Computer Forums - View Single Post

office politics · 08-23-2004, 12:14 PM

Quote:

Originally posted by maverick25
O4 - HKLM\..\Run: [// Browser Detec] c:\Windows\System\// Browser Detection
O4 - HKLM\..\Run: [IEMajor ] c:\Windows\System\IEMajor = 0;
O4 - HKLM\..\Run: [if (IE4p] c:\Windows\System\if (IE4plus)
O4 - HKLM\..\Run: [// Body onload utility (supports multiple onload functi] c:\Windows\System\// Body onload utility (supports multiple onload functions)
O4 - HKLM\..\Run: [var gSafeOnload = new Arra] c:\Windows\System\var gSafeOnload = new Array();
O4 - HKLM\..\Run: [function SafeAddOnloa] c:\Windows\System\function SafeAddOnload(f)
O4 - HKLM\..\Run: [function SafeOnlo] c:\Windows\System\function SafeOnload()
O4 - HKLM\..\Run: [function isInt(nu] c:\Windows\System\function isInt(numIn)
O4 - HKLM\..\Run: [function PUW_In] c:\Windows\System\function PUW_Init()
O4 - HKLM\..\Run: [function PUW_Sh] c:\Windows\System\function PUW_Show()
O4 - HKLM\..\Run: [function PUW_CheckFrequen] c:\Windows\System\function PUW_CheckFrequency()
O4 - HKLM\..\Run: [function PopupWindow(url,width,hei] c:\Windows\System\function PopupWindow(url,width,height)
O4 - HKLM\..\Run: [function PUWSta] c:\Windows\System\function PUWStart()
O4 - HKLM\..\Run: [SafeAddOnload(PUWSta] c:\Windows\System\SafeAddOnload(PUWStart);

...

O4 - HKLM\..\Run: [] c:\Windows\System\
O4 - HKLM\..\Run: [gPopupWindow.toolbar = fa] c:\Windows\System\gPopupWindow.toolbar = false;
O4 - HKLM\..\Run: [gPopupWindow.statusbar = fa] c:\Windows\System\gPopupWindow.statusbar = false;
O4 - HKLM\..\Run: [gPopupWindow.resizable = fa] c:\Windows\System\gPopupWindow.resizable = false;
O4 - HKLM\..\Run: [gPopupWindow.ontop = fa] c:\Windows\System\gPopupWindow.ontop = false;

...

O4 - HKCU\..\Run: [var gSafeOnload = new Arra] c:\Windows\System\var gSafeOnload = new Array();
O4 - HKCU\..\Run: [function SafeAddOnloa] c:\Windows\System\function SafeAddOnload(f)
O4 - HKCU\..\Run: [function SafeOnlo] c:\Windows\System\function SafeOnload()
O4 - HKCU\..\Run: [function isInt(nu] c:\Windows\System\function isInt(numIn)
O4 - HKCU\..\Run: [function PUW_In] c:\Windows\System\function PUW_Init()
O4 - HKCU\..\Run: [function PUW_Sh] c:\Windows\System\function PUW_Show()
O4 - HKCU\..\Run: [function PUW_CheckFrequen] c:\Windows\System\function PUW_CheckFrequency()
O4 - HKCU\..\Run: [function PopupWindow(url,width,hei] c:\Windows\System\function PopupWindow(url,width,height)
O4 - HKCU\..\Run: [function PUWSta] c:\Windows\System\function PUWStart()
O4 - HKCU\..\Run: [SafeAddOnload(PUWSta] c:\Windows\System\SafeAddOnload(PUWStart);
O4 - HKCU\..\Run: [gPopupWindow.toolbar = fa] c:\Windows\System\gPopupWindow.toolbar = false;
O4 - HKCU\..\Run: [gPopupWindow.statusbar = fa] c:\Windows\System\gPopupWindow.statusbar = false;
O4 - HKCU\..\Run: [gPopupWindow.resizable = fa] c:\Windows\System\gPopupWindow.resizable = false;
O4 - HKCU\..\Run: [gPopupWindow.ontop = fa] c:\Windows\System\gPopupWindow.ontop = false;
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
O4 - HKCU\..\Run: [IEMajor ] c:\Windows\System\IEMajor = 0;
O4 - HKCU\..\Run: [// Browser Detec] c:\Windows\System\// Browser Detection
O4 - HKCU\..\Run: [ ] c:\Windows\System\ <ul>
O4 - HKCU\..\Run: [// Body onload utility (supports multiple onload functi] c:\Windows\System\// Body onload utility (supports multiple onload functions)
O4 - HKCU\..\Run: [if (IE4p] c:\Windows\System\if (IE4plus)

you can remove these. looks like something injected raw code into the registry startup location.