Help!..morze5.exe
Results 1 to 5 of 5

Thread: Help!..morze5.exe

  1. #1
    Registered User
    Join Date
    Apr 2004
    Posts
    13

    Help!..morze5.exe

    Got this nasty virus. morze5.exe
    I saw some other post here that mentioned and I hope you can help. I have downloaded Hijack this and will post the scan log. Hopefully you can help be rid of this demon!

  2. #2
    Registered User
    Join Date
    Apr 2004
    Posts
    13

    this is the scan log

    Logfile of HijackThis v1.97.7
    Scan saved at 10:26:49 PM, on 4/8/04
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\CMMPU.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\CREATIVE\SHAREDLL\CTNOTIFY.EXE
    C:\WINDOWS\SYSTEM\LVCOMS.EXE
    C:\PROGRAM FILES\CD-WRITER PLUS\DIRECTCD\DIRECTCD.EXE
    C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
    C:\PROGRAM FILES\LYCOS\IEAGENT\LOADER.EXE
    C:\PROGRAM FILES\INTERNET OPTIMIZER\OPTIMIZE.EXE
    C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
    C:\PROGRAM FILES\CREATIVE\SHAREDLL\MEDIADET.EXE
    C:\PROGRAM FILES\INTERNET OPTIMIZER\ACTALERT.EXE
    C:\WINDOWS\SYSTEM\PPRPRXYH.EXE
    C:\WINDOWS\YYJFQ4LC.EXE
    C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\PROGRAM FILES\SYSAI\SYSAI.EXE
    C:\WINDOWS\DESKTOP\CS4P028.EXE
    C:\WINDOWS\SYSTEM\SAHAGENT.EXE
    C:\WINDOWS\DESKTOP\CS4P028.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE

  3. #3
    Registered User
    Join Date
    Apr 2004
    Posts
    13

    more

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hkcu
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homepage-network.com/start.cgi?new-hkcu
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homepage-network.com/start.cgi?new-hklm
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hklm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T Broadband Internet
    R3 - URLSearchHook: XTSearchHook Class - {6E6DD93E-1FC3-4F43-8AFB-1B7B90C9D3EB} - C:\PROGRAM FILES\XUPITER\UPDATES\XTSEARCH.DLL (file missing)
    F1 - win.ini: run=C:\WINDOWS\SYSTEM\cmmpu.exe
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - (no file)
    O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
    O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
    O2 - BHO: (no name) - {9CD4ABB8-0F2C-4D21-B395-DEFC1DD77932} - C:\WINDOWS\HDBVYQ.DLL
    O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\PROGRAM FILES\SYSAI\APROPOSPLUGIN.DLL
    O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [ZZZ_HPI_Boot] C:\Program Files\HP PhotoSmart\Photo Finishing Software\HPI_Boot.EXE
    O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\CD-Writer Plus\DirectCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
    O4 - HKLM\..\Run: [ATTRedUpate] C:\PROGRAM FILES\COMMON FILES\AT&T\REDCON\PROGRAMS\AutoUpdate.exe
    O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
    O4 - HKLM\..\Run: [MovieNetworks] "C:\Program Files\MovieNetworks\MovieNetworks.exe" /H
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
    O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\SYSTEM\CRAZYTALK.DLL,DllServeMediaFile
    O4 - HKLM\..\Run: [MoviePlace] "C:\Program Files\MoviePlace\MoviePlace.exe" /H
    O4 - HKLM\..\Run: [ClrSchLoader] \Progra~1\Lycos\IEagent\Loader.exe
    O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
    O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
    O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"
    O4 - HKLM\..\Run: [pprprxyh] C:\WINDOWS\SYSTEM\pprprxyh.exe
    O4 - HKLM\..\Run: [YYJFQ4LC.EXE] C:\WINDOWS\YYJFQ4LC.EXE /dk
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKCU\..\Run: [Internet Washer Pro] C:\PROGRAM FILES\INTERNET WASHER PRO\IW.exe min
    O4 - HKCU\..\Run: [YYJFQ4LC.EXE] C:\WINDOWS\YYJFQ4LC.EXE /dk
    O4 - Startup: LV4NCYV8.lnk = C:\WINDOWS\lv4ncyv8.exe
    O4 - Startup: EM4ACO20.lnk = C:\WINDOWS\em4aco20.exe
    O4 - Startup: OA26KY66.lnk = C:\WINDOWS\oa26ky66.exe
    O4 - Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe
    O4 - Startup: U7LPO0K5.lnk = C:\WINDOWS\u7lpo0k5.exe
    O4 - Startup: P16OHMOT.lnk = C:\WINDOWS\p16ohmot.exe
    O4 - Startup: Q2XA2KUA.lnk = C:\WINDOWS\q2xa2kua.exe
    O4 - Startup: 3QMFG4BX.lnk = C:\WINDOWS\3qmfg4bx.exe
    O4 - Startup: 9VXDQNR2.lnk = C:\WINDOWS\9vxdqnr2.exe
    O4 - Startup: X21GPM3E.lnk = C:\WINDOWS\x21gpm3e.exe
    O4 - Startup: KHLZ6YIR.lnk = C:\WINDOWS\khlz6yir.exe
    O4 - Startup: VRPL71U0.lnk = C:\WINDOWS\vrpl71u0.exe
    O4 - Startup: DP0M5BHH.lnk = C:\WINDOWS\dp0m5bhh.exe
    O4 - Startup: 5HBPDD4M.lnk = C:\WINDOWS\5hbpdd4m.exe
    O4 - Startup: WO8QZ0VM.lnk = C:\WINDOWS\wo8qz0vm.exe
    O4 - Startup: 8B3CB05X.lnk = C:\WINDOWS\8b3cb05x.exe
    O4 - Startup: 41NC7FJW.lnk = C:\WINDOWS\41nc7fjw.exe
    O4 - Startup: 31W84AQ4.lnk = C:\WINDOWS\31w84aq4.exe
    O4 - Startup: 0ETCZ7QH.lnk = C:\WINDOWS\0etcz7qh.exe
    O4 - Startup: YEHQ6P2C.lnk = C:\WINDOWS\yehq6p2c.exe
    O4 - Startup: ZQL9AFX8.lnk = C:\WINDOWS\zql9afx8.exe
    O4 - Startup: 2IB6PJVN.lnk = C:\WINDOWS\2ib6pjvn.exe
    O4 - Startup: 5BYXXE50.lnk = C:\WINDOWS\5byxxe50.exe
    O4 - Startup: B1JBTPA0.lnk = C:\WINDOWS\b1jbtpa0.exe
    O4 - Startup: B70GR1IG.lnk = C:\WINDOWS\b70gr1ig.exe
    O4 - Startup: 0PE7EG4P.lnk = C:\WINDOWS\0pe7eg4p.exe
    O4 - Startup: YYJFQ4LC.lnk = C:\WINDOWS\yyjfq4lc.exe
    O4 - Global Startup: WO8QZ0VM.lnk = C:\WINDOWS\wo8qz0vm.exe
    O4 - Global Startup: 12WYQ06O.lnk = C:\WINDOWS\wo8qz0vm.exe
    O4 - Global Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe
    O4 - Global Startup: XRNE55PN.lnk = C:\WINDOWS\xrne55pn.exe
    O4 - Global Startup: MGPF3XB3.lnk = C:\WINDOWS\mgpf3xb3.exe
    O4 - Global Startup: 4RBNBG9H.lnk = C:\WINDOWS\4rbnbg9h.exe
    O4 - Global Startup: 2IB6PJVN.lnk = C:\WINDOWS\2ib6pjvn.exe
    O4 - Global Startup: 41NC7FJW.lnk = C:\WINDOWS\41nc7fjw.exe
    O4 - Global Startup: 050078VT.lnk = C:\WINDOWS\050078vt.exe
    O4 - Global Startup: B70GR1IG.lnk = C:\WINDOWS\b70gr1ig.exe
    O4 - Global Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
    O4 - Global Startup: 50G6XH1P.lnk = C:\WINDOWS\50g6xh1p.exe
    O4 - Global Startup: LV4NCYV8.lnk = C:\WINDOWS\lv4ncyv8.exe
    O4 - Global Startup: EM4ACO20.lnk = C:\WINDOWS\em4aco20.exe
    O4 - Global Startup: OA26KY66.lnk = C:\WINDOWS\oa26ky66.exe
    O4 - Global Startup: U7LPO0K5.lnk = C:\WINDOWS\u7lpo0k5.exe
    O4 - Global Startup: P16OHMOT.lnk = C:\WINDOWS\p16ohmot.exe
    O4 - Global Startup: Q2XA2KUA.lnk = C:\WINDOWS\q2xa2kua.exe
    O4 - Global Startup: 3QMFG4BX.lnk = C:\WINDOWS\3qmfg4bx.exe
    O4 - Global Startup: 9VXDQNR2.lnk = C:\WINDOWS\9vxdqnr2.exe
    O4 - Global Startup: X21GPM3E.lnk = C:\WINDOWS\x21gpm3e.exe
    O4 - Global Startup: KHLZ6YIR.lnk = C:\WINDOWS\khlz6yir.exe
    O4 - Global Startup: DP0M5BHH.lnk = C:\WINDOWS\dp0m5bhh.exe
    O4 - Global Startup: 5HBPDD4M.lnk = C:\WINDOWS\5hbpdd4m.exe
    O4 - Global Startup: VRPL71U0.lnk = C:\WINDOWS\vrpl71u0.exe
    O4 - Global Startup: 8B3CB05X.lnk = C:\WINDOWS\8b3cb05x.exe
    O4 - Global Startup: 31W84AQ4.lnk = C:\WINDOWS\31w84aq4.exe
    O4 - Global Startup: 0ETCZ7QH.lnk = C:\WINDOWS\0etcz7qh.exe
    O4 - Global Startup: YEHQ6P2C.lnk = C:\WINDOWS\yehq6p2c.exe
    O4 - Global Startup: ZQL9AFX8.lnk = C:\WINDOWS\zql9afx8.exe
    O4 - Global Startup: 5BYXXE50.lnk = C:\WINDOWS\5byxxe50.exe
    O4 - Global Startup: B1JBTPA0.lnk = C:\WINDOWS\b1jbtpa0.exe
    O4 - Global Startup: 0PE7EG4P.lnk = C:\WINDOWS\0pe7eg4p.exe
    O4 - Global Startup: YYJFQ4LC.lnk = C:\WINDOWS\yyjfq4lc.exe
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O12 - Plugin for .avi: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O12 - Plugin for .BMP: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...875.9837152778
    O16 - DPF: Yahoo! NBA StatTracker - http://aud4.sports.yahoo.com/java/y/nbast8268_x.cab
    O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.substance.com/save/makeover.cab
    O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {30000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/...14167/thin.cab
    O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.roings.com/cabs/roing.cab

  4. #4
    Driver Terrier NooNoo's Avatar
    Join Date
    Dec 2000
    Location
    UK
    Posts
    31,824
    Welcome to Windrivers fastwaves.

    Before just posting a log of hijack this, go through this set of suggestions first Having completed that, repost your (hopefully) much reduced log.
    Never, ever approach a computer saying or even thinking "I will just do this quickly."

  5. #5
    Registered User
    Join Date
    Apr 2004
    Posts
    13
    Quote Originally Posted by NooNoo
    Welcome to Windrivers fastwaves.

    Before just posting a log of hijack this, go through this set of suggestions first Having completed that, repost your (hopefully) much reduced log.
    Thanks for your help...here is my much reduced log.

    Logfile of HijackThis v1.97.7
    Scan saved at 11:19:23 PM, on 4/11/04
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\CMMPU.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\CREATIVE\SHAREDLL\CTNOTIFY.EXE
    C:\WINDOWS\SYSTEM\LVCOMS.EXE
    C:\PROGRAM FILES\CD-WRITER PLUS\DIRECTCD\DIRECTCD.EXE
    C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
    C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE
    C:\PROGRAM FILES\CREATIVE\SHAREDLL\MEDIADET.EXE
    C:\WINDOWS\SYSTEM\NAPHR.EXE
    C:\WINDOWS\T8AIDTVO.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T Broadband Internet
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: (no name) - _{6E6DD93E-1FC3-4F43-8AFB-1B7B90C9D3EB} - (no file)
    F1 - win.ini: run=C:\WINDOWS\SYSTEM\cmmpu.exe
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
    O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL (disabled by BHODemon)
    O2 - BHO: (no name) - {9CD4ABB8-0F2C-4D21-B395-DEFC1DD77932} - C:\WINDOWS\HDBVYQ.DLL (disabled by BHODemon)
    O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [ZZZ_HPI_Boot] C:\Program Files\HP PhotoSmart\Photo Finishing Software\HPI_Boot.EXE
    O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\CD-Writer Plus\DirectCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
    O4 - HKLM\..\Run: [ATTRedUpate] C:\PROGRAM FILES\COMMON FILES\AT&T\REDCON\PROGRAMS\AutoUpdate.exe
    O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
    O4 - HKLM\..\Run: [MovieNetworks] "C:\Program Files\MovieNetworks\MovieNetworks.exe" /H
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
    O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINDOWS\SYSTEM\CRAZYTALK.DLL,DllServeMediaFile
    O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
    O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"
    O4 - HKLM\..\Run: [dyn] C:\WINDOWS\dyn.exe
    O4 - HKLM\..\Run: [NAPHR] C:\WINDOWS\SYSTEM\NAPHR.exe
    O4 - HKLM\..\Run: [T8AIDTVO.EXE] C:\WINDOWS\T8AIDTVO.EXE /dk
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKCU\..\Run: [T8AIDTVO.EXE] C:\WINDOWS\T8AIDTVO.EXE /dk
    O4 - Startup: QL4GNUU6.lnk = C:\WINDOWS\ql4gnuu6.exe
    O4 - Startup: RA9Q7MWB.lnk = C:\WINDOWS\ra9q7mwb.exe
    O4 - Startup: T8AIDTVO.lnk = C:\WINDOWS\t8aidtvo.exe
    O4 - Global Startup: QL4GNUU6.lnk = C:\WINDOWS\ql4gnuu6.exe
    O4 - Global Startup: RA9Q7MWB.lnk = C:\WINDOWS\ra9q7mwb.exe
    O4 - Global Startup: T8AIDTVO.lnk = C:\WINDOWS\t8aidtvo.exe
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O12 - Plugin for .avi: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O12 - Plugin for .BMP: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...875.9837152778
    O16 - DPF: Yahoo! NBA StatTracker - http://aud4.sports.yahoo.com/java/y/nbast8268_x.cab
    O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.substance.com/save/makeover.cab
    O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.roings.com/cabs/roing.cab
    O16 - DPF: Yahoo! MLB StatTracker - http://aud2.sports.sc5.yahoo.com/java/y/mlbst8402_x.cab

Similar Threads

  1. morze5.exe virus
    By hanserz1 in forum Spyware & Antivirus - Security
    Replies: 8
    Last Post: May 1st, 2004, 07:22 AM
  2. Morze5.exe
    By Cisco Kidd in forum Windows 95/98/98SE/ME
    Replies: 1
    Last Post: April 6th, 2004, 05:47 AM
  3. morze5.exe...what is this?
    By geeksRus in forum Spyware & Antivirus - Security
    Replies: 13
    Last Post: April 5th, 2004, 03:44 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •