My system has problems - locks frequently, lots of pop-ups, etc
Please see the Hijack This log below and let me know how to proceed.
Thanks
Logfile of HijackThis v1.97.2
Scan saved at 3:49:43 PM, on 4/5/04
Platform: Windows 95 B (Win9x 4.00.1212)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\CPQDMI.EXE
C:\WINDOWS\CPQALERT.EXE
C:\WINDOWS\SYSTEM\DRMON\SMARTAGT\SMARTAGT.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\DMI95\WIN32\BIN\WIN32SL.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\MGACTRL.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\COLOR\HGCCTL95.EXE
C:\WINDOWS\SYSTEM\COMSMD.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\LS.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\QDESK\MGAQDESK.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\MSOFFICE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OUTLOOK.EXE
C:\TOOLS_95\IMGICON.EXE
C:\PROGRAM FILES\ANALOGX\POW\POW.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\MAPI\1033\95\MAPISP32.EXE
M:\MAS90\HOME\PVXWIN32.EXE
M:\MAS90\LAUNCHER\LAUNCH32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
M:\MAS90\HOME\PVXWIN32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACRORD32.EXE
M:\MAS90\HOME\PVXWIN32.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\TECH SUPPORT\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://209.120.179.64/search.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/QuickPage/Portal/portal.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.com/
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\HH.DLL
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
O2 - BHO: (no name) - {58359010-BF36-11D3-99A2-0050DA2EE1BE} - (no file)
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\BENCEED.DLL
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\BI.DLL
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Matrox Control Center] C:\Program Files\Matrox MGA PowerDesk\mgactrl.exe
O4 - HKLM\..\Run: [Matrox Color Control] C:\Program Files\Matrox MGA PowerDesk\Color\hgcctl95.exe
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [SearchEnhancement] "C:\PROGRAM FILES\SCBAR\V1\SCBAR.EXE" /U
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [BELT] C:\WINDOWS\BELT.exe
O4 - HKLM\..\Run: [QuickZip] C:\WINDOWS\SYSTEM\LS.EXE
O4 - HKLM\..\RunServices: [CPQDMI] CPQDMI.EXE
O4 - HKLM\..\RunServices: [CPQALERT] CPQAlert.exe
O4 - HKLM\..\RunServices: [dRMON SmartAgent] drmon\SmartAgt\SmartAgt.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Matrox QuickDesk] C:\Program Files\Matrox MGA PowerDesk\QDesk\mgaqdesk.exe
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Office Shortcut Bar.lnk = C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Outlook.lnk = D:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
O4 - Startup: Iomega Watch.lnk = C:\Tools_95\IoWatch.Exe
O4 - Startup: Iomega Startup Options.lnk = C:\Tools_95\ImgStart.Exe
O4 - Startup: Iomega Disk Icons.lnk = C:\Tools_95\ImgIcon.Exe
O4 - Startup: pow.exe.lnk = C:\Program Files\AnalogX\POW\pow.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: xxx (HKLM)
O9 - Extra button: Y! Help (HKCU)
O12 - Plugin for .fpx: C:\PROGRA~1\INTERN~1\PLUGINS\NPRVRT32.dll
O12 - Plugin for .vdo: C:\PROGRA~1\INTERN~1\PLUGINS\npsmlvdo.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O12 - Plugin for .EXE: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O16 - DPF: {2FF18E10-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.0) - http://www.msnbc.com/download/nm0713.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {BCDC74F2-0322-11D3-B3D6-0008C7B96284} (GenesisLabel.ctlGenesisLabel) - https://thegenesisnetwork.equilon.com/Genesis/Files/GenesisLabel.CAB
O16 - DPF: {0122955E-1FB0-11D2-A238-006097FAEE8B} (CscClnt Class) - http://central1.clevercontent.com/cccabs/CleverContent.cab
O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
O16 - DPF: {73A79B04-B94C-11D3-800E-00C04F3655E3} (vb6projectGenesisLabel.ctlGenesisLabel) - https://thegenesisnetwork.equilon.com/Genesis/Files/GenesisLabel.CAB
O16 - DPF: {B3AA2F6B-6BAF-11D3-BA05-00C0F0322972} - http://209.132.192.13/EMI404/download/Uncensored_Sex.exe
O16 - DPF: {B10CBD8D-F9B6-11CF-9B38-0080AD11B667} (Ikonic Button Control) - http://www.cookiecentral.com/activex/ikcntrls.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {0C98419E-324F-11D3-9A23-00C04FF40D52} (McAfee Clinic AV Installer Control) - http://download.mcafee.com/molbin/clinic/virusscan/mgavinst.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {36B455F4-5E76-11D4-8052-00C04F0DBD7B} (vb6projectGenesisLabel.ctlGenesisLabel) - https://thegenesisnetwork.equilon.com/Genesis/Files/GenesisLabel.CAB
O16 - DPF: {CDB74794-A3BA-4733-B6F6-59BF16D6C15A} (McAfee Smart Shop - Update Class) - http://download.mcafee.com/molbin/mcaeng/mcsmtshp.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://a32.g.akamai.net/7/32/1828/108b4256c2b548/europe-download1.cult3d.com/cult.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {22D6F312-B0F6-11D0-94AB-0080C74C7E95} (Windows Media Player) - http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - http://carpoint.msn.com/Components/Ocx/Exterior/Outside.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.road.com/oralmasp/download/mgaxctrl.cab
O16 - DPF: {67268BDF-9F6A-4AE6-AD53-7C959336F6AD} (Dlgsw Class) - http://207.38.64.32/datalifeguard/datalifeguardpdf.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,72/mcinsctl.cab
O16 - DPF: {85F2A370-83E6-11D2-915B-00A024D651E7} - http://download.mcafee.com/molbin/Clinic/VirusScan/MgAvDat.cab
O16 - DPF: {DA28C54E-D95C-11D3-9A01-005004677EF4} - http://download.mcafee.com/molbin/clinic/CDM/McCDM.cab
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/2...apple.com/qt503/us/win/QuickTimeInstaller.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.htmlcompendium.org/wfplayer/tdserver.cab
O16 - DPF: {B2BE75F3-9197-11CF-ABF4-08000996E931} (Autodesk WHIP! Control) - ftp://adeskftp.autodesk.com/webpub/whip/english/whip.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://128.197.197.243/activex/AxisCamControl.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,15/mcgdmgr.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {152CDB33-3503-4FC4-95E3-13A7A92D542C} (GenBatchPrint.ctlGenLabelPrint) - http://www.shellsource.com/Include/PrintControl/GenBatchPrint.CAB
O16 - DPF: {E2F2B9D0-96B9-4B25-B90C-636ECB207D18} - http://www.whenusearch.com/WUInstSECS.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = kirkland
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 198.60.253.132,204.134.214.10
Please see the Hijack This log below and let me know how to proceed.
Thanks
Logfile of HijackThis v1.97.2
Scan saved at 3:49:43 PM, on 4/5/04
Platform: Windows 95 B (Win9x 4.00.1212)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\CPQDMI.EXE
C:\WINDOWS\CPQALERT.EXE
C:\WINDOWS\SYSTEM\DRMON\SMARTAGT\SMARTAGT.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\DMI95\WIN32\BIN\WIN32SL.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\MGACTRL.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\COLOR\HGCCTL95.EXE
C:\WINDOWS\SYSTEM\COMSMD.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\LS.EXE
C:\PROGRAM FILES\MATROX MGA POWERDESK\QDESK\MGAQDESK.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\MSOFFICE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OUTLOOK.EXE
C:\TOOLS_95\IMGICON.EXE
C:\PROGRAM FILES\ANALOGX\POW\POW.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\MAPI\1033\95\MAPISP32.EXE
M:\MAS90\HOME\PVXWIN32.EXE
M:\MAS90\LAUNCHER\LAUNCH32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
M:\MAS90\HOME\PVXWIN32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACRORD32.EXE
M:\MAS90\HOME\PVXWIN32.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\TECH SUPPORT\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://209.120.179.64/search.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/QuickPage/Portal/portal.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.com/
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\HH.DLL
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL
O2 - BHO: (no name) - {58359010-BF36-11D3-99A2-0050DA2EE1BE} - (no file)
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\BENCEED.DLL
O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - C:\WINDOWS\BI.DLL
O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Matrox Control Center] C:\Program Files\Matrox MGA PowerDesk\mgactrl.exe
O4 - HKLM\..\Run: [Matrox Color Control] C:\Program Files\Matrox MGA PowerDesk\Color\hgcctl95.exe
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [SearchEnhancement] "C:\PROGRAM FILES\SCBAR\V1\SCBAR.EXE" /U
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [BELT] C:\WINDOWS\BELT.exe
O4 - HKLM\..\Run: [QuickZip] C:\WINDOWS\SYSTEM\LS.EXE
O4 - HKLM\..\RunServices: [CPQDMI] CPQDMI.EXE
O4 - HKLM\..\RunServices: [CPQALERT] CPQAlert.exe
O4 - HKLM\..\RunServices: [dRMON SmartAgent] drmon\SmartAgt\SmartAgt.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Matrox QuickDesk] C:\Program Files\Matrox MGA PowerDesk\QDesk\mgaqdesk.exe
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Office Shortcut Bar.lnk = C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Outlook.lnk = D:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
O4 - Startup: Iomega Watch.lnk = C:\Tools_95\IoWatch.Exe
O4 - Startup: Iomega Startup Options.lnk = C:\Tools_95\ImgStart.Exe
O4 - Startup: Iomega Disk Icons.lnk = C:\Tools_95\ImgIcon.Exe
O4 - Startup: pow.exe.lnk = C:\Program Files\AnalogX\POW\pow.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: xxx (HKLM)
O9 - Extra button: Y! Help (HKCU)
O12 - Plugin for .fpx: C:\PROGRA~1\INTERN~1\PLUGINS\NPRVRT32.dll
O12 - Plugin for .vdo: C:\PROGRA~1\INTERN~1\PLUGINS\npsmlvdo.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O12 - Plugin for .EXE: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O16 - DPF: {2FF18E10-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.0) - http://www.msnbc.com/download/nm0713.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {BCDC74F2-0322-11D3-B3D6-0008C7B96284} (GenesisLabel.ctlGenesisLabel) - https://thegenesisnetwork.equilon.com/Genesis/Files/GenesisLabel.CAB
O16 - DPF: {0122955E-1FB0-11D2-A238-006097FAEE8B} (CscClnt Class) - http://central1.clevercontent.com/cccabs/CleverContent.cab
O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
O16 - DPF: {73A79B04-B94C-11D3-800E-00C04F3655E3} (vb6projectGenesisLabel.ctlGenesisLabel) - https://thegenesisnetwork.equilon.com/Genesis/Files/GenesisLabel.CAB
O16 - DPF: {B3AA2F6B-6BAF-11D3-BA05-00C0F0322972} - http://209.132.192.13/EMI404/download/Uncensored_Sex.exe
O16 - DPF: {B10CBD8D-F9B6-11CF-9B38-0080AD11B667} (Ikonic Button Control) - http://www.cookiecentral.com/activex/ikcntrls.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {0C98419E-324F-11D3-9A23-00C04FF40D52} (McAfee Clinic AV Installer Control) - http://download.mcafee.com/molbin/clinic/virusscan/mgavinst.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {36B455F4-5E76-11D4-8052-00C04F0DBD7B} (vb6projectGenesisLabel.ctlGenesisLabel) - https://thegenesisnetwork.equilon.com/Genesis/Files/GenesisLabel.CAB
O16 - DPF: {CDB74794-A3BA-4733-B6F6-59BF16D6C15A} (McAfee Smart Shop - Update Class) - http://download.mcafee.com/molbin/mcaeng/mcsmtshp.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://a32.g.akamai.net/7/32/1828/108b4256c2b548/europe-download1.cult3d.com/cult.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {22D6F312-B0F6-11D0-94AB-0080C74C7E95} (Windows Media Player) - http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - http://carpoint.msn.com/Components/Ocx/Exterior/Outside.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.road.com/oralmasp/download/mgaxctrl.cab
O16 - DPF: {67268BDF-9F6A-4AE6-AD53-7C959336F6AD} (Dlgsw Class) - http://207.38.64.32/datalifeguard/datalifeguardpdf.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,72/mcinsctl.cab
O16 - DPF: {85F2A370-83E6-11D2-915B-00A024D651E7} - http://download.mcafee.com/molbin/Clinic/VirusScan/MgAvDat.cab
O16 - DPF: {DA28C54E-D95C-11D3-9A01-005004677EF4} - http://download.mcafee.com/molbin/clinic/CDM/McCDM.cab
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/2...apple.com/qt503/us/win/QuickTimeInstaller.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.htmlcompendium.org/wfplayer/tdserver.cab
O16 - DPF: {B2BE75F3-9197-11CF-ABF4-08000996E931} (Autodesk WHIP! Control) - ftp://adeskftp.autodesk.com/webpub/whip/english/whip.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://128.197.197.243/activex/AxisCamControl.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,15/mcgdmgr.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {152CDB33-3503-4FC4-95E3-13A7A92D542C} (GenBatchPrint.ctlGenLabelPrint) - http://www.shellsource.com/Include/PrintControl/GenBatchPrint.CAB
O16 - DPF: {E2F2B9D0-96B9-4B25-B90C-636ECB207D18} - http://www.whenusearch.com/WUInstSECS.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = kirkland
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 198.60.253.132,204.134.214.10