Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

StartPage-DU.dll Trouble

Started by jsfrey , Jul 16 2005 09:06 PM

  • Please log in to reply

#1
jsfrey
Posted 16 July 2005 - 09:06 PM

jsfrey

    Member

  • Member
  • PipPip
  • 41 posts
Hi - I'm Scott

Been working for two days on a spyware/malware I've contracted. MicorTrend Antivirus gives me real-time warnings of TROJ_STARTPAG.RE which has an alia of StartPage-DU.dll. I've updated suggested definition from Micortrend to no avail. Have pursued a number of posts looking for ideas and am out of gas. I was intrigued by the post # t43362 and went through the steps, but my Hijack log looks nothing like the suggested bad links. I did download all the suggested programs on that post, and since booting back up, I'm getting a couple of system complaints, one of which is "windi.exe - Bad Image" winmg.dll is not a valid windows image. Any ideas on this subsequent problem as well as help with my original problem. My hijack log is attached, one in regular system mode and one I did while in safe mode.

SYSTEM IS WINDOWS XP

Regular Boot:
Logfile of HijackThis v1.99.1
Scan saved at 10:00:21 PM, on 7/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\Symantec\Ghost\ngctw32.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINNT\system32\fxssvc.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\TEMP\DR11EC.EXE
C:\WINNT\Explorer.EXE
C:\WINNT\javafx32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINNT\system32\pctspk.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINNT\System32\DSentry.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
C:\Program Files\Infotriever\Agent\infoclient.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {72085DA9-16A5-2559-FF6E-7850AC2CD288} - C:\WINNT\system32\d3oa.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\winnt\googletoolbar3.dll
O2 - BHO: Class - {AB907937-2DB7-35D2-D1EB-CA15F16A8F82} - C:\WINNT\system32\sysgr32.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\winnt\googletoolbar3.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [CPortPatch] C:\WINNT\DockQuickInstall\cppch.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINNT\System32\DSentry.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IEXPLORE.EXE] C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - HKLM\..\Run: [iekz.exe] C:\WINNT\system32\iekz.exe
O4 - HKLM\..\Run: [ntcg32.exe] C:\WINNT\ntcg32.exe
O4 - HKLM\..\Run: [d3qe32.exe] C:\WINNT\d3qe32.exe
O4 - HKLM\..\Run: [javafx32.exe] C:\WINNT\javafx32.exe
O4 - HKLM\..\RunOnce: [sdkqh32.exe] C:\WINNT\sdkqh32.exe
O4 - HKLM\..\RunOnce: [ipmi.exe] C:\WINNT\ipmi.exe
O4 - HKLM\..\RunOnce: [atllu32.exe] C:\WINNT\system32\atllu32.exe
O4 - HKLM\..\RunOnce: [nettn.exe] C:\WINNT\nettn.exe
O4 - HKLM\..\RunOnce: [addpv32.exe] C:\WINNT\system32\addpv32.exe
O4 - HKLM\..\RunOnce: [sdkyz32.exe] C:\WINNT\sdkyz32.exe
O4 - HKLM\..\RunOnce: [syskh32.exe] C:\WINNT\syskh32.exe
O4 - HKLM\..\RunOnce: [msja.exe] C:\WINNT\msja.exe
O4 - HKLM\..\RunOnce: [apirq.exe] C:\WINNT\system32\apirq.exe
O4 - HKLM\..\RunOnce: [msmc.exe] C:\WINNT\system32\msmc.exe
O4 - HKLM\..\RunOnce: [ipwy32.exe] C:\WINNT\ipwy32.exe
O4 - HKLM\..\RunOnce: [apitc.exe] C:\WINNT\system32\apitc.exe
O4 - HKLM\..\RunOnce: [sdkkp32.exe] C:\WINNT\system32\sdkkp32.exe
O4 - HKLM\..\RunOnce: [crem32.exe] C:\WINNT\system32\crem32.exe
O4 - HKLM\..\RunOnce: [netji.exe] C:\WINNT\netji.exe
O4 - HKLM\..\RunOnce: [javasy.exe] C:\WINNT\system32\javasy.exe
O4 - HKLM\..\RunOnce: [apiew.exe] C:\WINNT\apiew.exe
O4 - HKLM\..\RunOnce: [atllt.exe] C:\WINNT\atllt.exe
O4 - HKLM\..\RunOnce: [craw.exe] C:\WINNT\craw.exe
O4 - HKLM\..\RunOnce: [winyl.exe] C:\WINNT\winyl.exe
O4 - HKLM\..\RunOnce: [apphd32.exe] C:\WINNT\apphd32.exe
O4 - HKLM\..\RunOnce: [msxc.exe] C:\WINNT\msxc.exe
O4 - HKLM\..\RunOnce: [mfcer32.exe] C:\WINNT\mfcer32.exe
O4 - HKLM\..\RunOnce: [atldv32.exe] C:\WINNT\atldv32.exe
O4 - HKLM\..\RunOnce: [winid32.exe] C:\WINNT\system32\winid32.exe
O4 - HKLM\..\RunOnce: [apisu.exe] C:\WINNT\apisu.exe
O4 - HKLM\..\RunOnce: [appcc32.exe] C:\WINNT\appcc32.exe
O4 - HKLM\..\RunOnce: [crka.exe] C:\WINNT\crka.exe
O4 - HKLM\..\RunOnce: [ntuj32.exe] C:\WINNT\ntuj32.exe
O4 - HKLM\..\RunOnce: [ipje.exe] C:\WINNT\system32\ipje.exe
O4 - HKLM\..\RunOnce: [sdkcp32.exe] C:\WINNT\sdkcp32.exe
O4 - HKLM\..\RunOnce: [netmv32.exe] C:\WINNT\netmv32.exe
O4 - HKLM\..\RunOnce: [mfcbc32.exe] C:\WINNT\mfcbc32.exe
O4 - HKLM\..\RunOnce: [mfcst32.exe] C:\WINNT\system32\mfcst32.exe
O4 - HKLM\..\RunOnce: [sdkjg32.exe] C:\WINNT\sdkjg32.exe
O4 - HKLM\..\RunOnce: [ntps32.exe] C:\WINNT\system32\ntps32.exe
O4 - HKLM\..\RunOnce: [atlsk.exe] C:\WINNT\atlsk.exe
O4 - HKLM\..\RunOnce: [sysyy.exe] C:\WINNT\system32\sysyy.exe
O4 - HKLM\..\RunOnce: [winwe.exe] C:\WINNT\winwe.exe
O4 - HKLM\..\RunOnce: [netlt.exe] C:\WINNT\netlt.exe
O4 - HKLM\..\RunOnce: [winzo32.exe] C:\WINNT\system32\winzo32.exe
O4 - HKLM\..\RunOnce: [crws32.exe] C:\WINNT\system32\crws32.exe
O4 - HKLM\..\RunOnce: [atlzh.exe] C:\WINNT\atlzh.exe
O4 - HKLM\..\RunOnce: [syssy.exe] C:\WINNT\system32\syssy.exe
O4 - HKLM\..\RunOnce: [sdklx32.exe] C:\WINNT\sdklx32.exe
O4 - HKLM\..\RunOnce: [netag.exe] C:\WINNT\netag.exe
O4 - HKLM\..\RunOnce: [wingi32.exe] C:\WINNT\system32\wingi32.exe
O4 - HKLM\..\RunOnce: [crkf32.exe] C:\WINNT\system32\crkf32.exe
O4 - HKLM\..\RunOnce: [apiqz.exe] C:\WINNT\system32\apiqz.exe
O4 - HKLM\..\RunOnce: [mfctq32.exe] C:\WINNT\mfctq32.exe
O4 - HKLM\..\RunOnce: [mfcin32.exe] C:\WINNT\system32\mfcin32.exe
O4 - HKLM\..\RunOnce: [ienp.exe] C:\WINNT\system32\ienp.exe
O4 - HKLM\..\RunOnce: [nethb.exe] C:\WINNT\nethb.exe
O4 - HKLM\..\RunOnce: [ieck.exe] C:\WINNT\system32\ieck.exe
O4 - HKLM\..\RunOnce: [crgm32.exe] C:\WINNT\crgm32.exe
O4 - HKLM\..\RunOnce: [apiuo.exe] C:\WINNT\apiuo.exe
O4 - HKLM\..\RunOnce: [netzl32.exe] C:\WINNT\system32\netzl32.exe
O4 - HKLM\..\RunOnce: [addhw32.exe] C:\WINNT\system32\addhw32.exe
O4 - HKLM\..\RunOnce: [crmt32.exe] C:\WINNT\system32\crmt32.exe
O4 - HKLM\..\RunOnce: [netrv.exe] C:\WINNT\system32\netrv.exe
O4 - HKLM\..\RunOnce: [sdkco.exe] C:\WINNT\system32\sdkco.exe
O4 - HKLM\..\RunOnce: [mfcpq.exe] C:\WINNT\system32\mfcpq.exe
O4 - HKLM\..\RunOnce: [ippd32.exe] C:\WINNT\ippd32.exe
O4 - HKLM\..\RunOnce: [appug32.exe] C:\WINNT\appug32.exe
O4 - HKLM\..\RunOnce: [mfchk.exe] C:\WINNT\mfchk.exe
O4 - HKLM\..\RunOnce: [sysme32.exe] C:\WINNT\sysme32.exe
O4 - HKLM\..\RunOnce: [appft.exe] C:\WINNT\appft.exe
O4 - HKLM\..\RunOnce: [addum32.exe] C:\WINNT\addum32.exe
O4 - HKLM\..\RunOnce: [ipeg32.exe] C:\WINNT\ipeg32.exe
O4 - HKLM\..\RunOnce: [addrj.exe] C:\WINNT\system32\addrj.exe
O4 - HKLM\..\RunOnce: [ipmw32.exe] C:\WINNT\ipmw32.exe
O4 - HKLM\..\RunOnce: [mfcqy.exe] C:\WINNT\mfcqy.exe
O4 - HKLM\..\RunOnce: [syswa32.exe] C:\WINNT\syswa32.exe
O4 - HKLM\..\RunOnce: [windi.exe] C:\WINNT\windi.exe
O4 - HKLM\..\RunOnce: [javajl32.exe] C:\WINNT\javajl32.exe
O4 - HKLM\..\RunOnce: [ieej.exe] C:\WINNT\system32\ieej.exe
O4 - HKLM\..\RunOnce: [sdkkl32.exe] C:\WINNT\system32\sdkkl32.exe
O4 - HKLM\..\RunOnce: [apiac32.exe] C:\WINNT\system32\apiac32.exe
O4 - HKLM\..\RunOnce: [winkd.exe] C:\WINNT\system32\winkd.exe
O4 - HKLM\..\RunOnce: [ietd32.exe] C:\WINNT\ietd32.exe
O4 - HKLM\..\RunOnce: [sdkyy.exe] C:\WINNT\system32\sdkyy.exe
O4 - HKLM\..\RunOnce: [ipgd.exe] C:\WINNT\system32\ipgd.exe
O4 - HKLM\..\RunOnce: [appzv.exe] C:\WINNT\appzv.exe
O4 - HKLM\..\RunOnce: [apiey.exe] C:\WINNT\system32\apiey.exe
O4 - HKLM\..\RunOnce: [d3ne32.exe] C:\WINNT\system32\d3ne32.exe
O4 - HKLM\..\RunOnce: [iets.exe] C:\WINNT\iets.exe
O4 - HKLM\..\RunOnce: [d3sr.exe] C:\WINNT\d3sr.exe
O4 - HKLM\..\RunOnce: [msps32.exe] C:\WINNT\system32\msps32.exe
O4 - HKLM\..\RunOnce: [adddi32.exe] C:\WINNT\adddi32.exe
O4 - HKLM\..\RunOnce: [sysgr32.exe] C:\WINNT\system32\sysgr32.exe
O4 - HKLM\..\RunOnce: [winrd.exe] C:\WINNT\system32\winrd.exe
O4 - HKLM\..\RunOnce: [d3qq.exe] C:\WINNT\d3qq.exe
O4 - HKLM\..\RunOnce: [ipvs32.exe] C:\WINNT\system32\ipvs32.exe
O4 - HKLM\..\RunOnce: [ntpd.exe] C:\WINNT\system32\ntpd.exe
O4 - HKLM\..\RunOnce: [atlux32.exe] C:\WINNT\atlux32.exe
O4 - HKLM\..\RunOnce: [d3lh.exe] C:\WINNT\d3lh.exe
O4 - HKLM\..\RunOnce: [ipyb32.exe] C:\WINNT\ipyb32.exe
O4 - HKLM\..\RunOnce: [appdm32.exe] C:\WINNT\appdm32.exe
O4 - HKLM\..\RunOnce: [ntyr.exe] C:\WINNT\ntyr.exe
O4 - HKLM\..\RunOnce: [iebb.exe] C:\WINNT\system32\iebb.exe
O4 - HKLM\..\RunOnce: [sdkhv32.exe] C:\WINNT\sdkhv32.exe
O4 - HKLM\..\RunOnce: [sdkar32.exe] C:\WINNT\system32\sdkar32.exe
O4 - HKLM\..\RunOnce: [mstp.exe] C:\WINNT\system32\mstp.exe
O4 - HKLM\..\RunOnce: [mfcob.exe] C:\WINNT\system32\mfcob.exe
O4 - HKLM\..\RunOnce: [appdi.exe] C:\WINNT\appdi.exe
O4 - HKLM\..\RunOnce: [msob32.exe] C:\WINNT\msob32.exe
O4 - HKLM\..\RunOnce: [iezu.exe] C:\WINNT\system32\iezu.exe
O4 - HKLM\..\RunOnce: [appdy32.exe] C:\WINNT\system32\appdy32.exe
O4 - HKLM\..\RunOnce: [winmz.exe] C:\WINNT\system32\winmz.exe
O4 - HKLM\..\RunOnce: [winsv32.exe] C:\WINNT\system32\winsv32.exe
O4 - HKLM\..\RunOnce: [winhk32.exe] C:\WINNT\winhk32.exe
O4 - HKLM\..\RunOnce: [javalo32.exe] C:\WINNT\system32\javalo32.exe
O4 - HKLM\..\RunOnce: [addga32.exe] C:\WINNT\addga32.exe
O4 - HKLM\..\RunOnce: [mfcte.exe] C:\WINNT\mfcte.exe
O4 - HKLM\..\RunOnce: [appuf32.exe] C:\WINNT\appuf32.exe
O4 - HKLM\..\RunOnce: [sdkdl.exe] C:\WINNT\sdkdl.exe
O4 - HKLM\..\RunOnce: [systa32.exe] C:\WINNT\system32\systa32.exe
O4 - HKLM\..\RunOnce: [atlrh.exe] C:\WINNT\system32\atlrh.exe
O4 - HKLM\..\RunOnce: [ipnl32.exe] C:\WINNT\ipnl32.exe
O4 - HKLM\..\RunOnce: [mfcwm.exe] C:\WINNT\system32\mfcwm.exe
O4 - HKLM\..\RunOnce: [apikj32.exe] C:\WINNT\apikj32.exe
O4 - HKLM\..\RunOnce: [mfcqf32.exe] C:\WINNT\system32\mfcqf32.exe
O4 - HKLM\..\RunOnce: [iezt.exe] C:\WINNT\iezt.exe
O4 - HKLM\..\RunOnce: [ntad32.exe] C:\WINNT\ntad32.exe
O4 - HKLM\..\RunOnce: [netem32.exe] C:\WINNT\system32\netem32.exe
O4 - HKLM\..\RunOnce: [winjg32.exe] C:\WINNT\system32\winjg32.exe
O4 - HKLM\..\RunOnce: [croj.exe] C:\WINNT\croj.exe
O4 - HKLM\..\RunOnce: [mfczo.exe] C:\WINNT\mfczo.exe
O4 - HKLM\..\RunOnce: [appxr32.exe] C:\WINNT\appxr32.exe
O4 - HKLM\..\RunOnce: [ntkm32.exe] C:\WINNT\ntkm32.exe
O4 - HKLM\..\RunOnce: [apilz32.exe] C:\WINNT\apilz32.exe
O4 - HKLM\..\RunOnce: [d3pj32.exe] C:\WINNT\system32\d3pj32.exe
O4 - HKLM\..\RunOnce: [mfcyv.exe] C:\WINNT\system32\mfcyv.exe
O4 - HKLM\..\RunOnce: [javabp.exe] C:\WINNT\javabp.exe
O4 - HKLM\..\RunOnce: [winut32.exe] C:\WINNT\system32\winut32.exe
O4 - HKLM\..\RunOnce: [crzn.exe] C:\WINNT\system32\crzn.exe
O4 - HKLM\..\RunOnce: [iprw.exe] C:\WINNT\iprw.exe
O4 - HKLM\..\RunOnce: [javaxw.exe] C:\WINNT\system32\javaxw.exe
O4 - HKLM\..\RunOnce: [mfcem32.exe] C:\WINNT\system32\mfcem32.exe
O4 - HKLM\..\RunOnce: [javaiw32.exe] C:\WINNT\system32\javaiw32.exe
O4 - HKLM\..\RunOnce: [mfcoy.exe] C:\WINNT\mfcoy.exe
O4 - HKLM\..\RunOnce: [d3ij.exe] C:\WINNT\d3ij.exe
O4 - HKLM\..\RunOnce: [mfcij32.exe] C:\WINNT\system32\mfcij32.exe
O4 - HKLM\..\RunOnce: [sdkag.exe] C:\WINNT\sdkag.exe
O4 - HKLM\..\RunOnce: [ipvl.exe] C:\WINNT\ipvl.exe
O4 - HKLM\..\RunOnce: [msup32.exe] C:\WINNT\msup32.exe
O4 - HKLM\..\RunOnce: [appdp32.exe] C:\WINNT\system32\appdp32.exe
O4 - HKLM\..\RunOnce: [appyh.exe] C:\WINNT\appyh.exe
O4 - HKLM\..\RunOnce: [d3lb32.exe] C:\WINNT\system32\d3lb32.exe
O4 - HKLM\..\RunOnce: [sysno.exe] C:\WINNT\system32\sysno.exe
O4 - HKLM\..\RunOnce: [appaq.exe] C:\WINNT\appaq.exe
O4 - HKLM\..\RunOnce: [d3oa.exe] C:\WINNT\system32\d3oa.exe
O4 - HKLM\..\RunOnce: [ipud32.exe] C:\WINNT\system32\ipud32.exe
O4 - HKLM\..\RunOnce: [javazh32.exe] C:\WINNT\system32\javazh32.exe
O4 - HKLM\..\RunOnce: [mfcmb.exe] C:\WINNT\system32\mfcmb.exe
O4 - HKLM\..\RunOnce: [crht.exe] C:\WINNT\crht.exe
O4 - HKLM\..\RunOnce: [mfcur32.exe] C:\WINNT\mfcur32.exe
O4 - HKLM\..\RunOnce: [iepg32.exe] C:\WINNT\system32\iepg32.exe
O4 - HKLM\..\RunOnce: [apica32.exe] C:\WINNT\system32\apica32.exe
O4 - HKLM\..\RunOnce: [sysqc32.exe] C:\WINNT\sysqc32.exe
O4 - HKLM\..\RunOnce: [sdkvw.exe] C:\WINNT\sdkvw.exe
O4 - HKLM\..\RunOnce: [ipqk.exe] C:\WINNT\system32\ipqk.exe
O4 - HKLM\..\RunOnce: [appve32.exe] C:\WINNT\system32\appve32.exe
O4 - HKLM\..\RunOnce: [appsn.exe] C:\WINNT\appsn.exe
O4 - HKLM\..\RunOnce: [addge32.exe] C:\WINNT\system32\addge32.exe
O4 - HKLM\..\RunOnce: [d3lg.exe] C:\WINNT\d3lg.exe
O4 - HKLM\..\RunOnce: [winqi.exe] C:\WINNT\winqi.exe
O4 - HKLM\..\RunOnce: [appkr.exe] C:\WINNT\system32\appkr.exe
O4 - HKLM\..\RunOnce: [addyo.exe] C:\WINNT\addyo.exe
O4 - HKLM\..\RunOnce: [iplu.exe] C:\WINNT\system32\iplu.exe
O4 - HKLM\..\RunOnce: [ipzq.exe] C:\WINNT\ipzq.exe
O4 - HKLM\..\RunOnce: [ntzw32.exe] C:\WINNT\ntzw32.exe
O4 - HKLM\..\RunOnce: [crea.exe] C:\WINNT\system32\crea.exe
O4 - HKLM\..\RunOnce: [javanb32.exe] C:\WINNT\javanb32.exe
O4 - HKLM\..\RunOnce: [sdkbx32.exe] C:\WINNT\system32\sdkbx32.exe
O4 - HKLM\..\RunOnce: [mfcgu32.exe] C:\WINNT\system32\mfcgu32.exe
O4 - HKLM\..\RunOnce: [javabf32.exe] C:\WINNT\system32\javabf32.exe
O4 - HKLM\..\RunOnce: [msgk.exe] C:\WINNT\msgk.exe
O4 - HKLM\..\RunOnce: [d3ok32.exe] C:\WINNT\system32\d3ok32.exe
O4 - HKLM\..\RunOnce: [crdh32.exe] C:\WINNT\crdh32.exe
O4 - HKLM\..\RunOnce: [winnf.exe] C:\WINNT\system32\winnf.exe
O4 - HKLM\..\RunOnce: [mfcxg.exe] C:\WINNT\mfcxg.exe
O4 - HKLM\..\RunOnce: [msxg32.exe] C:\WINNT\msxg32.exe
O4 - HKLM\..\RunOnce: [mfcld32.exe] C:\WINNT\system32\mfcld32.exe
O4 - HKLM\..\RunOnce: [msld32.exe] C:\WINNT\system32\msld32.exe
O4 - HKLM\..\RunOnce: [atlgp32.exe] C:\WINNT\system32\atlgp32.exe
O4 - HKLM\..\RunOnce: [apiut32.exe] C:\WINNT\system32\apiut32.exe
O4 - HKLM\..\RunOnce: [mfciq.exe] C:\WINNT\mfciq.exe
O4 - HKLM\..\RunOnce: [apion.exe] C:\WINNT\apion.exe
O4 - HKLM\..\RunOnce: [ietj.exe] C:\WINNT\ietj.exe
O4 - HKLM\..\RunOnce: [msqe32.exe] C:\WINNT\system32\msqe32.exe
O4 - HKLM\..\RunOnce: [netqm32.exe] C:\WINNT\netqm32.exe
O4 - HKLM\..\RunOnce: [d3ly32.exe] C:\WINNT\system32\d3ly32.exe
O4 - HKLM\..\RunOnce: [sysqc.exe] C:\WINNT\sysqc.exe
O4 - HKLM\..\RunOnce: [iezc32.exe] C:\WINNT\system32\iezc32.exe
O4 - HKLM\..\RunOnce: [msnz.exe] C:\WINNT\msnz.exe
O4 - HKLM\..\RunOnce: [ietw.exe] C:\WINNT\system32\ietw.exe
O4 - HKLM\..\RunOnce: [ipzs.exe] C:\WINNT\ipzs.exe
O4 - HKLM\..\RunOnce: [syste.exe] C:\WINNT\system32\syste.exe
O4 - HKLM\..\RunOnce: [d3it.exe] C:\WINNT\system32\d3it.exe
O4 - HKLM\..\RunOnce: [iptm32.exe] C:\WINNT\system32\iptm32.exe
O4 - HKLM\..\RunOnce: [crrt32.exe] C:\WINNT\crrt32.exe
O4 - HKLM\..\RunOnce: [sdkmx.exe] C:\WINNT\sdkmx.exe
O4 - HKLM\..\RunOnce: [ipqg.exe] C:\WINNT\system32\ipqg.exe
O4 - HKLM\..\RunOnce: [crmk32.exe] C:\WINNT\system32\crmk32.exe
O4 - HKLM\..\RunOnce: [ntvl.exe] C:\WINNT\system32\ntvl.exe
O4 - HKLM\..\RunOnce: [sdkji32.exe] C:\WINNT\system32\sdkji32.exe
O4 - HKLM\..\RunOnce: [javajn32.exe] C:\WINNT\system32\javajn32.exe
O4 - HKLM\..\RunOnce: [msos.exe] C:\WINNT\msos.exe
O4 - HKLM\..\RunOnce: [crxs32.exe] C:\WINNT\system32\crxs32.exe
O4 - HKLM\..\RunOnce: [crlp.exe] C:\WINNT\crlp.exe
O4 - HKLM\..\RunOnce: [mslc.exe] C:\WINNT\system32\mslc.exe
O4 - HKLM\..\RunOnce: [javaak.exe] C:\WINNT\system32\javaak.exe
O4 - HKLM\..\RunOnce: [netld32.exe] C:\WINNT\netld32.exe
O4 - HKLM\..\RunOnce: [ipew32.exe] C:\WINNT\system32\ipew32.exe
O4 - HKLM\..\RunOnce: [addjs32.exe] C:\WINNT\system32\addjs32.exe
O4 - HKLM\..\RunOnce: [ntee.exe] C:\WINNT\ntee.exe
O4 - HKLM\..\RunOnce: [d3dz32.exe] C:\WINNT\d3dz32.exe
O4 - HKLM\..\RunOnce: [msch32.exe] C:\WINNT\msch32.exe
O4 - HKLM\..\RunOnce: [appmi32.exe] C:\WINNT\system32\appmi32.exe
O4 - HKLM\..\RunOnce: [javaui.exe] C:\WINNT\javaui.exe
O4 - HKLM\..\RunOnce: [ipqu.exe] C:\WINNT\system32\ipqu.exe
O4 - HKLM\..\RunOnce: [msfj32.exe] C:\WINNT\msfj32.exe
O4 - HKLM\..\RunOnce: [crjs.exe] C:\WINNT\system32\crjs.exe
O4 - HKLM\..\RunOnce: [nettl32.exe] C:\WINNT\system32\nettl32.exe
O4 - HKLM\..\RunOnce: [ipnw32.exe] C:\WINNT\ipnw32.exe
O4 - HKLM\..\RunOnce: [apprb32.exe] C:\WINNT\apprb32.exe
O4 - HKLM\..\RunOnce: [ntmm.exe] C:\WINNT\ntmm.exe
O4 - HKLM\..\RunOnce: [syswt32.exe] C:\WINNT\syswt32.exe
O4 - HKLM\..\RunOnce: [appax.exe] C:\WINNT\system32\appax.exe
O4 - HKLM\..\RunOnce: [addjx.exe] C:\WINNT\addjx.exe
O4 - HKLM\..\RunOnce: [ipzm.exe] C:\WINNT\system32\ipzm.exe
O4 - HKLM\..\RunOnce: [sysyu32.exe] C:\WINNT\sysyu32.exe
O4 - HKLM\..\RunOnce: [addsf32.exe] C:\WINNT\addsf32.exe
O4 - HKLM\..\RunOnce: [crxc32.exe] C:\WINNT\system32\crxc32.exe
O4 - HKLM\..\RunOnce: [addsv.exe] C:\WINNT\addsv.exe
O4 - HKLM\..\RunOnce: [iewz32.exe] C:\WINNT\system32\iewz32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -noauth
O4 - Startup: Infotriever.lnk = C:\Program Files\Infotriever\Agent\infoclient.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:\winnt\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\winnt\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\winnt\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: RemindU - file://C:\Program Files\UpromiseRemindU\System\Temp\upromise_script0.htm
O8 - Extra context menu item: Similar Pages - res://c:\winnt\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\winnt\GoogleToolbar3.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: RemindU - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\UpromiseRemindU\System\Temp\upromise_script0.htm (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://intecatl-tm1...ll/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupIniCtrl Class) - https://intecatl-tm1...ll/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://intecatl-tm1...stall/setup.cab
O16 - DPF: {2646205B-878C-11D1-B07C-0000C040BCDB} (NSIEMisc Class) - file://D:\autorun\x86\bin\nskey.dll
O16 - DPF: {2F824F9A-F14B-4847-83DE-616D7B589CD0} (Viair Address Book Importer) - https://nextel.wirel...s/addrbook2.cab
O16 - DPF: {36E4E9BC-4D0C-41B4-90C9-37AFDBFAAD3C} (InforbitHelper Class) - http://download.info...in/ifhelper.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://lnmail4.disc...com/iNotes6.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://intecatl-tm1.../RemoveCtrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1119099520849
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://beta.update.m...b?1105900262919
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zone...ctor/WebSWK.cab
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.h...edsolutions.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://intec-teleco...bex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = git.compgen.com
O17 - HKLM\Software\..\Telephony: DomainName = git.compgen.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = git.compgen.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = git.compgen.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = git.compgen.com
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINNT\sdkqh32.exe" /s (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Symantec Ghost Client Agent (NGClient) - Symantec Corporation - C:\Program Files\Symantec\Ghost\ngctw32.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

Safe Mode Log:
Logfile of HijackThis v1.99.1
Scan saved at 10:35:18 PM, on 7/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink...ton/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {72085DA9-16A5-2559-FF6E-7850AC2CD288} - C:\WINNT\system32\d3oa.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\winnt\googletoolbar3.dll
O2 - BHO: Class - {AB907937-2DB7-35D2-D1EB-CA15F16A8F82} - C:\WINNT\system32\sysgr32.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\winnt\googletoolbar3.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [CPortPatch] C:\WINNT\DockQuickInstall\cppch.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINNT\System32\DSentry.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IEXPLORE.EXE] C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - HKLM\..\Run: [iekz.exe] C:\WINNT\system32\iekz.exe
O4 - HKLM\..\Run: [ntcg32.exe] C:\WINNT\ntcg32.exe
O4 - HKLM\..\Run: [d3qe32.exe] C:\WINNT\d3qe32.exe
O4 - HKLM\..\Run: [javafx32.exe] C:\WINNT\javafx32.exe
O4 - HKLM\..\RunOnce: [sdkqh32.exe] C:\WINNT\sdkqh32.exe
O4 - HKLM\..\RunOnce: [ipmi.exe] C:\WINNT\ipmi.exe
O4 - HKLM\..\RunOnce: [atllu32.exe] C:\WINNT\system32\atllu32.exe
O4 - HKLM\..\RunOnce: [nettn.exe] C:\WINNT\nettn.exe
O4 - HKLM\..\RunOnce: [addpv32.exe] C:\WINNT\system32\addpv32.exe
O4 - HKLM\..\RunOnce: [sdkyz32.exe] C:\WINNT\sdkyz32.exe
O4 - HKLM\..\RunOnce: [syskh32.exe] C:\WINNT\syskh32.exe
O4 - HKLM\..\RunOnce: [msja.exe] C:\WINNT\msja.exe
O4 - HKLM\..\RunOnce: [apirq.exe] C:\WINNT\system32\apirq.exe
O4 - HKLM\..\RunOnce: [msmc.exe] C:\WINNT\system32\msmc.exe
O4 - HKLM\..\RunOnce: [ipwy32.exe] C:\WINNT\ipwy32.exe
O4 - HKLM\..\RunOnce: [apitc.exe] C:\WINNT\system32\apitc.exe
O4 - HKLM\..\RunOnce: [sdkkp32.exe] C:\WINNT\system32\sdkkp32.exe
O4 - HKLM\..\RunOnce: [crem32.exe] C:\WINNT\system32\crem32.exe
O4 - HKLM\..\RunOnce: [netji.exe] C:\WINNT\netji.exe
O4 - HKLM\..\RunOnce: [javasy.exe] C:\WINNT\system32\javasy.exe
O4 - HKLM\..\RunOnce: [apiew.exe] C:\WINNT\apiew.exe
O4 - HKLM\..\RunOnce: [atllt.exe] C:\WINNT\atllt.exe
O4 - HKLM\..\RunOnce: [craw.exe] C:\WINNT\craw.exe
O4 - HKLM\..\RunOnce: [winyl.exe] C:\WINNT\winyl.exe
O4 - HKLM\..\RunOnce: [apphd32.exe] C:\WINNT\apphd32.exe
O4 - HKLM\..\RunOnce: [msxc.exe] C:\WINNT\msxc.exe
O4 - HKLM\..\RunOnce: [mfcer32.exe] C:\WINNT\mfcer32.exe
O4 - HKLM\..\RunOnce: [atldv32.exe] C:\WINNT\atldv32.exe
O4 - HKLM\..\RunOnce: [winid32.exe] C:\WINNT\system32\winid32.exe
O4 - HKLM\..\RunOnce: [apisu.exe] C:\WINNT\apisu.exe
O4 - HKLM\..\RunOnce: [appcc32.exe] C:\WINNT\appcc32.exe
O4 - HKLM\..\RunOnce: [crka.exe] C:\WINNT\crka.exe
O4 - HKLM\..\RunOnce: [ntuj32.exe] C:\WINNT\ntuj32.exe
O4 - HKLM\..\RunOnce: [ipje.exe] C:\WINNT\system32\ipje.exe
O4 - HKLM\..\RunOnce: [sdkcp32.exe] C:\WINNT\sdkcp32.exe
O4 - HKLM\..\RunOnce: [netmv32.exe] C:\WINNT\netmv32.exe
O4 - HKLM\..\RunOnce: [mfcbc32.exe] C:\WINNT\mfcbc32.exe
O4 - HKLM\..\RunOnce: [mfcst32.exe] C:\WINNT\system32\mfcst32.exe
O4 - HKLM\..\RunOnce: [sdkjg32.exe] C:\WINNT\sdkjg32.exe
O4 - HKLM\..\RunOnce: [ntps32.exe] C:\WINNT\system32\ntps32.exe
O4 - HKLM\..\RunOnce: [atlsk.exe] C:\WINNT\atlsk.exe
O4 - HKLM\..\RunOnce: [sysyy.exe] C:\WINNT\system32\sysyy.exe
O4 - HKLM\..\RunOnce: [winwe.exe] C:\WINNT\winwe.exe
O4 - HKLM\..\RunOnce: [netlt.exe] C:\WINNT\netlt.exe
O4 - HKLM\..\RunOnce: [winzo32.exe] C:\WINNT\system32\winzo32.exe
O4 - HKLM\..\RunOnce: [crws32.exe] C:\WINNT\system32\crws32.exe
O4 - HKLM\..\RunOnce: [atlzh.exe] C:\WINNT\atlzh.exe
O4 - HKLM\..\RunOnce: [syssy.exe] C:\WINNT\system32\syssy.exe
O4 - HKLM\..\RunOnce: [sdklx32.exe] C:\WINNT\sdklx32.exe
O4 - HKLM\..\RunOnce: [netag.exe] C:\WINNT\netag.exe
O4 - HKLM\..\RunOnce: [wingi32.exe] C:\WINNT\system32\wingi32.exe
O4 - HKLM\..\RunOnce: [crkf32.exe] C:\WINNT\system32\crkf32.exe
O4 - HKLM\..\RunOnce: [apiqz.exe] C:\WINNT\system32\apiqz.exe
O4 - HKLM\..\RunOnce: [mfctq32.exe] C:\WINNT\mfctq32.exe
O4 - HKLM\..\RunOnce: [mfcin32.exe] C:\WINNT\system32\mfcin32.exe
O4 - HKLM\..\RunOnce: [ienp.exe] C:\WINNT\system32\ienp.exe
O4 - HKLM\..\RunOnce: [nethb.exe] C:\WINNT\nethb.exe
O4 - HKLM\..\RunOnce: [ieck.exe] C:\WINNT\system32\ieck.exe
O4 - HKLM\..\RunOnce: [crgm32.exe] C:\WINNT\crgm32.exe
O4 - HKLM\..\RunOnce: [apiuo.exe] C:\WINNT\apiuo.exe
O4 - HKLM\..\RunOnce: [netzl32.exe] C:\WINNT\system32\netzl32.exe
O4 - HKLM\..\RunOnce: [addhw32.exe] C:\WINNT\system32\addhw32.exe
O4 - HKLM\..\RunOnce: [crmt32.exe] C:\WINNT\system32\crmt32.exe
O4 - HKLM\..\RunOnce: [netrv.exe] C:\WINNT\system32\netrv.exe
O4 - HKLM\..\RunOnce: [sdkco.exe] C:\WINNT\system32\sdkco.exe
O4 - HKLM\..\RunOnce: [mfcpq.exe] C:\WINNT\system32\mfcpq.exe
O4 - HKLM\..\RunOnce: [ippd32.exe] C:\WINNT\ippd32.exe
O4 - HKLM\..\RunOnce: [appug32.exe] C:\WINNT\appug32.exe
O4 - HKLM\..\RunOnce: [mfchk.exe] C:\WINNT\mfchk.exe
O4 - HKLM\..\RunOnce: [sysme32.exe] C:\WINNT\sysme32.exe
O4 - HKLM\..\RunOnce: [appft.exe] C:\WINNT\appft.exe
O4 - HKLM\..\RunOnce: [addum32.exe] C:\WINNT\addum32.exe
O4 - HKLM\..\RunOnce: [ipeg32.exe] C:\WINNT\ipeg32.exe
O4 - HKLM\..\RunOnce: [addrj.exe] C:\WINNT\system32\addrj.exe
O4 - HKLM\..\RunOnce: [ipmw32.exe] C:\WINNT\ipmw32.exe
O4 - HKLM\..\RunOnce: [mfcqy.exe] C:\WINNT\mfcqy.exe
O4 - HKLM\..\RunOnce: [syswa32.exe] C:\WINNT\syswa32.exe
O4 - HKLM\..\RunOnce: [windi.exe] C:\WINNT\windi.exe
O4 - HKLM\..\RunOnce: [javajl32.exe] C:\WINNT\javajl32.exe
O4 - HKLM\..\RunOnce: [ieej.exe] C:\WINNT\system32\ieej.exe
O4 - HKLM\..\RunOnce: [sdkkl32.exe] C:\WINNT\system32\sdkkl32.exe
O4 - HKLM\..\RunOnce: [apiac32.exe] C:\WINNT\system32\apiac32.exe
O4 - HKLM\..\RunOnce: [winkd.exe] C:\WINNT\system32\winkd.exe
O4 - HKLM\..\RunOnce: [ietd32.exe] C:\WINNT\ietd32.exe
O4 - HKLM\..\RunOnce: [sdkyy.exe] C:\WINNT\system32\sdkyy.exe
O4 - HKLM\..\RunOnce: [ipgd.exe] C:\WINNT\system32\ipgd.exe
O4 - HKLM\..\RunOnce: [appzv.exe] C:\WINNT\appzv.exe
O4 - HKLM\..\RunOnce: [apiey.exe] C:\WINNT\system32\apiey.exe
O4 - HKLM\..\RunOnce: [d3ne32.exe] C:\WINNT\system32\d3ne32.exe
O4 - HKLM\..\RunOnce: [iets.exe] C:\WINNT\iets.exe
O4 - HKLM\..\RunOnce: [d3sr.exe] C:\WINNT\d3sr.exe
O4 - HKLM\..\RunOnce: [msps32.exe] C:\WINNT\system32\msps32.exe
O4 - HKLM\..\RunOnce: [adddi32.exe] C:\WINNT\adddi32.exe
O4 - HKLM\..\RunOnce: [sysgr32.exe] C:\WINNT\system32\sysgr32.exe
O4 - HKLM\..\RunOnce: [winrd.exe] C:\WINNT\system32\winrd.exe
O4 - HKLM\..\RunOnce: [d3qq.exe] C:\WINNT\d3qq.exe
O4 - HKLM\..\RunOnce: [ipvs32.exe] C:\WINNT\system32\ipvs32.exe
O4 - HKLM\..\RunOnce: [ntpd.exe] C:\WINNT\system32\ntpd.exe
O4 - HKLM\..\RunOnce: [atlux32.exe] C:\WINNT\atlux32.exe
O4 - HKLM\..\RunOnce: [d3lh.exe] C:\WINNT\d3lh.exe
O4 - HKLM\..\RunOnce: [ipyb32.exe] C:\WINNT\ipyb32.exe
O4 - HKLM\..\RunOnce: [appdm32.exe] C:\WINNT\appdm32.exe
O4 - HKLM\..\RunOnce: [ntyr.exe] C:\WINNT\ntyr.exe
O4 - HKLM\..\RunOnce: [iebb.exe] C:\WINNT\system32\iebb.exe
O4 - HKLM\..\RunOnce: [sdkhv32.exe] C:\WINNT\sdkhv32.exe
O4 - HKLM\..\RunOnce: [sdkar32.exe] C:\WINNT\system32\sdkar32.exe
O4 - HKLM\..\RunOnce: [mstp.exe] C:\WINNT\system32\mstp.exe
O4 - HKLM\..\RunOnce: [mfcob.exe] C:\WINNT\system32\mfcob.exe
O4 - HKLM\..\RunOnce: [appdi.exe] C:\WINNT\appdi.exe
O4 - HKLM\..\RunOnce: [msob32.exe] C:\WINNT\msob32.exe
O4 - HKLM\..\RunOnce: [iezu.exe] C:\WINNT\system32\iezu.exe
O4 - HKLM\..\RunOnce: [appdy32.exe] C:\WINNT\system32\appdy32.exe
O4 - HKLM\..\RunOnce: [winmz.exe] C:\WINNT\system32\winmz.exe
O4 - HKLM\..\RunOnce: [winsv32.exe] C:\WINNT\system32\winsv32.exe
O4 - HKLM\..\RunOnce: [winhk32.exe] C:\WINNT\winhk32.exe
O4 - HKLM\..\RunOnce: [javalo32.exe] C:\WINNT\system32\javalo32.exe
O4 - HKLM\..\RunOnce: [addga32.exe] C:\WINNT\addga32.exe
O4 - HKLM\..\RunOnce: [mfcte.exe] C:\WINNT\mfcte.exe
O4 - HKLM\..\RunOnce: [appuf32.exe] C:\WINNT\appuf32.exe
O4 - HKLM\..\RunOnce: [sdkdl.exe] C:\WINNT\sdkdl.exe
O4 - HKLM\..\RunOnce: [systa32.exe] C:\WINNT\system32\systa32.exe
O4 - HKLM\..\RunOnce: [atlrh.exe] C:\WINNT\system32\atlrh.exe
O4 - HKLM\..\RunOnce: [ipnl32.exe] C:\WINNT\ipnl32.exe
O4 - HKLM\..\RunOnce: [mfcwm.exe] C:\WINNT\system32\mfcwm.exe
O4 - HKLM\..\RunOnce: [apikj32.exe] C:\WINNT\apikj32.exe
O4 - HKLM\..\RunOnce: [mfcqf32.exe] C:\WINNT\system32\mfcqf32.exe
O4 - HKLM\..\RunOnce: [iezt.exe] C:\WINNT\iezt.exe
O4 - HKLM\..\RunOnce: [ntad32.exe] C:\WINNT\ntad32.exe
O4 - HKLM\..\RunOnce: [netem32.exe] C:\WINNT\system32\netem32.exe
O4 - HKLM\..\RunOnce: [winjg32.exe] C:\WINNT\system32\winjg32.exe
O4 - HKLM\..\RunOnce: [croj.exe] C:\WINNT\croj.exe
O4 - HKLM\..\RunOnce: [mfczo.exe] C:\WINNT\mfczo.exe
O4 - HKLM\..\RunOnce: [appxr32.exe] C:\WINNT\appxr32.exe
O4 - HKLM\..\RunOnce: [ntkm32.exe] C:\WINNT\ntkm32.exe
O4 - HKLM\..\RunOnce: [apilz32.exe] C:\WINNT\apilz32.exe
O4 - HKLM\..\RunOnce: [d3pj32.exe] C:\WINNT\system32\d3pj32.exe
O4 - HKLM\..\RunOnce: [mfcyv.exe] C:\WINNT\system32\mfcyv.exe
O4 - HKLM\..\RunOnce: [javabp.exe] C:\WINNT\javabp.exe
O4 - HKLM\..\RunOnce: [winut32.exe] C:\WINNT\system32\winut32.exe
O4 - HKLM\..\RunOnce: [crzn.exe] C:\WINNT\system32\crzn.exe
O4 - HKLM\..\RunOnce: [iprw.exe] C:\WINNT\iprw.exe
O4 - HKLM\..\RunOnce: [javaxw.exe] C:\WINNT\javaxw.exe
O4 - HKLM\..\RunOnce: [mfcem32.exe] C:\WINNT\system32\mfcem32.exe
O4 - HKLM\..\RunOnce: [javaiw32.exe] C:\WINNT\system32\javaiw32.exe
O4 - HKLM\..\RunOnce: [mfcoy.exe] C:\WINNT\mfcoy.exe
O4 - HKLM\..\RunOnce: [d3ij.exe] C:\WINNT\d3ij.exe
O4 - HKLM\..\RunOnce: [mfcij32.exe] C:\WINNT\system32\mfcij32.exe
O4 - HKLM\..\RunOnce: [sdkag.exe] C:\WINNT\sdkag.exe
O4 - HKLM\..\RunOnce: [ipvl.exe] C:\WINNT\ipvl.exe
O4 - HKLM\..\RunOnce: [msup32.exe] C:\WINNT\msup32.exe
O4 - HKLM\..\RunOnce: [appdp32.exe] C:\WINNT\system32\appdp32.exe
O4 - HKLM\..\RunOnce: [appyh.exe] C:\WINNT\appyh.exe
O4 - HKLM\..\RunOnce: [d3lb32.exe] C:\WINNT\system32\d3lb32.exe
O4 - HKLM\..\RunOnce: [sysno.exe] C:\WINNT\system32\sysno.exe
O4 - HKLM\..\RunOnce: [appaq.exe] C:\WINNT\appaq.exe
O4 - HKLM\..\RunOnce: [d3oa.exe] C:\WINNT\system32\d3oa.exe
O4 - HKLM\..\RunOnce: [ipud32.exe] C:\WINNT\system32\ipud32.exe
O4 - HKLM\..\RunOnce: [javazh32.exe] C:\WINNT\system32\javazh32.exe
O4 - HKLM\..\RunOnce: [mfcmb.exe] C:\WINNT\system32\mfcmb.exe
O4 - HKLM\..\RunOnce: [crht.exe] C:\WINNT\crht.exe
O4 - HKLM\..\RunOnce: [mfcur32.exe] C:\WINNT\mfcur32.exe
O4 - HKLM\..\RunOnce: [iepg32.exe] C:\WINNT\system32\iepg32.exe
O4 - HKLM\..\RunOnce: [apica32.exe] C:\WINNT\system32\apica32.exe
O4 - HKLM\..\RunOnce: [sysqc32.exe] C:\WINNT\sysqc32.exe
O4 - HKLM\..\RunOnce: [sdkvw.exe] C:\WINNT\sdkvw.exe
O4 - HKLM\..\RunOnce: [ipqk.exe] C:\WINNT\system32\ipqk.exe
O4 - HKLM\..\RunOnce: [appve32.exe] C:\WINNT\system32\appve32.exe
O4 - HKLM\..\RunOnce: [appsn.exe] C:\WINNT\appsn.exe
O4 - HKLM\..\RunOnce: [addge32.exe] C:\WINNT\system32\addge32.exe
O4 - HKLM\..\RunOnce: [d3lg.exe] C:\WINNT\d3lg.exe
O4 - HKLM\..\RunOnce: [winqi.exe] C:\WINNT\winqi.exe
O4 - HKLM\..\RunOnce: [appkr.exe] C:\WINNT\system32\appkr.exe
O4 - HKLM\..\RunOnce: [addyo.exe] C:\WINNT\addyo.exe
O4 - HKLM\..\RunOnce: [iplu.exe] C:\WINNT\system32\iplu.exe
O4 - HKLM\..\RunOnce: [ipzq.exe] C:\WINNT\ipzq.exe
O4 - HKLM\..\RunOnce: [ntzw32.exe] C:\WINNT\ntzw32.exe
O4 - HKLM\..\RunOnce: [crea.exe] C:\WINNT\system32\crea.exe
O4 - HKLM\..\RunOnce: [javanb32.exe] C:\WINNT\javanb32.exe
O4 - HKLM\..\RunOnce: [sdkbx32.exe] C:\WINNT\system32\sdkbx32.exe
O4 - HKLM\..\RunOnce: [mfcgu32.exe] C:\WINNT\system32\mfcgu32.exe
O4 - HKLM\..\RunOnce: [javabf32.exe] C:\WINNT\system32\javabf32.exe
O4 - HKLM\..\RunOnce: [msgk.exe] C:\WINNT\msgk.exe
O4 - HKLM\..\RunOnce: [d3ok32.exe] C:\WINNT\system32\d3ok32.exe
O4 - HKLM\..\RunOnce: [crdh32.exe] C:\WINNT\crdh32.exe
O4 - HKLM\..\RunOnce: [winnf.exe] C:\WINNT\system32\winnf.exe
O4 - HKLM\..\RunOnce: [mfcxg.exe] C:\WINNT\mfcxg.exe
O4 - HKLM\..\RunOnce: [msxg32.exe] C:\WINNT\msxg32.exe
O4 - HKLM\..\RunOnce: [mfcld32.exe] C:\WINNT\system32\mfcld32.exe
O4 - HKLM\..\RunOnce: [msld32.exe] C:\WINNT\system32\msld32.exe
O4 - HKLM\..\RunOnce: [atlgp32.exe] C:\WINNT\system32\atlgp32.exe
O4 - HKLM\..\RunOnce: [apiut32.exe] C:\WINNT\system32\apiut32.exe
O4 - HKLM\..\RunOnce: [mfciq.exe] C:\WINNT\mfciq.exe
O4 - HKLM\..\RunOnce: [apion.exe] C:\WINNT\apion.exe
O4 - HKLM\..\RunOnce: [ietj.exe] C:\WINNT\ietj.exe
O4 - HKLM\..\RunOnce: [msqe32.exe] C:\WINNT\system32\msqe32.exe
O4 - HKLM\..\RunOnce: [netqm32.exe] C:\WINNT\netqm32.exe
O4 - HKLM\..\RunOnce: [d3ly32.exe] C:\WINNT\system32\d3ly32.exe
O4 - HKLM\..\RunOnce: [sysqc.exe] C:\WINNT\sysqc.exe
O4 - HKLM\..\RunOnce: [iezc32.exe] C:\WINNT\system32\iezc32.exe
O4 - HKLM\..\RunOnce: [msnz.exe] C:\WINNT\msnz.exe
O4 - HKLM\..\RunOnce: [ietw.exe] C:\WINNT\system32\ietw.exe
O4 - HKLM\..\RunOnce: [ipzs.exe] C:\WINNT\ipzs.exe
O4 - HKLM\..\RunOnce: [syste.exe] C:\WINNT\system32\syste.exe
O4 - HKLM\..\RunOnce: [d3it.exe] C:\WINNT\system32\d3it.exe
O4 - HKLM\..\RunOnce: [iptm32.exe] C:\WINNT\system32\iptm32.exe
O4 - HKLM\..\RunOnce: [crrt32.exe] C:\WINNT\crrt32.exe
O4 - HKLM\..\RunOnce: [sdkmx.exe] C:\WINNT\sdkmx.exe
O4 - HKLM\..\RunOnce: [ipqg.exe] C:\WINNT\system32\ipqg.exe
O4 - HKLM\..\RunOnce: [crmk32.exe] C:\WINNT\system32\crmk32.exe
O4 - HKLM\..\RunOnce: [ntvl.exe] C:\WINNT\system32\ntvl.exe
O4 - HKLM\..\RunOnce: [sdkji32.exe] C:\WINNT\system32\sdkji32.exe
O4 - HKLM\..\RunOnce: [javajn32.exe] C:\WINNT\system32\javajn32.exe
O4 - HKLM\..\RunOnce: [msos.exe] C:\WINNT\msos.exe
O4 - HKLM\..\RunOnce: [crxs32.exe] C:\WINNT\system32\crxs32.exe
O4 - HKLM\..\RunOnce: [crlp.exe] C:\WINNT\crlp.exe
O4 - HKLM\..\RunOnce: [mslc.exe] C:\WINNT\system32\mslc.exe
O4 - HKLM\..\RunOnce: [javaak.exe] C:\WINNT\system32\javaak.exe
O4 - HKLM\..\RunOnce: [netld32.exe] C:\WINNT\netld32.exe
O4 - HKLM\..\RunOnce: [ipew32.exe] C:\WINNT\system32\ipew32.exe
O4 - HKLM\..\RunOnce: [addjs32.exe] C:\WINNT\system32\addjs32.exe
O4 - HKLM\..\RunOnce: [ntee.exe] C:\WINNT\ntee.exe
O4 - HKLM\..\RunOnce: [d3dz32.exe] C:\WINNT\d3dz32.exe
O4 - HKLM\..\RunOnce: [msch32.exe] C:\WINNT\msch32.exe
O4 - HKLM\..\RunOnce: [appmi32.exe] C:\WINNT\system32\appmi32.exe
O4 - HKLM\..\RunOnce: [javaui.exe] C:\WINNT\javaui.exe
O4 - HKLM\..\RunOnce: [ipqu.exe] C:\WINNT\system32\ipqu.exe
O4 - HKLM\..\RunOnce: [msfj32.exe] C:\WINNT\msfj32.exe
O4 - HKLM\..\RunOnce: [crjs.exe] C:\WINNT\system32\crjs.exe
O4 - HKLM\..\RunOnce: [nettl32.exe] C:\WINNT\system32\nettl32.exe
O4 - HKLM\..\RunOnce: [ipnw32.exe] C:\WINNT\ipnw32.exe
O4 - HKLM\..\RunOnce: [apprb32.exe] C:\WINNT\apprb32.exe
O4 - HKLM\..\RunOnce: [ntmm.exe] C:\WINNT\ntmm.exe
O4 - HKLM\..\RunOnce: [syswt32.exe] C:\WINNT\syswt32.exe
O4 - HKLM\..\RunOnce: [appax.exe] C:\WINNT\system32\appax.exe
O4 - HKLM\..\RunOnce: [addjx.exe] C:\WINNT\addjx.exe
O4 - HKLM\..\RunOnce: [ipzm.exe] C:\WINNT\system32\ipzm.exe
O4 - HKLM\..\RunOnce: [sysyu32.exe] C:\WINNT\sysyu32.exe
O4 - HKLM\..\RunOnce: [addsf32.exe] C:\WINNT\addsf32.exe
O4 - HKLM\..\RunOnce: [crxc32.exe] C:\WINNT\system32\crxc32.exe
O4 - HKLM\..\RunOnce: [addsv.exe] C:\WINNT\addsv.exe
O4 - HKLM\..\RunOnce: [iewz32.exe] C:\WINNT\system32\iewz32.exe
O4 - HKLM\..\RunOnce: [javaup.exe] C:\WINNT\javaup.exe
O4 - HKLM\..\RunOnce: [sysyz.exe] C:\WINNT\system32\sysyz.exe
O4 - HKLM\..\RunOnce: [nted32.exe] C:\WINNT\nted32.exe
O4 - HKLM\..\RunOnce: [javaxo32.exe] C:\WINNT\system32\javaxo32.exe
O4 - HKLM\..\RunOnce: [mfccl32.exe] C:\WINNT\system32\mfccl32.exe
O4 - HKLM\..\RunOnce: [ipbi32.exe] C:\WINNT\ipbi32.exe
O4 - HKLM\..\RunOnce: [iees32.exe] C:\WINNT\system32\iees32.exe
O4 - HKLM\..\RunOnce: [addva.exe] C:\WINNT\system32\addva.exe
O4 - HKLM\..\RunOnce: [apize32.exe] C:\WINNT\apize32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -noauth
O4 - Startup: Infotriever.lnk = C:\Program Files\Infotriever\Agent\infoclient.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Go

Edited by jsfrey, 16 July 2005 - 09:16 PM.

  • 0

Advertisements

#2
jsfrey
Posted 18 July 2005 - 07:46 AM

jsfrey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
Hi,

Please help. My system is XP Pro SP2 I've looked at SmileyHoke's post and your fix. I haven't done anything but probe around, and it doesn't seem I have similar entries, as well, my windows directory is WINNT and I don't have any of the files you mention. I least the first two or three. Once I saw I don't appear to similar, I stopped pursuing.

I do have all the suggested programs loaded and ready to go.
  • 0

#3
jsfrey
Posted 19 July 2005 - 08:27 PM

jsfrey

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
Really need your help. Am travelling and when I booted, I thought I'd never get thyrough the complaints Ewido addressed.

Please help me
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP