• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
timmy_

OMG HELP!

2 posts in this topic

Woowwww, this is making me realllllly mad.

 

Ok, so, I've got ad-aware and spybot s&d. Well I scan like usual every couple days, always updating when i do. Well, Ad-aware keeps finding some "cool web" files and gets rid of them. Well, some file is telling them to respawn i guess and I can't find that file. I've tried s&d and got the same temporary results, but then 2 minutes later it comes right back up. My IExplorer homepage changes, I get pop ups as soon as i double click it. I even tried downloading Hijackthis, same thing.

 

Well, PLEASE PLEASE help, I really am not wanting to reformat over some bs spyware, i'll try to get some logs to help you guys help me.

 

Thnx :ph34r:

Share this post


Link to post
Share on other sites

Lavasoft Ad-aware Personal Build 6.181

Logfile created on :Thursday, June 24, 2004 11:14:53 PM

Created with Ad-aware Personal, free for private use.

Using reference-file :01R324 22.06.2004

______________________________________________________

 

Ad-aware Settings

=========================

Set : Activate in-depth scan (Recommended)

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep scan registry

 

 

6-24-2004 11:14:53 PM - Scan started. (Smart mode)

 

Listing running processes

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32\

ThreadCreationTime : 6-24-2004 5:59:07 PM

BasePriority : Normal

 

 

#:2 [winlogon.exe]

FilePath : \??\C:\WINDOWS\system32\

ThreadCreationTime : 6-24-2004 5:59:12 PM

BasePriority : High

 

 

#:3 [services.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 6-24-2004 5:59:12 PM

BasePriority : Normal

FileSize : 99 KB

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Services and Controller app

InternalName : services.exe

OriginalFilename : services.exe

ProductName : Microsoft

Created on : 8/23/2001 12:00:00 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 8/23/2001 12:00:00 PM

 

#:4 [lsass.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 6-24-2004 5:59:13 PM

BasePriority : Normal

FileSize : 11 KB

FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)

ProductVersion : 5.1.2600.1106

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

OriginalFilename : lsass.exe

ProductName : Microsoft

Created on : 8/23/2001 12:00:00 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 8/29/2002 10:41:26 AM

 

#:5 [ati2evxx.exe]

FilePath : C:\WINDOWS\System32\

ThreadCreationTime : 6-24-2004 5:59:13 PM

BasePriority : Normal

FileSize : 388 KB

Created on : 4/22/2004 5:56:04 AM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 4/22/2004 5:56:04 AM

 

#:6 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 6-24-2004 5:59:13 PM

BasePriority : Normal

FileSize : 12 KB

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

OriginalFilename : svchost.exe

ProductName : Microsoft

Created on : 8/23/2001 12:00:00 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 8/23/2001 12:00:00 PM

 

#:7 [svchost.exe]

FilePath : C:\WINDOWS\System32\

ThreadCreationTime : 6-24-2004 5:59:14 PM

BasePriority : Normal

FileSize : 12 KB

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

OriginalFilename : svchost.exe

ProductName : Microsoft

Created on : 8/23/2001 12:00:00 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 8/23/2001 12:00:00 PM

 

#:8 [spoolsv.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 6-24-2004 5:59:15 PM

BasePriority : Normal

FileSize : 50 KB

FileVersion : 5.1.2600.0 (XPClient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

OriginalFilename : spoolsv.exe

ProductName : Microsoft

Created on : 8/23/2001 12:00:00 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 8/23/2001 12:00:00 PM

 

#:9 [tmproxy.exe]

FilePath : C:\Program Files\Trend Micro\PC-cillin 2003\

ThreadCreationTime : 6-24-2004 5:59:28 PM

BasePriority : Normal

FileSize : 272 KB

FileVersion : 10.0.4.1114

ProductVersion : 10.0.4

Copyright : Copyright © 1995-2003 Trend Micro Incorporated. All rights reserved.

CompanyName : Trend Micro Incorporated.

FileDescription : tmproxy

InternalName : tmproxy

OriginalFilename : tmproxy.exe

ProductName : Trend Pc-cillin 10.04

Created on : 2/5/2003 3:38:50 AM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 9/16/2003 9:09:02 PM

 

#:10 [ati2evxx.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 6-24-2004 5:59:51 PM

BasePriority : Normal

FileSize : 388 KB

Created on : 4/22/2004 5:56:04 AM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 4/22/2004 5:56:04 AM

 

#:11 [explorer.exe]

FilePath : C:\WINDOWS\

ThreadCreationTime : 6-24-2004 5:59:51 PM

BasePriority : Normal

FileSize : 980 KB

FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)

ProductVersion : 6.00.2800.1106

CompanyName : Microsoft Corporation

FileDescription : Windows Explorer

InternalName : explorer

OriginalFilename : EXPLORER.EXE

ProductName : Microsoft

Created on : 5/26/2004 3:54:46 AM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 8/29/2002 10:41:24 AM

 

#:12 [atiptaxx.exe]

FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\

ThreadCreationTime : 6-24-2004 5:59:53 PM

BasePriority : Normal

FileSize : 328 KB

FileVersion : 6.14.10.5103

ProductVersion : 6.14.10.5103

Copyright : Copyright © 1998-2004 ATI Technologies Inc.

CompanyName : ATI Technologies, Inc.

FileDescription : ATI Desktop Control Panel

InternalName : Atiptaxx.exe

OriginalFilename : Atiptaxx.exe

ProductName : ATI Desktop Component

Created on : 5/26/2004 3:36:07 AM

Last accessed : 6/25/2004 3:24:42 AM

Last modified : 4/22/2004 4:10:00 AM

 

#:13 [pstrip.exe]

FilePath : C:\program files\powerstrip\

ThreadCreationTime : 6-24-2004 5:59:55 PM

BasePriority : Idle

FileSize : 603 KB

FileVersion : 4.10.03.49

Copyright : Copyright

CompanyName : EnTech Taiwan

FileDescription : PowerStrip for Windows

InternalName : PowerStrip

OriginalFilename : pstrip.exe

Created on : 2/7/2004 11:00:22 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 2/7/2004 11:00:22 PM

 

#:14 [pccclient.exe]

FilePath : C:\Program Files\Trend Micro\PC-cillin 2003\

ThreadCreationTime : 6-24-2004 5:59:55 PM

BasePriority : Normal

FileSize : 708 KB

FileVersion : 10.0.4.1114

ProductVersion : 10.0.4

Copyright : Copyright © 1995-2003 Trend Micro Incorporated. All rights reserved.

CompanyName : Trend Micro Incorporated.

FileDescription : PCCClient

InternalName : PCCClient

OriginalFilename : PCCClient

ProductName : Trend Pc-cillin 10.04

Created on : 2/5/2003 3:29:58 AM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 9/16/2003 8:59:42 PM

 

#:15 [pop3trap.exe]

FilePath : C:\Program Files\Trend Micro\PC-cillin 2003\

ThreadCreationTime : 6-24-2004 5:59:55 PM

BasePriority : Normal

FileSize : 552 KB

FileVersion : 10.0.4.1114

ProductVersion : 10.0.4

Copyright : Copyright © 1995-2003 Trend Micro Incorporated. All rights reserved.

CompanyName : Trend Micro Incorporated.

FileDescription : POP3Trap

InternalName : POP3Trap

OriginalFilename : POP3Trap

ProductName : Trend Pc-cillin 10.04

Created on : 2/5/2003 3:34:46 AM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 9/16/2003 9:04:42 PM

 

#:16 [itouch.exe]

FilePath : C:\Program Files\Logitech\iTouch\

ThreadCreationTime : 6-24-2004 5:59:55 PM

BasePriority : Normal

FileSize : 616 KB

FileVersion : 2.15.264

ProductVersion : 2.15.264

Copyright : © 1998-2002 Logitech. All rights reserved.

CompanyName : Logitech Inc.

FileDescription : iTouch Application

InternalName : iTouch

OriginalFilename : iTouch.exe

ProductName : iTouch

Created on : 5/28/2004 10:17:08 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 11/23/2002 7:15:00 AM

 

#:17 [jusched.exe]

FilePath : C:\Program Files\Java\j2re1.4.2_04\bin\

ThreadCreationTime : 6-24-2004 5:59:55 PM

BasePriority : Normal

FileSize : 32 KB

Created on : 2/23/2068 4:44:46 AM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 2/23/2004 4:44:44 AM

 

#:18 [steam.exe]

FilePath : C:\program files\steam\

ThreadCreationTime : 6-24-2004 5:59:56 PM

BasePriority : Normal

FileSize : 1176 KB

FileVersion : 1.0.0.0

ProductVersion : 1.0.0.0

CompanyName : Valve Corporation

FileDescription : Steam

OriginalFilename : Steam.exe

ProductName : Steam

Created on : 5/26/2004 4:41:26 AM

Last accessed : 6/25/2004 3:46:59 AM

Last modified : 6/22/2004 1:49:48 PM

 

#:19 [sdksp.exe]

FilePath : C:\WINDOWS\system32\

ThreadCreationTime : 6-24-2004 6:37:28 PM

BasePriority : Normal

FileSize : 9 KB

Created on : 6/13/2004 3:58:42 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 6/13/2004 3:58:42 PM

Warning! CoolWebSearch object found in memory(C:\WINDOWS\system32\sdksp.exe)

 

CoolWebSearch Object recognized!

Type : Process

Data : sdksp.exe

Object : C:\WINDOWS\system32\

FileSize : 9 KB

Created on : 6/13/2004 3:58:42 PM

Last accessed : 6/25/2004 4:14:53 AM

Last modified : 6/13/2004 3:58:42 PM

 

 

Warning! "sdksp.exe"Process could not be terminated!

 

#:20 [mfcfs.exe]

FilePath : C:\WINDOWS\

ThreadCreationTime : 6-24-2004 6:37:28 PM

BasePriority : Normal

FileSize : 26 KB

Created on : 6/11/2004 7:21:31 PM

Last accessed : 6/25/2004 4:14:54 AM

Last modified : 6/11/2004 7:21:31 PM

 

#:21 [wpabaln.exe]

FilePath : C:\WINDOWS\System32\

ThreadCreationTime : 6-25-2004 2:01:20 AM

BasePriority : Normal

FileSize : 30 KB

FileVersion : 5.1.2600.0 (xpclient.010817-1148)

ProductVersion : 5.1.2600.0

CompanyName : Microsoft Corporation

FileDescription : Windows WPA Balloon Reminder

InternalName : WPABALN.EXE

OriginalFilename : WPABALN.EXE

ProductName : Microsoft

Created on : 8/23/2001 12:00:00 PM

Last accessed : 6/25/2004 4:14:54 AM

Last modified : 8/23/2001 12:00:00 PM

 

#:22 [mirc.exe]

FilePath : C:\Program Files\mIRC\

ThreadCreationTime : 6-25-2004 3:24:45 AM

BasePriority : Normal

FileSize : 1892 KB

FileVersion : 6.14

ProductVersion : 6.14

Copyright : Copyright

CompanyName : mIRC Co. Ltd.

FileDescription : mIRC

InternalName : mIRC

OriginalFilename : mirc.exe

ProductName : mIRC

Created on : 6/14/2004 8:10:29 AM

Last accessed : 6/25/2004 3:27:53 AM

Last modified : 6/14/2004 8:10:29 AM

 

#:23 [aim.exe]

FilePath : C:\Program Files\AIM\

ThreadCreationTime : 6-25-2004 3:31:28 AM

BasePriority : Normal

FileSize : 60 KB

FileVersion : 5.5.3595

ProductVersion : 5.5.3595

Copyright : Copyright

CompanyName : America Online, Inc.

FileDescription : AOL Instant Messenger

InternalName : AIM

OriginalFilename : AIM.EXE

ProductName : AOL Instant Messenger

Created on : 5/26/2004 4:53:02 AM

Last accessed : 6/25/2004 3:31:28 AM

Last modified : 4/27/2004 10:18:34 PM

 

#:24 [iexplore.exe]

FilePath : C:\Program Files\Internet Explorer\

ThreadCreationTime : 6-25-2004 4:05:33 AM

BasePriority : Normal

FileSize : 89 KB

FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)

ProductVersion : 6.00.2800.1106

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

OriginalFilename : IEXPLORE.EXE

ProductName : Microsoft

Created on : 5/26/2004 3:55:07 AM

Last accessed : 6/25/2004 4:10:17 AM

Last modified : 8/29/2002 10:41:26 AM

 

#:25 [iexplore.exe]

FilePath : C:\Program Files\Internet Explorer\

ThreadCreationTime : 6-25-2004 4:10:17 AM

BasePriority : Normal

FileSize : 89 KB

FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)

ProductVersion : 6.00.2800.1106

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

OriginalFilename : IEXPLORE.EXE

ProductName : Microsoft

Created on : 5/26/2004 3:55:07 AM

Last accessed : 6/25/2004 4:10:17 AM

Last modified : 8/29/2002 10:41:26 AM

 

#:26 [ad-aware.exe]

FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\

ThreadCreationTime : 6-25-2004 4:14:42 AM

BasePriority : Normal

FileSize : 668 KB

FileVersion : 6.0.1.181

ProductVersion : 6.0.0.0

Copyright : Copyright

CompanyName : Lavasoft Sweden

FileDescription : Ad-aware 6 core application

InternalName : Ad-aware.exe

OriginalFilename : Ad-aware.exe

ProductName : Lavasoft Ad-aware Plus

Created on : 5/26/2004 4:10:35 AM

Last accessed : 6/25/2004 4:14:42 AM

Last modified : 7/13/2003 4:00:20 AM

 

Memory scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 1

Objects found so far: 1

 

 

Started registry scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Registry scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 1

 

 

Started deep registry scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Page.dll/index.html

 

Possible Browser Hijack attempt Object recognized!

Type : RegData

Data : "res://vqdrw.dll/index.html#96676"

Rootkey : HKEY_CURRENT_USER

Object : Software\Microsoft\Internet Explorer\Main

Value : Start Page

Data : "res://vqdrw.dll/index.html#96676"

 

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Page.dll/index.html

 

Possible Browser Hijack attempt Object recognized!

Type : RegData

Data : "res://vqdrw.dll/index.html#96676"

Rootkey : HKEY_LOCAL_MACHINE

Object : Software\Microsoft\Internet Explorer\Main

Value : Start Page

Data : "res://vqdrw.dll/index.html#96676"

 

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Page_URL.dll/index.html

 

Possible Browser Hijack attempt Object recognized!

Type : RegData

Data : "res://vqdrw.dll/index.html#96676"

Rootkey : HKEY_LOCAL_MACHINE

Object : Software\Microsoft\Internet Explorer\Main

Value : Default_Page_URL

Data : "res://vqdrw.dll/index.html#96676"

 

 

Deep registry scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 3

Objects found so far: 4

 

 

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Tracking Cookie Object recognized!

Type : File

Data : tim@atdmt[2].txt

Object : C:\Documents and Settings\Tim\Cookies\

 

Created on : 6/25/2004 4:07:11 AM

Last accessed : 6/25/2004 4:07:11 AM

Last modified : 6/25/2004 4:07:11 AM

 

 

 

Tracking Cookie Object recognized!

Type : File

Data : tim@edge.ru4[1].txt

Object : C:\Documents and Settings\Tim\Cookies\

 

Created on : 6/25/2004 4:07:44 AM

Last accessed : 6/25/2004 4:07:44 AM

Last modified : 6/25/2004 4:07:44 AM

 

 

 

Tracking Cookie Object recognized!

Type : File

Data : tim@fastclick[2].txt

Object : C:\Documents and Settings\Tim\Cookies\

 

Created on : 6/25/2004 4:06:32 AM

Last accessed : 6/25/2004 4:06:34 AM

Last modified : 6/25/2004 4:06:34 AM

 

 

 

Tracking Cookie Object recognized!

Type : File

Data : tim@tribalfusion[1].txt

Object : C:\Documents and Settings\Tim\Cookies\

 

Created on : 6/25/2004 4:07:44 AM

Last accessed : 6/25/2004 4:07:44 AM

Last modified : 6/25/2004 4:07:44 AM

 

 

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

 

Deep scanning and examining files (C:)

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

 

Performing conditional scans..

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Conditional scan result:

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 8

 

 

11:16:37 PM Scan complete

 

Summary of this scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Total scanning time :00:01:44:15

Objects scanned :42060

Objects identified :8

Objects ignored :0

New objects :8

 

 

 

 

----------------------------------------------------------------------------

 

 

 

 

 

Logfile of HijackThis v1.97.7

Scan saved at 11:17:43 PM, on 6/24/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Trend Micro\PC-cillin 2003\tmproxy.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\program files\powerstrip\pstrip.exe

C:\Program Files\Trend Micro\PC-cillin 2003\PCCClient.exe

C:\Program Files\Trend Micro\PC-cillin 2003\Pop3trap.exe

C:\Program Files\Logitech\iTouch\iTouch.exe

C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

C:\program files\steam\steam.exe

C:\WINDOWS\system32\sdksp.exe

C:\WINDOWS\mfcfs.exe

C:\WINDOWS\System32\wpabaln.exe

C:\Program Files\mIRC\mirc.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Tim\My Documents\Misc\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\vqdrw.dll/sp.html#96676

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://vqdrw.dll/index.html#96676

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://vqdrw.dll/index.html#96676

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\vqdrw.dll/sp.html#96676

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://vqdrw.dll/index.html#96676

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\vqdrw.dll/sp.html#96676

O2 - BHO: (no name) - {53D3238B-64AB-2309-6B42-5DFB1EF3F534} - C:\WINDOWS\system32\javajm.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs

O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2003\pccguide.exe"

O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2003\PCCClient.exe"

O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2003\Pop3trap.exe"

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [mfcfs.exe] C:\WINDOWS\mfcfs.exe

O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent

O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)

O9 - Extra button: AIM (HKLM)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8132.8685648148

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

 

^^ Above is the log from HiJackThis

Edited by timmy_

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0