Jump to content


Photo

Noob's Hijack This Log


  • Please log in to reply
1 reply to this topic

#1 ComputerNoob

ComputerNoob

    Member

  • New Member
  • Pip
  • 2 posts

Posted 20 July 2004 - 05:07 PM

Logfile of HijackThis v1.97.5
Scan saved at 5:19:39 PM, on 9/19/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\DESKTOP\HT\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yi23.com/main.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://yi23.com/main.html
R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Clear Search - {00000000-0000-0000-0000-000000000221} - C:\PROGRAM FILES\CLEARSEARCH\CSIE.DLL
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\PROGRAM FILES\MYWAY\SRCHASTT\1.BIN\MYSRCHAS.DLL (file missing)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar1.dll
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\NEM219.DLL (file missing)
O2 - BHO: (no name) - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\SYSTB.DLL (file missing)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: (no name) - {3B8CB800-2993-4AD6-950F-59F934EF7F59} - C:\WINDOWS\SYSTEM\oui.dll (file missing)
O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar1.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [2A9#YN62MX83ZJ] C:\WINDOWS\SYSTEM\EkrJY.exe
O4 - HKLM\..\Run: [ADH] C:\WINDOWS\ADH.exe
O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [IZM] C:\WINDOWS\IZM.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TV Media] C:\TV MEDIA\TVM.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMANTEC\LIVEUP~1\SNDMON.EXE
O4 - HKLM\..\Run: [vxrscbv] C:\WINDOWS\uqsgk.exe
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [ALCHEM] C:\WINDOWS\ALCHEM.exe
O4 - HKLM\..\Run: [cydqar] C:\WINDOWS\SYSTEM\ggusnwrx.exe
O4 - HKLM\..\Run: [WebSavingsfromEbates] javaw -cp "C:\Program Files\WebSavingsfromEbates\System\Code" Main lp: "C:\Program Files\WebSavingsfromEbates"
O4 - HKLM\..\Run: [k84wzw] C:\WINDOWS\SYSTEM\k84wzw.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\PROGRAM FILES\WEB_REBATES\WebRebates0.exe"
O4 - HKLM\..\Run: [xof] C:\WINDOWS\xof.exe
O4 - HKLM\..\Run: [CreateCD50] C:\PROGRA~1\COMMON~1\ADAPTE~1\CREATECD\CREATE~1.EXE -r
O4 - HKLM\..\Run: [TH67HTXY.EXE] C:\WINDOWS\TH67HTXY.EXE /dk
O4 - HKLM\..\Run: [zclra05h.exe] C:\WINDOWS\zclra05h.exe /dk
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE"
O4 - HKCU\..\Run: [TV Media] C:\TV MEDIA\TVM.EXE
O4 - HKCU\..\Run: [TH67HTXY.EXE] C:\WINDOWS\TH67HTXY.EXE /dk
O4 - HKCU\..\Run: [zclra05h.exe] C:\WINDOWS\zclra05h.exe /dk
O4 - HKLM\..\RunOnce: [TV Media] C:\TV MEDIA\TVM.EXE
O4 - HKLM\..\RunOnce: [SpyBotSnD] "C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE" /autocheck
O4 - HKCU\..\RunOnce: [TV Media] C:\TV MEDIA\TVM.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: 7M0WF1EB.lnk = C:\WINDOWS\7m0wf1eb.exe
O4 - Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O4 - Startup: 9LA18OQO.lnk = C:\WINDOWS\9la18oqo.exe
O4 - Startup: 2ZT2IRQP.lnk = C:\WINDOWS\2zt2irqp.exe
O4 - Startup: FU718W2E.lnk = C:\WINDOWS\fu718w2e.exe
O4 - Startup: BJ5WP3MY.lnk = C:\WINDOWS\bj5wp3my.exe
O4 - Startup: Q5GIVPD1.lnk = C:\WINDOWS\q5givpd1.exe
O4 - Startup: F2LT0X32.lnk = C:\WINDOWS\f2lt0x32.exe
O4 - Startup: GBNCZX4C.lnk = C:\WINDOWS\gbnczx4c.exe
O4 - Startup: GT65BX30.lnk = C:\WINDOWS\gt65bx30.exe
O4 - Startup: CK8PHBD7.lnk = C:\WINDOWS\gt65bx30.exe
O4 - Startup: FYR3UP44.lnk = C:\WINDOWS\fyr3up44.exe
O4 - Startup: WT5L4FIG.lnk = C:\WINDOWS\7kt301ma.exe
O4 - Startup: DOBCC0MM.lnk = C:\WINDOWS\dobcc0mm.exe
O4 - Startup: KCVR9CP0.lnk = C:\WINDOWS\kcvr9cp0.exe
O4 - Startup: 4TTN6G9J.lnk = C:\WINDOWS\4ttn6g9j.exe
O4 - Startup: YUKTC1VC.lnk = C:\WINDOWS\tm6tk5cz.exe
O4 - Startup: 4AMWYQCE.lnk = C:\WINDOWS\4amwyqce.exe
O4 - Startup: FA00ORXG.lnk = C:\WINDOWS\k00n2hem.exe
O4 - Startup: 16IQFL9K.lnk = C:\WINDOWS\pzyl2ciu.exe
O4 - Startup: OV6CJIH3.lnk = C:\WINDOWS\ov6cjih3.exe
O4 - Startup: 9GE3DD0Y.lnk = C:\WINDOWS\9ge3dd0y.exe
O4 - Startup: V33FL1U4.lnk = C:\WINDOWS\v33fl1u4.exe
O4 - Startup: PZYL2CIU.lnk = C:\WINDOWS\pzyl2ciu.exe
O4 - Startup: 2LY0Q1WZ.lnk = C:\WINDOWS\2ly0q1wz.exe
O4 - Startup: VNE5JHZH.lnk = C:\WINDOWS\tm6tk5cz.exe
O4 - Startup: TM6TK5CZ.lnk = C:\WINDOWS\tm6tk5cz.exe
O4 - Startup: 7KT301MA.lnk = C:\WINDOWS\7kt301ma.exe
O4 - Startup: 05Q8W5GC.lnk = C:\WINDOWS\05q8w5gc.exe
O4 - Startup: 675R88U7.lnk = C:\WINDOWS\675r88u7.exe
O4 - Startup: BUV70YCJ.lnk = C:\WINDOWS\buv70ycj.exe
O4 - Startup: H8WO79W4.lnk = C:\WINDOWS\h8wo79w4.exe
O4 - Startup: 3KZD94LU.lnk = C:\WINDOWS\3kzd94lu.exe
O4 - Startup: 04VMA5JD.lnk = C:\WINDOWS\04vma5jd.exe
O4 - Startup: K3B2AEA1.lnk = C:\WINDOWS\k3b2aea1.exe
O4 - Startup: OHAA976H.lnk = C:\WINDOWS\4gngg7ew.exe
O4 - Startup: NFBXJAYE.lnk = C:\WINDOWS\4gngg7ew.exe
O4 - Startup: 7RK1D0OC.lnk = C:\WINDOWS\7rk1d0oc.exe
O4 - Startup: E3E304RU.lnk = C:\WINDOWS\e3e304ru.exe
O4 - Startup: YD00LHMC.lnk = C:\WINDOWS\yd00lhmc.exe
O4 - Startup: LX4YZU9P.lnk = C:\WINDOWS\lx4yzu9p.exe
O4 - Startup: 7FEYZVA4.lnk = C:\WINDOWS\7feyzva4.exe
O4 - Startup: K00N2HEM.lnk = C:\WINDOWS\k00n2hem.exe
O4 - Startup: F5F6KDAF.lnk = C:\WINDOWS\f5f6kdaf.exe
O4 - Startup: LMV7ZZDV.lnk = C:\WINDOWS\lmv7zzdv.exe
O4 - Startup: TZ30547D.lnk = C:\WINDOWS\tz30547d.exe
O4 - Startup: 5HU5Z1MB.lnk = C:\WINDOWS\5hu5z1mb.exe
O4 - Startup: D1RZ1TGP.lnk = C:\WINDOWS\d1rz1tgp.exe
O4 - Startup: IBM1O9UX.lnk = C:\WINDOWS\ibm1o9ux.exe
O4 - Startup: 32GY28DR.lnk = C:\WINDOWS\32gy28dr.exe
O4 - Startup: 4GNGG7EW.lnk = C:\WINDOWS\4gngg7ew.exe
O4 - Startup: 5PRWXB6P.lnk = C:\WINDOWS\5prwxb6p.exe
O4 - Startup: UMGFJM2Y.lnk = C:\WINDOWS\umgfjm2y.exe
O4 - Startup: 0AU77G5H.lnk = C:\WINDOWS\0au77g5h.exe
O4 - Startup: ORJQMUQ3.lnk = C:\WINDOWS\orjqmuq3.exe
O4 - Startup: U2UHVX6B.lnk = C:\WINDOWS\u2uhvx6b.exe
O4 - Startup: KV0XMHCY.lnk = C:\WINDOWS\kv0xmhcy.exe
O4 - Startup: Y08I3J4J.lnk = C:\WINDOWS\y08i3j4j.exe
O4 - Startup: LZGIZ9BO.lnk = C:\WINDOWS\lzgiz9bo.exe
O4 - Startup: 6FBJ4HIC.lnk = C:\WINDOWS\6fbj4hic.exe
O4 - Startup: 0JAG405P.lnk = C:\WINDOWS\0jag405p.exe
O4 - Startup: 91FW6Y5I.lnk = C:\WINDOWS\91fw6y5i.exe
O4 - Startup: NZGRXRX1.lnk = C:\WINDOWS\nzgrxrx1.exe
O4 - Startup: 2UN8DZIQ.lnk = C:\WINDOWS\2un8dziq.exe
O4 - Startup: JU0GM01X.lnk = C:\WINDOWS\ju0gm01x.exe
O4 - Startup: LQE9ZBX2.lnk = C:\WINDOWS\lqe9zbx2.exe
O4 - Startup: YK9QJ270.lnk = C:\WINDOWS\yk9qj270.exe
O4 - Startup: L0EHGFLR.lnk = C:\WINDOWS\l0ehgflr.exe
O4 - Startup: 1Q3Y1V0V.lnk = C:\WINDOWS\1q3y1v0v.exe
O4 - Startup: RXO7FCVK.lnk = C:\WINDOWS\rxo7fcvk.exe
O4 - Startup: TWZUYQ0V.lnk = C:\WINDOWS\twzuyq0v.exe
O4 - Startup: 0W90CID3.lnk = C:\WINDOWS\0w90cid3.exe
O4 - Startup: 0LZ4474R.lnk = C:\WINDOWS\0lz4474r.exe
O4 - Startup: RQOAY8Y9.lnk = C:\WINDOWS\rqoay8y9.exe
O4 - Startup: IOAVXYAL.lnk = C:\WINDOWS\ioavxyal.exe
O4 - Startup: 9WFZ22PY.lnk = C:\WINDOWS\9wfz22py.exe
O4 - Startup: 2A0TIH6W.lnk = C:\WINDOWS\2a0tih6w.exe
O4 - Startup: TWPQKL0K.lnk = C:\WINDOWS\twpqkl0k.exe
O4 - Startup: 4I6QNKMN.lnk = C:\WINDOWS\4i6qnkmn.exe
O4 - Startup: KD38B19O.lnk = C:\WINDOWS\kd38b19o.exe
O4 - Startup: K1RAG51M.lnk = C:\WINDOWS\k1rag51m.exe
O4 - Startup: J6XH7ING.lnk = C:\WINDOWS\j6xh7ing.exe
O4 - Startup: QIYAZ155.lnk = C:\WINDOWS\qiyaz155.exe
O4 - Startup: O03UELTH.lnk = C:\WINDOWS\o03uelth.exe
O4 - Startup: Y7IO1HP9.lnk = C:\WINDOWS\y7io1hp9.exe
O4 - Startup: NK0R8ZI8.lnk = C:\WINDOWS\nk0r8zi8.exe
O4 - Startup: OGYAKIQ3.lnk = C:\WINDOWS\ogyakiq3.exe
O4 - Startup: 7RB3P548.lnk = C:\WINDOWS\7rb3p548.exe
O4 - Startup: P4QWXY7J.lnk = C:\WINDOWS\p4qwxy7j.exe
O4 - Startup: O03BM6M9.lnk = C:\WINDOWS\o03bm6m9.exe
O4 - Startup: 8U5ZRKJ5.lnk = C:\WINDOWS\8u5zrkj5.exe
O4 - Startup: LE6CML40.lnk = C:\WINDOWS\le6cml40.exe
O4 - Startup: 3F065H0V.lnk = C:\WINDOWS\3f065h0v.exe
O4 - Startup: 8ZH4C4K8.lnk = C:\WINDOWS\8zh4c4k8.exe
O4 - Startup: PN1Z56E0.lnk = C:\WINDOWS\pn1z56e0.exe
O4 - Startup: BNG09TIW.lnk = C:\WINDOWS\bng09tiw.exe
O4 - Startup: J5WX9YZO.lnk = C:\WINDOWS\j5wx9yzo.exe
O4 - Startup: CFCPAUQG.lnk = C:\WINDOWS\cfcpauqg.exe
O4 - Startup: DJOYI04L.lnk = C:\WINDOWS\djoyi04l.exe
O4 - Startup: M5B7ZR2H.lnk = C:\WINDOWS\m5b7zr2h.exe
O4 - Startup: 7I0LPHP3.lnk = C:\WINDOWS\7i0lphp3.exe
O4 - Startup: PCRO7P7Q.lnk = C:\WINDOWS\pcro7p7q.exe
O4 - Startup: 97Q9NK32.lnk = C:\WINDOWS\97q9nk32.exe
O4 - Startup: YQFNCJIG.lnk = C:\WINDOWS\yqfncjig.exe
O4 - Startup: I11U73FG.lnk = C:\WINDOWS\i11u73fg.exe
O4 - Startup: YPL1HKCE.lnk = C:\WINDOWS\ypl1hkce.exe
O4 - Startup: HVE03KGM.lnk = C:\WINDOWS\hve03kgm.exe
O4 - Startup: 5TQ8AT20.lnk = C:\WINDOWS\5tq8at20.exe
O4 - Startup: 9GRCROYX.lnk = C:\WINDOWS\9grcroyx.exe
O4 - Startup: IZ0BNB1A.lnk = C:\WINDOWS\iz0bnb1a.exe
O4 - Startup: E8YZKCBN.lnk = C:\WINDOWS\e8yzkcbn.exe
O4 - Startup: 9AR5E9G0.lnk = C:\WINDOWS\9ar5e9g0.exe
O4 - Startup: WN6ACOHL.lnk = C:\WINDOWS\wn6acohl.exe
O4 - Startup: J9Q4QK11.lnk = C:\WINDOWS\j9q4qk11.exe
O4 - Startup: TE2C8CD1.lnk = C:\WINDOWS\te2c8cd1.exe
O4 - Startup: 3V0RTVDV.lnk = C:\WINDOWS\3v0rtvdv.exe
O4 - Startup: 2ELTNAOV.lnk = C:\WINDOWS\2eltnaov.exe
O4 - Startup: OH09P38K.lnk = C:\WINDOWS\oh09p38k.exe
O4 - Startup: 8HQ87IY0.lnk = C:\WINDOWS\8hq87iy0.exe
O4 - Startup: 704NCOPT.lnk = C:\WINDOWS\704ncopt.exe
O4 - Startup: K9I12WAP.lnk = C:\WINDOWS\k9i12wap.exe
O4 - Startup: UO9PCV0Y.lnk = C:\WINDOWS\uo9pcv0y.exe
O4 - Startup: DYY3VBIL.lnk = C:\WINDOWS\dyy3vbil.exe
O4 - Startup: 0DUH919V.lnk = C:\WINDOWS\0duh919v.exe
O4 - Startup: B55A76HA.lnk = C:\WINDOWS\b55a76ha.exe
O4 - Startup: J56EEKY2.lnk = C:\WINDOWS\j56eeky2.exe
O4 - Startup: QWQ12Q47.lnk = C:\WINDOWS\qwq12q47.exe
O4 - Startup: C243WTQ1.lnk = C:\WINDOWS\c243wtq1.exe
O4 - Startup: 2N6O5Q7V.lnk = C:\WINDOWS\2n6o5q7v.exe
O4 - Startup: EQPTQ0U3.lnk = C:\WINDOWS\eqptq0u3.exe
O4 - Startup: GZK5HI3Y.lnk = C:\WINDOWS\gzk5hi3y.exe
O4 - Startup: RLH0U93U.lnk = C:\WINDOWS\rlh0u93u.exe
O4 - Startup: X86IB0VL.lnk = C:\WINDOWS\x86ib0vl.exe
O4 - Startup: M5Z2V2GF.lnk = C:\WINDOWS\m5z2v2gf.exe
O4 - Startup: TH67HTXY.lnk = C:\WINDOWS\th67htxy.exe
O4 - Startup: zclra05h.lnk = C:\WINDOWS\zclra05h.exe
O4 - Global Startup: MORZE5.lnk = C:\WINDOWS\97q9nk32.exe
O4 - Global Startup: 7M0WF1EB.lnk = C:\WINDOWS\7m0wf1eb.exe
O4 - Global Startup: 9LA18OQO.lnk = C:\WINDOWS\k1rag51m.exe
O4 - Global Startup: 2ZT2IRQP.lnk = C:\WINDOWS\2zt2irqp.exe
O4 - Global Startup: FU718W2E.lnk = C:\WINDOWS\l0ehgflr.exe
O4 - Global Startup: BJ5WP3MY.lnk = C:\WINDOWS\u2uhvx6b.exe
O4 - Global Startup: Q5GIVPD1.lnk = C:\WINDOWS\l0ehgflr.exe
O4 - Global Startup: F2LT0X32.lnk = C:\WINDOWS\f2lt0x32.exe
O4 - Global Startup: GBNCZX4C.lnk = C:\WINDOWS\gbnczx4c.exe
O4 - Global Startup: GT65BX30.lnk = C:\WINDOWS\gt65bx30.exe
O4 - Global Startup: CK8PHBD7.lnk = C:\WINDOWS\ck8phbd7.exe
O4 - Global Startup: FYR3UP44.lnk = C:\WINDOWS\fyr3up44.exe
O4 - Global Startup: WT5L4FIG.lnk = C:\WINDOWS\lmv7zzdv.exe
O4 - Global Startup: DOBCC0MM.lnk = C:\WINDOWS\lmv7zzdv.exe
O4 - Global Startup: KCVR9CP0.lnk = C:\WINDOWS\kcvr9cp0.exe
O4 - Global Startup: 4TTN6G9J.lnk = C:\WINDOWS\4ttn6g9j.exe
O4 - Global Startup: YUKTC1VC.lnk = C:\WINDOWS\yuktc1vc.exe
O4 - Global Startup: 4AMWYQCE.lnk = C:\WINDOWS\4amwyqce.exe
O4 - Global Startup: FA00ORXG.lnk = C:\WINDOWS\fa00orxg.exe
O4 - Global Startup: 16IQFL9K.lnk = C:\WINDOWS\16iqfl9k.exe
O4 - Global Startup: OV6CJIH3.lnk = C:\WINDOWS\ov6cjih3.exe
O4 - Global Startup: 9GE3DD0Y.lnk = C:\WINDOWS\9ge3dd0y.exe
O4 - Global Startup: V33FL1U4.lnk = C:\WINDOWS\v33fl1u4.exe
O4 - Global Startup: PZYL2CIU.lnk = C:\WINDOWS\pzyl2ciu.exe
O4 - Global Startup: 2LY0Q1WZ.lnk = C:\WINDOWS\2ly0q1wz.exe
O4 - Global Startup: VNE5JHZH.lnk = C:\WINDOWS\vne5jhzh.exe
O4 - Global Startup: TM6TK5CZ.lnk = C:\WINDOWS\tm6tk5cz.exe
O4 - Global Startup: 7KT301MA.lnk = C:\WINDOWS\7kt301ma.exe
O4 - Global Startup: 05Q8W5GC.lnk = C:\WINDOWS\05q8w5gc.exe
O4 - Global Startup: 675R88U7.lnk = C:\WINDOWS\675r88u7.exe
O4 - Global Startup: BUV70YCJ.lnk = C:\WINDOWS\buv70ycj.exe
O4 - Global Startup: H8WO79W4.lnk = C:\WINDOWS\h8wo79w4.exe
O4 - Global Startup: 3KZD94LU.lnk = C:\WINDOWS\3kzd94lu.exe
O4 - Global Startup: 04VMA5JD.lnk = C:\WINDOWS\04vma5jd.exe
O4 - Global Startup: K3B2AEA1.lnk = C:\WINDOWS\7kt301ma.exe
O4 - Global Startup: OHAA976H.lnk = C:\WINDOWS\ohaa976h.exe
O4 - Global Startup: NFBXJAYE.lnk = C:\WINDOWS\4gngg7ew.exe
O4 - Global Startup: 7RK1D0OC.lnk = C:\WINDOWS\7rk1d0oc.exe
O4 - Global Startup: E3E304RU.lnk = C:\WINDOWS\e3e304ru.exe
O4 - Global Startup: YD00LHMC.lnk = C:\WINDOWS\yd00lhmc.exe
O4 - Global Startup: LX4YZU9P.lnk = C:\WINDOWS\lx4yzu9p.exe
O4 - Global Startup: 7FEYZVA4.lnk = C:\WINDOWS\7feyzva4.exe
O4 - Global Startup: K00N2HEM.lnk = C:\WINDOWS\k1rag51m.exe
O4 - Global Startup: F5F6KDAF.lnk = C:\WINDOWS\f5f6kdaf.exe
O4 - Global Startup: LMV7ZZDV.lnk = C:\WINDOWS\lmv7zzdv.exe
O4 - Global Startup: TZ30547D.lnk = C:\WINDOWS\4gngg7ew.exe
O4 - Global Startup: 5HU5Z1MB.lnk = C:\WINDOWS\5hu5z1mb.exe
O4 - Global Startup: D1RZ1TGP.lnk = C:\WINDOWS\0duh919v.exe
O4 - Global Startup: IBM1O9UX.lnk = C:\WINDOWS\ibm1o9ux.exe
O4 - Global Startup: 32GY28DR.lnk = C:\WINDOWS\32gy28dr.exe
O4 - Global Startup: 4GNGG7EW.lnk = C:\WINDOWS\4gngg7ew.exe
O4 - Global Startup: 5PRWXB6P.lnk = C:\WINDOWS\5prwxb6p.exe
O4 - Global Startup: UMGFJM2Y.lnk = C:\WINDOWS\umgfjm2y.exe
O4 - Global Startup: 0AU77G5H.lnk = C:\WINDOWS\0au77g5h.exe
O4 - Global Startup: ORJQMUQ3.lnk = C:\WINDOWS\orjqmuq3.exe
O4 - Global Startup: U2UHVX6B.lnk = C:\WINDOWS\u2uhvx6b.exe
O4 - Global Startup: KV0XMHCY.lnk = C:\WINDOWS\kv0xmhcy.exe
O4 - Global Startup: Y08I3J4J.lnk = C:\WINDOWS\y08i3j4j.exe
O4 - Global Startup: LZGIZ9BO.lnk = C:\WINDOWS\lzgiz9bo.exe
O4 - Global Startup: 6FBJ4HIC.lnk = C:\WINDOWS\6fbj4hic.exe
O4 - Global Startup: 0JAG405P.lnk = C:\WINDOWS\0jag405p.exe
O4 - Global Startup: 91FW6Y5I.lnk = C:\WINDOWS\91fw6y5i.exe
O4 - Global Startup: 2UN8DZIQ.lnk = C:\WINDOWS\2un8dziq.exe
O4 - Global Startup: NZGRXRX1.lnk = C:\WINDOWS\nzgrxrx1.exe
O4 - Global Startup: JU0GM01X.lnk = C:\WINDOWS\ju0gm01x.exe
O4 - Global Startup: LQE9ZBX2.lnk = C:\WINDOWS\lqe9zbx2.exe
O4 - Global Startup: YK9QJ270.lnk = C:\WINDOWS\yk9qj270.exe
O4 - Global Startup: L0EHGFLR.lnk = C:\WINDOWS\l0ehgflr.exe
O4 - Global Startup: 1Q3Y1V0V.lnk = C:\WINDOWS\1q3y1v0v.exe
O4 - Global Startup: RXO7FCVK.lnk = C:\WINDOWS\rxo7fcvk.exe
O4 - Global Startup: TWZUYQ0V.lnk = C:\WINDOWS\twzuyq0v.exe
O4 - Global Startup: 0W90CID3.lnk = C:\WINDOWS\0w90cid3.exe
O4 - Global Startup: 0LZ4474R.lnk = C:\WINDOWS\0lz4474r.exe
O4 - Global Startup: RQOAY8Y9.lnk = C:\WINDOWS\rqoay8y9.exe
O4 - Global Startup: IOAVXYAL.lnk = C:\WINDOWS\ioavxyal.exe
O4 - Global Startup: 9WFZ22PY.lnk = C:\WINDOWS\9wfz22py.exe
O4 - Global Startup: 2A0TIH6W.lnk = C:\WINDOWS\2a0tih6w.exe
O4 - Global Startup: TWPQKL0K.lnk = C:\WINDOWS\twpqkl0k.exe
O4 - Global Startup: 4I6QNKMN.lnk = C:\WINDOWS\4i6qnkmn.exe
O4 - Global Startup: KD38B19O.lnk = C:\WINDOWS\kd38b19o.exe
O4 - Global Startup: K1RAG51M.lnk = C:\WINDOWS\k1rag51m.exe
O4 - Global Startup: J6XH7ING.lnk = C:\WINDOWS\j6xh7ing.exe
O4 - Global Startup: QIYAZ155.lnk = C:\WINDOWS\qiyaz155.exe
O4 - Global Startup: O03UELTH.lnk = C:\WINDOWS\o03uelth.exe
O4 - Global Startup: Y7IO1HP9.lnk = C:\WINDOWS\y7io1hp9.exe
O4 - Global Startup: NK0R8ZI8.lnk = C:\WINDOWS\nk0r8zi8.exe
O4 - Global Startup: OGYAKIQ3.lnk = C:\WINDOWS\ogyakiq3.exe
O4 - Global Startup: 7RB3P548.lnk = C:\WINDOWS\7rb3p548.exe
O4 - Global Startup: P4QWXY7J.lnk = C:\WINDOWS\p4qwxy7j.exe
O4 - Global Startup: O03BM6M9.lnk = C:\WINDOWS\o03bm6m9.exe
O4 - Global Startup: 8U5ZRKJ5.lnk = C:\WINDOWS\8u5zrkj5.exe
O4 - Global Startup: LE6CML40.lnk = C:\WINDOWS\le6cml40.exe
O4 - Global Startup: 3F065H0V.lnk = C:\WINDOWS\3f065h0v.exe
O4 - Global Startup: 8ZH4C4K8.lnk = C:\WINDOWS\8zh4c4k8.exe
O4 - Global Startup: PN1Z56E0.lnk = C:\WINDOWS\pn1z56e0.exe
O4 - Global Startup: BNG09TIW.lnk = C:\WINDOWS\bng09tiw.exe
O4 - Global Startup: J5WX9YZO.lnk = C:\WINDOWS\j5wx9yzo.exe
O4 - Global Startup: CFCPAUQG.lnk = C:\WINDOWS\cfcpauqg.exe
O4 - Global Startup: DJOYI04L.lnk = C:\WINDOWS\djoyi04l.exe
O4 - Global Startup: M5B7ZR2H.lnk = C:\WINDOWS\m5b7zr2h.exe
O4 - Global Startup: 7I0LPHP3.lnk = C:\WINDOWS\7i0lphp3.exe
O4 - Global Startup: PCRO7P7Q.lnk = C:\WINDOWS\pcro7p7q.exe
O4 - Global Startup: 97Q9NK32.lnk = C:\WINDOWS\97q9nk32.exe
O4 - Global Startup: YQFNCJIG.lnk = C:\WINDOWS\yqfncjig.exe
O4 - Global Startup: I11U73FG.lnk = C:\WINDOWS\i11u73fg.exe
O4 - Global Startup: YPL1HKCE.lnk = C:\WINDOWS\ypl1hkce.exe
O4 - Global Startup: HVE03KGM.lnk = C:\WINDOWS\hve03kgm.exe
O4 - Global Startup: 5TQ8AT20.lnk = C:\WINDOWS\5tq8at20.exe
O4 - Global Startup: 9GRCROYX.lnk = C:\WINDOWS\9grcroyx.exe
O4 - Global Startup: IZ0BNB1A.lnk = C:\WINDOWS\iz0bnb1a.exe
O4 - Global Startup: E8YZKCBN.lnk = C:\WINDOWS\e8yzkcbn.exe
O4 - Global Startup: 9AR5E9G0.lnk = C:\WINDOWS\9ar5e9g0.exe
O4 - Global Startup: WN6ACOHL.lnk = C:\WINDOWS\wn6acohl.exe
O4 - Global Startup: J9Q4QK11.lnk = C:\WINDOWS\j9q4qk11.exe
O4 - Global Startup: TE2C8CD1.lnk = C:\WINDOWS\te2c8cd1.exe
O4 - Global Startup: 3V0RTVDV.lnk = C:\WINDOWS\3v0rtvdv.exe
O4 - Global Startup: 2ELTNAOV.lnk = C:\WINDOWS\2eltnaov.exe
O4 - Global Startup: OH09P38K.lnk = C:\WINDOWS\oh09p38k.exe
O4 - Global Startup: 8HQ87IY0.lnk = C:\WINDOWS\8hq87iy0.exe
O4 - Global Startup: 704NCOPT.lnk = C:\WINDOWS\704ncopt.exe
O4 - Global Startup: K9I12WAP.lnk = C:\WINDOWS\k9i12wap.exe
O4 - Global Startup: UO9PCV0Y.lnk = C:\WINDOWS\uo9pcv0y.exe
O4 - Global Startup: DYY3VBIL.lnk = C:\WINDOWS\dyy3vbil.exe
O4 - Global Startup: 0DUH919V.lnk = C:\WINDOWS\0duh919v.exe
O4 - Global Startup: B55A76HA.lnk = C:\WINDOWS\b55a76ha.exe
O4 - Global Startup: J56EEKY2.lnk = C:\WINDOWS\j56eeky2.exe
O4 - Global Startup: QWQ12Q47.lnk = C:\WINDOWS\qwq12q47.exe
O4 - Global Startup: C243WTQ1.lnk = C:\WINDOWS\c243wtq1.exe
O4 - Global Startup: 2N6O5Q7V.lnk = C:\WINDOWS\2n6o5q7v.exe
O4 - Global Startup: EQPTQ0U3.lnk = C:\WINDOWS\eqptq0u3.exe
O4 - Global Startup: GZK5HI3Y.lnk = C:\WINDOWS\gzk5hi3y.exe
O4 - Global Startup: RLH0U93U.lnk = C:\WINDOWS\rlh0u93u.exe
O4 - Global Startup: X86IB0VL.lnk = C:\WINDOWS\x86ib0vl.exe
O4 - Global Startup: M5Z2V2GF.lnk = C:\WINDOWS\m5z2v2gf.exe
O4 - Global Startup: TH67HTXY.lnk = C:\WINDOWS\th67htxy.exe
O4 - Global Startup: zclra05h.lnk = C:\WINDOWS\zclra05h.exe
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\WINDOWS\GOOGLETOOLBAR1.DLL/cmtrans.html
O8 - Extra context menu item: Web Rebates - file://C:\PROGRAM FILES\WEB_REBATES\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: PhoenixNet (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Royal Vegas Poker (HKLM)
O9 - Extra button: PartyPoker.com (HKLM)
O9 - Extra 'Tools' menuitem: PartyPoker.com (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll
O16 - DPF: Yahoo! NFL StatTracker - http://aud4.sports.y...nflst8252_x.cab
O16 - DPF: Yahoo! Cribbage - http://download.game...nts/y/it1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/potb_x.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7642.5854513889
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: DigiChat Applet - http://host6.digicha...s/Client_IE.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...ector/swdir.cab
O16 - DPF: Yahoo! Dice - http://download.game...ts/y/dct2_x.cab
O16 - DPF: Yahoo! Trivia - http://download.game...ts/y/tvt0_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt0_x.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ash/swflash.cab
O16 - DPF: Yahoo! Backgammon - http://download.game...nts/y/at0_x.cab
O16 - DPF: Yahoo! Spelldown - http://download.game...ts/y/sdt1_x.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installen...gine/isetup.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.va...OCX/FlashAX.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

#2 ComputerNoob

ComputerNoob

    Member

  • New Member
  • Pip
  • 2 posts

Posted 20 July 2004 - 05:08 PM

All of those startup .exe files are driving me crazy....




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button