Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
My PC got the TrojanDownloader:Win32/Udepo,and after many attempts finally it was deleted,I guess.
This .exe still is on system config run,and had to be stopped because it was changing on Iexplorer the security config for Activex.On various forums its mentioned that this is not a Windows program and it can be deleted.The problem is that I canīt find it anywhere,but the entrance in system config run persist disabled.
Can it be deleted,is it a Windows needed file,how does this associates with the Trojan ???
Something is going wrong because I canīt get Norton System Works 2003 antivirus to work.It shows is protecting my PC but scan won`'t work and even options for the antivirus are disabled and canīt be choosen,the rest of the program works.
Pls HELP ME !!!
Let's see where it is hiding, Download 'Hijack This!'. Unzip, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, click "Save Log", and copy and paste it in a reply.
0 
Logfile of HijackThis v1.95.0
Scan saved at 6:06:07, on 08/07/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccEvtMgr.exe
D:\Archivos de programa\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe
C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe
C:\Archivos de programa\GeCAD\RAV8 Desktop\ravtray8.exe
D:\Archivos de programa\GrabClipSave\GrabClipSave.exe
D:\ARCHIV~1\PANICW~1\POP-UP~1\PSFree.exe
D:\Archivos de programa\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
D:\Archivos de programa\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Archivos de programa\Archivos comunes\EPSON\EBAPI\SAgent2.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
D:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
D:\Archivos de programa\Norton SystemWorks\Norton Utilities\NPROTECT.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Archivos de programa\GeCAD\RAV8 Desktop\ravmon.exe
D:\ARCHIV~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\ntvdm.exe
D:\Archivos de programa\eMule\emule.exe
C:\Archivos de programa\Internet Explorer\IEXPLORE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Archivos de programa\Messenger\msmsgs.exe
C:\Documents and Settings\Jose Gregorio Gornes\Configuración local\Temp\Directorio temporal 2 para hijackthis.zip\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\System32\blank.htm
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - D:\Archivos de programa\Panicware\Pop-Up Stopper Pro\CCHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Archivos de programa\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Pa&nicware Pop-Up Stopper Pro - {B1E741E7-1E77-40D4-9FD8-51949B9CCBD0} - D:\Archivos de programa\Panicware\Pop-Up Stopper Pro\popuppro.dll
O4 - HKLM\..\Run: [Ink Monitor] C:\Archivos de programa\Epson\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "D:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] D:\Archivos de programa\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Archivos de programa\Archivos comunes\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [RAV8Tray] C:\Archivos de programa\GeCAD\RAV8 Desktop\ravtray8.exe
O4 - HKLM\..\Run: [QD FastAndSafe] D:\Archivos de programa\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /startup
O4 - HKCU\..\Run: [GCS] "D:\Archivos de programa\GrabClipSave\GrabClipSave.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "D:\ARCHIV~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = D:\Archivos de programa\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Archivos de programa\Office10\OSA.exe
O4 - Global Startup: ravmon.exe.lnk = C:\Archivos de programa\GeCAD\RAV8 Desktop\ravmon.exe
O4 - Global Startup: ZoneAlarm.lnk = D:\Archivos de programa\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://D:\ARCHIV~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Linked Ima&ges - D:\Archivos de programa\IEimage\IEimage.htm
O9 - Extra button: Omniquad MyPrivacy (HKLM)
O9 - Extra 'Tools' menuitem: Omniquad MyPrivacy (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: Internet Cleaner (HKCU)
O9 - Extra 'Tools' menuitem: Internet Cleaner (HKCU)
O12 - Plugin for .spop: C:\Archivos de programa\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} - http://64.124.45.181/downloads/ccpm_0237.cab
O16 - DPF: {28F00B0F-DC4E-11D3-ABEC-005004A44EEB} - http://content.hiwirenetworks.net/inbrowser/cabfiles/2.5.30/Hiwire.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} - http://207.188.7.150/1312ff5fdb5c8bf10114/netzip/RdxIE.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020713/qtinstall.info.apple.com/samantha/us/win/QuickTimeInstaller.exe
O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernetwork.com/surferplugin.ocx
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.gocyberlink.com/english/cyberstore/audiopack/xp_audio/ChkDVD.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/6d2f308e1bcfa7/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {7CF052DE-C74F-421B-B04A-3B3037EF5887} (CCMPGui Class) - http://64.124.45.181/chaincast/proxy/CCMP.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37652.0908217593
O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} - http://www.pulse3d.com/players/english/5.2/win/PulsePlayer5.2AxWin.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} - http://sc.communities.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D32C3BAD-5213-49BD-A7D5-E6DE6C0D8249} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://sc.communities.msn.com/controls/chat/msnchat45.cab
0
I don't see it listed anywhere, Have you looked in Norton and RAV quarantine?
You have both Rav and Norton running. You should disable the 'auto protect' feature of one, they mey be causing conflicts with each other.
0
I've got the same tcposmod.exe and have had it running for some time ....using PCcillin and never detected it as a virus. I screwed up my pc cillin somehow and it wont uninstall so I installed BitDefender and it has a firewall built in kinda like zone alarm and it warns me that this .exe is trying to access the internet. It says it was residing in c:\windows\system folder but I ignored it and on a whim did a search and wound up HERE! So, Im gonna try the Hijack this program also and see what I can come up with.
0
i found tcposmod, but now i have no idea what to do with it. the only reason i havent fixed it is because i dont know if it has added itself to something and will screw it up if deleted (which has happened in the past with other pieces of spyware)
Logfile of HijackThis v1.96.1
Scan saved at 1:17:49 PM, on 8/17/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\TwZ\MagicKillah\MagicKillah.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\UltimateZip 2.7\uzqkst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\cidaemon.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\Internet Explorer\IEXPLORE.exe
C:\Documents and Settings\Patrick\Desktop\Downloads\security\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ramgo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = iexplore
O2 - BHO: (no name) - {00000762-3965-4A1A-98CE-3D4BF457D4C8 - (no file)
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296D - (no file)
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - (no file)
O2 - BHO: (no name) - {2B3452C5-1B9A-440F-A203-F6ED0F64C8 - (no file)
O2 - BHO: (no name) - {2B3452C5-1B9A-440F-A203-F6ED0F64C895} - C:\WINDOWS\rem00001.dll
O2 - BHO: (no name) - {392BE62B-E7DE-430A-8859-0AFE677DE6E1} - C:\WINDOWS\bs2.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D79424 - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D794248 - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484 - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5843A29E-1246-11D4-BA8C-0050DA70 - (no file)
O2 - BHO: (no name) - {5843A29E-1246-11D4-BA8C-0050DA707 - (no file)
O2 - BHO: (no name) - {5843A29E-1246-11D4-BA8C-0050DA707A - (no file)
O2 - BHO: (no name) - {5843A29E-1246-11D4-BA8C-0050DA707AC - (no file)
O2 - BHO: (no name) - {5843A29E-1246-11D4-BA8C-0050DA707ACD - (no file)
O2 - BHO: (no name) - {60E78CAC-E9A7-4302-B9EE-8582EDE - (no file)
O2 - BHO: (no name) - {60E78CAC-E9A7-4302-B9EE-8582EDE2 - (no file)
O2 - BHO: (no name) - {60E78CAC-E9A7-4302-B9EE-8582EDE22 - (no file)
O2 - BHO: (no name) - {60E78CAC-E9A7-4302-B9EE-8582EDE22F - (no file)
O2 - BHO: (no name) - {60E78CAC-E9A7-4302-B9EE-8582EDE22FB - (no file)
O2 - BHO: (no name) - {60E78CAC-E9A7-4302-B9EE-8582EDE22FBF - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF1057 - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577 - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF105774 - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF1057747 - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473 - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7 - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6 - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B0 - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B08 - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084 - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B0848 - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B08487 - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872 - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D44BBB61-E17F-4AE6-A502-8D7E0B29E616} - C:\WINDOWS\DOWNLO~1\STUMBL~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: StumbleUpon - {22D003CE-6952-46C5-80B9-D19B479620AB} - C:\WINDOWS\DOWNLO~1\STUMBL~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [srng] \Program Files\Srng\Srng.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ConMgr.exe] "C:\Program Files\EarthLink 5.0\ConMgr.exe"
O4 - HKLM\..\Run: [winactive] C:\Program Files\Window Active\winactive.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DSS] C:\WINDOWS\tcposmod.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [BookedSpace] RunDLL32.exe C:\WINDOWS\bs2.dll,DllRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [TeddyWareZ' MagicKillah] "C:\Program Files\TwZ\MagicKillah\MagicKillah.exe" -nosplash -minimize
O4 - Startup: UltimateZip Quick Start.lnk = C:\Program Files\UltimateZip 2.7\uzqkst.exe
O4 - Startup: Update Grokster.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.exe
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GoogleToolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GoogleToolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GoogleToolbar.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GoogleToolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\GoogleToolbar.dll/cmtrans.html
O9 - Extra button: AIM (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/drakken/us/win/QuickTimeInstaller.exe
O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) - http://www.gamehouse.com/ghdlctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/170fe450e6914d3fa105/netzip/RdxIE601.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {95844941-7934-4693-92D9-8202EA7B20ED} - http://www.stumbleupon.com/stumble.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildtangent.com/bgn/partners/shockwave/virtualwarfare/install.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
