-
April 9th, 2004, 12:37 AM
#1
Help!..morze5.exe
Got this nasty virus. morze5.exe
I saw some other post here that mentioned and I hope you can help. I have downloaded Hijack this and will post the scan log. Hopefully you can help be rid of this demon!
-
April 9th, 2004, 12:38 AM
#2
this is the scan log
Logfile of HijackThis v1.97.7
Scan saved at 10:26:49 PM, on 4/8/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\CMMPU.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\CTNOTIFY.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\PROGRAM FILES\CD-WRITER PLUS\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\LYCOS\IEAGENT\LOADER.EXE
C:\PROGRAM FILES\INTERNET OPTIMIZER\OPTIMIZE.EXE
C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\MEDIADET.EXE
C:\PROGRAM FILES\INTERNET OPTIMIZER\ACTALERT.EXE
C:\WINDOWS\SYSTEM\PPRPRXYH.EXE
C:\WINDOWS\YYJFQ4LC.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\SYSAI\SYSAI.EXE
C:\WINDOWS\DESKTOP\CS4P028.EXE
C:\WINDOWS\SYSTEM\SAHAGENT.EXE
C:\WINDOWS\DESKTOP\CS4P028.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
-
April 9th, 2004, 12:39 AM
#3
more
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hkcu
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homepage-network.com/start.cgi?new-hkcu
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homepage-network.com/start.cgi?new-hklm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hklm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T Broadband Internet
R3 - URLSearchHook: XTSearchHook Class - {6E6DD93E-1FC3-4F43-8AFB-1B7B90C9D3EB} - C:\PROGRAM FILES\XUPITER\UPDATES\XTSEARCH.DLL (file missing)
F1 - win.ini: run=C:\WINDOWS\SYSTEM\cmmpu.exe
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - (no file)
O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
O2 - BHO: (no name) - {9CD4ABB8-0F2C-4D21-B395-DEFC1DD77932} - C:\WINDOWS\HDBVYQ.DLL
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\PROGRAM FILES\SYSAI\APROPOSPLUGIN.DLL
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ZZZ_HPI_Boot] C:\Program Files\HP PhotoSmart\Photo Finishing Software\HPI_Boot.EXE
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\CD-Writer Plus\DirectCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [ATTRedUpate] C:\PROGRAM FILES\COMMON FILES\AT&T\REDCON\PROGRAMS\AutoUpdate.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
O4 - HKLM\..\Run: [MovieNetworks] "C:\Program Files\MovieNetworks\MovieNetworks.exe" /H
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\SYSTEM\CRAZYTALK.DLL,DllServeMediaFile
O4 - HKLM\..\Run: [MoviePlace] "C:\Program Files\MoviePlace\MoviePlace.exe" /H
O4 - HKLM\..\Run: [ClrSchLoader] \Progra~1\Lycos\IEagent\Loader.exe
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [pprprxyh] C:\WINDOWS\SYSTEM\pprprxyh.exe
O4 - HKLM\..\Run: [YYJFQ4LC.EXE] C:\WINDOWS\YYJFQ4LC.EXE /dk
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Internet Washer Pro] C:\PROGRAM FILES\INTERNET WASHER PRO\IW.exe min
O4 - HKCU\..\Run: [YYJFQ4LC.EXE] C:\WINDOWS\YYJFQ4LC.EXE /dk
O4 - Startup: LV4NCYV8.lnk = C:\WINDOWS\lv4ncyv8.exe
O4 - Startup: EM4ACO20.lnk = C:\WINDOWS\em4aco20.exe
O4 - Startup: OA26KY66.lnk = C:\WINDOWS\oa26ky66.exe
O4 - Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe
O4 - Startup: U7LPO0K5.lnk = C:\WINDOWS\u7lpo0k5.exe
O4 - Startup: P16OHMOT.lnk = C:\WINDOWS\p16ohmot.exe
O4 - Startup: Q2XA2KUA.lnk = C:\WINDOWS\q2xa2kua.exe
O4 - Startup: 3QMFG4BX.lnk = C:\WINDOWS\3qmfg4bx.exe
O4 - Startup: 9VXDQNR2.lnk = C:\WINDOWS\9vxdqnr2.exe
O4 - Startup: X21GPM3E.lnk = C:\WINDOWS\x21gpm3e.exe
O4 - Startup: KHLZ6YIR.lnk = C:\WINDOWS\khlz6yir.exe
O4 - Startup: VRPL71U0.lnk = C:\WINDOWS\vrpl71u0.exe
O4 - Startup: DP0M5BHH.lnk = C:\WINDOWS\dp0m5bhh.exe
O4 - Startup: 5HBPDD4M.lnk = C:\WINDOWS\5hbpdd4m.exe
O4 - Startup: WO8QZ0VM.lnk = C:\WINDOWS\wo8qz0vm.exe
O4 - Startup: 8B3CB05X.lnk = C:\WINDOWS\8b3cb05x.exe
O4 - Startup: 41NC7FJW.lnk = C:\WINDOWS\41nc7fjw.exe
O4 - Startup: 31W84AQ4.lnk = C:\WINDOWS\31w84aq4.exe
O4 - Startup: 0ETCZ7QH.lnk = C:\WINDOWS\0etcz7qh.exe
O4 - Startup: YEHQ6P2C.lnk = C:\WINDOWS\yehq6p2c.exe
O4 - Startup: ZQL9AFX8.lnk = C:\WINDOWS\zql9afx8.exe
O4 - Startup: 2IB6PJVN.lnk = C:\WINDOWS\2ib6pjvn.exe
O4 - Startup: 5BYXXE50.lnk = C:\WINDOWS\5byxxe50.exe
O4 - Startup: B1JBTPA0.lnk = C:\WINDOWS\b1jbtpa0.exe
O4 - Startup: B70GR1IG.lnk = C:\WINDOWS\b70gr1ig.exe
O4 - Startup: 0PE7EG4P.lnk = C:\WINDOWS\0pe7eg4p.exe
O4 - Startup: YYJFQ4LC.lnk = C:\WINDOWS\yyjfq4lc.exe
O4 - Global Startup: WO8QZ0VM.lnk = C:\WINDOWS\wo8qz0vm.exe
O4 - Global Startup: 12WYQ06O.lnk = C:\WINDOWS\wo8qz0vm.exe
O4 - Global Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe
O4 - Global Startup: XRNE55PN.lnk = C:\WINDOWS\xrne55pn.exe
O4 - Global Startup: MGPF3XB3.lnk = C:\WINDOWS\mgpf3xb3.exe
O4 - Global Startup: 4RBNBG9H.lnk = C:\WINDOWS\4rbnbg9h.exe
O4 - Global Startup: 2IB6PJVN.lnk = C:\WINDOWS\2ib6pjvn.exe
O4 - Global Startup: 41NC7FJW.lnk = C:\WINDOWS\41nc7fjw.exe
O4 - Global Startup: 050078VT.lnk = C:\WINDOWS\050078vt.exe
O4 - Global Startup: B70GR1IG.lnk = C:\WINDOWS\b70gr1ig.exe
O4 - Global Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
O4 - Global Startup: 50G6XH1P.lnk = C:\WINDOWS\50g6xh1p.exe
O4 - Global Startup: LV4NCYV8.lnk = C:\WINDOWS\lv4ncyv8.exe
O4 - Global Startup: EM4ACO20.lnk = C:\WINDOWS\em4aco20.exe
O4 - Global Startup: OA26KY66.lnk = C:\WINDOWS\oa26ky66.exe
O4 - Global Startup: U7LPO0K5.lnk = C:\WINDOWS\u7lpo0k5.exe
O4 - Global Startup: P16OHMOT.lnk = C:\WINDOWS\p16ohmot.exe
O4 - Global Startup: Q2XA2KUA.lnk = C:\WINDOWS\q2xa2kua.exe
O4 - Global Startup: 3QMFG4BX.lnk = C:\WINDOWS\3qmfg4bx.exe
O4 - Global Startup: 9VXDQNR2.lnk = C:\WINDOWS\9vxdqnr2.exe
O4 - Global Startup: X21GPM3E.lnk = C:\WINDOWS\x21gpm3e.exe
O4 - Global Startup: KHLZ6YIR.lnk = C:\WINDOWS\khlz6yir.exe
O4 - Global Startup: DP0M5BHH.lnk = C:\WINDOWS\dp0m5bhh.exe
O4 - Global Startup: 5HBPDD4M.lnk = C:\WINDOWS\5hbpdd4m.exe
O4 - Global Startup: VRPL71U0.lnk = C:\WINDOWS\vrpl71u0.exe
O4 - Global Startup: 8B3CB05X.lnk = C:\WINDOWS\8b3cb05x.exe
O4 - Global Startup: 31W84AQ4.lnk = C:\WINDOWS\31w84aq4.exe
O4 - Global Startup: 0ETCZ7QH.lnk = C:\WINDOWS\0etcz7qh.exe
O4 - Global Startup: YEHQ6P2C.lnk = C:\WINDOWS\yehq6p2c.exe
O4 - Global Startup: ZQL9AFX8.lnk = C:\WINDOWS\zql9afx8.exe
O4 - Global Startup: 5BYXXE50.lnk = C:\WINDOWS\5byxxe50.exe
O4 - Global Startup: B1JBTPA0.lnk = C:\WINDOWS\b1jbtpa0.exe
O4 - Global Startup: 0PE7EG4P.lnk = C:\WINDOWS\0pe7eg4p.exe
O4 - Global Startup: YYJFQ4LC.lnk = C:\WINDOWS\yyjfq4lc.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O12 - Plugin for .avi: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .BMP: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...875.9837152778
O16 - DPF: Yahoo! NBA StatTracker - http://aud4.sports.yahoo.com/java/y/nbast8268_x.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.substance.com/save/makeover.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {30000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/...14167/thin.cab
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.roings.com/cabs/roing.cab
-
April 9th, 2004, 05:09 AM
#4
Driver Terrier
Welcome to Windrivers fastwaves.
Before just posting a log of hijack this, go through this set of suggestions first Having completed that, repost your (hopefully) much reduced log.
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
April 12th, 2004, 01:21 AM
#5
Originally Posted by NooNoo
Welcome to Windrivers fastwaves.
Before just posting a log of hijack this, go through this set of suggestions first Having completed that, repost your (hopefully) much reduced log.
Thanks for your help...here is my much reduced log.
Logfile of HijackThis v1.97.7
Scan saved at 11:19:23 PM, on 4/11/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\CMMPU.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\CTNOTIFY.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\PROGRAM FILES\CD-WRITER PLUS\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\MEDIADET.EXE
C:\WINDOWS\SYSTEM\NAPHR.EXE
C:\WINDOWS\T8AIDTVO.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T Broadband Internet
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{6E6DD93E-1FC3-4F43-8AFB-1B7B90C9D3EB} - (no file)
F1 - win.ini: run=C:\WINDOWS\SYSTEM\cmmpu.exe
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL (disabled by BHODemon)
O2 - BHO: (no name) - {9CD4ABB8-0F2C-4D21-B395-DEFC1DD77932} - C:\WINDOWS\HDBVYQ.DLL (disabled by BHODemon)
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ZZZ_HPI_Boot] C:\Program Files\HP PhotoSmart\Photo Finishing Software\HPI_Boot.EXE
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\CD-Writer Plus\DirectCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [ATTRedUpate] C:\PROGRAM FILES\COMMON FILES\AT&T\REDCON\PROGRAMS\AutoUpdate.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
O4 - HKLM\..\Run: [MovieNetworks] "C:\Program Files\MovieNetworks\MovieNetworks.exe" /H
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\SYSTEM\CRAZYTALK.DLL,DllServeMediaFile
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [dyn] C:\WINDOWS\dyn.exe
O4 - HKLM\..\Run: [NAPHR] C:\WINDOWS\SYSTEM\NAPHR.exe
O4 - HKLM\..\Run: [T8AIDTVO.EXE] C:\WINDOWS\T8AIDTVO.EXE /dk
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [T8AIDTVO.EXE] C:\WINDOWS\T8AIDTVO.EXE /dk
O4 - Startup: QL4GNUU6.lnk = C:\WINDOWS\ql4gnuu6.exe
O4 - Startup: RA9Q7MWB.lnk = C:\WINDOWS\ra9q7mwb.exe
O4 - Startup: T8AIDTVO.lnk = C:\WINDOWS\t8aidtvo.exe
O4 - Global Startup: QL4GNUU6.lnk = C:\WINDOWS\ql4gnuu6.exe
O4 - Global Startup: RA9Q7MWB.lnk = C:\WINDOWS\ra9q7mwb.exe
O4 - Global Startup: T8AIDTVO.lnk = C:\WINDOWS\t8aidtvo.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O12 - Plugin for .avi: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .BMP: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...875.9837152778
O16 - DPF: Yahoo! NBA StatTracker - http://aud4.sports.yahoo.com/java/y/nbast8268_x.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.substance.com/save/makeover.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.roings.com/cabs/roing.cab
O16 - DPF: Yahoo! MLB StatTracker - http://aud2.sports.sc5.yahoo.com/java/y/mlbst8402_x.cab
Similar Threads
-
By hanserz1 in forum Spyware & Antivirus - Security
Replies: 8
Last Post: May 1st, 2004, 07:22 AM
-
By Cisco Kidd in forum Windows 95/98/98SE/ME
Replies: 1
Last Post: April 6th, 2004, 05:47 AM
-
By geeksRus in forum Spyware & Antivirus - Security
Replies: 13
Last Post: April 5th, 2004, 03:44 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks