXE
C:\WINDOWS\SYSTEM\JAVATP.EXE
C:\WINDOWS\JAVAQU.EXE
C:\WINDOWS\NTJP.EXE
C:\WINDOWS\SYSTEM\MSXM32.EXE
C:\WINDOWS\MSYO32.EXE
C:\WINDOWS\SYSYB.EXE
C:\WINDOWS\NETAV32.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ADDXE.EXE
C:\WINDOWS\SYSTEM\ADDTJ.EXE
C:\WINDOWS\NETFP32.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\IPCS32.EXE
C:\WINDOWS\SYSTEM\NTJT32.EXE
C:\WINDOWS\NETHO32.EXE
C:\WINDOWS\SYSTEM\SYSDH.EXE
C:\WINDOWS\SYSTEM\IPGI.EXE
C:\WINDOWS\SYSTEM\NETOX32.EXE
C:\WINDOWS\SYSTEM\NTES.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\MFCMH32.EXE
C:\WINDOWS\NETFP32.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\GOMEZ\GOMEZPEER\BIN\GOMEZPEER.EXE
C:\PROGRAM FILES\GOMEZ\GOMEZPEER\JRE\BIN\JAVA.EXE
C:\WINDOWS\SDKVA.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\ALLWAYS\VIDS\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\gmdxi.dll/sp.html#892478769
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://gmdxi.dll/index.html#892478769
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://gmdxi.dll/index.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\gmdxi.dll/sp.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://gmdxi.dll/index.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\gmdxi.dll/sp.html#892478769
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = http://www.cbssportsline.com
O2 - BHO: (no name) - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - C:\WINDOWS\MSOPT.DLL (file missing)
O2 - BHO: (no name) - {82E171B7-1D29-3198-5994-8538A263AB90} - C:\WINDOWS\SYSTEM\ATLKX32.DLL
O2 - BHO: (no name) - {882277A9-9B00-249B-B5A5-F1A34D1D32EE} - C:\WINDOWS\SYSTEM\ATLKX32.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: (no name) - {211D3DB0-EDDE-9087-6537-F30E20643B60} - C:\WINDOWS\SYSTEM\ATLKX32.DLL
O2 - BHO: (no name) - {58CC646F-58C1-4FBE-58A2-2ABD5713621F} - C:\WINDOWS\SYSTEM\ATLKX32.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [MFCMH32.EXE] C:\WINDOWS\SYSTEM\MFCMH32.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\RunServices: [WINSH.EXE] C:\WINDOWS\SYSTEM\WINSH.EXE
O4 - HKLM\..\RunServices: [IPNM.EXE] C:\WINDOWS\SYSTEM\IPNM.EXE
O4 - HKLM\..\RunServices: [D3XJ32.EXE] C:\WINDOWS\SYSTEM\D3XJ32.EXE
O4 - HKLM\..\RunServices: [JAVAFU32.EXE] C:\WINDOWS\SYSTEM\JAVAFU32.EXE
O4 - HKLM\..\RunServices: [NETYA32.EXE] C:\WINDOWS\NETYA32.EXE
O4 - HKLM\..\RunServices: [NTNA.EXE] C:\WINDOWS\NTNA.EXE
O4 - HKLM\..\RunServices: [NETHO.EXE] C:\WINDOWS\SYSTEM\NETHO.EXE
O4 - HKLM\..\RunServices: [ADDLW32.EXE] C:\WINDOWS\SYSTEM\ADDLW32.EXE
O4 - HKLM\..\RunServices: [JAVASF32.EXE] C:\WINDOWS\SYSTEM\JAVASF32.EXE
O4 - HKLM\..\RunServices: [IEHY.EXE] C:\WINDOWS\SYSTEM\IEHY.EXE
O4 - HKLM\..\RunServices: [APPYG32.EXE] C:\WINDOWS\SYSTEM\APPYG32.EXE
O4 - HKLM\..\RunServices: [CRTU32.EXE] C:\WINDOWS\SYSTEM\CRTU32.EXE
O4 - HKLM\..\RunServices: [IEJC32.EXE] C:\WINDOWS\SYSTEM\IEJC32.EXE
O4 - HKLM\..\RunServices: [SYSRI.EXE] C:\WINDOWS\SYSTEM\SYSRI.EXE
O4 - HKLM\..\RunServices: [APIJE32.EXE] C:\WINDOWS\SYSTEM\APIJE32.EXE
O4 - HKLM\..\RunServices: [ATLNG32.EXE] C:\WINDOWS\ATLNG32.EXE
O4 - HKLM\..\RunServices: [CRES.EXE] C:\WINDOWS\SYSTEM\CRES.EXE
O4 - HKLM\..\RunServices: [APIJO.EXE] C:\WINDOWS\SYSTEM\APIJO.EXE
O4 - HKLM\..\RunServices: [SYSKY.EXE] C:\WINDOWS\SYSKY.EXE
O4 - HKLM\..\RunServices: [SYSWD.EXE] C:\WINDOWS\SYSWD.EXE
O4 - HKLM\..\RunServices: [APPUL32.EXE] C:\WINDOWS\APPUL32.EXE
O4 - HKLM\..\RunServices: [D3XD.EXE] C:\WINDOWS\SYSTEM\D3XD.EXE
O4 - HKLM\..\RunServices: [IEHL.EXE] C:\WINDOWS\SYSTEM\IEHL.EXE
O4 - HKLM\..\RunServices: [IPEJ.EXE] C:\WINDOWS\SYSTEM\IPEJ.EXE
O4 - HKLM\..\RunServices: [APIVA.EXE] C:\WINDOWS\APIVA.EXE
O4 - HKLM\..\RunServices: [SYSZS.EXE] C:\WINDOWS\SYSTEM\SYSZS.EXE
O4 - HKLM\..\RunServices: [ADDHE.EXE] C:\WINDOWS\ADDHE.EXE
O4 - HKLM\..\RunServices: [CRYE32.EXE] C:\WINDOWS\CRYE32.EXE
O4 - HKLM\..\RunServices: [IEIQ32.EXE] C:\WINDOWS\IEIQ32.EXE
O4 - HKLM\..\RunServices: [IEKC.EXE] C:\WINDOWS\SYSTEM\IEKC.EXE
O4 - HKLM\..\RunServices: [WINGV.EXE] C:\WINDOWS\WINGV.EXE
O4 - HKLM\..\RunServices: [MSXN32.EXE] C:\WINDOWS\SYSTEM\MSXN32.EXE
O4 - HKLM\..\RunServices: [D3ZX.EXE] C:\WINDOWS\SYSTEM\D3ZX.EXE
O4 - HKLM\..\RunServices: [WINCQ.EXE] C:\WINDOWS\WINCQ.EXE
O4 - HKLM\..\RunServices: [SYSJK32.EXE] C:\WINDOWS\SYSTEM\SYSJK32.EXE
O4 - HKLM\..\RunServices: [WINTU32.EXE] C:\WINDOWS\WINTU32.EXE
O4 - HKLM\..\RunServices: [SYSPJ32.EXE] C:\WINDOWS\SYSTEM\SYSPJ32.EXE
O4 - HKLM\..\RunServices: [SYSBK.EXE] C:\WINDOWS\SYSTEM\SYSBK.EXE
O4 - HKLM\..\RunServices: [NTTM32.EXE] C:\WINDOWS\NTTM32.EXE
O4 - HKLM\..\RunServices: [WINRI32.EXE] C:\WINDOWS\WINRI32.EXE
O4 - HKLM\..\RunServices: [IPZD.EXE] C:\WINDOWS\SYSTEM\IPZD.EXE
O4 - HKLM\..\RunServices: [APPZG.EXE] C:\WINDOWS\APPZG.EXE
O4 - HKLM\..\RunServices: [WINMU.EXE] C:\WINDOWS\SYSTEM\WINMU.EXE
O4 - HKLM\..\RunServices: [IEGQ.EXE] C:\WINDOWS\SYSTEM\IEGQ.EXE
O4 - HKLM\..\RunServices: [APPVO.EXE] C:\WINDOWS\SYSTEM\APPVO.EXE
O4 - HKLM\..\RunServices: [WINAZ.EXE] C:\WINDOWS\WINAZ.EXE
O4 - HKLM\..\RunServices: [JAVAZG32.EXE] C:\WINDOWS\JAVAZG32.EXE
O4 - HKLM\..\RunServices: [NETBB.EXE] C:\WINDOWS\NETBB.EXE
O4 - HKLM\..\RunServices: [SYSOQ32.EXE] C:\WINDOWS\SYSOQ32.EXE
O4 - HKLM\..\RunServices: [MSRR32.EXE] C:\WINDOWS\SYSTEM\MSRR32.EXE
O4 - HKLM\..\RunServices: [NTAH.EXE] C:\WINDOWS\SYSTEM\NTAH.EXE
O4 - HKLM\..\RunServices: [APINO.EXE] C:\WINDOWS\APINO.EXE
O4 - HKLM\..\RunServices: [IEOU32.EXE] C:\WINDOWS\SYSTEM\IEOU32.EXE
O4 - HKLM\..\RunServices: [NETIE.EXE] C:\WINDOWS\NETIE.EXE
O4 - HKLM\..\RunServices: [MFCQQ32.EXE] C:\WINDOWS\MFCQQ32.EXE
O4 - HKLM\..\RunServices: [D3VJ.EXE] C:\WINDOWS\SYSTEM\D3VJ.EXE
O4 - HKLM\..\RunServices: [JAVAQT32.EXE] C:\WINDOWS\JAVAQT32.EXE
O4 - HKLM\..\RunServices: [NETCP32.EXE] C:\WINDOWS\SYSTEM\NETCP32.EXE
O4 - HKLM\..\RunServices: [NETPG32.EXE] C:\WINDOWS\SYSTEM\NETPG32.EXE
O4 - HKLM\..\RunServices: [APPEU32.EXE] C:\WINDOWS\APPEU32.EXE
O4 - HKLM\..\RunServices: [NTWY.EXE] C:\WINDOWS\NTWY.EXE
O4 - HKLM\..\RunServices: [IEXA.EXE] C:\WINDOWS\IEXA.EXE
O4 - HKLM\..\RunServices: [IEQG.EXE] C:\WINDOWS\SYSTEM\IEQG.EXE
O4 - HKLM\..\RunServices: [SYSHN32.EXE] C:\WINDOWS\SYSHN32.EXE
O4 - HKLM\..\RunServices: [ADDJC.EXE] C:\WINDOWS\SYSTEM\ADDJC.EXE
O4 - HKLM\..\RunServices: [JAVAPR.EXE] C:\WINDOWS\SYSTEM\JAVAPR.EXE
O4 - HKLM\..\RunServices: [SDKXH32.EXE] C:\WINDOWS\SYSTEM\SDKXH32.EXE
O4 - HKLM\..\RunServices: [SYSSH32.EXE] C:\WINDOWS\SYSTEM\SYSSH32.EXE
O4 - HKLM\..\RunServices: [MSBN32.EXE] C:\WINDOWS\MSBN32.EXE
O4 - HKLM\..\RunServices: [D3CL.EXE] C:\WINDOWS\SYSTEM\D3CL.EXE
O4 - HKLM\..\RunServices: [IEAP32.EXE] C:\WINDOWS\SYSTEM\IEAP32.EXE
O4 - HKLM\..\RunServices: [ATLSE.EXE] C:\WINDOWS\ATLSE.EXE
O4 - HKLM\..\RunServices: [SDKIZ.EXE] C:\WINDOWS\SYSTEM\SDKIZ.EXE
O4 - HKLM\..\RunServices: [IEBV32.EXE] C:\WINDOWS\IEBV32.EXE
O4 - HKLM\..\RunServices: [MSMB.EXE] C:\WINDOWS\SYSTEM\MSMB.EXE
O4 - HKLM\..\RunServices: [IEOE32.EXE] C:\WINDOWS\IEOE32.EXE
O4 - HKLM\..\RunServices: [APIZU.EXE] C:\WINDOWS\APIZU.EXE
O4 - HKLM\..\RunServices: [SDKTY.EXE] C:\WINDOWS\SYSTEM\SDKTY.EXE
O4 - HKLM\..\RunServices: [SYSYM.EXE] C:\WINDOWS\SYSYM.EXE
O4 - HKLM\..\RunServices: [JAVADG32.EXE] C:\WINDOWS\SYSTEM\JAVADG32.EXE
O4 - HKLM\..\RunServices: [ATLYW.EXE] C:\WINDOWS\SYSTEM\ATLYW.EXE
O4 - HKLM\..\RunServices: [IECJ32.EXE] C:\WINDOWS\SYSTEM\IECJ32.EXE
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SDKYB32.EXE] C:\WINDOWS\SDKYB32.EXE
O4 - HKLM\..\RunServices: [WINDE.EXE] C:\WINDOWS\WINDE.EXE
O4 - HKLM\..\RunServices: [IEUN32.EXE] C:\WINDOWS\SYSTEM\IEUN32.EXE
O4 - HKLM\..\RunServices: [IEND.EXE] C:\WINDOWS\IEND.EXE
O4 - HKLM\..\RunServices: [NTAR.EXE] C:\WINDOWS\SYSTEM\NTAR.EXE
O4 - HKLM\..\RunServices: [WINYO.EXE] C:\WINDOWS\SYSTEM\WINYO.EXE
O4 - HKLM\..\RunServices: [SYSIW32.EXE] C:\WINDOWS\SYSTEM\SYSIW32.EXE
O4 - HKLM\..\RunServices: [APPSB32.EXE] C:\WINDOWS\APPSB32.EXE
O4 - HKLM\..\RunServices: [MFCLV.EXE] C:\WINDOWS\SYSTEM\MFCLV.EXE
O4 - HKLM\..\RunServices: [NETXM32.EXE] C:\WINDOWS\NETXM32.EXE
O4 - HKLM\..\RunServices: [JAVATK.EXE] C:\WINDOWS\JAVATK.EXE
O4 - HKLM\..\RunServices: [SDKSB.EXE] C:\WINDOWS\SDKSB.EXE
O4 - HKLM\..\RunServices: [APPFI.EXE] C:\WINDOWS\SYSTEM\APPFI.EXE
O4 - HKLM\..\RunServices: [D3LK32.EXE] C:\WINDOWS\D3LK32.EXE
O4 - HKLM\..\RunServices: [JAVATP.EXE] C:\WINDOWS\SYSTEM\JAVATP.EXE
O4 - HKLM\..\RunServices: [JAVAHG32.EXE] C:\WINDOWS\SYSTEM\JAVAHG32.EXE
O4 - HKLM\..\RunServices: [JAVAQU.EXE] C:\WINDOWS\JAVAQU.EXE
O4 - HKLM\..\RunServices: [MSYO32.EXE] C:\WINDOWS\MSYO32.EXE
O4 - HKLM\..\RunServices: [SYSYB.EXE] C:\WINDOWS\SYSYB.EXE
O4 - HKLM\..\RunServices: [NTJP.EXE] C:\WINDOWS\NTJP.EXE
O4 - HKLM\..\RunServices: [MSXM32.EXE] C:\WINDOWS\SYSTEM\MSXM32.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [NETAV32.EXE] C:\WINDOWS\NETAV32.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ADDXE.EXE] C:\WINDOWS\SYSTEM\ADDXE.EXE
O4 - HKLM\..\RunServices: [ADDTJ.EXE] C:\WINDOWS\SYSTEM\ADDTJ.EXE
O4 - HKLM\..\RunServices: [SYSDH.EXE] C:\WINDOWS\SYSTEM\SYSDH.EXE
O4 - HKLM\..\RunServices: [IPCS32.EXE] C:\WINDOWS\IPCS32.EXE
O4 - HKLM\..\RunServices: [NETFP32.EXE] C:\WINDOWS\NETFP32.EXE
O4 - HKLM\..\RunServices: [NETOX32.EXE] C:\WINDOWS\SYSTEM\NETOX32.EXE
O4 - HKLM\..\RunServices: [NTJT32.EXE] C:\WINDOWS\SYSTEM\NTJT32.EXE
O4 - HKLM\..\RunServices: [NETHO32.EXE] C:\WINDOWS\NETHO32.EXE
O4 - HKLM\..\RunServices: [NTES.EXE] C:\WINDOWS\SYSTEM\NTES.EXE
O4 - HKLM\..\RunServices: [IPGI.EXE] C:\WINDOWS\SYSTEM\IPGI.EXE
O4 - HKLM\..\RunServices: [SDKVA.EXE] C:\WINDOWS\SDKVA.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Gomez PEER.lnk = C:\Program Files\Gomez\GomezPEER\bin\GomezPEER.exe
O4 - Startup: Microsoft Office.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...120.5883564815
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
Similar Threads
Reputation Points: 10
Solved Threads: 0
Newbie Poster
freakydave is offline Offline
3 posts
since Jun 2004
Permalink
Jun 21st, 2004
0

Re: My HJT log

Hmmm. No comment. Go here for an on-line scan & set it to autoclean for you.
When done do the following:

Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked' :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\gmdxi.dll/sp.html#892478769
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://gmdxi.dll/index.html#892478769
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://gmdxi.dll/index.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\gmdxi.dll/sp.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://gmdxi.dll/index.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\gmdxi.dll/sp.html#892478769

O2 - BHO: (no name) - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - C:\WINDOWS\MSOPT.DLL (file missing)
O2 - BHO: (no name) - {82E171B7-1D29-3198-5994-8538A263AB90} - C:\WINDOWS\SYSTEM\ATLKX32.DLL
O2 - BHO: (no name) - {882277A9-9B00-249B-B5A5-F1A34D1D32EE} - C:\WINDOWS\SYSTEM\ATLKX32.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: (no name) - {211D3DB0-EDDE-9087-6537-F30E20643B60} - C:\WINDOWS\SYSTEM\ATLKX32.DLL
O2 - BHO: (no name) - {58CC646F-58C1-4FBE-58A2-2ABD5713621F} - C:\WINDOWS\SYSTEM\ATLKX32.DLL

O4 - HKLM\..\Run: [MFCMH32.EXE] C:\WINDOWS\SYSTEM\MFCMH32.EXE
O4 - HKLM\..\RunServices: [WINSH.EXE] C:\WINDOWS\SYSTEM\WINSH.EXE
O4 - HKLM\..\RunServices: [IPNM.EXE] C:\WINDOWS\SYSTEM\IPNM.EXE
O4 - HKLM\..\RunServices: [D3XJ32.EXE] C:\WINDOWS\SYSTEM\D3XJ32.EXE
O4 - HKLM\..\RunServices: [JAVAFU32.EXE] C:\WINDOWS\SYSTEM\JAVAFU32.EXE
O4 - HKLM\..\RunServices: [NETYA32.EXE] C:\WINDOWS\NETYA32.EXE
O4 - HKLM\..\RunServices: [NTNA.EXE] C:\WINDOWS\NTNA.EXE
O4 - HKLM\..\RunServices: [NETHO.EXE] C:\WINDOWS\SYSTEM\NETHO.EXE
O4 - HKLM\..\RunServices: [ADDLW32.EXE] C:\WINDOWS\SYSTEM\ADDLW32.EXE
O4 - HKLM\..\RunServices: [JAVASF32.EXE] C:\WINDOWS\SYSTEM\JAVASF32.EXE
O4 - HKLM\..\RunServices: [IEHY.EXE] C:\WINDOWS\SYSTEM\IEHY.EXE
O4 - HKLM\..\RunServices: [APPYG32.EXE] C:\WINDOWS\SYSTEM\APPYG32.EXE
O4 - HKLM\..\RunServices: [CRTU32.EXE] C:\WINDOWS\SYSTEM\CRTU32.EXE
O4 - HKLM\..\RunServices: [IEJC32.EXE] C:\WINDOWS\SYSTEM\IEJC32.EXE
O4 - HKLM\..\RunServices: [SYSRI.EXE] C:\WINDOWS\SYSTEM\SYSRI.EXE
O4 - HKLM\..\RunServices: [APIJE32.EXE] C:\WINDOWS\SYSTEM\APIJE32.EXE
O4 - HKLM\..\RunServices: [ATLNG32.EXE] C:\WINDOWS\ATLNG32.EXE
O4 - HKLM\..\RunServices: [CRES.EXE] C:\WINDOWS\SYSTEM\CRES.EXE
O4 - HKLM\..\RunServices: [APIJO.EXE] C:\WINDOWS\SYSTEM\APIJO.EXE
O4 - HKLM\..\RunServices: [SYSKY.EXE] C:\WINDOWS\SYSKY.EXE
O4 - HKLM\..\RunServices: [SYSWD.EXE] C:\WINDOWS\SYSWD.EXE
O4 - HKLM\..\RunServices: [APPUL32.EXE] C:\WINDOWS\APPUL32.EXE
O4 - HKLM\..\RunServices: [D3XD.EXE] C:\WINDOWS\SYSTEM\D3XD.EXE
O4 - HKLM\..\RunServices: [IEHL.EXE] C:\WINDOWS\SYSTEM\IEHL.EXE
O4 - HKLM\..\RunServices: [IPEJ.EXE] C:\WINDOWS\SYSTEM\IPEJ.EXE
O4 - HKLM\..\RunServices: [APIVA.EXE] C:\WINDOWS\APIVA.EXE
O4 - HKLM\..\RunServices: [SYSZS.EXE] C:\WINDOWS\SYSTEM\SYSZS.EXE
O4 - HKLM\..\RunServices: [ADDHE.EXE] C:\WINDOWS\ADDHE.EXE
O4 - HKLM\..\RunServices: [CRYE32.EXE] C:\WINDOWS\CRYE32.EXE
O4 - HKLM\..\RunServices: [IEIQ32.EXE] C:\WINDOWS\IEIQ32.EXE
O4 - HKLM\..\RunServices: [IEKC.EXE] C:\WINDOWS\SYSTEM\IEKC.EXE
O4 - HKLM\..\RunServices: [WINGV.EXE] C:\WINDOWS\WINGV.EXE
O4 - HKLM\..\RunServices: [MSXN32.EXE] C:\WINDOWS\SYSTEM\MSXN32.EXE
O4 - HKLM\..\RunServices: [D3ZX.EXE] C:\WINDOWS\SYSTEM\D3ZX.EXE
O4 - HKLM\..\RunServices: [WINCQ.EXE] C:\WINDOWS\WINCQ.EXE
O4 - HKLM\..\RunServices: [SYSJK32.EXE] C:\WINDOWS\SYSTEM\SYSJK32.EXE
O4 - HKLM\..\RunServices: [WINTU32.EXE] C:\WINDOWS\WINTU32.EXE
O4 - HKLM\..\RunServices: [SYSPJ32.EXE] C:\WINDOWS\SYSTEM\SYSPJ32.EXE
O4 - HKLM\..\RunServices: [SYSBK.EXE] C:\WINDOWS\SYSTEM\SYSBK.EXE
O4 - HKLM\..\RunServices: [NTTM32.EXE] C:\WINDOWS\NTTM32.EXE
O4 - HKLM\..\RunServices: [WINRI32.EXE] C:\WINDOWS\WINRI32.EXE
O4 - HKLM\..\RunServices: [IPZD.EXE] C:\WINDOWS\SYSTEM\IPZD.EXE
O4 - HKLM\..\RunServices: [APPZG.EXE] C:\WINDOWS\APPZG.EXE
O4 - HKLM\..\RunServices: [WINMU.EXE] C:\WINDOWS\SYSTEM\WINMU.EXE
O4 - HKLM\..\RunServices: [IEGQ.EXE] C:\WINDOWS\SYSTEM\IEGQ.EXE
O4 - HKLM\..\RunServices: [APPVO.EXE] C:\WINDOWS\SYSTEM\APPVO.EXE
O4 - HKLM\..\RunServices: [WINAZ.EXE] C:\WINDOWS\WINAZ.EXE
O4 - HKLM\..\RunServices: [JAVAZG32.EXE] C:\WINDOWS\JAVAZG32.EXE
O4 - HKLM\..\RunServices: [NETBB.EXE] C:\WINDOWS\NETBB.EXE
O4 - HKLM\..\RunServices: [SYSOQ32.EXE] C:\WINDOWS\SYSOQ32.EXE
O4 - HKLM\..\RunServices: [MSRR32.EXE] C:\WINDOWS\SYSTEM\MSRR32.EXE
O4 - HKLM\..\RunServices: [NTAH.EXE] C:\WINDOWS\SYSTEM\NTAH.EXE
O4 - HKLM\..\RunServices: [APINO.EXE] C:\WINDOWS\APINO.EXE
O4 - HKLM\..\RunServices: [IEOU32.EXE] C:\WINDOWS\SYSTEM\IEOU32.EXE
O4 - HKLM\..\RunServices: [NETIE.EXE] C:\WINDOWS\NETIE.EXE
O4 - HKLM\..\RunServices: [MFCQQ32.EXE] C:\WINDOWS\MFCQQ32.EXE
O4 - HKLM\..\RunServices: [D3VJ.EXE] C:\WINDOWS\SYSTEM\D3VJ.EXE
O4 - HKLM\..\RunServices: [JAVAQT32.EXE] C:\WINDOWS\JAVAQT32.EXE
O4 - HKLM\..\RunServices: [NETCP32.EXE] C:\WINDOWS\SYSTEM\NETCP32.EXE
O4 - HKLM\..\RunServices: [NETPG32.EXE] C:\WINDOWS\SYSTEM\NETPG32.EXE
O4 - HKLM\..\RunServices: [APPEU32.EXE] C:\WINDOWS\APPEU32.EXE
O4 - HKLM\..\RunServices: [NTWY.EXE] C:\WINDOWS\NTWY.EXE
O4 - HKLM\..\RunServices: [IEXA.EXE] C:\WINDOWS\IEXA.EXE
O4 - HKLM\..\RunServices: [IEQG.EXE] C:\WINDOWS\SYSTEM\IEQG.EXE
O4 - HKLM\..\RunServices: [SYSHN32.EXE] C:\WINDOWS\SYSHN32.EXE
O4 - HKLM\..\RunServices: [ADDJC.EXE] C:\WINDOWS\SYSTEM\ADDJC.EXE
O4 - HKLM\..\RunServices: [JAVAPR.EXE] C:\WINDOWS\SYSTEM\JAVAPR.EXE
O4 - HKLM\..\RunServices: [SDKXH32.EXE] C:\WINDOWS\SYSTEM\SDKXH32.EXE
O4 - HKLM\..\RunServices: [SYSSH32.EXE] C:\WINDOWS\SYSTEM\SYSSH32.EXE
O4 - HKLM\..\RunServices: [MSBN32.EXE] C:\WINDOWS\MSBN32.EXE
O4 - HKLM\..\RunServices: [D3CL.EXE] C:\WINDOWS\SYSTEM\D3CL.EXE
O4 - HKLM\..\RunServices: [IEAP32.EXE] C:\WINDOWS\SYSTEM\IEAP32.EXE
O4 - HKLM\..\RunServices: [ATLSE.EXE] C:\WINDOWS\ATLSE.EXE
O4 - HKLM\..\RunServices: [SDKIZ.EXE] C:\WINDOWS\SYSTEM\SDKIZ.EXE
O4 - HKLM\..\RunServices: [IEBV32.EXE] C:\WINDOWS\IEBV32.EXE
O4 - HKLM\..\RunServices: [MSMB.EXE] C:\WINDOWS\SYSTEM\MSMB.EXE
O4 - HKLM\..\RunServices: [IEOE32.EXE] C:\WINDOWS\IEOE32.EXE
O4 - HKLM\..\RunServices: [APIZU.EXE] C:\WINDOWS\APIZU.EXE
O4 - HKLM\..\RunServices: [SDKTY.EXE] C:\WINDOWS\SYSTEM\SDKTY.EXE
O4 - HKLM\..\RunServices: [SYSYM.EXE] C:\WINDOWS\SYSYM.EXE
O4 - HKLM\..\RunServices: [JAVADG32.EXE] C:\WINDOWS\SYSTEM\JAVADG32.EXE
O4 - HKLM\..\RunServices: [ATLYW.EXE] C:\WINDOWS\SYSTEM\ATLYW.EXE
O4 - HKLM\..\RunServices: [IECJ32.EXE] C:\WINDOWS\SYSTEM\IECJ32.EXE
O4 - HKLM\..\RunServices: [SDKYB32.EXE] C:\WINDOWS\SDKYB32.EXE
O4 - HKLM\..\RunServices: [WINDE.EXE] C:\WINDOWS\WINDE.EXE
O4 - HKLM\..\RunServices: [IEUN32.EXE] C:\WINDOWS\SYSTEM\IEUN32.EXE
O4 - HKLM\..\RunServices: [IEND.EXE] C:\WINDOWS\IEND.EXE
O4 - HKLM\..\RunServices: [NTAR.EXE] C:\WINDOWS\SYSTEM\NTAR.EXE
O4 - HKLM\..\RunServices: [WINYO.EXE] C:\WINDOWS\SYSTEM\WINYO.EXE
O4 - HKLM\..\RunServices: [SYSIW32.EXE] C:\WINDOWS\SYSTEM\SYSIW32.EXE
O4 - HKLM\..\RunServices: [APPSB32.EXE] C:\WINDOWS\APPSB32.EXE
O4 - HKLM\..\RunServices: [MFCLV.EXE] C:\WINDOWS\SYSTEM\MFCLV.EXE
O4 - HKLM\..\RunServices: [NETXM32.EXE] C:\WINDOWS\NETXM32.EXE
O4 - HKLM\..\RunServices: [JAVATK.EXE] C:\WINDOWS\JAVATK.EXE
O4 - HKLM\..\RunServices: [SDKSB.EXE] C:\WINDOWS\SDKSB.EXE
O4 - HKLM\..\RunServices: [APPFI.EXE] C:\WINDOWS\SYSTEM\APPFI.EXE
O4 - HKLM\..\RunServices: [D3LK32.EXE] C:\WINDOWS\D3LK32.EXE
O4 - HKLM\..\RunServices: [JAVATP.EXE] C:\WINDOWS\SYSTEM\JAVATP.EXE
O4 - HKLM\..\RunServices: [JAVAHG32.EXE] C:\WINDOWS\SYSTEM\JAVAHG32.EXE
O4 - HKLM\..\RunServices: [JAVAQU.EXE] C:\WINDOWS\JAVAQU.EXE
O4 - HKLM\..\RunServices: [MSYO32.EXE] C:\WINDOWS\MSYO32.EXE
O4 - HKLM\..\RunServices: [SYSYB.EXE] C:\WINDOWS\SYSYB.EXE
O4 - HKLM\..\RunServices: [NTJP.EXE] C:\WINDOWS\NTJP.EXE
O4 - HKLM\..\RunServices: [MSXM32.EXE] C:\WINDOWS\SYSTEM\MSXM32.EXE
O4 - HKLM\..\RunServices: [NETAV32.EXE] C:\WINDOWS\NETAV32.EXE
O4 - HKLM\..\RunServices: [ADDXE.EXE] C:\WINDOWS\SYSTEM\ADDXE.EXE
O4 - HKLM\..\RunServices: [ADDTJ.EXE] C:\WINDOWS\SYSTEM\ADDTJ.EXE
O4 - HKLM\..\RunServices: [SYSDH.EXE] C:\WINDOWS\SYSTEM\SYSDH.EXE
O4 - HKLM\..\RunServices: [IPCS32.EXE] C:\WINDOWS\IPCS32.EXE
O4 - HKLM\..\RunServices: [NETFP32.EXE] C:\WINDOWS\NETFP32.EXE
O4 - HKLM\..\RunServices: [NETOX32.EXE] C:\WINDOWS\SYSTEM\NETOX32.EXE
O4 - HKLM\..\RunServices: [NTJT32.EXE] C:\WINDOWS\SYSTEM\NTJT32.EXE
O4 - HKLM\..\RunServices: [NETHO32.EXE] C:\WINDOWS\NETHO32.EXE
O4 - HKLM\..\RunServices: [NTES.EXE] C:\WINDOWS\SYSTEM\NTES.EXE
O4 - HKLM\..\RunServices: [IPGI.EXE] C:\WINDOWS\SYSTEM\IPGI.EXE
O4 - HKLM\..\RunServices: [SDKVA.EXE] C:\WINDOWS\SDKVA.EXE

Reboot into safe mode following the instructions here & navigate to & delete all of the above 04 .exe files.

Reboot normally after doing the above then post a fresh log plz.
Moderator
Featured Poster
Reputation Points: 1142
Solved Threads: 982
Most Valuable Poster
crunchie is offline Offline
12,163 posts
since Feb 2004
Permalink
Jun 22nd, 2004
0

Re: My HJT log

Went to housecall --couldn't run the scan.security settings won't allow direct X
Completed the other tasks.Still being hijacked though.

Logfile of HijackThis v1.97.7
Scan saved at 2:25:26 AM, on 22/06/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\IEIQ.EXE
C:\WINDOWS\SYSTEM\IEPT.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\NTKS32.EXE
C:\WINDOWS\SYSTEM\SYSRZ.EXE
C:\WINDOWS\SYSTEM\MSXI.EXE
C:\WINDOWS\APPTK32.EXE
C:\WINDOWS\CRXV.EXE
C:\WINDOWS\MSZU32.EXE
C:\WINDOWS\SYSTEM\CRPO32.EXE
C:\WINDOWS\SYSTEM\APPZB32.EXE
C:\WINDOWS\SYSTEM\JAVAZT32.EXE
C:\WINDOWS\NTST.EXE
C:\WINDOWS\SYSTEM\WINZN32.EXE
C:\WINDOWS\SYSTEM\IPBA.EXE
C:\WINDOWS\SYSTEM\JAVAUA32.EXE
C:\WINDOWS\SYSTEM\JAVATD32.EXE
C:\WINDOWS\APPWT.EXE
C:\WINDOWS\WINWS.EXE
C:\WINDOWS\NETET32.EXE
C:\WINDOWS\SYSTEM\IEKD32.EXE
C:\WINDOWS\SYSTEM\IEPP.EXE
C:\WINDOWS\SYSTEM\IPDR32.EXE
C:\WINDOWS\SDKKE32.EXE
C:\WINDOWS\SYSTEM\D3NM32.EXE
C:\WINDOWS\APPSB32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\CRPI.EXE
C:\WINDOWS\SYSTEM\APIKV.EXE
C:\WINDOWS\SYSTEM\D3DK32.EXE
C:\WINDOWS\APIMO32.EXE
C:\WINDOWS\SYSTEM\CRIN32.EXE
C:\WINDOWS\SYSTEM\CRBQ.EXE
C:\WINDOWS\SYSTEM\IEOT.EXE
C:\WINDOWS\SYSTEM\ADDUF32.EXE
C:\WINDOWS\SYSTEM\NETNW32.EXE
C:\WINDOWS\ADDRH32.EXE
C:\WINDOWS\SYSYH.EXE
C:\WINDOWS\SYSTEM\MFCVB.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\GOMEZ\GOMEZPEER\BIN\GOMEZPEER.EXE
C:\PROGRAM FILES\GOMEZ\GOMEZPEER\JRE\BIN\JAVA.EXE
C:\WINDOWS\APPSB32.EXE
C:\WINDOWS\MSZU32.EXE
C:\WINDOWS\SYSTEM\SYSRZ.EXE
C:\WINDOWS\CRXV.EXE
C:\WINDOWS\ADDRH32.EXE
C:\WINDOWS\SYSTEM\IEPT.EXE
C:\WINDOWS\NTKS32.EXE
C:\WINDOWS\SYSTEM\APPZB32.EXE
C:\WINDOWS\SYSTEM\WINZN32.EXE
C:\WINDOWS\SYSTEM\CRPO32.EXE
C:\WINDOWS\SYSTEM\JAVAUA32.EXE
C:\WINDOWS\SYSTEM\MSXI.EXE
C:\WINDOWS\APPWT.EXE
C:\WINDOWS\SYSTEM\IPBA.EXE
C:\WINDOWS\SDKBJ.EXE
C:\WINDOWS\NETET32.EXE
C:\WINDOWS\SYSTEM\IEPP.EXE
C:\WINDOWS\WINWS.EXE
C:\WINDOWS\SDKKE32.EXE
C:\WINDOWS\SYSTEM\IEKD32.EXE
C:\WINDOWS\SYSTEM\D3NM32.EXE
C:\WINDOWS\SYSTEM\MFCVB.EXE
C:\WINDOWS\SYSTEM\APIKV.EXE
C:\WINDOWS\SYSTEM\ADDUF32.EXE
C:\WINDOWS\SYSTEM\D3DK32.EXE
C:\WINDOWS\SYSTEM\CRPI.EXE
C:\WINDOWS\SYSTEM\CRIN32.EXE
C:\WINDOWS\SYSTEM\IEOT.EXE
C:\WINDOWS\NETEO32.EXE
C:\WINDOWS\APIMO32.EXE
C:\WINDOWS\SYSTEM\CRBQ.EXE
C:\WINDOWS\SYSYH.EXE
C:\WINDOWS\SYSTEM\NETNW32.EXE
C:\WINDOWS\NETEO32.EXE
C:\WINDOWS\SYSTEM\ATLUV32.EXE
C:\WINDOWS\DESKTOP\ALLWAYS\VIDS\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\ootrg.dll/sp.html#892478769
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://ootrg.dll/index.html#892478769
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://ootrg.dll/index.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\ootrg.dll/sp.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://ootrg.dll/index.html#892478769
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\ootrg.dll/sp.html#892478769
O2 - BHO: (no name) - {3C1758F7-D8DC-E38C-1C12-C2E46173BFF8} - C:\WINDOWS\JAVAUG.DLL (file missing)
O2 - BHO: (no name) - {BC234570-5592-DEEC-F787-4BF76F57427B} - C:\WINDOWS\SYSTEM\NTFK.DLL (file missing)
O2 - BHO: (no name) - {04324C8A-2846-9CDA-7AE9-6D0D763453AE} - C:\WINDOWS\ADDJX32.DLL (file missing)
O2 - BHO: (no name) - {3DC89CE4-55C3-FA9A-A228-03A794B03BCB} - C:\WINDOWS\SYSTEM\D3TO.DLL (file missing)
O2 - BHO: (no name) - {199436BD-DDF4-FB81-ABEF-204A5E343DBA} - C:\WINDOWS\SYSTEM\SYSDY32.DLL (file missing)
O2 - BHO: (no name) - {566A6A9A-67AD-EFE9-5934-02BD0D6C987A} - C:\WINDOWS\SYSTEM\D3TH32.DLL (file missing)
O2 - BHO: (no name) - {F0E4F674-0FD3-D771-42A6-235DC7A66BB3} - C:\WINDOWS\SYSTEM\WINDQ32.DLL (file missing)
O2 - BHO: (no name) - {C205C173-C801-4313-FC5C-D7AB543DFBE1} - C:\WINDOWS\ADDFL.DLL (file missing)
O2 - BHO: (no name) - {9FF3EC2B-5A88-1F24-6D40-596F602C24F7} - C:\WINDOWS\SYSTEM\ADDOL32.DLL (file missing)
O2 - BHO: (no name) - {B37338CB-DC89-F6A6-BA8B-AEF4D740566E} - C:\WINDOWS\MSTY32.DLL (file missing)
O2 - BHO: (no name) - {E0633C44-2876-D883-CD28-CD2B8AA44E14} - C:\WINDOWS\SYSTEM\SDKNF32.DLL (file missing)
O2 - BHO: (no name) - {32D797E6-4ECC-DCA3-B90A-458EC0B4B4C5} - C:\WINDOWS\SDKOW32.DLL (file missing)
O2 - BHO: (no name) - {3366A681-63B6-7915-C2CB-2CC4EF3E7DB2} - C:\WINDOWS\SYSTEM\APPPJ32.DLL (file missing)
O2 - BHO: (no name) - {7064DB26-71F4-B83F-44D6-2B57CE7E33A2} - C:\WINDOWS\APPBD.DLL (file missing)
O2 - BHO: (no name) - {DBBEFC8D-9BF7-6537-2D22-48E597FD287A} - C:\WINDOWS\CRZJ.DLL (file missing)
O2 - BHO: (no name) - {70307C45-F763-AEB9-DEE4-CE5AB81CA0C4} - C:\WINDOWS\SYSTEM\WINJN32.DLL (file missing)
O2 - BHO: (no name) - {BEE713AE-FD55-7B5A-A7CA-316D7B9CE706} - C:\WINDOWS\SYSTEM\WINPQ32.DLL (file missing)
O2 - BHO: (no name) - {E2CAEA1A-652C-F3A0-BB88-CFED1DFD8754} - C:\WINDOWS\MSZG.DLL (file missing)
O2 - BHO: (no name) - {BEFC335B-6797-430E-0DA7-1985DA8D0CA0} - C:\WINDOWS\SYSTEM\APPBB.DLL (file missing)
O2 - BHO: (no name) - {1F6F53C4-ACAF-D9FE-429E-AA47DE088F82} - C:\WINDOWS\SYSTEM\JAVADU32.DLL (file missing)
O2 - BHO: (no name) - {E1544B4C-80FE-4978-4D7B-064822DA8985} - C:\WINDOWS\SYSTEM\D3ZU32.DLL (file missing)
O2 - BHO: (no name) - {9595BB1C-2147-CDDA-7CDE-CBB04CA14654} - C:\WINDOWS\SYSTEM\IPMK32.DLL (file missing)
O2 - BHO: (no name) - {59041C71-4838-81BC-5D04-D883E61802BF} - C:\WINDOWS\SYSTEM\SYSDG.DLL (file missing)
O2 - BHO: (no name) - {5680E059-CEB8-D850-E09F-EFD27ADEAC97} - C:\WINDOWS\SYSTEM\JAVAWJ.DLL (file missing)
O2 - BHO: (no name) - {B7BB622B-B1F1-9882-B911-97E5AE60D6F8} - C:\WINDOWS\NETEU32.DLL (file missing)
O2 - BHO: (no name) - {A8BCABA8-F007-6036-E722-66A50AD1ECE7} - C:\WINDOWS\SYSTEM\NETCA.DLL (file missing)
O2 - BHO: (no name) - {EE71F47C-9AD5-9285-3F03-BD4E23A370B8} - C:\WINDOWS\JAVANR32.DLL (file missing)
O2 - BHO: (no name) - {9E6914AB-0DBB-1A5F-029B-3F476288F816} - C:\WINDOWS\D3PO.DLL (file missing)
O2 - BHO: (no name) - {6EDD492A-589C-7A99-DC80-4EC12E169C0D} - C:\WINDOWS\SYSTEM\SDKLO32.DLL (file missing)
O2 - BHO: (no name) - {B9D73454-1C5A-449E-41EE-D9FF73648196} - C:\WINDOWS\SYSTEM\SDKQV32.DLL (file missing)
O2 - BHO: (no name) - {46C59131-C2CD-A440-5179-146B0661C16F} - C:\WINDOWS\SYSTEM\IPGF.DLL (file missing)
O2 - BHO: (no name) - {E7065518-0E66-202A-4EB4-121DBCBCE4D0} - C:\WINDOWS\APIBI.DLL (file missing)
O2 - BHO: (no name) - {EB85181B-E50E-372A-BFD3-C99F9DB12559} - C:\WINDOWS\SYSTEM\ATLOA32.DLL (file missing)
O2 - BHO: (no name) - {C97D5205-FCDC-EB7D-F24D-A44C92DB4A54} - C:\WINDOWS\MFCCJ32.DLL (file missing)
O2 - BHO: (no name) - {D861F83C-B70D-C684-FDEE-89CE5EBD826D} - C:\WINDOWS\NETMG.DLL (file missing)
O2 - BHO: (no name) - {8424F96C-274A-E21F-2290-BAE0CDBB14A7} - C:\WINDOWS\NTTI.DLL (file missing)
O2 - BHO: (no name) - {71DC8B77-12E1-1D60-8483-34F46E7ABCBE} - C:\WINDOWS\SYSTEM\IEJF.DLL
O2 - BHO: (no name) - {0B847E62-B9F9-3421-B123-B58AFEAC72D7} - C:\WINDOWS\SYSTEM\ADDUM.DLL (file missing)
O2 - BHO: (no name) - {397ACE10-AC4F-6D02-B07D-9C18F19A967C} - C:\WINDOWS\SDKUZ.DLL (file missing)
O2 - BHO: (no name) - {DA6825AC-6D4D-B4A5-5DA9-394B5B99A8F6} - C:\WINDOWS\SYSTEM\APPDD32.DLL (file missing)
O2 - BHO: (no name) - {598A5F00-4A66-99FC-2B27-4167ACFF6680} - C:\WINDOWS\ATLGD.DLL (file missing)
O2 - BHO: (no name) - {FA52E462-809D-156B-88C4-C7FBE67428F0} - C:\WINDOWS\SYSTEM\SYSDM.DLL (file missing)
O2 - BHO: (no name) - {D8F6292A-632E-2FF8-816D-45BA7630E2DA} - C:\WINDOWS\ADDMK.DLL (file missing)
O2 - BHO: (no name) - {D1ADC7EE-95BE-7425-AF7A-3AF0E1F550B6} - C:\WINDOWS\SYSTEM\NETHJ.DLL (file missing)
O2 - BHO: (no name) - {E04CC740-6392-9599-BFA7-F8F8045618C9} - C:\WINDOWS\SYSTEM\WINLI32.DLL (file missing)
O2 - BHO: (no name) - {F23458A1-1D96-9C46-3F26-DCEE8800C2FB} - C:\WINDOWS\SYSTEM\JAVAPG.DLL (file missing)
O2 - BHO: (no name) - {C6A56CD0-7FB1-A8EC-CE4E-853678396598} - C:\WINDOWS\SYSTEM\JAVALY.DLL (file missing)
O2 - BHO: (no name) - {1544D6D4-EBAA-A144-24D3-D992A7062004} - C:\WINDOWS\SYSTEM\NTYC.DLL (file missing)
O2 - BHO: (no name) - {C2FA3656-27E9-CB48-07E2-4EDCB9A9B231} - C:\WINDOWS\SYSTEM\WINUS.DLL (file missing)
O2 - BHO: (no name) - {587707A9-FC34-782E-821D-EE35D04D6F9D} - C:\WINDOWS\ADDCT.DLL (file missing)
O2 - BHO: (no name) - {3A3D4EE3-2CE5-F738-742C-E35D128A50A7} - C:\WINDOWS\SYSTEM\CRBU32.DLL (file missing)
O2 - BHO: (no name) - {5172761A-321E-344B-3B84-D57F295F611B} - C:\WINDOWS\APPDV32.DLL (file missing)
O2 - BHO: (no name) - {2319932C-A5B5-C0DB-4326-82033B7C227A} - C:\WINDOWS\SYSTEM\SDKEP32.DLL (file missing)
O2 - BHO: (no name) - {2D6D77DB-5D12-0DC9-2AEB-8B11B10E4E23} - C:\WINDOWS\SYSTEM\CRSI.DLL (file missing)
O2 - BHO: (no name) - {15EAF32F-E910-66D5-9145-A0FEDA5A8A51} - C:\WINDOWS\ATLSG32.DLL (file missing)
O2 - BHO: (no name) - {5716EE74-FBF6-6197-AE1A-1ECC21EE958F} - C:\WINDOWS\SYSTEM\SYSBI32.DLL (file missing)
O2 - BHO: (no name) - {1F0E5D05-A0DE-4188-1C95-417E3C5C516D} - C:\WINDOWS\SYSTEM\MSTA.DLL (file missing)
O2 - BHO: (no name) - {DCC411E1-1C54-3A60-B9AC-0F1D18C92AD2} - C:\WINDOWS\APIVW.DLL (file missing)
O2 - BHO: (no name) - {15B55BB4-E0DE-C7F2-7100-9CF887C3A763} - C:\WINDOWS\SYSTEM\ATLVA.DLL (file missing)
O2 - BHO: (no name) - {F4A2CC40-4499-1003-3204-2E5C16D56476} - C:\WINDOWS\SYSTEM\SDKRS32.DLL (file missing)
O2 - BHO: (no name) - {7405DFC9-0104-BD6B-6AFF-86732A81A6A5} - C:\WINDOWS\SYSTEM\NTUJ32.DLL (file missing)
O2 - BHO: (no name) - {E651457C-C8E8-C8FA-9AEA-59372821A1A5} - C:\WINDOWS\SYSTEM\ATLSG.DLL (file missing)
O2 - BHO: (no name) - {AC669ABF-5B57-0E33-118A-F9FF8DFB0F99} - C:\WINDOWS\SYSTEM\D3OM32.DLL (file missing)
O2 - BHO: (no name) - {8F30B32A-F793-7B48-2B17-6EB4E169E8EB} - C:\WINDOWS\SDKHQ32.DLL (file missing)
O2 - BHO: (no name) - {5F3E960E-4F8D-F271-0D51-E335C5E2FEB9} - C:\WINDOWS\WINFU32.DLL (file missing)
O2 - BHO: (no name) - {EF499FF4-5D68-4F48-3C5E-65411AF29344} - C:\WINDOWS\SDKOO.DLL (file missing)
O2 - BHO: (no name) - {1955F601-A77E-3BCC-43F2-4A72ABCF011B} - C:\WINDOWS\SYSTEM\JAVAAG32.DLL
O2 - BHO: (no name) - {CA934569-F802-4818-5D8F-E4032F9B58EF} - C:\WINDOWS\SYSTEM\ATLZB.DLL (file missing)
O2 - BHO: (no name) - {AE9E2380-7B85-15E8-57E5-FF53A19B4FD5} - C:\WINDOWS\SYSTEM\D3KZ32.DLL
O2 - BHO: (no name) - {0DCE8FCA-72CF-0792-0AAC-10E3C5B60CC3} - C:\WINDOWS\SYSTEM\ADDQO.DLL
O2 - BHO: (no name) - {88B7621A-0DAC-7AE4-0A8A-6306DF75929D} - C:\WINDOWS\SYSTEM\SYSHF.DLL (file missing)
O2 - BHO: (no name) - {2AB80E5C-C6A3-016D-788D-E1F289A65E42} - C:\WINDOWS\WINAG32.DLL
O2 - BHO: (no name) - {C98C7DCC-04E9-A6D9-A145-8EB7C6977CFE} - C:\WINDOWS\IPSU.DLL
O2 - BHO: (no name) - {D9124028-B292-02CF-2F76-8A18A0B407DB} - C:\WINDOWS\APIQN32.DLL
O2 - BHO: (no name) - {2A38BAA1-9EE3-C731-83F2-B4B257669AED} - C:\WINDOWS\SYSTEM\NETHO32.DLL
O2 - BHO: (no name) - {499CBA68-0CDC-4376-9119-E07B6BD9CBB4} - C:\WINDOWS\CREG.DLL
O2 - BHO: (no name) - {24D61A15-3D8F-0712-8763-1448233335C0} - C:\WINDOWS\SYSTEM\D3LN.DLL
O2 - BHO: (no name) - {DF228F33-8BD5-1FF2-C7E2-A4B88F44A70B} - C:\WINDOWS\APIRD.DLL
O2 - BHO: (no name) - {04ED9DA8-D623-DC66-5868-93FB8F0CAECD} - C:\WINDOWS\SYSTEM\ATLXO32.DLL
O2 - BHO: (no name) - {BD8E8671-7F58-2D74-77A8-22CD2858C38F} - C:\WINDOWS\SYSTEM\ATLGO.DLL
O2 - BHO: (no name) - {8B05BCCF-C596-8990-5B77-8E18289DB382} - C:\WINDOWS\SYSTEM\IPXB.DLL
O2 - BHO: (no name) - {54FB0751-11C6-4D6A-AA53-C4307BA96550} - C:\WINDOWS\SYSTEM\SYSYB32.DLL (file missing)
O2 - BHO: (no name) - {C11A6731-AA49-AC2D-3FC3-0E201C13F166} - C:\WINDOWS\ATLYA32.DLL (file missing)
O2 - BHO: (no name) - {B9E2E44C-EE57-A711-7BB5-5A4816D6A0C1} - C:\WINDOWS\D3FU32.DLL (file missing)
O2 - BHO: (no name) - {41F0E35F-2FCE-C682-744D-8EA8C94008C8} - C:\WINDOWS\SYSTEM\ATLEZ.DLL (file missing)
O2 - BHO: (no name) - {8013EF3D-449F-284B-7E0A-3BE1E7E07FD0} - C:\WINDOWS\SYSTEM\JAVAXZ32.DLL (file missing)
O2 - BHO: (no name) - {6124B265-A44F-5676-DB0F-791194E38DE8} - C:\WINDOWS\SYSTEM\ATLMH.DLL (file missing)
O2 - BHO: (no name) - {E64822A5-FF20-E182-F9A8-8DEAD4A36241} - C:\WINDOWS\SYSTEM\JAVAUE32.DLL (file missing)
O2 - BHO: (no name) - {C25B819B-AC4E-4A6C-1C3C-94A75C05801D} - C:\WINDOWS\MFCUK32.DLL (file missing)
O2 - BHO: (no name) - {B4061A5F-2631-C398-10F0-6FD606540059} - C:\WINDOWS\NETUP32.DLL
O2 - BHO: (no name) - {2E651794-347D-9882-B60F-CF52A9AA5182} - C:\WINDOWS\JAVACV32.DLL
O2 - BHO: (no name) - {B24C88EC-60FC-99C0-BA5F-3F3DA397E615} - C:\WINDOWS\WINIK.DLL (file missing)
O2 - BHO: (no name) - {3DEE10F2-58B4-0207-424F-6C4274A2E21F} - C:\WINDOWS\SYSTEM\IEIJ32.DLL
O2 - BHO: (no name) - {8F847879-40F7-B232-AEC5-D3214B36C965} - C:\WINDOWS\ADDEQ32.DLL (file missing)
O2 - BHO: (no name) - {BD83DEE3-0881-986E-6BB1-F3EC3342CFEB} - C:\WINDOWS\SYSTEM\SDKVO.DLL (file missing)
O2 - BHO: (no name) - {8F9FF6E8-171F-5434-95DE-270F1C926F73} - C:\WINDOWS\SYSTEM\MFCMK.DLL (file missing)
O2 - BHO: (no name) - {88B9AA5E-BB32-1C13-60E1-F71F3198824D} - (no file)
O2 - BHO: (no name) - {6F8D1D12-CFC2-4FA8-AB91-6C897FDF757E} - C:\WINDOWS\APIVC.DLL
O2 - BHO: (no name) - {1D2321E9-172B-5B84-1675-FEE652156A69} - C:\WINDOWS\SYSTEM\WINBX.DLL
O2 - BHO: (no name) - {29FA1517-581C-A5D9-395F-39C0C4484938} - C:\WINDOWS\JAVAOY32.DLL
O2 - BHO: (no name) - {528174D8-0C3A-3C50-D774-C0F1D1A15C20} - C:\WINDOWS\IPFU.DLL
O2 - BHO: (no name) - {E5C5DA82-402A-1241-57E8-5AF52A729FEC} - C:\WINDOWS\SYSTEM\D3FB.DLL
O2 - BHO: (no name) - {07AA0D39-02E3-677B-1C65-8949A994E0F0} - C:\WINDOWS\MSVQ.DLL
O2 - BHO: (no name) - {9E2E66D6-C138-8BD6-0873-1991E8C894C9} - C:\WINDOWS\SYSTEM\MFCPO.DLL
O2 - BHO: (no name) - {32004A45-DBFC-2B7B-3989-BB5BE50D9E3A} - C:\WINDOWS\WINAU32.DLL
O2 - BHO: (no name) - {5427C122-41DC-07F0-770B-7D0652D91511} - C:\WINDOWS\SDKZW.DLL
O2 - BHO: (no name) - {9F27B9CF-B4CA-5172-9786-0E69214AEDD9} - C:\WINDOWS\IEDR.DLL
O2 - BHO: (no name) - {34DF8786-1043-05B7-1BA5-A6801F851F01} - C:\WINDOWS\SYSTEM\APPLM.DLL (file missing)
O2 - BHO: (no name) - {0E10B003-516B-A5FE-961E-ECF25BE3662B} - C:\WINDOWS\SYSTEM\NETJJ.DLL (file missing)
O2 - BHO: (no name) - {A24BD490-0AA3-E365-DEE2-5C39334F5386} - C:\WINDOWS\D3HU.DLL (file missing)
O2 - BHO: (no name) - {C71F3DA6-DC5C-A817-D19B-EFEADE2D68C1} - C:\WINDOWS\SYSTEM\WINVK32.DLL
O2 - BHO: (no name) - {04D536A8-BE6C-6283-AD25-18CADEF98984} - C:\WINDOWS\SYSFG32.DLL (file missing)
O2 - BHO: (no name) - {DB60A66C-F69A-6BDB-4826-D913D9902B4C} - C:\WINDOWS\SYSTEM\ADDZL32.DLL (file missing)
O2 - BHO: (no name) - {E8C9ADD5-CA09-D0FC-4AA0-02602550DB38} - C:\WINDOWS\APIPQ32.DLL
O2 - BHO: (no name) - {E2F831A5-CE5B-66F3-CDD8-0ABD57FEA88B} - C:\WINDOWS\D3GP32.DLL
O2 - BHO: (no name) - {3698678C-C5F1-2B0F-7784-86A3A0B91EC5} - C:\WINDOWS\MFCIU32.DLL (file missing)
O2 - BHO: (no name) - {7E20652C-090A-CC44-F3C4-1EA1894CB86D} - C:\WINDOWS\SYSTEM\NETMT.DLL (file missing)
O2 - BHO: (no name) - {26E902A0-CEDD-955D-4562-FC8012F9AFA9} - C:\WINDOWS\MSTV.DLL (file missing)
O2 - BHO: (no name) - {1D29E35C-2CEB-1C5D-F790-A48A9C394EF2} - C:\WINDOWS\SYSTEM\IEVB.DLL (file missing)
O2 - BHO: (no name) - {E427A02F-1232-BA73-9E20-9935E73BA465} - C:\WINDOWS\SYSCZ32.DLL (file missing)
O2 - BHO: (no name) - {631A4540-2042-D857-2571-DD87935DB588} - C:\WINDOWS\NTJJ32.DLL (file missing)
O2 - BHO: (no name) - {12899B2B-DA72-DAA3-33E7-18D55F24E119} - C:\WINDOWS\APIPX32.DLL (file missing)
O2 - BHO: (no name) - {E04CC398-6D86-A823-890A-29F8D27B4B0A} - C:\WINDOWS\NETNL32.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SYSQP.EXE] C:\WINDOWS\SYSTEM\SYSQP.EXE
O4 - HKLM\..\Run: [JAVAAG32.EXE] C:\WINDOWS\SYSTEM\JAVAAG32.EXE
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [IEIQ.EXE] C:\WINDOWS\SYSTEM\IEIQ.EXE
O4 - HKLM\..\RunServices: [NTST.EXE] C:\WINDOWS\NTST.EXE
O4 - HKLM\..\RunServices: [SYSRZ.EXE] C:\WINDOWS\SYSTEM\SYSRZ.EXE
O4 - HKLM\..\RunServices: [MSZU32.EXE] C:\WINDOWS\MSZU32.EXE
O4 - HKLM\..\RunServices: [CRXV.EXE] C:\WINDOWS\CRXV.EXE
O4 - HKLM\..\RunServices: [APPZB32.EXE] C:\WINDOWS\SYSTEM\APPZB32.EXE
O4 - HKLM\..\RunServices: [IEPT.EXE] C:\WINDOWS\SYSTEM\IEPT.EXE
O4 - HKLM\..\RunServices: [APPTK32.EXE] C:\WINDOWS\APPTK32.EXE
O4 - HKLM\..\RunServices: [WINZN32.EXE] C:\WINDOWS\SYSTEM\WINZN32.EXE
O4 - HKLM\..\RunServices: [JAVAZT32.EXE] C:\WINDOWS\SYSTEM\JAVAZT32.EXE
O4 - HKLM\..\RunServices: [NTKS32.EXE] C:\WINDOWS\NTKS32.EXE
O4 - HKLM\..\RunServices: [MSXI.EXE] C:\WINDOWS\SYSTEM\MSXI.EXE
O4 - HKLM\..\RunServices: [CRPO32.EXE] C:\WINDOWS\SYSTEM\CRPO32.EXE
O4 - HKLM\..\RunServices: [JAVAUA32.EXE] C:\WINDOWS\SYSTEM\JAVAUA32.EXE
O4 - HKLM\..\RunServices: [NETET32.EXE] C:\WINDOWS\NETET32.EXE
O4 - HKLM\..\RunServices: [IPBA.EXE] C:\WINDOWS\SYSTEM\IPBA.EXE
O4 - HKLM\..\RunServices: [IEPP.EXE] C:\WINDOWS\SYSTEM\IEPP.EXE
O4 - HKLM\..\RunServices: [JAVATD32.EXE] C:\WINDOWS\SYSTEM\JAVATD32.EXE
O4 - HKLM\..\RunServices: [APPWT.EXE] C:\WINDOWS\APPWT.EXE
O4 - HKLM\..\RunServices: [WINWS.EXE] C:\WINDOWS\WINWS.EXE
O4 - HKLM\..\RunServices: [APPSB32.EXE] C:\WINDOWS\APPSB32.EXE
O4 - HKLM\..\RunServices: [SDKKE32.EXE] C:\WINDOWS\SDKKE32.EXE
O4 - HKLM\..\RunServices: [IEKD32.EXE] C:\WINDOWS\SYSTEM\IEKD32.EXE
O4 - HKLM\..\RunServices: [D3NM32.EXE] C:\WINDOWS\SYSTEM\D3NM32.EXE
O4 - HKLM\..\RunServices: [IPDR32.EXE] C:\WINDOWS\SYSTEM\IPDR32.EXE
O4 - HKLM\..\RunServices: [IEOT.EXE] C:\WINDOWS\SYSTEM\IEOT.EXE
O4 - HKLM\..\RunServices: [CRPI.EXE] C:\WINDOWS\SYSTEM\CRPI.EXE
O4 - HKLM\..\RunServices: [D3DK32.EXE] C:\WINDOWS\SYSTEM\D3DK32.EXE
O4 - HKLM\..\RunServices: [APIMO32.EXE] C:\WINDOWS\APIMO32.EXE
O4 - HKLM\..\RunServices: [CRIN32.EXE] C:\WINDOWS\SYSTEM\CRIN32.EXE
O4 - HKLM\..\RunServices: [APIKV.EXE] C:\WINDOWS\SYSTEM\APIKV.EXE
O4 - HKLM\..\RunServices: [ADDUF32.EXE] C:\WINDOWS\SYSTEM\ADDUF32.EXE
O4 - HKLM\..\RunServices: [CRBQ.EXE] C:\WINDOWS\SYSTEM\CRBQ.EXE
O4 - HKLM\..\RunServices: [SYSYH.EXE] C:\WINDOWS\SYSYH.EXE
O4 - HKLM\..\RunServices: [NETNW32.EXE] C:\WINDOWS\SYSTEM\NETNW32.EXE
O4 - HKLM\..\RunServices: [MFCVB.EXE] C:\WINDOWS\SYSTEM\MFCVB.EXE
O4 - HKLM\..\RunServices: [ADDRH32.EXE] C:\WINDOWS\ADDRH32.EXE
O4 - HKLM\..\RunServices: [SDKBJ.EXE] C:\WINDOWS\SDKBJ.EXE
O4 - HKLM\..\RunServices: [NETEO32.EXE] C:\WINDOWS\NETEO32.EXE
O4 - HKLM\..\RunServices: [ATLUV32.EXE] C:\WINDOWS\SYSTEM\ATLUV32.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Gomez PEER.lnk = C:\Program Files\Gomez\GomezPEER\bin\GomezPEER.exe
O4 - Startup: Microsoft Office.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...120.5883564815
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab

Any thoughts?
Reputation Points: 10
Solved Threads: 0
Newbie Poster
freakydave is offline Offline
3 posts
since Jun 2004
Permalink
Jun 22nd, 2004
0

Re: My HJT log

That's pretty sad. I honestly don't have a clue as to what has caused all those entries. If you know when this happened I suggest that you use system restore to go back to a time prior to that. Sorry, best I can suggest.
Moderator
Featured Poster
Reputation Points: 1142
Solved Threads: 982
Most Valuable Poster
crunchie is offline Offline
12,163 posts
since Feb 2004
Permalink
Jun 22nd, 2004
0

Re: My HJT log

Thanks for taking the time to help me.It's quite busy in this forum.The first thing I tried was system restore to my shock it was disabled.I guess I'll have to reformat & reinstall.Anyways just coming here & reading various posts I learned some things I didn't know.

Thanks Again

David
Reputation Points: 10
Solved Threads: 0
Newbie Poster
freakydave is offline Offline
3 posts
since Jun 2004

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: Cannot Remove About:Blank Homepage
Next Thread in Viruses, Spyware and other Nasties Forum Timeline: tried all options - pls help





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC