Here are the scan Logs,
I did get a lot of error messages on re-start, "windows can not find *.exe" there were many of these with different file names.
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 10:27:52 AM, 22/07/2005
+ Report-Checksum: 107E5BEF
+ Scan result:
HKLM\SOFTWARE\180solutions -> Spyware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{05CFF62B-F8EF-A6A3-C2D8-0649EE07F197} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0661C16F-8ED8-1431-8A0B-2C95C6994589} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0AD1A770-F33D-516E-A6BD-A3AEB8568EAC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1082088A-E784-5093-F9A0-07E5588FA67C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{109FCEAD-8C5C-5B76-3BB3-A646D2B52C93} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{12130DCB-3DF4-96EC-27B9-61E0D766F680} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1486290A-90C1-388F-ADC8-6BFAA6B057E8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1714A690-3BE3-3C63-D05D-B9E2E19A88A3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{18BDB348-E8B0-D5A4-55F2-74FD4CB49A69} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1E920882-80EF-BD61-DBBD-0847C13D1197} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1F46E851-7EAF-1A9B-E6B4-CCA46BD7BB86} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1F6A3B74-3D40-4D48-4D55-E3A0A8029CC2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1F846F72-8833-7B85-FBF7-B2D81D30AB82} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{211D33BE-B506-603A-E0C1-E50E4D62779F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{25742C0F-DC0D-F5DC-55DE-C66285AA22AB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2621D1BF-0A92-2D9C-E595-02A9C3F76F46} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{286ECE71-3F17-089B-F6BD-0E16D255AE8A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2AC8EC43-EAE7-F7BD-2B63-7DE1FF58C69F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{36846EB6-C1B1-A145-B3CE-F5740FA22FF8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3684B1D1-C737-AA3A-00B8-83FE7FF3C058} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{36A41F9E-B433-C078-89AE-486D2624C972} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3A1550DD-FD7B-8D6E-989A-49A66DF1433F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3B9E0A95-3EBA-124F-52D1-033C73734625} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3E8AEA49-2882-96D1-D4B0-D1EA3E4EEFD2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4822A81B-A35C-81CA-4B1E-595C44DF3F5E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4904C579-9366-3B77-3148-9401DBD4A5AA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4A210C09-C3AE-D36C-3EC5-0D7723985463} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4AD64CAF-CC40-779E-C47E-E23705C41C75} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4B3176F0-E32F-B010-C0D8-65FC118C3716} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4F8E9FA5-37E2-683E-E18D-19AC6697532D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{52343DBF-CF46-B3EA-81BB-8A3DCB6B9A64} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5C2B2D9C-60FC-5F4C-5894-68EB7DFA3935} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5DA6CA48-7D98-BC0B-40EF-22AC6558668A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5F32646E-6D3E-257C-2369-EFD1A3A012F8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5F574346-A206-D78A-7149-4C709D5204A4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{61682029-A490-5C49-D9FD-682FB2DA97AF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{62B52B4D-547B-BFC7-9850-79709FDECF27} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{67D02480-710B-80D7-0624-27BB57B32CDE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{69C2D4B0-CE91-AAB5-0BB5-4F75B848492D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6D3DF846-86BE-A81E-C69E-5A1818F8E929} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{71476230-0B89-E69D-D223-279F989C21BB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{714C2287-DB2D-3514-4785-8EC21BA5C5F1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{72071605-48F5-CC68-B374-2CDDF451F27F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{76321C6A-B800-93A4-24BB-B1F318D2A8E0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{763FC5CF-92D8-A8BE-597E-1C53C8D18D56} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{786A41BB-009D-DD27-EA3E-15DCD01EC75C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7904D3DD-22E5-C0C1-0648-E66A3897E380} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7DA446BF-5485-78F9-CC9A-2A02C93519E4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{818D123D-B7CF-1169-DD32-2310AD262479} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{85F1C7FC-7359-D6D5-C42B-F3E410DB4CAD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{877DBFE0-6233-B1C4-8252-A4475BCF6DD2} -> Spyware.CoolWebSearch : Cleaned with backup
Logfile of HijackThis v1.99.1
Scan saved at 10:28:27 AM, on 22/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\cbhiq.dll/sp.html#14044
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\cbhiq.dll/sp.html#14044
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\cbhiq.dll/sp.html#14044
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\cbhiq.dll/sp.html#14044
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\cbhiq.dll/sp.html#14044
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\cbhiq.dll/sp.html#14044
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\cbhiq.dll/sp.html#14044
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://www.coolnet.ab.ca/R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {65518F0E-6F20-A94E-4B12-DBCBCE4D00AD} - C:\WINDOWS\apigr32.dll (file missing)
O2 - BHO: Class - {81B81988-0B92-CDBD-621E-176F486E2127} - C:\WINDOWS\crlt.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [winiv.exe] C:\WINDOWS\system32\winiv.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\RunOnce: [ipzr32.exe] C:\WINDOWS\ipzr32.exe
O4 - HKLM\..\RunOnce: [addpa.exe] C:\WINDOWS\system32\addpa.exe
O4 - HKLM\..\RunOnce: [appfc.exe] C:\WINDOWS\system32\appfc.exe
O4 - HKLM\..\RunOnce: [sdkhs.exe] C:\WINDOWS\sdkhs.exe
O4 - HKLM\..\RunOnce: [mfcmn.exe] C:\WINDOWS\system32\mfcmn.exe
O4 - HKLM\..\RunOnce: [mfcgg32.exe] C:\WINDOWS\mfcgg32.exe
O4 - HKLM\..\RunOnce: [iela.exe] C:\WINDOWS\system32\iela.exe
O4 - HKLM\..\RunOnce: [iezz32.exe] C:\WINDOWS\iezz32.exe
O4 - HKLM\..\RunOnce: [ntft.exe] C:\WINDOWS\ntft.exe
O4 - HKLM\..\RunOnce: [ipox32.exe] C:\WINDOWS\system32\ipox32.exe
O4 - HKLM\..\RunOnce: [crsb.exe] C:\WINDOWS\crsb.exe
O4 - HKLM\..\RunOnce: [sysjj32.exe] C:\WINDOWS\sysjj32.exe
O4 - HKLM\..\RunOnce: [syshl.exe] C:\WINDOWS\syshl.exe
O4 - HKLM\..\RunOnce: [mssh32.exe] C:\WINDOWS\system32\mssh32.exe
O4 - HKLM\..\RunOnce: [ntxb.exe] C:\WINDOWS\system32\ntxb.exe
O4 - HKLM\..\RunOnce: [crci.exe] C:\WINDOWS\crci.exe
O4 - HKLM\..\RunOnce: [apihk32.exe] C:\WINDOWS\system32\apihk32.exe
O4 - HKLM\..\RunOnce: [atlkn.exe] C:\WINDOWS\system32\atlkn.exe
O4 - HKLM\..\RunOnce: [iepq.exe] C:\WINDOWS\iepq.exe
O4 - HKLM\..\RunOnce: [netkz32.exe] C:\WINDOWS\netkz32.exe
O4 - HKLM\..\RunOnce: [netpq32.exe] C:\WINDOWS\netpq32.exe
O4 - HKLM\..\RunOnce: [addus.exe] C:\WINDOWS\system32\addus.exe
O4 - HKLM\..\RunOnce: [winds32.exe] C:\WINDOWS\winds32.exe
O4 - HKLM\..\RunOnce: [javajm.exe] C:\WINDOWS\javajm.exe
O4 - HKLM\..\RunOnce: [ipmy.exe] C:\WINDOWS\system32\ipmy.exe
O4 - HKLM\..\RunOnce: [addss32.exe] C:\WINDOWS\addss32.exe
O4 - HKLM\..\RunOnce: [syskz32.exe] C:\WINDOWS\syskz32.exe
O4 - HKLM\..\RunOnce: [atlfx.exe] C:\WINDOWS\atlfx.exe
O4 - HKLM\..\RunOnce: [mslz.exe] C:\WINDOWS\mslz.exe
O4 - HKLM\..\RunOnce: [sdklx32.exe] C:\WINDOWS\sdklx32.exe
O4 - HKLM\..\RunOnce: [ntzk.exe] C:\WINDOWS\system32\ntzk.exe
O4 - HKLM\..\RunOnce: [appme32.exe] C:\WINDOWS\appme32.exe
O4 - HKLM\..\RunOnce: [addne.exe] C:\WINDOWS\system32\addne.exe
O4 - HKLM\..\RunOnce: [crsg32.exe] C:\WINDOWS\system32\crsg32.exe
O4 - HKLM\..\RunOnce: [msrq32.exe] C:\WINDOWS\msrq32.exe
O4 - HKLM\..\RunOnce: [ntwk32.exe] C:\WINDOWS\ntwk32.exe
O4 - HKLM\..\RunOnce: [crbp.exe] C:\WINDOWS\crbp.exe
O4 - HKLM\..\RunOnce: [crus32.exe] C:\WINDOWS\system32\crus32.exe
O4 - HKLM\..\RunOnce: [mfcpr.exe] C:\WINDOWS\system32\mfcpr.exe
O4 - HKLM\..\RunOnce: [cryx32.exe] C:\WINDOWS\system32\cryx32.exe
O4 - HKLM\..\RunOnce: [ieyb32.exe] C:\WINDOWS\system32\ieyb32.exe
O4 - HKLM\..\RunOnce: [javabr.exe] C:\WINDOWS\system32\javabr.exe
O4 - HKLM\..\RunOnce: [apigl.exe] C:\WINDOWS\system32\apigl.exe
O4 - HKLM\..\RunOnce: [ntwt32.exe] C:\WINDOWS\system32\ntwt32.exe
O4 - HKLM\..\RunOnce: [atlkv.exe] C:\WINDOWS\atlkv.exe
O4 - HKLM\..\RunOnce: [sdkai32.exe] C:\WINDOWS\system32\sdkai32.exe
O4 - HKLM\..\RunOnce: [netif.exe] C:\WINDOWS\system32\netif.exe
O4 - HKLM\..\RunOnce: [apiyv.exe] C:\WINDOWS\apiyv.exe
O4 - HKLM\..\RunOnce: [sysep.exe] C:\WINDOWS\sysep.exe
O4 - HKLM\..\RunOnce: [d3th.exe] C:\WINDOWS\system32\d3th.exe
O4 - HKLM\..\RunOnce: [sdkiw.exe] C:\WINDOWS\system32\sdkiw.exe
O4 - HKLM\..\RunOnce: [apisp.exe] C:\WINDOWS\system32\apisp.exe
O4 - HKLM\..\RunOnce: [windh32.exe] C:\WINDOWS\windh32.exe
O4 - HKLM\..\RunOnce: [addwt32.exe] C:\WINDOWS\system32\addwt32.exe
O4 - HKLM\..\RunOnce: [netgr.exe] C:\WINDOWS\netgr.exe
O4 - HKLM\..\RunOnce: [javars32.exe] C:\WINDOWS\system32\javars32.exe
O4 - HKLM\..\RunOnce: [mspz.exe] C:\WINDOWS\system32\mspz.exe
O4 - HKLM\..\RunOnce: [applv32.exe] C:\WINDOWS\applv32.exe
O4 - HKLM\..\RunOnce: [sysve.exe] C:\WINDOWS\system32\sysve.exe
O4 - HKLM\..\RunOnce: [winis32.exe] C:\WINDOWS\winis32.exe
O4 - HKLM\..\RunOnce: [syspp32.exe] C:\WINDOWS\system32\syspp32.exe
O4 - HKLM\..\RunOnce: [javauu32.exe] C:\WINDOWS\system32\javauu32.exe
O4 - HKLM\..\RunOnce: [winxf32.exe] C:\WINDOWS\system32\winxf32.exe
O4 - HKLM\..\RunOnce: [atlbk.exe] C:\WINDOWS\atlbk.exe
O4 - HKLM\..\RunOnce: [appck32.exe] C:\WINDOWS\system32\appck32.exe
O4 - HKLM\..\RunOnce: [addrh32.exe] C:\WINDOWS\addrh32.exe
O4 - HKLM\..\RunOnce: [crwd32.exe] C:\WINDOWS\crwd32.exe
O4 - HKLM\..\RunOnce: [appzp32.exe] C:\WINDOWS\appzp32.exe
O4 - HKLM\..\RunOnce: [apidt.exe] C:\WINDOWS\system32\apidt.exe
O4 - HKLM\..\RunOnce: [atlet32.exe] C:\WINDOWS\atlet32.exe
O4 - HKLM\..\RunOnce: [atltq32.exe] C:\WINDOWS\system32\atltq32.exe
O4 - HKLM\..\RunOnce: [msxn.exe] C:\WINDOWS\system32\msxn.exe
O4 - HKLM\..\RunOnce: [javabz.exe] C:\WINDOWS\system32\javabz.exe
O4 - HKLM\..\RunOnce: [sysro32.exe] C:\WINDOWS\sysro32.exe
O4 - HKLM\..\RunOnce: [atlhv32.exe] C:\WINDOWS\atlhv32.exe
O4 - HKLM\..\RunOnce: [addkh.exe] C:\WINDOWS\addkh.exe
O4 - HKLM\..\RunOnce: [netor.exe] C:\WINDOWS\system32\netor.exe
O4 - HKLM\..\RunOnce: [sysun32.exe] C:\WINDOWS\sysun32.exe
O4 - HKLM\..\RunOnce: [addng32.exe] C:\WINDOWS\system32\addng32.exe
O4 - HKLM\..\RunOnce: [crsd32.exe] C:\WINDOWS\system32\crsd32.exe
O4 - HKLM\..\RunOnce: [addno.exe] C:\WINDOWS\addno.exe
O4 - HKLM\..\RunOnce: [winwp.exe] C:\WINDOWS\system32\winwp.exe
O4 - HKLM\..\RunOnce: [netlm32.exe] C:\WINDOWS\netlm32.exe
O4 - HKLM\..\RunOnce: [sdkbt32.exe] C:\WINDOWS\sdkbt32.exe
O4 - HKLM\..\RunOnce: [ipfx.exe] C:\WINDOWS\system32\ipfx.exe
O4 - HKLM\..\RunOnce: [appen32.exe] C:\WINDOWS\system32\appen32.exe
O4 - HKLM\..\RunOnce: [ieuc32.exe] C:\WINDOWS\ieuc32.exe
O4 - HKLM\..\RunOnce: [sysck.exe] C:\WINDOWS\sysck.exe
O4 - HKLM\..\RunOnce: [mscl.exe] C:\WINDOWS\mscl.exe
O4 - HKLM\..\RunOnce: [atlsi32.exe] C:\WINDOWS\atlsi32.exe
O4 - HKLM\..\RunOnce: [netqp32.exe] C:\WINDOWS\netqp32.exe
O4 - HKLM\..\RunOnce: [mfclt.exe] C:\WINDOWS\mfclt.exe
O4 - HKLM\..\RunOnce: [syskj32.exe] C:\WINDOWS\syskj32.exe
O4 - HKLM\..\RunOnce: [cray32.exe] C:\WINDOWS\system32\cray32.exe
O4 - HKLM\..\RunOnce: [d3ig.exe] C:\WINDOWS\system32\d3ig.exe
O4 - HKLM\..\RunOnce: [javajg.exe] C:\WINDOWS\javajg.exe
O4 - HKLM\..\RunOnce: [winyd.exe] C:\WINDOWS\system32\winyd.exe
O4 - HKLM\..\RunOnce: [msol32.exe] C:\WINDOWS\system32\msol32.exe
O4 - HKLM\..\RunOnce: [syshe.exe] C:\WINDOWS\syshe.exe
O4 - HKLM\..\RunOnce: [msqc.exe] C:\WINDOWS\msqc.exe
O4 - HKLM\..\RunOnce: [ntps32.exe] C:\WINDOWS\ntps32.exe
O4 - HKLM\..\RunOnce: [mfcgh32.exe] C:\WINDOWS\system32\mfcgh32.exe
O4 - HKLM\..\RunOnce: [apinp.exe] C:\WINDOWS\system32\apinp.exe
O4 - HKLM\..\RunOnce: [atlop.exe] C:\WINDOWS\atlop.exe
O4 - HKLM\..\RunOnce: [sdkde32.exe] C:\WINDOWS\system32\sdkde32.exe
O4 - HKLM\..\RunOnce: [mscu32.exe] C:\WINDOWS\system32\mscu32.exe
O4 - HKLM\..\RunOnce: [crxy.exe] C:\WINDOWS\crxy.exe
O4 - HKLM\..\RunOnce: [apiwn32.exe] C:\WINDOWS\system32\apiwn32.exe
O4 - HKLM\..\RunOnce: [addud32.exe] C:\WINDOWS\addud32.exe
O4 - HKLM\..\RunOnce: [appul.exe] C:\WINDOWS\appul.exe
O4 - HKLM\..\RunOnce: [addvl.exe] C:\WINDOWS\system32\addvl.exe
O4 - HKLM\..\RunOnce: [netsa.exe] C:\WINDOWS\netsa.exe
O4 - HKLM\..\RunOnce: [atlhp.exe] C:\WINDOWS\atlhp.exe
O4 - HKLM\..\RunOnce: [syssi32.exe] C:\WINDOWS\system32\syssi32.exe
O4 - HKLM\..\RunOnce: [windb32.exe] C:\WINDOWS\windb32.exe
O4 - HKLM\..\RunOnce: [javaiy32.exe] C:\WINDOWS\javaiy32.exe
O4 - HKLM\..\RunOnce: [addlj.exe] C:\WINDOWS\addlj.exe
O4 - HKLM\..\RunOnce: [mspn32.exe] C:\WINDOWS\system32\mspn32.exe
O4 - HKLM\..\RunOnce: [crzu.exe] C:\WINDOWS\system32\crzu.exe
O4 - HKLM\..\RunOnce: [javaau.exe] C:\WINDOWS\system32\javaau.exe
O4 - HKLM\..\RunOnce: [sysxj32.exe] C:\WINDOWS\sysxj32.exe
O4 - HKLM\..\RunOnce: [atlnr32.exe] C:\WINDOWS\system32\atlnr32.exe
O4 - HKLM\..\RunOnce: [addjc.exe] C:\WINDOWS\system32\addjc.exe
O4 - HKLM\..\RunOnce: [cris32.exe] C:\WINDOWS\system32\cris32.exe
O4 - HKLM\..\RunOnce: [ipga.exe] C:\WINDOWS\ipga.exe
O4 - HKLM\..\RunOnce: [appfp32.exe] C:\WINDOWS\appfp32.exe
O4 - HKLM\..\RunOnce: [ievf32.exe] C:\WINDOWS\system32\ievf32.exe
O4 - HKLM\..\RunOnce: [sysdn32.exe] C:\WINDOWS\system32\sysdn32.exe
O4 - HKLM\..\RunOnce: [atlen32.exe] C:\WINDOWS\system32\atlen32.exe
O4 - HKLM\..\RunOnce: [d3mv.exe] C:\WINDOWS\d3mv.exe
O4 - HKLM\..\RunOnce: [ntiz.exe] C:\WINDOWS\ntiz.exe
O4 - HKLM\..\RunOnce: [iegx32.exe] C:\WINDOWS\system32\iegx32.exe
O4 - HKLM\..\RunOnce: [appwe32.exe] C:\WINDOWS\system32\appwe32.exe
O4 - HKLM\..\RunOnce: [winri.exe] C:\WINDOWS\system32\winri.exe
O4 - HKLM\..\RunOnce: [javaqx32.exe] C:\WINDOWS\system32\javaqx32.exe
O4 - HKLM\..\RunOnce: [neton32.exe] C:\WINDOWS\neton32.exe
O4 - HKLM\..\RunOnce: [ipov.exe] C:\WINDOWS\ipov.exe
O4 - HKLM\..\RunOnce: [netxv.exe] C:\WINDOWS\system32\netxv.exe
O4 - HKLM\..\RunOnce: [crkj32.exe] C:\WINDOWS\system32\crkj32.exe
O4 - HKLM\..\RunOnce: [winmb32.exe] C:\WINDOWS\winmb32.exe
O4 - HKLM\..\RunOnce: [ntuj.exe] C:\WINDOWS\system32\ntuj.exe
O4 - HKLM\..\RunOnce: [apipv.exe] C:\WINDOWS\apipv.exe
O4 - HKLM\..\RunOnce: [crnl32.exe] C:\WINDOWS\system32\crnl32.exe
O4 - HKLM\..\RunOnce: [ieds32.exe] C:\WINDOWS\system32\ieds32.exe
O4 - HKLM\..\RunOnce: [d3yw.exe] C:\WINDOWS\d3yw.exe
O4 - HKLM\..\RunOnce: [sdkci.exe] C:\WINDOWS\system32\sdkci.exe
O4 - HKLM\..\RunOnce: [ierx32.exe] C:\WINDOWS\ierx32.exe
O4 - HKLM\..\RunOnce: [appie.exe] C:\WINDOWS\appie.exe
O4 - HKLM\..\RunOnce: [netmi32.exe] C:\WINDOWS\system32\netmi32.exe
O4 - HKLM\..\RunOnce: [atlvj.exe] C:\WINDOWS\system32\atlvj.exe
O4 - HKLM\..\RunOnce: [mfcbf32.exe] C:\WINDOWS\system32\mfcbf32.exe
O4 - HKLM\..\RunOnce: [atlpc32.exe] C:\WINDOWS\atlpc32.exe
O4 - HKLM\..\RunOnce: [ieuz32.exe] C:\WINDOWS\ieuz32.exe
O4 - HKLM\..\RunOnce: [mfcxk32.exe] C:\WINDOWS\mfcxk32.exe
O4 - HKLM\..\RunOnce: [ipcp.exe] C:\WINDOWS\system32\ipcp.exe
O4 - HKLM\..\RunOnce: [netdx32.exe] C:\WINDOWS\netdx32.exe
O4 - HKLM\..\RunOnce: [apirm32.exe] C:\WINDOWS\system32\apirm32.exe
O4 - HKLM\..\RunOnce: [winwq32.exe] C:\WINDOWS\system32\winwq32.exe
O4 - HKLM\..\RunOnce: [netrc32.exe] C:\WINDOWS\system32\netrc32.exe
O4 - HKLM\..\RunOnce: [sdkeg.exe] C:\WINDOWS\sdkeg.exe
O4 - HKLM\..\RunOnce: [ntfg32.exe] C:\WINDOWS\system32\ntfg32.exe
O4 - HKLM\..\RunOnce: [iptd.exe] C:\WINDOWS\iptd.exe
O4 - HKLM\..\RunOnce: [ntzs.exe] C:\WINDOWS\ntzs.exe
O4 - HKLM\..\RunOnce: [addmw.exe] C:\WINDOWS\addmw.exe
O4 - HKLM\..\RunOnce: [sdkhi.exe] C:\WINDOWS\sdkhi.exe
O4 - HKLM\..\RunOnce: [netwp.exe] C:\WINDOWS\netwp.exe
O4 - HKLM\..\RunOnce: [d3mk.exe] C:\WINDOWS\d3mk.exe
O4 - HKLM\..\RunOnce: [javavk32.exe] C:\WINDOWS\javavk32.exe
O4 - HKLM\..\RunOnce: [appns.exe] C:\WINDOWS\appns.exe
O4 - HKLM\..\RunOnce: [javaoq32.exe] C:\WINDOWS\system32\javaoq32.exe
O4 - HKLM\..\RunOnce: [atlxu.exe] C:\WINDOWS\atlxu.exe
O4 - HKLM\..\RunOnce: [javabh32.exe] C:\WINDOWS\javabh32.exe
O4 - HKLM\..\RunOnce: [mfcgd32.exe] C:\WINDOWS\mfcgd32.exe
O4 - HKLM\..\RunOnce: [iptg32.exe] C:\WINDOWS\system32\iptg32.exe
O4 - HKLM\..\RunOnce: [crjp32.exe] C:\WINDOWS\system32\crjp32.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
https://support.dell...iler/SysPro.CABO16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) -
http://www.streamaud...d/ccpm_0237.cabO16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://www.support....ActiveX/odc.cabO16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -
http://bin.mcafee.co...81/mcinsctl.cabO16 - DPF: {A27AD582-5BE5-4C2D-82F0-48B24FE02040} -
http://www.adshooter...00/SYSsfitb.cabO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://bin.mcafee.co...,19/mcgdmgr.cabO20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\ipzr32.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)