• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
arivas

Search results turns ups ads, starting page change

4 posts in this topic

I keep my homepage as google, whenever i enter a search in google i get results talking about ads, buy this, buy that. I had had the same problem before and it was intersitial ad delivery but that's nowhere to be found. i already removed it from my registrykeys and everything. ran a scan with the program. here are the results.

I have already read the FAQ's page and followed the directions to teh best of my ability. I just want my computer *my baby* back

 

Logfile of HijackThis v1.97.7

Scan saved at 3:55:38 PM, on 6/11/2004

Platform: Windows 2000 SP2 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\msdtc.exe

C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe

C:\WINNT\System32\svchost.exe

C:\PROGRA~1\Iomega\System32\AppServices.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\WINNT\System32\nvsvc32.exe

C:\WINNT\system32\regsvc.exe

C:\Program Files\Norton AntiVirus\SAVScan.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINNT\wanmpsvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\System32\inetsrv\inetinfo.exe

C:\WINNT\System32\mqsvc.exe

C:\WINNT\Explorer.EXE

C:\WINNT\System32\sstray.exe

C:\WINNT\System32\TCAUDIAG.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe

C:\WINNT\System32\P2P Networking\P2P Networking.exe

C:\WINNT\System32\RUNDLL32.EXE

C:\WINNT\System32\ctfmon.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

C:\Program Files\America Online 9.0\waol.exe

C:\Program Files\America Online 9.0\shellmon.exe

C:\Program Files\America Online 9.0\aolwbspd.exe

C:\Program Files\Common files\WinTools\WToolsA.exe

C:\Program Files\Common files\WinTools\WSup.exe

C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {00A0A40C-F432-4C59-BA11-B25D142C7AB7} - C:\WINNT\System32\mskceo.dll

O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\4.bin\MYBAR.DLL

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {0982868C-47F0-4EFB-A664-C7B0B1015808} - C:\WINNT\System32\mskhhe.dll

O2 - BHO: (no name) - {0BA1C6EB-D062-4E37-9DB5-B07743276324} - C:\WINNT\System32\msglji.gif

O2 - BHO: (no name) - {25F7FA20-3FC3-11D7-B487-00D05990014C} - C:\WINNT\System32\mseggo.gif

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {94927A13-4AAA-476A-989D-392456427688} - C:\WINNT\System32\msjfbl.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {CC916B4B-BE44-4026-A19D-8C74BBD23361} - C:\WINNT\System32\msedah.dll

O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\WINNT\System32\msnkmi.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\4.bin\MYBAR.DLL

O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r

O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"

O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [oginl] C:\WINNT\System32\oginl.exe

O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s

O4 - HKLM\..\Run: [DXDllRegExe] C:\WINNT\System32\dxdllreg.exe

O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe

O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0

O4 - HKCU\..\Run: [msmc] C:\WINNT\System32\msgked.exe

O4 - HKLM\..\RunOnce: [MSPCLOCK] RUNDLL32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}

O4 - HKLM\..\RunOnce: [MSPQM] RUNDLL32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}

O4 - HKLM\..\RunOnce: [MSKSSRV] RUNDLL32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}

O4 - HKLM\..\RunOnce: [MPE0] rundll32.exe streamci,StreamingDeviceSetup {8E60217D-A2EE-47f8-B0C5-0F44C55F66DC},GLOBAL,{FD0A5AF4-B41D-11d2-9C95-00C04F7971E0},C:\WINNT\INF\mpe.inf,BDAcodec

O4 - HKLM\..\RunOnce: [sTREAMIP0] rundll32.exe streamci,StreamingDeviceSetup {D84D449B-62FB-4ebb-B969-5183ED3DFB51},GLOBAL,{71985F4A-1CA1-11d3-9CC8-00C04F7971E0},C:\WINNT\INF\streamip.inf,BDAcodec

O4 - HKLM\..\RunOnce: [sLIP0] rundll32.exe streamci,StreamingDeviceSetup {03884CB6-E89A-4deb-B69E-8DC621686E6A},GLOBAL,{FD0A5AF4-B41D-11d2-9C95-00C04F7971E0},C:\WINNT\INF\slip.inf,VBIcodec

O4 - HKLM\..\RunOnce: [CCDECODE0] rundll32.exe streamci,StreamingDeviceSetup {562370a8-f8dd-11d2-bc64-00a0c95ec22e},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINNT\INF\CCDECODE.inf,CCDECODE.Interface.Install

O4 - HKLM\..\RunOnce: [NABTSFEC0] rundll32.exe streamci,StreamingDeviceSetup {07DAD662-22F1-11d1-A9F4-00C04FBBDE8F},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINNT\INF\NABTSFEC.inf,NABTSFEC.Interface.Install

O4 - HKLM\..\RunOnce: [WSTCODEC0] rundll32.exe streamci,StreamingDeviceSetup {70BC06E0-5666-11d3-A184-00105AEF9F33},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINNT\INF\WSTCODEC.inf,WSTCODEC.Interface.Install

O4 - HKLM\..\RunOnce: [DXDLLREG_0] rundll32.exe C:\WINNT\System32\advpack.dll,LaunchINFSection C:\WINNT\inf\dxdllreg.inf,DirectShow,1,N

O4 - HKLM\..\RunOnce: [DXDLLREG_1] rundll32.exe C:\WINNT\System32\advpack.dll,LaunchINFSection C:\WINNT\inf\dxdllreg.inf,DirectSound,1,N

O4 - HKLM\..\RunOnce: [DXDLLREG_2] rundll32.exe C:\WINNT\System32\advpack.dll,LaunchINFSection C:\WINNT\inf\dxdllreg.inf,DirectPlay,1,N

O4 - HKLM\..\RunOnce: [DXDLLREG_3] rundll32.exe C:\WINNT\System32\advpack.dll,LaunchINFSection C:\WINNT\inf\dxdllreg.inf,DirectInput,1,N

O4 - HKLM\..\RunOnce: [DXDLLREG_4] rundll32.exe C:\WINNT\System32\advpack.dll,LaunchINFSection C:\WINNT\inf\dxdllreg.inf,DX8RetailDLLs,1,N

O4 - HKLM\..\RunOnce: [DXBDAREG] rundll32.exe C:\WINNT\System32\advpack.dll,LaunchINFSection C:\WINNT\inf\dxbda.inf,BDADllRegister,1,N

O4 - HKCU\..\RunOnce: [bullguardoptIn] C:\WINNT\Temp\BullGuard\bulldownload.exe

O4 - Startup: PowerReg SchedulerV2.exe

O4 - Global Startup: 3Com Connection Assistant.lnk = C:\Program Files\3com\Connection Assistant\bin\matcli.exe

O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: Real.com (HKLM)

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...ector/swdir.cab

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB

O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{042FF40E-8D9D-4235-A7EF-DE8850B93C6A}: NameServer = 198.81.16.134

O17 - HKLM\System\CCS\Services\Tcpip\..\{8317B771-F148-4273-815D-99972C0AC605}: NameServer = 129.138.250.10

O17 - HKLM\System\CS1\Services\Tcpip\..\{042FF40E-8D9D-4235-A7EF-DE8850B93C6A}: NameServer = 198.81.16.134

O17 - HKLM\System\CS2\Services\Tcpip\..\{042FF40E-8D9D-4235-A7EF-DE8850B93C6A}: NameServer = 198.81.18.4

 

Thank you,

arivas

Share this post


Link to post
Share on other sites

Hey Arivas,

You need to go to windows update and get the critical updates (especially IE6,...Sp1).

You also have too many programs running at startup.

I'm not an expert at hijack logs, but I do see some problems. Please wait for an expert to check your log.

Good luck

Share this post


Link to post
Share on other sites

I scanned my machine with spybot s&d and sweeper and quarantined what i thought was wrong,but im still unsure of what else could be causing the problems.

Also, I know that there are a lot of programs at startup I ran that list too.

But I don't know what some of them are and such, so I don't want to touch anything.

 

StartupList report, 6/13/2004, 6:53:14 PM

StartupList version: 1.52

Started from : C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.EXE

Detected: Windows 2000 SP2 (WinNT 5.00.2195)

Detected: Internet Explorer v6.00 (6.00.2600.0000)

* Using default options

==================================================

 

Running processes:

 

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\msdtc.exe

C:\WINNT\System32\svchost.exe

C:\PROGRA~1\Iomega\System32\AppServices.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\WINNT\System32\nvsvc32.exe

C:\WINNT\system32\regsvc.exe

C:\Program Files\Norton AntiVirus\SAVScan.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINNT\wanmpsvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\Explorer.EXE

C:\WINNT\System32\inetsrv\inetinfo.exe

C:\WINNT\System32\mqsvc.exe

C:\WINNT\System32\sstray.exe

C:\WINNT\System32\TCAUDIAG.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe

C:\WINNT\System32\RUNDLL32.EXE

C:\WINNT\System32\ctfmon.exe

C:\Program Files\Common files\WinTools\WSup.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

C:\Program Files\Common files\WinTools\WToolsA.exe

C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE

C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe

C:\Program Files\America Online 9.0\waol.exe

C:\Program Files\America Online 9.0\shellmon.exe

C:\Program Files\America Online 9.0\aolwbspd.exe

C:\Program Files\Microsoft Office\Office\POWERPNT.EXE

C:\Program Files\Microsoft Office\Office\WINWORD.EXE

C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe

C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

 

--------------------------------------------------

 

Listing of startup folders:

 

Shell folders Startup:

[C:\Documents and Settings\Administrator\Start Menu\Programs\Startup]

PowerReg SchedulerV2.exe

 

Shell folders Common Startup:

[C:\Documents and Settings\All Users.WINNT\Start Menu\Programs\Startup]

3Com Connection Assistant.lnk = C:\Program Files\3com\Connection Assistant\bin\matcli.exe

America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe

 

--------------------------------------------------

 

Checking Windows NT UserInit:

 

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

UserInit = C:\WINNT\system32\userinit.exe,

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

 

nForce Tray Options = sstray.exe /r

TCASUTIEXE = TCAUDIAG.exe -on

NvCplDaemon = RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup

Advanced Tools Check = C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE

MPFExe = C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

McRegWiz = C:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun

MCAgentExe = c:\PROGRA~1\mcafee.com\agent\mcagent.exe

ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

NAV CfgWiz = C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"

Pop-Up Stopper = "C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"

MCUpdateExe = C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

Synchronization Manager = mobsync.exe /logon

P2P Networking = C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART

oginl = C:\WINNT\System32\oginl.exe

WinTools = C:\Program Files\Common files\WinTools\WToolsA.exe

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

 

SpySweeper_BT01 = "C:\Program Files\Webroot\Spy Sweeper\Bt01.exe" /SpySweeper_BT01

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

 

NvMediaCenter = RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit

ctfmon.exe = ctfmon.exe

SpySweeper = "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0

 

--------------------------------------------------

 

Shell & screensaver key from C:\WINNT\SYSTEM.INI:

 

Shell=*INI section not found*

SCRNSAVE.EXE=*INI section not found*

drivers=*INI section not found*

 

Shell & screensaver key from Registry:

 

Shell=Explorer.exe

SCRNSAVE.EXE=C:\WINNT\System32\ss3dfo.scr

drivers=*Registry value not found*

 

Policies Shell key:

 

HKCU\..\Policies: Shell=*Registry key not found*

HKLM\..\Policies: Shell=*Registry value not found*

 

--------------------------------------------------

 

 

Enumerating Browser Helper Objects:

 

myBar BHO - C:\Program Files\MyWay\myBar\4.bin\MYBAR.DLL - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC}

(no name) - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

(no name) - C:\WINNT\System32\mskhhe.dll - {0982868C-47F0-4EFB-A664-C7B0B1015808}

(no name) - C:\WINNT\System32\msglji.gif - {0BA1C6EB-D062-4E37-9DB5-B07743276324}

(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}

(no name) - C:\WINNT\System32\msjfbl.dll - {94927A13-4AAA-476A-989D-392456427688}

NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

(no name) - C:\WINNT\System32\msedah.dll - {CC916B4B-BE44-4026-A19D-8C74BBD23361}

 

--------------------------------------------------

 

Enumerating Task Scheduler jobs:

 

dfrg.job

McAfee.com Update Check (NMT-VEURIAS-Administrator).job

Norton AntiVirus - Scan my computer.job

Symantec NetDetect.job

 

--------------------------------------------------

 

Enumerating Download Program Files:

 

[Microsoft Office Template and Media Control]

InProcServer32 = C:\WINNT\Downloaded Program Files\IEAWSDC.DLL

CODEBASE = http://office.microsoft.com/templates/ieawsdc.cab

 

[shockwave ActiveX Control]

InProcServer32 = C:\WINNT\system32\Macromed\Director\SwDir.dll

CODEBASE = http://download.macromedia.com/pub/shockwa...ector/swdir.cab

 

[Web P2P Installer]

InProcServer32 = C:\WINNT\Downloaded Program Files\WebP2PInstaller.dll

 

[YInstStarter Class]

InProcServer32 = C:\WINNT\Downloaded Program Files\yinsthelper.dll

CODEBASE = http://download.yahoo.com/dl/installs/yinst0401.cab

 

[{33564D57-0000-0010-8000-00AA00389B71}]

CODEBASE = http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB

 

[Live365Player Class]

InProcServer32 = C:\WINNT\DOWNLO~1\Play365.dll

CODEBASE = http://www.live365.com/players/play365.cab

 

[shockwave Flash Object]

InProcServer32 = C:\WINNT\System32\macromed\flash\Flash.ocx

CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab

 

[MSN Chat Control 4.5]

InProcServer32 = C:\WINNT\Downloaded Program Files\MSNChat45.ocx

CODEBASE = http://fdl.msn.com/public/chat/msnchat45.cab

 

--------------------------------------------------

 

Enumerating Windows NT logon/logoff scripts:

*No scripts set to run*

 

Windows NT checkdisk command:

BootExecute = autocheck autochk *

 

Windows NT 'Wininit.ini':

PendingFileRenameOperations: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~768594.tmp||C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~90030.tmp|||\

 

--------------------------------------------------

 

Enumerating ShellServiceObjectDelayLoad items:

 

Network.ConnectionTray: C:\WINNT\system32\NETSHELL.dll

WebCheck: C:\WINNT\System32\webcheck.dll

SysTray: stobject.dll

 

--------------------------------------------------

End of report, 8,734 bytes

Report generated in 0.047 seconds

 

Command line options:

/verbose - to add additional info on each section

/complete - to include empty sections and unsuspicious data

/full - to include several rarely-important sections

/force9x - to include Win9x-only startups even if running on WinNT

/forcent - to include WinNT-only startups even if running on Win9x

/forceall - to include all Win9x and WinNT startups, regardless of platform

/history - to list version history only

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0