Could Someone assist me?

Status
Not open for further replies.
A

Andross

Beta member
Messages
2
Hello.
I was gone over the weekend and I left my computer un attended to my younger sibling. Now that I am back my computer is running really choppy, unwanted popups (I have popup blocker on google toolbar, and with popup stopper pro). I have ran SpyBot & Ad-Aware Pro, but they do not seem to get rid of this stuff.

I also have an unwanted toolbar and startpage for internet explorer that I cannot get rid of.

I posted my HiJackThis log file on here hoping maybe someone could be of some assistance in my situtation.

I appreciate your time, effort, and any suggestions you guys may/may not have for me.

Thank you again.

Sincerely,
Andross


Logfile of HijackThis v1.99.1
Scan saved at 1:09:34 AM, on 8/16/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\APIEB32.EXE
C:\WINDOWS\SYSTEM\SYSBS.EXE
C:\WINDOWS\SYSTEM\MFCLQ32.EXE
C:\WINDOWS\SYSTEM\NTZO32.EXE
C:\WINDOWS\APPUV32.EXE
C:\WINDOWS\SYSTEM\MFCQN32.EXE
C:\WINDOWS\SYSTEM\SYSCQ.EXE
C:\WINDOWS\CRMD.EXE
C:\WINDOWS\SYSTEM\NTNF32.EXE
C:\WINDOWS\SYSTEM\ATLVR32.EXE
C:\WINDOWS\SYSTEM\APPHE.EXE
C:\WINDOWS\SYSTEM\JAVALE32.EXE
C:\WINDOWS\APIJE32.EXE
C:\WINDOWS\SYSTEM\ATLAM.EXE
C:\WINDOWS\SYSTEM\SDKDU.EXE
C:\WINDOWS\SYSTEM\IEFF32.EXE
C:\WINDOWS\SYSTEM\MSJS32.EXE
C:\WINDOWS\SYSTEM\SDKNY32.EXE
C:\WINDOWS\SYSTEM\SDKPI32.EXE
C:\WINDOWS\SYSTEM\ADDWC32.EXE
C:\WINDOWS\SYSTEM\NETFP32.EXE
C:\WINDOWS\ADDPI.EXE
C:\WINDOWS\SYSTEM\JAVADC.EXE
C:\WINDOWS\SDKXM32.EXE
C:\WINDOWS\SYSTEM\MFCMH32.EXE
C:\WINDOWS\SYSTEM\D3EH.EXE
C:\WINDOWS\SYSTEM\MSJF.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\JAVAFH32.EXE
C:\WINDOWS\ETB\POKAPOKA63.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\APIJE32.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\SOFTWARE\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Class - {C5EA03C9-5E7C-3BB6-855D-C09FB9DA8FA7} - C:\WINDOWS\NTZZ.DLL
O2 - BHO: Class - {2CEC5DEF-D6CC-DBD7-C764-39AD2B491794} - C:\WINDOWS\SYSTEM\SDKLU32.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [DJRegFix] regedit /s c:\hp\djregfix.reg
O4 - HKLM\..\Run: [HPLogiFinder] \WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb02.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [JAVAFH32.EXE] C:\WINDOWS\SYSTEM\JAVAFH32.EXE
O4 - HKLM\..\Run: [System service63] C:\WINDOWS\ETB\POKAPOKA63.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [APIVL.EXE] C:\WINDOWS\SYSTEM\APIVL.EXE /s
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [APIEB32.EXE] C:\WINDOWS\APIEB32.EXE /s
O4 - HKLM\..\RunServices: [SYSBS.EXE] C:\WINDOWS\SYSTEM\SYSBS.EXE /s
O4 - HKLM\..\RunServices: [MFCLQ32.EXE] C:\WINDOWS\SYSTEM\MFCLQ32.EXE /s
O4 - HKLM\..\RunServices: [NTZO32.EXE] C:\WINDOWS\SYSTEM\NTZO32.EXE /s
O4 - HKLM\..\RunServices: [APPUV32.EXE] C:\WINDOWS\APPUV32.EXE /s
O4 - HKLM\..\RunServices: [MFCQN32.EXE] C:\WINDOWS\SYSTEM\MFCQN32.EXE /s
O4 - HKLM\..\RunServices: [SYSCQ.EXE] C:\WINDOWS\SYSTEM\SYSCQ.EXE /s
O4 - HKLM\..\RunServices: [CRMD.EXE] C:\WINDOWS\CRMD.EXE /s
O4 - HKLM\..\RunServices: [NTNF32.EXE] C:\WINDOWS\SYSTEM\NTNF32.EXE /s
O4 - HKLM\..\RunServices: [ATLVR32.EXE] C:\WINDOWS\SYSTEM\ATLVR32.EXE /s
O4 - HKLM\..\RunServices: [APPHE.EXE] C:\WINDOWS\SYSTEM\APPHE.EXE /s
O4 - HKLM\..\RunServices: [JAVALE32.EXE] C:\WINDOWS\SYSTEM\JAVALE32.EXE /s
O4 - HKLM\..\RunServices: [APIJE32.EXE] C:\WINDOWS\APIJE32.EXE /s
O4 - HKLM\..\RunServices: [ATLAM.EXE] C:\WINDOWS\SYSTEM\ATLAM.EXE /s
O4 - HKLM\..\RunServices: [SDKDU.EXE] C:\WINDOWS\SYSTEM\SDKDU.EXE /s
O4 - HKLM\..\RunServices: [IEFF32.EXE] C:\WINDOWS\SYSTEM\IEFF32.EXE /s
O4 - HKLM\..\RunServices: [MSJS32.EXE] C:\WINDOWS\SYSTEM\MSJS32.EXE /s
O4 - HKLM\..\RunServices: [SDKNY32.EXE] C:\WINDOWS\SYSTEM\SDKNY32.EXE /s
O4 - HKLM\..\RunServices: [SDKPI32.EXE] C:\WINDOWS\SYSTEM\SDKPI32.EXE /s
O4 - HKLM\..\RunServices: [ADDWC32.EXE] C:\WINDOWS\SYSTEM\ADDWC32.EXE /s
O4 - HKLM\..\RunServices: [NETFP32.EXE] C:\WINDOWS\SYSTEM\NETFP32.EXE /s
O4 - HKLM\..\RunServices: [ADDPI.EXE] C:\WINDOWS\ADDPI.EXE /s
O4 - HKLM\..\RunServices: [JAVADC.EXE] C:\WINDOWS\SYSTEM\JAVADC.EXE /s
O4 - HKLM\..\RunServices: [SDKXM32.EXE] C:\WINDOWS\SDKXM32.EXE /s
O4 - HKLM\..\RunServices: [MFCMH32.EXE] C:\WINDOWS\SYSTEM\MFCMH32.EXE /s
O4 - HKLM\..\RunServices: [D3EH.EXE] C:\WINDOWS\SYSTEM\D3EH.EXE /s
O4 - HKLM\..\RunServices: [MSJF.EXE] C:\WINDOWS\SYSTEM\MSJF.EXE /s
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,910,0
 
Alright, first thing's first. I have no experiance in HiJack This logs, but I know for damn sure you have ALOT of running processes.
Suggestion's:
~Did you update the scanner's before you scanned?
~Internet Explorer allows ALOT of malware on you computer. I personally and alot of other people around here use Firefox, Avant or Opera.
www.getfirefox.com
www.opera.com
www.avantbrowser.com/download.html
~1. Defrag try O&O or diskeeper, or even the default windows one.
~2. Delete your prefetch folder every few months.. mycomputer>c>windows>prefetch (delete whats IN it)
~3. You should have bout 512 ram for Windows XP.
~4. Do not have an OVERLY crowded desktop. (icon wise)
((((Exert from http://www.techist.com/showthread.php?threadid=53623
))))
===========================================
Your younger simbling probably downloaded alot of stuff on your comp that definitly doesn't need to be there which were probably infected with virus's and trojan's and such, so I am also going to recomend AVG Free Anti-Virus scanner and Avast anti virus which both are probably two of the top five best AV's in the world at the moment and there FFRREEEEE :D :D :D :D :D
====
http://www.majorgeeks.com/download1968.html --- avast
http://www.majorgeeks.com/download886.html ---avg

-~-Static
 
yes, also run cdshredder and also use firefox, also spywareblaster and adware SE personnel, you should always have more than just one spyware program.

also how many running processes do you have, use msconfig to lower the amount of stuff you have running at start up.
 
^ I think it's cwshredder ^

you've actually got a LOT of spyware
remove the ones in bold

Logfile of HijackThis v1.99.1
Scan saved at 1:09:34 AM, on 8/16/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL - there shouldn't be one in C:\Windows\System, only in System32
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\APIEB32.EXE
C:\WINDOWS\SYSTEM\SYSBS.EXE
C:\WINDOWS\SYSTEM\MFCLQ32.EXE
C:\WINDOWS\SYSTEM\NTZO32.EXE
C:\WINDOWS\APPUV32.EXE
C:\WINDOWS\SYSTEM\MFCQN32.EXE
C:\WINDOWS\SYSTEM\SYSCQ.EXE
C:\WINDOWS\CRMD.EXE
C:\WINDOWS\SYSTEM\NTNF32.EXE
C:\WINDOWS\SYSTEM\ATLVR32.EXE
C:\WINDOWS\SYSTEM\APPHE.EXE
C:\WINDOWS\SYSTEM\JAVALE32.EXE
C:\WINDOWS\APIJE32.EXE
C:\WINDOWS\SYSTEM\ATLAM.EXE
C:\WINDOWS\SYSTEM\SDKDU.EXE
C:\WINDOWS\SYSTEM\IEFF32.EXE
C:\WINDOWS\SYSTEM\MSJS32.EXE
C:\WINDOWS\SYSTEM\SDKNY32.EXE
C:\WINDOWS\SYSTEM\SDKPI32.EXE
C:\WINDOWS\SYSTEM\ADDWC32.EXE
C:\WINDOWS\SYSTEM\NETFP32.EXE
C:\WINDOWS\ADDPI.EXE
C:\WINDOWS\SYSTEM\JAVADC.EXE
C:\WINDOWS\SDKXM32.EXE
C:\WINDOWS\SYSTEM\MFCMH32.EXE
C:\WINDOWS\SYSTEM\D3EH.EXE
C:\WINDOWS\SYSTEM\MSJF.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\JAVAFH32.EXE
C:\WINDOWS\ETB\POKAPOKA63.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\APIJE32.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\SOFTWARE\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ubfoh.dll/sp.html#37049
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Class - {C5EA03C9-5E7C-3BB6-855D-C09FB9DA8FA7} - C:\WINDOWS\NTZZ.DLL
O2 - BHO: Class - {2CEC5DEF-D6CC-DBD7-C764-39AD2B491794} - C:\WINDOWS\SYSTEM\SDKLU32.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Delay] C:\WINDOWS\delayrun.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [DJRegFix] regedit /s c:\hp\djregfix.reg
O4 - HKLM\..\Run: [HPLogiFinder] \WINDOWS\OPTIONS\CABS\LOGITECH\HP_FINDER.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb02.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [JAVAFH32.EXE] C:\WINDOWS\SYSTEM\JAVAFH32.EXE
O4 - HKLM\..\Run: [System service63] C:\WINDOWS\ETB\POKAPOKA63.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [APIVL.EXE] C:\WINDOWS\SYSTEM\APIVL.EXE /s
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [APIEB32.EXE] C:\WINDOWS\APIEB32.EXE /s
O4 - HKLM\..\RunServices: [SYSBS.EXE] C:\WINDOWS\SYSTEM\SYSBS.EXE /s
O4 - HKLM\..\RunServices: [MFCLQ32.EXE] C:\WINDOWS\SYSTEM\MFCLQ32.EXE /s
O4 - HKLM\..\RunServices: [NTZO32.EXE] C:\WINDOWS\SYSTEM\NTZO32.EXE /s
O4 - HKLM\..\RunServices: [APPUV32.EXE] C:\WINDOWS\APPUV32.EXE /s
O4 - HKLM\..\RunServices: [MFCQN32.EXE] C:\WINDOWS\SYSTEM\MFCQN32.EXE /s
O4 - HKLM\..\RunServices: [SYSCQ.EXE] C:\WINDOWS\SYSTEM\SYSCQ.EXE /s
O4 - HKLM\..\RunServices: [CRMD.EXE] C:\WINDOWS\CRMD.EXE /s
O4 - HKLM\..\RunServices: [NTNF32.EXE] C:\WINDOWS\SYSTEM\NTNF32.EXE /s
O4 - HKLM\..\RunServices: [ATLVR32.EXE] C:\WINDOWS\SYSTEM\ATLVR32.EXE /s
O4 - HKLM\..\RunServices: [APPHE.EXE] C:\WINDOWS\SYSTEM\APPHE.EXE /s
O4 - HKLM\..\RunServices: [JAVALE32.EXE] C:\WINDOWS\SYSTEM\JAVALE32.EXE /s
O4 - HKLM\..\RunServices: [APIJE32.EXE] C:\WINDOWS\APIJE32.EXE /s
O4 - HKLM\..\RunServices: [ATLAM.EXE] C:\WINDOWS\SYSTEM\ATLAM.EXE /s
O4 - HKLM\..\RunServices: [SDKDU.EXE] C:\WINDOWS\SYSTEM\SDKDU.EXE /s
O4 - HKLM\..\RunServices: [IEFF32.EXE] C:\WINDOWS\SYSTEM\IEFF32.EXE /s
O4 - HKLM\..\RunServices: [MSJS32.EXE] C:\WINDOWS\SYSTEM\MSJS32.EXE /s
O4 - HKLM\..\RunServices: [SDKNY32.EXE] C:\WINDOWS\SYSTEM\SDKNY32.EXE /s
O4 - HKLM\..\RunServices: [SDKPI32.EXE] C:\WINDOWS\SYSTEM\SDKPI32.EXE /s
O4 - HKLM\..\RunServices: [ADDWC32.EXE] C:\WINDOWS\SYSTEM\ADDWC32.EXE /s
O4 - HKLM\..\RunServices: [NETFP32.EXE] C:\WINDOWS\SYSTEM\NETFP32.EXE /s
O4 - HKLM\..\RunServices: [ADDPI.EXE] C:\WINDOWS\ADDPI.EXE /s
O4 - HKLM\..\RunServices: [JAVADC.EXE] C:\WINDOWS\SYSTEM\JAVADC.EXE /s
O4 - HKLM\..\RunServices: [SDKXM32.EXE] C:\WINDOWS\SDKXM32.EXE /s
O4 - HKLM\..\RunServices: [MFCMH32.EXE] C:\WINDOWS\SYSTEM\MFCMH32.EXE /s
O4 - HKLM\..\RunServices: [D3EH.EXE] C:\WINDOWS\SYSTEM\D3EH.EXE /s
O4 - HKLM\..\RunServices: [MSJF.EXE] C:\WINDOWS\SYSTEM\MSJF.EXE /s
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER PROFESSIONAL\POPUPSTOPPERPROFESSIONAL.EXE"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/M....cab?10,0,910,0
 
ya I spell alot of things wrong only because i type really fast with only 2 fingers.

But Most people google it and find it anyways.
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
H
HP laptop review, HP 17-by3063st
Replies
1
Views
3K
tehnokraat
T
C
Hacked by malware
2
Replies
10
Views
8K
PP Mguire
PP Mguire
Back
Top Bottom