HijackThis Log

paul2-0-0-2

OSNN Senior Addict
Joined
9 Jul 2002
Messages
979
Logfile of HijackThis v1.98.2

PHP:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\taskswitch.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Palick Soft\SIGuardian\SIGuardian.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\xchat\xchat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\CHAND-z\Desktop\hijackthis\HijackThis.exe
C:\WINDOWS\System32\notepad.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://format.packardbell.com/cgi-bin/redirect/?country=UK&range=AD&phase=6&key=SEARCH[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: SIGuardian.lnk = C:\Program Files\Palick Soft\SIGuardian\SIGuardian.exe
O4 - Startup: Streamload Downloader.lnk = C:\Program Files\SlDB\SlDB.exe
O4 - Startup: Streamload Uploader.lnk = C:\Program Files\Streamload\StreamMgr.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - [url]http://messenger.ipfox.com[/url] (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - [url]http://messenger.ipfox.com[/url] (file missing)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - [url]http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab[/url]
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab[/url]
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - [url]http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab[/url]
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab[/url]
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - [url]http://messenger.zone.msn.com/binary/ZIntro.cab28578.cab[/url]
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab[/url]
 
StartupList Report

PHP:
Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\CHAND-z\Start Menu\Programs\Startup]
PowerReg Scheduler V3.exe
SIGuardian.lnk = C:\Program Files\Palick Soft\SIGuardian\SIGuardian.exe
Streamload Downloader.lnk = C:\Program Files\SlDB\SlDB.exe
Streamload Uploader.lnk = C:\Program Files\Streamload\StreamMgr.exe

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Smapp = C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
ATIModeChange = Ati2mdxx.exe
ATIPTA = C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ccRegVfy = "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
MessengerPlus3 = "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
SunJavaUpdateSched = C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
TkBellExe = "C:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe" -osboot
CoolSwitch = C:\WINDOWS\System32\taskswitch.exe
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
InCD = C:\Program Files\Ahead\InCD\InCD.exe
iTunesHelper = C:\Program Files\iTunes\iTunesHelper.exe
DataLayer = C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
PCSuiteTrayApplication = C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

Register Homesite+.exe = "C:\Program Files\Macromedia\HomeSite+\Homesite+.exe" /REGSERVER

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Sonic RecordNow! = 
Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe
Yahoo! Pager = C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
MessengerPlus3 = "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\PROGRA~1\FlashGet\jccatch.dll - {A5366673-E8CA-11D3-9CD9-0090271D075B}
(no name) - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Norton AntiVirus - Scan my computer.job
Registration reminder 2.job
Registration reminder 3.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[Checkers Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
CODEBASE = [url]http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab[/url]

[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
CODEBASE = [url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab[/url]

[Minesweeper Flags Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\minesweeper.dll
CODEBASE = [url]http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab[/url]

[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = [url]http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab[/url]

[{9F1C11AA-197B-4942-BA54-47A8489BB47F}]
CODEBASE = [url]http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38189.2077777778[/url]

[ZoneIntro Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
CODEBASE = [url]http://messenger.zone.msn.com/binary/ZIntro.cab28578.cab[/url]

[YAddBook Class]
InProcServer32 = C:\PROGRA~1\Yahoo!\Common\yaddbook.dll
CODEBASE = [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab[/url]

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\CHAND-z\LOCALS~1\Temp\GLB1A2B.EXE||E:\System Volume Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP61\A0006005.exe => C:\DOCUME~1\CHAND-z\LOCALS~1\Temp\temp.fr20B9|E:\System Volume Information\_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}\RP61\A0006006.exe => C:\DOCUME~1\CHAND-z\LOCALS~1\Temp\temp.frC463||O

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
 
just gotta say that your sig and ava r hot. I love her i wanna do her so bad.


anyway...ummm i never know much about the log thing but if it was mine i would have that half that crap gone. My log has like 5-6 things.
 
lol yes shes Hot, Sig & AV are Quality Bk made them :)

Nar should be more than 6 i think :rolleyes:
 
not that I can see might want to trim down your startups but looks like stuff you installed yourself
 
I can't read it, why did you paste it as PHP code?
 
Yes lol know about the Start up stuff quite a Bit but stuff i know

I think its easier to see in PHP lol i can see it better than just pasteing it anyway
 
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:program FilesAheadInCDInCDsrv.exe
C:WINDOWSsystem32spoolsv.exe
C:program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:program FilesNorton Internet SecurityNISUM.EXE
C:program FilesNorton Internet SecurityccPxySvc.exe
C:program FilesNorton AntiVirusnavapsvc.exe
C:program FilesAnalog DevicesSoundMAXSMAgent.exe
C:program FilesVirtual CD v4 SDKsystemvcssecs.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:program FilesAnalog DevicesSoundMAXSMTray.exe
C:ATI TechnologiesATI Control Panelatiptaxx.exe
C:program FilesCommon FilesSymantec SharedccApp.exe
C:program FilesMessenger Plus! 3MsgPlus.exe
C:program FilesJavaj2re1.4.2_04binjusched.exe
C:WINDOWSSystem32taskswitch.exe
C:program FilesAheadInCDInCD.exe
C:program FilesiTunesiTunesHelper.exe
C:pROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXE
C:pROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE
C:program FilesiPodbiniPodService.exe
C:program FilesYahoo!Messengerypager.exe
C:program FilesMessengermsmsgs.exe
C:WINDOWSSystem32ctfmon.exe
C:program FilesMSN Messengermsnmsgr.exe
C:pROGRA~1COMMON~1PCSuiteServicesSERVIC~1.EXE
C:program FilesPalick SoftSIGuardianSIGuardian.exe
C:program FilesMSN Messengermsnmsgr.exe
C:program Filesxchatxchat.exe
C:program FilesMSN Messengermsnmsgr.exe
C:program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsCHAND-zDesktophijackthisHijackThis.exe
C:WINDOWSSystem32notepad.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=UK&range=AD&phase=6&key=SEARCH
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Packard Bell
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:pROGRA~1Yahoo!COMPAN~1Installscpnycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:pROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:pROGRA~1FlashGetjccatch.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:pROGRA~1Yahoo!COMPAN~1Installscpnycomp5_3_12_0.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:pROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [Smapp] C:program FilesAnalog DevicesSoundMAXSMTray.exe
O4 - HKLM..Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM..Run: [ATIPTA] C:ATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM..Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:program FilesJavaj2re1.4.2_04binjusched.exe
O4 - HKLM..Run: [TkBellExe] "C:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe" -osboot
O4 - HKLM..Run: [CoolSwitch] C:WINDOWSSystem32taskswitch.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [InCD] C:program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [iTunesHelper] C:program FilesiTunesiTunesHelper.exe
O4 - HKLM..Run: [DataLayer] C:pROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXE
O4 - HKLM..Run: [PCSuiteTrayApplication] C:pROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE
O4 - HKCU..Run: [Symantec NetDriver Monitor] C:pROGRA~1SYMNET~1SNDMon.exe
O4 - HKCU..Run: [Yahoo! Pager] C:program FilesYahoo!Messengerypager.exe -quiet
O4 - HKCU..Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU..Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: SIGuardian.lnk = C:program FilesPalick SoftSIGuardianSIGuardian.exe
O4 - Startup: Streamload Downloader.lnk = C:program FilesSlDBSlDB.exe
O4 - Startup: Streamload Uploader.lnk = C:program FilesStreamloadStreamMgr.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download All by FlashGet - C:program FilesFlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:program FilesFlashGetjc_link.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:program FilesYahoo!Messengeryhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:program FilesYahoo!Messengeryhexbmes0521.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:pROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:pROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:program FilesMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:program FilesMessengerMSMSGS.EXE
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab28578.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
 
Listing of startup folders:

Shell folders Startup:
[C:Documents and SettingsCHAND-zStart MenuProgramsStartup]
PowerReg Scheduler V3.exe
SIGuardian.lnk = C:program FilesPalick SoftSIGuardianSIGuardian.exe
Streamload Downloader.lnk = C:program FilesSlDBSlDB.exe
Streamload Uploader.lnk = C:program FilesStreamloadStreamMgr.exe

Shell folders Common Startup:
[C:Documents and SettingsAll UsersStart MenuProgramsStartup]
Adobe Gamma Loader.exe.lnk = C:program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
Adobe Gamma Loader.lnk = C:program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon]
UserInit = C:WINDOWSsystem32userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRun

Smapp = C:program FilesAnalog DevicesSoundMAXSMTray.exe
ATIModeChange = Ati2mdxx.exe
ATIPTA = C:ATI TechnologiesATI Control Panelatiptaxx.exe
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ccRegVfy = "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
MessengerPlus3 = "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
SunJavaUpdateSched = C:program FilesJavaj2re1.4.2_04binjusched.exe
TkBellExe = "C:\Program Files\K-Lite Codec Pack\real\Update_OB\realsched.exe" -osboot
CoolSwitch = C:WINDOWSSystem32taskswitch.exe
NeroFilterCheck = C:WINDOWSsystem32NeroCheck.exe
InCD = C:program FilesAheadInCDInCD.exe
iTunesHelper = C:program FilesiTunesiTunesHelper.exe
DataLayer = C:pROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXE
PCSuiteTrayApplication = C:pROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunOnceEx

Register Homesite+.exe = "C:\Program Files\Macromedia\HomeSite+\Homesite+.exe" /REGSERVER

--------------------------------------------------

Autorun entries from Registry:
HKCUSoftwareMicrosoftWindowsCurrentVersionRun

Sonic RecordNow! =
Symantec NetDriver Monitor = C:pROGRA~1SYMNET~1SNDMon.exe
Yahoo! Pager = C:program FilesYahoo!Messengerypager.exe -quiet
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
MessengerPlus3 = "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
ctfmon.exe = C:WINDOWSSystem32ctfmon.exe
msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

--------------------------------------------------

Shell & screensaver key from C:WINDOWSSYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:WINDOWSSystem32logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU..Policies: Shell=*Registry key not found*
HKLM..Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:pROGRA~1Yahoo!COMPAN~1Installscpnycomp5_3_12_0.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:pROGRA~1SPYBOT~1SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:pROGRA~1FlashGetjccatch.dll - {A5366673-E8CA-11D3-9CD9-0090271D075B}
(no name) - C:program FilesNorton AntiVirusNavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Norton AntiVirus - Scan my computer.job
Registration reminder 2.job
Registration reminder 3.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[Checkers Class]
InProcServer32 = C:WINDOWSDownloaded Program Filesmsgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab

[MessengerStatsClient Class]
InProcServer32 = C:WINDOWSDownloaded Program FilesMessengerStatsPAClient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab28578.cab

[Minesweeper Flags Class]
InProcServer32 = C:WINDOWSDownloaded Program Filesminesweeper.dll
CODEBASE = http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab

[MessengerStatsClient Class]
InProcServer32 = C:WINDOWSDownloaded Program Filesmessengerstatsclient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab

[{9F1C11AA-197B-4942-BA54-47A8489BB47F}]
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38189.2077777778

[ZoneIntro Class]
InProcServer32 = C:WINDOWSDownloaded Program FilesZIntro.ocx
CODEBASE = http://messenger.zone.msn.com/binary/ZIntro.cab28578.cab

[YAddBook Class]
InProcServer32 = C:pROGRA~1Yahoo!Commonyaddbook.dll
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:DOCUME~1CHAND-zLOCALS~1TempGLB1A2B.EXE||E:System Volume Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP61A0006005.exe => C:DOCUME~1CHAND-zLOCALS~1Temptemp.fr20B9|E:System Volume Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP61A0006006.exe => C:DOCUME~1CHAND-zLOCALS~1Temptemp.frC463||O

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:WINDOWSsystem32SHELL32.dll
CDBurn: C:WINDOWSsystem32SHELL32.dll
WebCheck: C:WINDOWSSystem32webcheck.dll
SysTray: C:WINDOWSSystem32stobject.dll
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back