• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      PLEASE READ - Reversing upgrade   02/23/2017

      We have found that this new upgrade is somewhat of a disaster.  We are finding lots of glitches in being able to post and administer the forum.  Additionally, there are new costs associated with the upgrade that we simply cannot afford.  As a result, we have decided to reverse course and go back to the previous version of our software.  Since this will involve restoring it from a backup, we will lose posts that have been added since January 30 or possibly even some before that.    If you started a topic during that time, we urge you to make backups of your posts and you will need to start the topics over again after the change.  You can simply paste the copies of your posts that you created at that point.    If you joined the forum this month, you will need to re-register since your membership will be lost along with the posts.  Since you have a concealed password, we cannot simply restore your membership for you.   We are going to backup as much as we can so that it will reduce inconvenience for our members.  Unfortunately we cannot back everything up since much will be incompatible with the old version of our software.  We apologize for the confusion and regret the need to do this even though it is not viable to continue with this version of the software.   We plan to begin the process tomorrow evening and, if it goes smoothly, we shouldn't be offline for very long.  However, since we have not done this before, we are not sure how smoothly it will go.  We ask your patience as we proceed.
Sign in to follow this  
Followers 0
Bobbi Flekman

0X00000035 NO_MORE_IRP_STACK_LOCATIONS

3 posts in this topic

A few days ago my CD Rewriter gave up the ghost, so I had to buy a new one. On the box it says it's compatible with Win2000. But something is fishy with it. I installed it this evening, rebooted. It is recognized as a new one. I can read CDs, play music. So up to the next step. Install the new write software. After installing Nero told me to reboot, and that's when the sh*t hit the fan. Every time I end up in the blue screen of death: ErrorCode 0x00000035 (NO_MORE_IRP_STACK_LOCATIONS) with differing adresses. How can I get rid of it?

 

Just to be complete, here's the HijackThis log and also a startup log since it has to be in here!

HijackThis

Logfile of HijackThis v1.98.0

Scan saved at 0:08:14, on 3-7-2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\savedump.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\userinit.exe

C:\WINNT\Explorer.EXE

C:\Program Files\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hushmail.com/login.php?PHPSESSI...bba7e2a0&lite=1

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8118

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

F0 - system.ini: Shell=

F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot\SDHelper.dll

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe

O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE

O4 - HKLM\..\Run: [RMETray] digi96.exe

O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [symTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg

O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\RunOnce: [symTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit

O4 - Startup: Pegasus Mail.lnk = C:\Program Files\Pegasus\winpm-32.exe

O4 - Startup: TrayIt!.lnk = C:\Program Files\TrayIt!\trayit!.exe

O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe

O4 - Global Startup: PGPtray.lnk = C:\Program Files\PGP Corporation\PGP for Windows 2000\PGPtray.exe

O4 - Global Startup: Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe

O4 - Global Startup: SpamWeasel Pro.lnk = C:\Program Files\SpamWeasel Pro\spamwpro.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: Download &All by FD - file://C:\Program Files\FreshDevices\FreshDownload\fdiectx2.htm

O8 - Extra context menu item: Download with &FD - file://C:\Program Files\FreshDevices\FreshDownload\fdiectx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O16 - DPF: HushEncryptionEngine - https://mailserver3.hushmail.com/shared/Hus...ptionEngine.cab

O20 - AppInit_DLLs: apitrap.dll

and the Startup log
StartupList report, 3-7-2004, 0:08:29

StartupList version: 1.52.2

Started from : C:\Program Files\HijackThis\HijackThis.EXE

Detected: Windows 2000 SP4 (WinNT 5.00.2195)

Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)

* Using default options

* Including empty and uninteresting sections

* Showing rarely important sections

==================================================

 

Running processes:

 

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\savedump.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\userinit.exe

C:\WINNT\Explorer.EXE

C:\Program Files\HijackThis\HijackThis.exe

 

--------------------------------------------------

 

Listing of startup folders:

 

Shell folders Startup:

[C:\Documents and Settings\Frank\Menu Start\Programma's\Opstarten]

Pegasus Mail.lnk = C:\Program Files\Pegasus\winpm-32.exe

TrayIt!.lnk = C:\Program Files\TrayIt!\trayit!.exe

 

Shell folders AltStartup:

*Folder not found*

 

User shell folders Startup:

*Folder not found*

 

User shell folders AltStartup:

*Folder not found*

 

Shell folders Common Startup:

[C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]

CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe

PGPtray.lnk = C:\Program Files\PGP Corporation\PGP for Windows 2000\PGPtray.exe

Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe

SpamWeasel Pro.lnk = C:\Program Files\SpamWeasel Pro\spamwpro.exe

WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

 

Shell folders Common AltStartup:

*Folder not found*

 

User shell folders Common Startup:

*Folder not found*

 

User shell folders Alternate Common Startup:

*Folder not found*

 

--------------------------------------------------

 

Checking Windows NT UserInit:

 

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

UserInit = C:\WINNT\system32\userinit.exe,

 

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]

*Registry key not found*

 

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

*Registry value not found*

 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

 

Synchronization Manager = mobsync.exe /logon

Smapp = C:\Program Files\Analog Devices\SoundMAX\Smtray.exe

NvCplDaemon = RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup

nwiz = nwiz.exe /install

NeroCheck = C:\WINNT\system32\\NeroCheck.exe

EM_EXEC = C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE

RMETray = digi96.exe

Wallpaper =

Share-to-Web Namespace Daemon = C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

SpeedTouch USB Diagnostics = "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon

QD FastAndSafe =

WebCam Monitor =

SymTray - Norton SystemWorks = C:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg

Norman ZANDA = C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH

QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime

InCD = C:\Program Files\Ahead\InCD\InCD.exe

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

 

SymTray - Norton SystemWorks = C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

 

*No values found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

 

NvMediaCenter = RUNDLL32.EXE C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

 

*No values found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No subkeys found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries in Registry subkeys of:

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

 

--------------------------------------------------

 

File association entry for .EXE:

HKEY_CLASSES_ROOT\exefile\shell\open\command

 

(Default) = "%1" %*

 

--------------------------------------------------

 

File association entry for .COM:

HKEY_CLASSES_ROOT\comfile\shell\open\command

 

(Default) = "%1" %*

 

--------------------------------------------------

 

File association entry for .BAT:

HKEY_CLASSES_ROOT\batfile\shell\open\command

 

(Default) = "%1" %*

 

--------------------------------------------------

 

File association entry for .PIF:

HKEY_CLASSES_ROOT\piffile\shell\open\command

 

(Default) = "%1" %*

 

--------------------------------------------------

 

File association entry for .SCR:

HKEY_CLASSES_ROOT\scrfile\shell\open\command

 

(Default) = "%1" /S

 

--------------------------------------------------

 

File association entry for .HTA:

HKEY_CLASSES_ROOT\htafile\shell\open\command

 

(Default) = C:\WINNT\System32\mshta.exe "%1" %*

 

--------------------------------------------------

 

File association entry for .TXT:

HKEY_CLASSES_ROOT\txtfile\shell\open\command

 

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

 

--------------------------------------------------

 

Enumerating Active Setup stub paths:

HKLM\Software\Microsoft\Active Setup\Installed Components

(* = disabled by HKCU twin)

 

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]

StubPath = C:\WINNT\inf\unregmp2.exe /ShowWMP

 

[>{26923b43-4d38-484f-9b9e-de460746276c}] *

StubPath = "C:\WINNT\System32\shmgrate.exe" OCInstallUserConfigIE

 

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *

StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

 

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]

StubPath = "C:\WINNT\System32\shmgrate.exe" OCInstallUserConfigOE

 

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *

StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

 

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *

StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

 

[{6A5110B5-E14B-4268-A065-EF89FF33C325}] *

StubPath = regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll

 

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *

StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserStub

 

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *

StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

 

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *

StubPath = regsvr32.exe /s /n /i:U shell32.dll

 

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *

StubPath = %SystemRoot%\System32\ie4uinit.exe

 

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *

StubPath = C:\WINNT\System32\Rundll32.exe C:\WINNT\System32\mscories.dll,Install

 

[{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}] *

StubPath = %SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl

 

--------------------------------------------------

 

Enumerating ICQ Agent Autostart apps:

HKCU\Software\Mirabilis\ICQ\Agent\Apps

 

*Registry key not found*

 

--------------------------------------------------

 

Load/Run keys from C:\WINNT\WIN.INI:

 

load=*INI section not found*

run=*INI section not found*

 

Load/Run keys from Registry:

 

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*

HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*

HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*

HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*

HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*

HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*

HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*

HKCU\..\Windows NT\CurrentVersion\Windows: load=

HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*

HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=apitrap.dll

 

--------------------------------------------------

 

Shell & screensaver key from C:\WINNT\SYSTEM.INI:

 

Shell=*INI section not found*

SCRNSAVE.EXE=*INI section not found*

drivers=*INI section not found*

 

Shell & screensaver key from Registry:

 

Shell=Explorer.exe

SCRNSAVE.EXE=C:\WINNT\system32\MATRIX~1.SCR

drivers=*Registry value not found*

 

Policies Shell key:

 

HKCU\..\Policies: Shell=*Registry key not found*

HKLM\..\Policies: Shell=*Registry value not found*

 

--------------------------------------------------

 

Checking for EXPLORER.EXE instances:

 

C:\WINNT\Explorer.exe: PRESENT!

 

C:\Explorer.exe: not present

C:\WINNT\Explorer\Explorer.exe: not present

C:\WINNT\System\Explorer.exe: not present

C:\WINNT\System32\Explorer.exe: not present

C:\WINNT\Command\Explorer.exe: not present

C:\WINNT\Fonts\Explorer.exe: not present

 

--------------------------------------------------

 

Checking for superhidden extensions:

 

.lnk: HIDDEN! (arrow overlay: yes)

.pif: HIDDEN! (arrow overlay: yes)

.exe: not hidden

.com: not hidden

.bat: not hidden

.hta: not hidden

.scr: not hidden

.shs: HIDDEN!

.shb: HIDDEN!

.vbs: not hidden

.vbe: not hidden

.wsh: not hidden

.scf: HIDDEN! (arrow overlay: NO!)

.url: HIDDEN! (arrow overlay: yes)

.js: not hidden

.jse: not hidden

 

--------------------------------------------------

 

Verifying REGEDIT.EXE integrity:

 

- Regedit.exe found in C:\WINNT

- .reg open command is normal (regedit.exe %1)

- Company name OK: 'Microsoft Corporation'

- Original filename OK: 'REGEDIT.EXE'

- File description: 'Register-editor'

 

Registry check passed

 

--------------------------------------------------

 

Enumerating Browser Helper Objects:

 

(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

(no name) - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll - {206E52E0-D52E-11D4-AD54-0000E86C26F6}

(no name) - C:\Program Files\Spybot\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}

 

--------------------------------------------------

 

Enumerating Task Scheduler jobs:

 

*No jobs found*

 

--------------------------------------------------

 

Enumerating Download Program Files:

 

[DirectAnimation Java Classes]

CODEBASE = file://C:\WINNT\Java\classes\dajava.cab

OSD = C:\WINNT\Downloaded Program Files\DirectAnimation Java Classes.osd

 

[HushEncryptionEngine]

CODEBASE = https://mailserver3.hushmail.com/shared/Hus...ptionEngine.cab

OSD = C:\WINNT\Downloaded Program Files\HushEncryptionEngine.osd

 

[Microsoft XML Parser for Java]

CODEBASE = file://C:\WINNT\Java\classes\xmldso.cab

OSD = C:\WINNT\Downloaded Program Files\Microsoft XML Parser for Java.osd

 

[{00000055-9980-0010-8000-00AA00389B71}]

CODEBASE = http://codecs.microsoft.com/codecs/i386/fhg.CAB

 

[{00000075-0000-0010-8000-00AA00389B71}]

CODEBASE = http://codecs.microsoft.com/codecs/i386/voxmsdec.CAB

 

[{31564D57-0000-0010-8000-00AA00389B71}]

CODEBASE = http://codecs.microsoft.com/codecs/i386/wmvax.cab

 

[{32564D57-0000-0010-8000-00AA00389B71}]

CODEBASE = http://codecs.microsoft.com/codecs/i386/wmv8ax.cab

 

[update Class]

InProcServer32 = C:\WINNT\System32\iuctl.dll

CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/...7863.0671990741

 

[shockwave Flash Object]

InProcServer32 = C:\WINNT\System32\Macromed\Flash\FLASH.OCX

CODEBASE = http://active.macromedia.com/flash2/cabs/swflash.cab

 

--------------------------------------------------

 

Enumerating Winsock LSP files:

 

NameSpace #1: C:\WINNT\System32\rnr20.dll

NameSpace #2: C:\WINNT\System32\winrnr.dll

Protocol #1: C:\WINNT\system32\msafd.dll

Protocol #2: C:\WINNT\system32\msafd.dll

Protocol #3: C:\WINNT\system32\msafd.dll

Protocol #4: C:\WINNT\system32\rsvpsp.dll

Protocol #5: C:\WINNT\system32\rsvpsp.dll

Protocol #6: C:\WINNT\system32\msafd.dll

Protocol #7: C:\WINNT\system32\msafd.dll

Protocol #8: C:\WINNT\system32\msafd.dll

Protocol #9: C:\WINNT\system32\msafd.dll

Protocol #10: C:\WINNT\system32\msafd.dll

Protocol #11: C:\WINNT\system32\msafd.dll

Protocol #12: C:\WINNT\system32\msafd.dll

Protocol #13: C:\WINNT\system32\msafd.dll

Protocol #14: C:\WINNT\system32\msafd.dll

Protocol #15: C:\WINNT\system32\msafd.dll

Protocol #16: C:\WINNT\system32\msafd.dll

Protocol #17: C:\WINNT\system32\msafd.dll

 

--------------------------------------------------

 

Enumerating Windows NT/2000/XP services

 

Microsoft ACPI-stuurprogramma: System32\DRIVERS\ACPI.sys (system)

Omgeving voor AFD-netwerkondersteuning: \SystemRoot\System32\drivers\afd.sys (autostart)

Intel AGP Bus Filter: System32\DRIVERS\agp440.sys (system)

Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN): System32\DRIVERS\alcan5wn.sys (manual start)

Alcatel Speed Touch ADSL Modem ATM Transport: System32\DRIVERS\alcaudsl.sys (manual start)

Alerter: %SystemRoot%\System32\services.exe (manual start)

Apache: "C:\Program Files\Apache Group\Apache\Apache.exe" (manual start)

Application Management: %SystemRoot%\system32\services.exe (manual start)

ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)

Stuurprogramma voor RAS asyncrone media: System32\DRIVERS\asyncmac.sys (manual start)

Standaard IDE/ESDI-vaste-schijfcontroller: System32\DRIVERS\atapi.sys (system)

ATM ARP-client-protocol: System32\DRIVERS\atmarpc.sys (manual start)

Audiostub-stuurprogramma: System32\DRIVERS\audstub.sys (manual start)

Intelligente achtergrondsoverdrachtservice: %SystemRoot%\System32\svchost.exe -k BITSgroup (manual start)

Computer Browser: %SystemRoot%\System32\services.exe (autostart)

500FX POWERC@M FLASH, WDM Video Capture: System32\Drivers\Ca100v.sys (manual start)

Closed Caption-decoder: system32\drivers\ccdecode.sys (manual start)

Cd-rom-stuurprogramma: System32\DRIVERS\cdrom.sys (system)

Indexing-service: C:\WINNT\System32\cisvc.exe (autostart)

ClipBook: %SystemRoot%\system32\clipsrv.exe (manual start)

Video Blaster WebCam 3/WebCam Plus (WDM): System32\DRIVERS\webc3vid.sys (manual start)

DHCP Client: %SystemRoot%\System32\services.exe (autostart)

digi96: System32\DRIVERS\digi96.sys (autostart)

Stuurprogramma voor schijfstations: System32\DRIVERS\disk.sys (system)

Logical Disk Manager Administrative-service: %SystemRoot%\System32\dmadmin.exe /com (manual start)

dmboot: System32\drivers\dmboot.sys (disabled)

Stuurprogramma voor Schijfbeheer: System32\drivers\dmio.sys (system)

dmload: System32\drivers\dmload.sys (system)

Logical Disk Manager: %SystemRoot%\System32\services.exe (autostart)

Microsoft DirectMusic-softwaresynthesizer (WDM): system32\drivers\DMusic.sys (manual start)

DNS Client: %SystemRoot%\System32\services.exe (autostart)

Event Log: %SystemRoot%\system32\services.exe (autostart)

COM+-gebeurtenissysteem: C:\WINNT\System32\svchost.exe -k netsvcs (manual start)

Fax-service: %systemroot%\system32\faxsvc.exe (manual start)

Stuurprogramma voor diskettestationcontroller: System32\DRIVERS\fdc.sys (manual start)

Firebird Server: c:\Program Files\Firebird\bin\fbserver -s (autostart)

Stuurprogramma voor diskettestation: System32\DRIVERS\flpydisk.sys (manual start)

FreshIO: \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys (manual start)

Stuurprogramma voor Volumebeheer: System32\DRIVERS\ftdisk.sys (system)

Firewall Driver: \SystemRoot\system32\drivers\fwdrv.sys (system)

Algemene pakketclassificeerder: System32\DRIVERS\msgpc.sys (manual start)

Stuurprogramma voor i8042-toetsenbord en PS/2-muispoort: System32\DRIVERS\i8042prt.sys (system)

Service voor AC'97-stuurprogramma (WDM): system32\drivers\ichaud.sys (manual start)

InCdPass: System32\DRIVERS\InCDPass.sys (system)

InCD File System Service: C:\Program Files\Ahead\InCD\InCDsrv.exe (autostart)

IntelIde: System32\DRIVERS\intelide.sys (system)

IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)

IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)

IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)

IPSEC-stuurprogramma: System32\DRIVERS\ipsec.sys (disabled)

IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)

PnP ISA/EISA Bus-stuurprogramma: System32\DRIVERS\isapnp.sys (system)

Stuurprogramma voor verschillende toetsenbordtypen: System32\DRIVERS\kbdclass.sys (system)

Microsoft Kernel Wave-audiomixer: system32\drivers\kmixer.sys (manual start)

Kerio Personal Firewall 4: C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (autostart)

Logitech PS/2 Mouse Filter Driver: System32\DRIVERS\L8042pr2.sys (manual start)

Server: %SystemRoot%\System32\services.exe (autostart)

Workstation: %SystemRoot%\System32\services.exe (autostart)

LexBce Server: C:\WINNT\system32\LEXBCES.EXE (autostart)

Logitech Keyboard Class Filter Driver: System32\DRIVERS\lkbdflt2.sys (manual start)

TCP/IP NetBIOS Helper-service: %SystemRoot%\System32\services.exe (autostart)

Logitech Mouse Class Filter Driver: System32\DRIVERS\lmouflt2.sys (manual start)

Messenger: %SystemRoot%\System32\services.exe (disabled)

NetMeeting Remote Desktop Sharing: C:\WINNT\System32\mnmsrvc.exe (manual start)

Unimodem Streaming-filterapparaat: system32\drivers\MODEMCSA.sys (manual start)

Stuurprogramma voor muistypen: System32\DRIVERS\mouclass.sys (system)

BDA MPE Filter: System32\DRIVERS\MPE.sys (manual start)

MRXSMB: System32\DRIVERS\mrxsmb.sys (system)

Distributed Transaction Coordinator: C:\WINNT\System32\msdtc.exe (manual start)

Windows Installer: C:\WINNT\System32\MsiExec.exe /V (manual start)

Microsoft Streaming Service-proxy: system32\drivers\MSKSSRV.sys (manual start)

Microsoft Streaming Clock-proxy: system32\drivers\MSPCLOCK.sys (manual start)

Microsoft Streaming Kwaliteitsbeheer Proxy: system32\drivers\MSPQM.sys (manual start)

Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma: system32\drivers\MSTEE.sys (manual start)

Mtlmnt5: System32\DRIVERS\Mtlmnt5.sys (manual start)

Mtlstrm: System32\DRIVERS\Mtlstrm.sys (manual start)

MySql: C:\mysql\bin\mysqld-nt (manual start)

NABTS/FEC VBI Codec: System32\DRIVERS\NABTSFEC.sys (manual start)

Microsoft TV/Video Connection: System32\DRIVERS\NdisIP.sys (manual start)

Ndiskio: \??\C:\NORMAN\nvc\NSE\NDISKIO.SYS (autostart)

RAS NDIS TAPI-stuurprogramma: System32\DRIVERS\ndistapi.sys (manual start)

I/O-protocol van NDIS-gebruikersmodus: System32\DRIVERS\ndisuio.sys (manual start)

RAS NDIS WAN-stuurprogramma: System32\DRIVERS\ndiswan.sys (manual start)

NetBIOS-interface: System32\DRIVERS\netbios.sys (system)

NetBios over Tcpip: System32\DRIVERS\netbt.sys (system)

Network DDE: %SystemRoot%\system32\netdde.exe (manual start)

Network DDE DSDM: %SystemRoot%\system32\netdde.exe (manual start)

NetDetect: \SystemRoot\system32\drivers\netdtect.sys (manual start)

Net Logon: %SystemRoot%\System32\lsass.exe (manual start)

Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Norman API-hooking helper: C:\NORMAN\Nvc\BIN\nipsvc.exe (manual start)

Norman NJeeves: C:\NORMAN\nvc\BIN\NJEEVES.EXE (manual start)

Norman ZANDA: C:\Norman\NVC\BIN\Zanda.exe (autostart)

Norton Unerase Protection Driver: \??\C:\WINNT\System32\Drivers\NPDRIVER.SYS (manual start)

Norton Unerase Protection: C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE (autostart)

NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)

Removable Storage: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)

NtMtlFax: System32\DRIVERS\NtMtlFax.sys (manual start)

nv: System32\DRIVERS\nv4_mini.sys (manual start)

nvcfsr: \??\C:\NORMAN\nvc\BIN\nvcfsr.sys (manual start)

nvcoafl5: \??\C:\NORMAN\nvc\BIN\nvcoafl5.sys (manual start)

nvcoaft5: \??\C:\NORMAN\nvc\BIN\nvcoaft5.sys (manual start)

nvcoarc5: \??\C:\NORMAN\nvc\BIN\nvcoarc5.sys (manual start)

Norman Virus Control on-access component: C:\NORMAN\nvc\BIN\nvcoas.exe (manual start)

Norman Virus Control Scheduler: C:\NORMAN\nvc\BIN\NVCSCHED.EXE (manual start)

NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (autostart)

IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)

IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)

Parallel class-stuurprogramma: System32\DRIVERS\parallel.sys (manual start)

Stuurprogramma voor parallelle poort: System32\DRIVERS\parport.sys (system)

PCI Bus-stuurprogramma: System32\DRIVERS\pci.sys (system)

PfModNT: \??\C:\WINNT\System32\PfModNT.sys (autostart)

PGPsdkDriver: System32\Drivers\PGPsdk.sys (autostart)

PGPsdkService: C:\WINNT\System32\PGPsdkServ.exe (autostart)

Plug and Play: %SystemRoot%\system32\services.exe (autostart)

IPSEC Policy Agent: %SystemRoot%\System32\lsass.exe (disabled)

WAN-minipoort (PPTP): System32\DRIVERS\raspptp.sys (manual start)

Protected Storage: %SystemRoot%\system32\services.exe (autostart)

Stuurprogramma voor Directe parallelle verbinding: System32\DRIVERS\ptilink.sys (manual start)

QDFSDRV: \??\C:\WINNT\system32\drivers\qdfsdrv.sys (manual start)

Stuurprogramma voor Automatische verbinding voor RAS: System32\DRIVERS\rasacd.sys (system)

Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

WAN-minipoort (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)

Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Direct Parallel: System32\DRIVERS\raspti.sys (manual start)

Microsoft Streaming Network-raw channel-toegang: system32\drivers\RCA.sys (manual start)

Rdbss: System32\DRIVERS\rdbss.sys (system)

Stuurprogramma voor afspeelfilter van digitale cd-audio: System32\DRIVERS\redbook.sys (system)

Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)

Remote Registry-service: %SystemRoot%\system32\regsvc.exe (autostart)

Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)

Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)

QoS RSVP: %SystemRoot%\System32\rsvp.exe -s (manual start)

NT-stuurprogramma voor Realtek RTL8139-based PCI Fast Ethernet Adapter: System32\DRIVERS\RTL8139.SYS (manual start)

Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)

Smart Card Helper: %SystemRoot%\System32\SCardSvr.exe (manual start)

Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)

Task Scheduler: %SystemRoot%\system32\MSTask.exe (autostart)

SDdriver: \??\C:\WINNT\System32\Drivers\sddriver.sys (manual start)

Secdrv: \??\C:\WINNT\System32\drivers\SECDRV.SYS (manual start)

RunAs-service: %SystemRoot%\system32\services.exe (autostart)

System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)

Serenum Filter-stuurprogramma: System32\DRIVERS\serenum.sys (manual start)

Stuurprogramma voor seriële poort: System32\DRIVERS\serial.sys (system)

Internet Connection Sharing: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

BDA Slip De-Framer: System32\DRIVERS\SLIP.sys (manual start)

USB Soft Modem Driver: System32\DRIVERS\slnt7554.sys (manual start)

SlNtHal: System32\DRIVERS\Slnthal.sys (manual start)

SlWdmSup: System32\DRIVERS\SlWdmSup.sys (manual start)

smwdm: system32\drivers\smwdm.sys (manual start)

Speed Disk service: C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe (autostart)

Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)

Srv: System32\DRIVERS\srv.sys (manual start)

Still Image Service: %systemroot%\system32\stisvc.exe (autostart)

BDA IPSink: System32\DRIVERS\StreamIP.sys (manual start)

Software Bus-stuurprogramma: System32\DRIVERS\swenum.sys (manual start)

Microsoft Kernel GS Wavetable-synthesizer: system32\drivers\swmidi.sys (manual start)

SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start)

Microsoft System-audioapparaat: system32\drivers\sysaudio.sys (manual start)

Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)

Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Stuurprogramma voor TCP/IP-protocol: System32\DRIVERS\tcpip.sys (system)

Telnet: %SystemRoot%\system32\tlntsvr.exe (manual start)

Distributed Link Tracking Client: %SystemRoot%\system32\services.exe (autostart)

Stuurprogramma voor Microsoft USB Universal Host Controller: System32\DRIVERS\uhcd.sys (manual start)

Microcode-updatestuurprogramma: System32\DRIVERS\update.sys (manual start)

Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)

USB Midi 1x1 Loader: system32\drivers\usb11ldr.sys (manual start)

DSC Still Image Capture (CA100): System32\Drivers\Bulk100.sys (manual start)

%StandardHub.SvcDesc%: System32\DRIVERS\usbhub.sys (autostart)

USB Midi 1x1 Driver: system32\drivers\usbmm1x1.sys (manual start)

Microsoft USB PRINTER Class: System32\DRIVERS\usbprint.sys (manual start)

Stuurprogramma voor USB-scanner: System32\DRIVERS\usbscan.sys (manual start)

Utility Manager: %SystemRoot%\System32\UtilMan.exe (manual start)

v90drv: System32\DRIVERS\v90drv.sys (manual start)

VgaSave: \SystemRoot\System32\drivers\vga.sys (system)

Windows Time: %SystemRoot%\System32\services.exe (manual start)

RAS IP ARP-stuurprogramma: System32\DRIVERS\wanarp.sys (manual start)

Stuurprogramma voor Microsoft WINMM WDM-audiocompatibiliteit: system32\drivers\wdmaud.sys (system)

Windows Management Instrumentation: %SystemRoot%\System32\WBEM\WinMgmt.exe (autostart)

WMDM PMSP Service: C:\WINNT\System32\MsPMSPSv.exe (autostart)

Serienummerservice voor draagbare media: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

Windows Management Instrumentation Driver Extensions: %SystemRoot%\system32\Services.exe (manual start)

World Standard Teletext Codec: System32\DRIVERS\WSTCODEC.SYS (manual start)

Automatische updates: %systemroot%\system32\svchost.exe -k wugroup (autostart)

Draadloze configuratie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

 

 

--------------------------------------------------

 

Enumerating Windows NT logon/logoff scripts:

*No scripts set to run*

 

Windows NT checkdisk command:

BootExecute = autocheck autochk *

 

Windows NT 'Wininit.ini':

PendingFileRenameOperations: *Registry value not found*

 

--------------------------------------------------

 

Enumerating ShellServiceObjectDelayLoad items:

 

Network.ConnectionTray: C:\WINNT\system32\NETSHELL.dll

WebCheck: C:\WINNT\System32\webcheck.dll

SysTray: stobject.dll

 

--------------------------------------------------

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

 

*Registry key not found*

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

 

*Registry key not found*

 

--------------------------------------------------

 

End of report, 31.813 bytes

Report generated in 0,094 seconds

 

Command line options:

  /verbose  - to add additional info on each section

  /complete - to include empty sections and unsuspicious data

  /full    - to include several rarely-important sections

  /force9x  - to include Win9x-only startups even if running on WinNT

  /forcent  - to include WinNT-only startups even if running on Win9x

  /forceall - to include all Win9x and WinNT startups, regardless of platform

  /history  - to list version history only

Share this post


Link to post
Share on other sites

Usually when You have something of this nature, you go back to what you were doing. I would suggest remove the Cd Burner completely. Try to start in safe mode by pressing F8, and let windows reset the current drivers for hardware it finds on Bootup. You'd have the same situation as before. However You mave have to have a reload if all you get is the blue screen. The Nero install files are probably in C:windows\temp, but that could be a risky thing if not sure.

Share this post


Link to post
Share on other sites

Since Friday I've done lots of things including stripping all the recent additions. Nothing works.

 

I've renamed the ahead folder from Nero, now it boots up perfectly but the error is relocated to shutdown. and it's changed from a NO_MORE_IRP_STACK_LOCATIONS to KMODE_EXCEPTION_NOT HANDLED. Still working on it, eventually it'll work again...

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0