StartupList report, 16/01/03, 6:15:16 PM
StartupList version: 1.51
Started from : C:\WINDOWS\TEMP\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v5.00 (5.00.2614.3500)
* Using default options
==================================================
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SM56HLPR.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\MESSENGER PLUS! EXTENSION\MSGPLUS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\WT\UPDATER\WCMDMGR.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\AOL CANADA 6.0\WAOL.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
C:\PROGRAM FILES\SHAREAZA\SHAREAZA.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\STARTUPLIST.EXE
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
AOL Canada 6.0 Tray Icon.lnk = C:\AOL Canada 6.0\aoltray.exe
Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
PowerReg Scheduler.exe
Mstask.lnk = C:\WINDOWS\SYSTEM\MSTASK.EXE
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
ScanRegistry = c:\windows\scanregw.exe /autorun
TaskMonitor = c:\windows\taskmon.exe
SystemTray = SysTray.Exe
SM56ACL = sm56hlpr.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
LoadQM = loadqm.exe
MessengerPlus = "C:\Program Files\Messenger Plus! Extension\MsgPlus.exe"
NvCplDaemon = RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
nwiz = nwiz.exe /install
wcmdmgr = C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
RegShave = C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun
OmgStartup = C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
NAV Agent = C:\PROGRA~1\NORTON~3\NAVAPW32.EXE
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
SymTray - Norton SystemWorks = C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
ScriptBlocking = "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Yahoo! Pager = C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
--------------------------------------------------
C:\WINDOWS\WININIT.BAK listing:
(Created 2/1/2003, 17:56:36)
[rename]
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
nul=c:\windows\TEMP\~f39a36.tmp
--------------------------------------------------
C:\AUTOEXEC.BAT listing:
PATH c:\windows;c:\windows\COMMAND;C:\EXCEL;C:\WINWORD;C:\BITWARE\MPLY
c:\windows\a4init.exe
C:\MediaKey\FGetKey.exe
--------------------------------------------------
Enumerating Browser Helper Objects:
BonziBUDDY Web Compass - (no file) - {A28C2A31-3AB0-4118-922F-F6B3184F5495}
(no name) - (no file) - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
BabeIE - C:\PROGRAM FILES\COMMONNAME\TOOLBAR\BABEIE.DLL - {A6475E6B-3C2E-4B1F-82FD-8F1C0B1D8AD0}
Activater - C:\PROGRAM FILES\COMMONNAME\TOOLBAR\CNBARIE.DLL - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F}
NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Tune-up Application Start.job
Symantec NetDetect.job
Norton AntiVirus - Scan my computer.job
--------------------------------------------------
Enumerating Download Program Files:
[HeartbeatCtl Class]
InProcServer32 = C:\WINDOWS\DOWNLO~1\HRTBEAT.OCX
CODEBASE =
http://fdl.msn.com/zone/datafiles/heartbeat.cab
[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\SHOCKWAVE 8\DOWNLOAD.DLL
CODEBASE =
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
[Macromedia Authorware Web Player Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\AUTHORWA\AWSWAX.OCX
CODEBASE =
http://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxm.cab
[Yahoo! Audio Conferencing]
InProcServer32 = C:\PROGRAM FILES\YAHOO!\MESSENGER\YACSCOM.DLL
CODEBASE =
http://cs3.chat.yahoo.com/v/yacscom.cab
[MSNChatFrame Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT10.OCX
CODEBASE =
http://chat.msn.ca/bin/msnchat.cab
[{FA13A9FA-CA9B-11D2-9780-00104B242EA3}]
CODEBASE =
http://www.wildtangent.com/install/wdriver/adrenaline/microsoft/wtinst.cab
[CV3 Class]
InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
CODEBASE =
http://windowsupdate.microsoft.com/R553/V31Controls/x86/w98/en/actsetup.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\SWFLASH.OCX
CODEBASE =
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[NetworkPlace Class]
InProcServer32 = C:\WINDOWS\DOWNLO~1\NETPLACE.DLL
CODEBASE =
http://www.driveway.com/partners/msoe/netplace.cab
[EAC_DownloadRec Class]
InProcServer32 = C:\PROGRA~1\COMMON~1\EACCEL~1\EAC_DREC.DLL
CODEBASE =
http://www6.buttonware.net/canary_eacceleration_webcelerator_4.cab
[{BD11A280-2E73-11CF-B6CF-00AA00A74DAF}]
CODEBASE =
http://images.bonzi.com/freebuddy/wd/bbsetupkaa.exe
[InstallCtl Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RSINSTALLER.DLL
CODEBASE =
http://download.redswoosh.com/Installer/rsinstaller.cab
[CoGSManager Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\GSMANAGER.DLL
CODEBASE =
http://gamingzone.ubisoft.com/packages/GSManager.cab
[Measurement Service Client]
InProcServer32 = C:\WINDOWS\DOWNLO~1\MSC.OCX
CODEBASE =
http://ccon.madonion.com/global/msc.cab
[MSN Chat Control 4.2]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT42.OCX
CODEBASE =
http://fdl.msn.com/public/chat/msnchat42.cab
[YInstStarter Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YINSTHELPER.DLL
CODEBASE =
http://download.yahoo.com/dl/installs/yinst.cab
[ActiveDataObj Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\ACTIVEDATA.DLL
CODEBASE =
https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
[Symantec RuFSI Registry Information Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RUFSI.DLL
CODEBASE =
http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
--------------------------------------------------
End of report, 8,120 bytes
Report generated in 0.713 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only