i dont see a program called corel draw no 
in the startup folder either.
in the startup folder either.
-
Please click the link below for your operating system to download the TSG SysInfo Utility. Click on "Save File" then double-click the file to run it. Copy and paste the report in your initial post. Windows 7 and later (downloads a file named tsginfo.exe) | Windows XP (downloads a file named SysInfo.exe)
missing shortcut?
When I reboot the pc it has many popups that say missing shortcut error.
some of these are:
meroz5.ink
01bunyeu.ink
dnxv34uz.ink
I looked this up, they are some kinda graphics file. I also found them in startup folder. So I deleted them, and when I reboot they are back.
Also when I hit control alt delete....they are in my task manager running?
I have Win ME, plz help if this is familiar problem!
some of these are:
meroz5.ink
01bunyeu.ink
dnxv34uz.ink
I looked this up, they are some kinda graphics file. I also found them in startup folder. So I deleted them, and when I reboot they are back.
Also when I hit control alt delete....they are in my task manager running?
I have Win ME, plz help if this is familiar problem!
- Status
- Not open for further replies.
1 - 20 of 34 Posts
i just want them gone!
i tried reinstalling windows with no success.
there is a program called MS Picture it 2000, And inside it there is an option to choose pictures and Corel draw is in the list, but not on the pc.
My mother had this pc and I think maybe she deleted Corel Draw, is this possible?
My mother had this pc and I think maybe she deleted Corel Draw, is this possible?
well i cant find them anywhere else but in startup, so i remove them to recycle bin and delete. But they come back. Did I mention they are in task manager as if they were a running application? as well as other things i dont recognize like atiupdate5, winoldap, sysalert, loader, starter and many many of these ink files that are in startup.
i think ati is for video and the desktop background she has is looking funny, blurry. but that is another problem i guess.
i did a search for these on c and found the actual app file. in C/windows, so i deleted them, but some that i searched for did not have an application file just 2 shortcuts.
now i am getting this lovely blue screen, fatal exception.
yes i rebooted and i dont see them no.....but there are still 10 or so that come up
as well as 2 windows....one says update and another ontop of it says status, but nothing in the window just the header.
WGEWNA63
T2D3G05V
E79L74LK
MORZE5
OVEDKM3Z....some of these are listed twice and at startup they have .ink for extension.
T2D3G05V
E79L74LK
MORZE5
OVEDKM3Z....some of these are listed twice and at startup they have .ink for extension.
that was just a few....there are 20 or more.
the ones that i searched for on c and found an app file, i deleted. they are now gone
but there are many that do not come up with an app file just shortcuts. and yes they are in the startup folder.
but there are many that do not come up with an app file just shortcuts. and yes they are in the startup folder.
yes....they say .ink at startup
ok I have run a program called Stop sign threat scanner and it has found many many things....trojan flood, backdoor irc agent. and many other spyware threats. So I am going to attempt to format this hd. I have doen this once before and with success, so wish me luck. Think you very much for yur help Longhair. Much appreciated!
Also I am curious if copieing favorites to a diskette will infect the pc after a format? Since they are simply url adresses i am not sure?
Also I am curious if copieing favorites to a diskette will infect the pc after a format? Since they are simply url adresses i am not sure?
i am now trying to format, i ran fdisk and trying to delete primary partition it says....could not change partition because disk could not be locked??? help plz
ok here it is
Logfile of HijackThis v1.97.7
Scan saved at 11:01:51 PM, on 4/4/04
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\R_SERVER.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WINLOGIN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDREGA.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\BARGAIN BUDDY\BIN2\BARGAINS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\HIJACK THIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchenhancement.com/searchbar/iev1.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchenhancement.com/searchbar/iev1.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\PROGRAM FILES\SCBAR\V2\SCBAR.DLL
O2 - BHO: (no name) - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6} - C:\PROGRAM FILES\ACCELERATION SOFTWARE\STOPSIGN\WEBCBROWSE.DLL
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\CALSDR.DLL
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\TWAINTEC.DLL
O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\BI.DLL
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\PROGRA~1\BARGAI~1\BIN2\APUC.DLL
O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - C:\PROGRAM FILES\SCBAR\V2\SCBAR.DLL
O2 - BHO: (no name) - {00000762-3965-4A1A-98CE-3D4BF457D4C8} - C:\PROGRAM FILES\LYCOS\SIDESEARCH\SIDESEARCH13218.DLL
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [WebScan] C:\PROGRAM FILES\ACCELERATION SOFTWARE\ANTI-VIRUS\DEFSCANGUI.EXE -k
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] c:\windows\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [EanthologyApp] C:\PROGRA~1\COMMON~1\EACCEL~1\EANTHO~1.EXE /b Startup
O4 - HKLM\..\Run: [Windows Logon] WINLOGIN.EXE
O4 - HKLM\..\Run: [ClrSchLoader] \Progra~1\Lycos\IEagent\Loader.exe
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\SYSTEM\MSBB.EXE
O4 - HKLM\..\Run: [Bargains] C:\Program Files\Bargain Buddy\bin2\bargains.exe
O4 - HKLM\..\Run: [duz] C:\WINDOWS\duz.exe
O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [eanth_critical_update_alert] "C:\PROGRAM FILES\ACCELERATION SOFTWARE\SYSTEMPATCHER\SYS_ALERT.EXE" /Startup
O4 - HKLM\..\Run: [SearchEnhancement] "C:\PROGRAM FILES\SCBAR\V2\SCBAR.EXE" /U
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [DDREGA] C:\WINDOWS\SYSTEM\DDREGA.exe
O4 - HKLM\..\Run: [E43K2I69.EXE] C:\WINDOWS\E43K2I69.EXE /dk
O4 - HKLM\..\RunServices: [r_server] C:\WINDOWS\SYSTEM\R_SERVER.EXE /service
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKCU\..\Run: [E43K2I69.EXE] C:\WINDOWS\E43K2I69.EXE /dk
O4 - HKCU\..\RunOnce: [Windows Logon] WINLOGIN.EXE
O4 - Startup: YT3EUQLI.lnk = C:\WINDOWS\yt3euqli.exe
O4 - Startup: ONOMX60U.lnk = C:\WINDOWS\onomx60u.exe
O4 - Startup: M5WJHPMF.lnk = C:\WINDOWS\m5wjhpmf.exe
O4 - Startup: T0AAL52H.lnk = C:\WINDOWS\t0aal52h.exe
O4 - Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
O4 - Startup: 02XBIU4W.lnk = C:\WINDOWS\02xbiu4w.exe
O4 - Startup: FIHVXDPT.lnk = C:\WINDOWS\fihvxdpt.exe
O4 - Startup: 66U3H0QW.lnk = C:\WINDOWS\66u3h0qw.exe
O4 - Startup: QAQIFQCF.lnk = C:\WINDOWS\qaqifqcf.exe
O4 - Startup: DB3P63BX.lnk = C:\WINDOWS\db3p63bx.exe
O4 - Startup: E43K2I69.lnk = C:\WINDOWS\e43k2i69.exe
O4 - Global Startup: T0AAL52H.lnk = C:\WINDOWS\t0aal52h.exe
O4 - Global Startup: YT3EUQLI.lnk = C:\WINDOWS\yt3euqli.exe
O4 - Global Startup: ONOMX60U.lnk = C:\WINDOWS\onomx60u.exe
O4 - Global Startup: M5WJHPMF.lnk = C:\WINDOWS\m5wjhpmf.exe
O4 - Global Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
O4 - Global Startup: 02XBIU4W.lnk = C:\WINDOWS\02xbiu4w.exe
O4 - Global Startup: FIHVXDPT.lnk = C:\WINDOWS\fihvxdpt.exe
O4 - Global Startup: 66U3H0QW.lnk = C:\WINDOWS\66u3h0qw.exe
O4 - Global Startup: QAQIFQCF.lnk = C:\WINDOWS\qaqifqcf.exe
O4 - Global Startup: DB3P63BX.lnk = C:\WINDOWS\db3p63bx.exe
O4 - Global Startup: E43K2I69.lnk = C:\WINDOWS\e43k2i69.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra 'Tools' menuitem: Block This Page (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Sidesearch (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Logfile of HijackThis v1.97.7
Scan saved at 11:01:51 PM, on 4/4/04
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\R_SERVER.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\WINLOGIN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDREGA.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\BARGAIN BUDDY\BIN2\BARGAINS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\HIJACK THIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchenhancement.com/searchbar/iev1.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchenhancement.com/searchbar/iev1.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\PROGRAM FILES\SCBAR\V2\SCBAR.DLL
O2 - BHO: (no name) - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6} - C:\PROGRAM FILES\ACCELERATION SOFTWARE\STOPSIGN\WEBCBROWSE.DLL
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\CALSDR.DLL
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\TWAINTEC.DLL
O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\BI.DLL
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\PROGRA~1\BARGAI~1\BIN2\APUC.DLL
O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - C:\PROGRAM FILES\SCBAR\V2\SCBAR.DLL
O2 - BHO: (no name) - {00000762-3965-4A1A-98CE-3D4BF457D4C8} - C:\PROGRAM FILES\LYCOS\SIDESEARCH\SIDESEARCH13218.DLL
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [WebScan] C:\PROGRAM FILES\ACCELERATION SOFTWARE\ANTI-VIRUS\DEFSCANGUI.EXE -k
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] c:\windows\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [EanthologyApp] C:\PROGRA~1\COMMON~1\EACCEL~1\EANTHO~1.EXE /b Startup
O4 - HKLM\..\Run: [Windows Logon] WINLOGIN.EXE
O4 - HKLM\..\Run: [ClrSchLoader] \Progra~1\Lycos\IEagent\Loader.exe
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\SYSTEM\MSBB.EXE
O4 - HKLM\..\Run: [Bargains] C:\Program Files\Bargain Buddy\bin2\bargains.exe
O4 - HKLM\..\Run: [duz] C:\WINDOWS\duz.exe
O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [eanth_critical_update_alert] "C:\PROGRAM FILES\ACCELERATION SOFTWARE\SYSTEMPATCHER\SYS_ALERT.EXE" /Startup
O4 - HKLM\..\Run: [SearchEnhancement] "C:\PROGRAM FILES\SCBAR\V2\SCBAR.EXE" /U
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [DDREGA] C:\WINDOWS\SYSTEM\DDREGA.exe
O4 - HKLM\..\Run: [E43K2I69.EXE] C:\WINDOWS\E43K2I69.EXE /dk
O4 - HKLM\..\RunServices: [r_server] C:\WINDOWS\SYSTEM\R_SERVER.EXE /service
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKCU\..\Run: [E43K2I69.EXE] C:\WINDOWS\E43K2I69.EXE /dk
O4 - HKCU\..\RunOnce: [Windows Logon] WINLOGIN.EXE
O4 - Startup: YT3EUQLI.lnk = C:\WINDOWS\yt3euqli.exe
O4 - Startup: ONOMX60U.lnk = C:\WINDOWS\onomx60u.exe
O4 - Startup: M5WJHPMF.lnk = C:\WINDOWS\m5wjhpmf.exe
O4 - Startup: T0AAL52H.lnk = C:\WINDOWS\t0aal52h.exe
O4 - Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
O4 - Startup: 02XBIU4W.lnk = C:\WINDOWS\02xbiu4w.exe
O4 - Startup: FIHVXDPT.lnk = C:\WINDOWS\fihvxdpt.exe
O4 - Startup: 66U3H0QW.lnk = C:\WINDOWS\66u3h0qw.exe
O4 - Startup: QAQIFQCF.lnk = C:\WINDOWS\qaqifqcf.exe
O4 - Startup: DB3P63BX.lnk = C:\WINDOWS\db3p63bx.exe
O4 - Startup: E43K2I69.lnk = C:\WINDOWS\e43k2i69.exe
O4 - Global Startup: T0AAL52H.lnk = C:\WINDOWS\t0aal52h.exe
O4 - Global Startup: YT3EUQLI.lnk = C:\WINDOWS\yt3euqli.exe
O4 - Global Startup: ONOMX60U.lnk = C:\WINDOWS\onomx60u.exe
O4 - Global Startup: M5WJHPMF.lnk = C:\WINDOWS\m5wjhpmf.exe
O4 - Global Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
O4 - Global Startup: 02XBIU4W.lnk = C:\WINDOWS\02xbiu4w.exe
O4 - Global Startup: FIHVXDPT.lnk = C:\WINDOWS\fihvxdpt.exe
O4 - Global Startup: 66U3H0QW.lnk = C:\WINDOWS\66u3h0qw.exe
O4 - Global Startup: QAQIFQCF.lnk = C:\WINDOWS\qaqifqcf.exe
O4 - Global Startup: DB3P63BX.lnk = C:\WINDOWS\db3p63bx.exe
O4 - Global Startup: E43K2I69.lnk = C:\WINDOWS\e43k2i69.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra 'Tools' menuitem: Block This Page (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Sidesearch (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
well the script worked....I no longer have those missing shortcut errors.
Thank you very much for the intelligent help!
hopefully this parasite is gone.
Now one other thing.....I have already run Adaware to remove spyware....but there seems to be a \lot of popups and lag when trying to pull up browser.
Can you recomend anything better for removal?
these things are in my task manager:
DW
bargains
eanthology
defscangui
loader
starter
sys_alert
msbb and a couple others i beleive should be running.
if these dont belong....how do i remove?
Once again ty very much....good show!
Thank you very much for the intelligent help!
hopefully this parasite is gone.
Now one other thing.....I have already run Adaware to remove spyware....but there seems to be a \lot of popups and lag when trying to pull up browser.
Can you recomend anything better for removal?
these things are in my task manager:
DW
bargains
eanthology
defscangui
loader
starter
sys_alert
msbb and a couple others i beleive should be running.
if these dont belong....how do i remove?
Once again ty very much....good show!
This is the second log
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.com/
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\TWAINTEC.DLL
O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [WebScan] C:\PROGRAM FILES\ACCELERATION SOFTWARE\ANTI-VIRUS\DEFSCANGUI.EXE -k
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] c:\windows\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [Windows Logon] WINLOGIN.EXE
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [W3DPROS] C:\WINDOWS\SYSTEM\W3DPROS.exe
O4 - HKLM\..\RunServices: [r_server] C:\WINDOWS\SYSTEM\R_SERVER.EXE /service
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKCU\..\RunOnce: [Windows Logon] WINLOGIN.EXE
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.com/
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\TWAINTEC.DLL
O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [WebScan] C:\PROGRAM FILES\ACCELERATION SOFTWARE\ANTI-VIRUS\DEFSCANGUI.EXE -k
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] c:\windows\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [Windows Logon] WINLOGIN.EXE
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [W3DPROS] C:\WINDOWS\SYSTEM\W3DPROS.exe
O4 - HKLM\..\RunServices: [r_server] C:\WINDOWS\SYSTEM\R_SERVER.EXE /service
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKCU\..\RunOnce: [Windows Logon] WINLOGIN.EXE
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
1 - 20 of 34 Posts
- Status
- Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
