Computer ForumsComputers  

Go Back   Computer Forums > The World Wide Web > Virus - Spyware Protection / Detection
Could Someone assist me? Could Someone assist me?
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
Old 08-16-2005, 01:12 AM   #1 (permalink)
Newb Techie
 
Join Date: Aug 2005
Posts: 2
Send a message via AIM to Andross Send a message via Yahoo to Andross
Exclamation Could Someone assist me?
Hello.
I was gone over the weekend and I left my computer un attended to my younger sibling. Now that I am back my computer is running really choppy, unwanted popups (I have popup blocker on google toolbar, and with popup stopper pro). I have ran SpyBot & Ad-Aware Pro, but they do not seem to get rid of this stuff.

I also have an unwanted toolbar and startpage for internet explorer that I cannot get rid of.

I posted my HiJackThis log file on here hoping maybe someone could be of some assistance in my situtation.

I appreciate your time, effort, and any suggestions you guys may/may not have for me.

Thank you again.

Sincerely,
Andross


Logfile of HijackThis v1.99.1
Scan saved at 1:09:34 AM, on 8/16/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\APIEB32.EXE
C:\WINDOWS\SYSTEM\SYSBS.EXE
C:\WINDOWS\SYSTEM\MFCLQ32.EXE
C:\WINDOWS\SYSTEM\NTZO32.EXE
C:\WINDOWS\APPUV32.EXE
C:\WINDOWS\SYSTEM\MFCQN32.EXE
C:\WINDOWS\SYSTEM\SYSCQ.EXE
C:\WINDOWS\CRMD.EXE
C:\WINDOWS\SYSTEM\NTNF32.EXE
C:\WINDOWS\SYSTEM\ATLVR32.EXE
C:\WINDOWS\SYSTEM\APPHE.EXE
C:\WINDOWS\SYSTEM\JAVALE32.EXE
C:\WINDOWS\APIJE32.EXE
C:\WINDOWS\SYSTEM\ATLAM.EXE
C:\WINDOWS\SYSTEM\SDKDU.EXE
C:\WINDOWS\SYSTEM\IEFF32.EXE
C:\WINDOWS\SYSTEM\MSJS32.EXE
C:\WINDOWS\SYSTEM\SDKNY32.EXE
C:\WINDOWS\SYSTEM\SDKPI32.EXE
C:\WINDOWS\SYSTEM\ADDWC32.EXE
C:\WINDOWS\SYSTEM\NETFP32.EXE
C:\WINDOWS\ADDPI.EXE
C:\WINDOWS\SYSTEM\JAVADC.EXE
C:\WINDOWS\SDKXM32.EXE
C:\WINDOWS\SYSTEM\MFCMH32.EXE
C:\WINDOWS\SYSTEM\D3EH.EXE
C:\WINDOWS\SYSTEM\MSJF.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\JAVAFH32.EXE
C:\WINDOWS\ETB\POKAPOKA63.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\APIJE32.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\SOFTWARE\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Class - {C5EA03C9-5E7C-3BB6-855D-C09FB9DA8FA7} - C:\WINDOWS\NTZZ.DLL
O2 - BHO: Class - {2CEC5DEF-D6CC-DBD7-C764-39AD2B491794} - C:\WINDOWS\SYSTEM\SDKLU32.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [DJRegFix] regedit /s c:\hp\djregfix.reg
O4 - HKLM\..\Run: [HPLogiFinder] \WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb02.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [JAVAFH32.EXE] C:\WINDOWS\SYSTEM\JAVAFH32.EXE
O4 - HKLM\..\Run: [System service63] C:\WINDOWS\ETB\POKAPOKA63.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [APIVL.EXE] C:\WINDOWS\SYSTEM\APIVL.EXE /s
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [APIEB32.EXE] C:\WINDOWS\APIEB32.EXE /s
O4 - HKLM\..\RunServices: [SYSBS.EXE] C:\WINDOWS\SYSTEM\SYSBS.EXE /s
O4 - HKLM\..\RunServices: [MFCLQ32.EXE] C:\WINDOWS\SYSTEM\MFCLQ32.EXE /s
O4 - HKLM\..\RunServices: [NTZO32.EXE] C:\WINDOWS\SYSTEM\NTZO32.EXE /s
O4 - HKLM\..\RunServices: [APPUV32.EXE] C:\WINDOWS\APPUV32.EXE /s
O4 - HKLM\..\RunServices: [MFCQN32.EXE] C:\WINDOWS\SYSTEM\MFCQN32.EXE /s
O4 - HKLM\..\RunServices: [SYSCQ.EXE] C:\WINDOWS\SYSTEM\SYSCQ.EXE /s
O4 - HKLM\..\RunServices: [CRMD.EXE] C:\WINDOWS\CRMD.EXE /s
O4 - HKLM\..\RunServices: [NTNF32.EXE] C:\WINDOWS\SYSTEM\NTNF32.EXE /s
O4 - HKLM\..\RunServices: [ATLVR32.EXE] C:\WINDOWS\SYSTEM\ATLVR32.EXE /s
O4 - HKLM\..\RunServices: [APPHE.EXE] C:\WINDOWS\SYSTEM\APPHE.EXE /s
O4 - HKLM\..\RunServices: [JAVALE32.EXE] C:\WINDOWS\SYSTEM\JAVALE32.EXE /s
O4 - HKLM\..\RunServices: [APIJE32.EXE] C:\WINDOWS\APIJE32.EXE /s
O4 - HKLM\..\RunServices: [ATLAM.EXE] C:\WINDOWS\SYSTEM\ATLAM.EXE /s
O4 - HKLM\..\RunServices: [SDKDU.EXE] C:\WINDOWS\SYSTEM\SDKDU.EXE /s
O4 - HKLM\..\RunServices: [IEFF32.EXE] C:\WINDOWS\SYSTEM\IEFF32.EXE /s
O4 - HKLM\..\RunServices: [MSJS32.EXE] C:\WINDOWS\SYSTEM\MSJS32.EXE /s
O4 - HKLM\..\RunServices: [SDKNY32.EXE] C:\WINDOWS\SYSTEM\SDKNY32.EXE /s
O4 - HKLM\..\RunServices: [SDKPI32.EXE] C:\WINDOWS\SYSTEM\SDKPI32.EXE /s
O4 - HKLM\..\RunServices: [ADDWC32.EXE] C:\WINDOWS\SYSTEM\ADDWC32.EXE /s
O4 - HKLM\..\RunServices: [NETFP32.EXE] C:\WINDOWS\SYSTEM\NETFP32.EXE /s
O4 - HKLM\..\RunServices: [ADDPI.EXE] C:\WINDOWS\ADDPI.EXE /s
O4 - HKLM\..\RunServices: [JAVADC.EXE] C:\WINDOWS\SYSTEM\JAVADC.EXE /s
O4 - HKLM\..\RunServices: [SDKXM32.EXE] C:\WINDOWS\SDKXM32.EXE /s
O4 - HKLM\..\RunServices: [MFCMH32.EXE] C:\WINDOWS\SYSTEM\MFCMH32.EXE /s
O4 - HKLM\..\RunServices: [D3EH.EXE] C:\WINDOWS\SYSTEM\D3EH.EXE /s
O4 - HKLM\..\RunServices: [MSJF.EXE] C:\WINDOWS\SYSTEM\MSJF.EXE /s
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/Ms...cab?10,0,910,0
Andross is offline   Reply With Quote
Old 08-16-2005, 09:49 AM   #2 (permalink)
Newb Techie
 
Join Date: Aug 2005
Posts: 2
Send a message via AIM to Andross Send a message via Yahoo to Andross
Default
Can anyone assist me?
Andross is offline   Reply With Quote
Old 08-16-2005, 01:43 PM   #3 (permalink)
Monster Techie
 
Static_11's Avatar
 
Join Date: Apr 2005
Posts: 1,953
Send a message via AIM to Static_11 Send a message via Yahoo to Static_11
Default
Alright, first thing's first. I have no experiance in HiJack This logs, but I know for **** sure you have ALOT of running processes.
Suggestion's:
~Did you update the scanner's before you scanned?
~Internet Explorer allows ALOT of malware on you computer. I personally and alot of other people around here use Firefox, Avant or Opera.
www.getfirefox.com
www.opera.com
www.avantbrowser.com/download.html
~1. Defrag try O&O or diskeeper, or even the default windows one.
~2. Delete your prefetch folder every few months.. mycomputer>c>windows>prefetch (delete whats IN it)
~3. You should have bout 512 ram for Windows XP.
~4. Do not have an OVERLY crowded desktop. (icon wise)
((((Exert from BF2 Demo
))))
===========================================
Your younger simbling probably downloaded alot of stuff on your comp that definitly doesn't need to be there which were probably infected with virus's and trojan's and such, so I am also going to recomend AVG Free Anti-Virus scanner and Avast anti virus which both are probably two of the top five best AV's in the world at the moment and there FFRREEEEE
====
http://www.majorgeeks.com/download1968.html --- avast
http://www.majorgeeks.com/download886.html ---avg

-~-Static
Static_11 is offline   Reply With Quote
Old 08-16-2005, 05:01 PM   #4 (permalink)
Ste
lvl Infinite Psychopath
 
Ste's Avatar
 
Join Date: Aug 2005
Location: Mount Prospect, IL
Posts: 8,576
Send a message via ICQ to Ste Send a message via AIM to Ste Send a message via MSN to Ste
Default
yes, also run cdshredder and also use firefox, also spywareblaster and adware SE personnel, you should always have more than just one spyware program.

also how many running processes do you have, use msconfig to lower the amount of stuff you have running at start up.
__________________

Read The Rules!!
Power Supply Guide
Intel Overclocking Thread
AMD Overclocking Thread
Other Important Threads
I'm sorry but I do not accept support requests via IM, email, or personal messages
There will come a day, such a day when all will be told more than they wish to know, what one hears may explain the past, it may explain the future, but it has never made a difference either way and it will change nothing. Some day.... But that is not this day, and I don't know when, I just don't know.
Ste is online now   Reply With Quote
Old 08-17-2005, 09:30 AM   #5 (permalink)
Multicellular Eukaryote
 
Apokalipse's Avatar
 
Join Date: Jun 2003
Location: Melbourne, Australia
Posts: 12,939
Default
^ I think it's cwshredder ^

you've actually got a LOT of spyware
remove the ones in bold

Logfile of HijackThis v1.99.1
Scan saved at 1:09:34 AM, on 8/16/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL - there shouldn't be one in C:\Windows\System, only in System32
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\APIEB32.EXE
C:\WINDOWS\SYSTEM\SYSBS.EXE
C:\WINDOWS\SYSTEM\MFCLQ32.EXE
C:\WINDOWS\SYSTEM\NTZO32.EXE
C:\WINDOWS\APPUV32.EXE
C:\WINDOWS\SYSTEM\MFCQN32.EXE
C:\WINDOWS\SYSTEM\SYSCQ.EXE
C:\WINDOWS\CRMD.EXE
C:\WINDOWS\SYSTEM\NTNF32.EXE
C:\WINDOWS\SYSTEM\ATLVR32.EXE
C:\WINDOWS\SYSTEM\APPHE.EXE
C:\WINDOWS\SYSTEM\JAVALE32.EXE
C:\WINDOWS\APIJE32.EXE
C:\WINDOWS\SYSTEM\ATLAM.EXE
C:\WINDOWS\SYSTEM\SDKDU.EXE
C:\WINDOWS\SYSTEM\IEFF32.EXE
C:\WINDOWS\SYSTEM\MSJS32.EXE
C:\WINDOWS\SYSTEM\SDKNY32.EXE
C:\WINDOWS\SYSTEM\SDKPI32.EXE
C:\WINDOWS\SYSTEM\ADDWC32.EXE
C:\WINDOWS\SYSTEM\NETFP32.EXE
C:\WINDOWS\ADDPI.EXE
C:\WINDOWS\SYSTEM\JAVADC.EXE
C:\WINDOWS\SDKXM32.EXE
C:\WINDOWS\SYSTEM\MFCMH32.EXE
C:\WINDOWS\SYSTEM\D3EH.EXE
C:\WINDOWS\SYSTEM\MSJF.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\JAVAFH32.EXE
C:\WINDOWS\ETB\POKAPOKA63.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\APIJE32.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\SOFTWARE\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Class - {C5EA03C9-5E7C-3BB6-855D-C09FB9DA8FA7} - C:\WINDOWS\NTZZ.DLL
O2 - BHO: Class - {2CEC5DEF-D6CC-DBD7-C764-39AD2B491794} - C:\WINDOWS\SYSTEM\SDKLU32.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [DJRegFix] regedit /s c:\hp\djregfix.reg
O4 - HKLM\..\Run: [HPLogiFinder] \WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb02.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [JAVAFH32.EXE] C:\WINDOWS\SYSTEM\JAVAFH32.EXE
O4 - HKLM\..\Run: [System service63] C:\WINDOWS\ETB\POKAPOKA63.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [APIVL.EXE] C:\WINDOWS\SYSTEM\APIVL.EXE /s
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [APIEB32.EXE] C:\WINDOWS\APIEB32.EXE /s
O4 - HKLM\..\RunServices: [SYSBS.EXE] C:\WINDOWS\SYSTEM\SYSBS.EXE /s
O4 - HKLM\..\RunServices: [MFCLQ32.EXE] C:\WINDOWS\SYSTEM\MFCLQ32.EXE /s
O4 - HKLM\..\RunServices: [NTZO32.EXE] C:\WINDOWS\SYSTEM\NTZO32.EXE /s
O4 - HKLM\..\RunServices: [APPUV32.EXE] C:\WINDOWS\APPUV32.EXE /s
O4 - HKLM\..\RunServices: [MFCQN32.EXE] C:\WINDOWS\SYSTEM\MFCQN32.EXE /s
O4 - HKLM\..\RunServices: [SYSCQ.EXE] C:\WINDOWS\SYSTEM\SYSCQ.EXE /s
O4 - HKLM\..\RunServices: [CRMD.EXE] C:\WINDOWS\CRMD.EXE /s
O4 - HKLM\..\RunServices: [NTNF32.EXE] C:\WINDOWS\SYSTEM\NTNF32.EXE /s
O4 - HKLM\..\RunServices: [ATLVR32.EXE] C:\WINDOWS\SYSTEM\ATLVR32.EXE /s
O4 - HKLM\..\RunServices: [APPHE.EXE] C:\WINDOWS\SYSTEM\APPHE.EXE /s
O4 - HKLM\..\RunServices: [JAVALE32.EXE] C:\WINDOWS\SYSTEM\JAVALE32.EXE /s
O4 - HKLM\..\RunServices: [APIJE32.EXE] C:\WINDOWS\APIJE32.EXE /s
O4 - HKLM\..\RunServices: [ATLAM.EXE] C:\WINDOWS\SYSTEM\ATLAM.EXE /s
O4 - HKLM\..\RunServices: [SDKDU.EXE] C:\WINDOWS\SYSTEM\SDKDU.EXE /s
O4 - HKLM\..\RunServices: [IEFF32.EXE] C:\WINDOWS\SYSTEM\IEFF32.EXE /s
O4 - HKLM\..\RunServices: [MSJS32.EXE] C:\WINDOWS\SYSTEM\MSJS32.EXE /s
O4 - HKLM\..\RunServices: [SDKNY32.EXE] C:\WINDOWS\SYSTEM\SDKNY32.EXE /s
O4 - HKLM\..\RunServices: [SDKPI32.EXE] C:\WINDOWS\SYSTEM\SDKPI32.EXE /s
O4 - HKLM\..\RunServices: [ADDWC32.EXE] C:\WINDOWS\SYSTEM\ADDWC32.EXE /s
O4 - HKLM\..\RunServices: [NETFP32.EXE] C:\WINDOWS\SYSTEM\NETFP32.EXE /s
O4 - HKLM\..\RunServices: [ADDPI.EXE] C:\WINDOWS\ADDPI.EXE /s
O4 - HKLM\..\RunServices: [JAVADC.EXE] C:\WINDOWS\SYSTEM\JAVADC.EXE /s
O4 - HKLM\..\RunServices: [SDKXM32.EXE] C:\WINDOWS\SDKXM32.EXE /s
O4 - HKLM\..\RunServices: [MFCMH32.EXE] C:\WINDOWS\SYSTEM\MFCMH32.EXE /s
O4 - HKLM\..\RunServices: [D3EH.EXE] C:\WINDOWS\SYSTEM\D3EH.EXE /s
O4 - HKLM\..\RunServices: [MSJF.EXE] C:\WINDOWS\SYSTEM\MSJF.EXE /s
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/M....cab?10,0,910,0
__________________

1 + 1 = 3 if you define 3 as a result of 1 + 1
Apokalipse is offline   Reply With Quote
Old 08-17-2005, 07:56 PM   #6 (permalink)
Ste
lvl Infinite Psychopath
 
Ste's Avatar
 
Join Date: Aug 2005
Location: Mount Prospect, IL
Posts: 8,576
Send a message via ICQ to Ste Send a message via AIM to Ste Send a message via MSN to Ste
Default
ya I spell alot of things wrong only because i type really fast with only 2 fingers.

But Most people google it and find it anyways.
__________________

Read The Rules!!
Power Supply Guide
Intel Overclocking Thread
AMD Overclocking Thread
Other Important Threads
I'm sorry but I do not accept support requests via IM, email, or personal messages
There will come a day, such a day when all will be told more than they wish to know, what one hears may explain the past, it may explain the future, but it has never made a difference either way and it will change nothing. Some day.... But that is not this day, and I don't know when, I just don't know.
Ste is online now   Reply With Quote
Reply

« Help please | Task Manager being blocked by spyware »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 11:19 PM.

Contact Us - Computer Technology Forums - Archive - Top

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.1.0

Contact Management Software and AAOutlook