1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Start Up list from Hijackthis PlsChk!

Discussion in 'Virus & Other Malware Removal' started by Siskm, Sep 30, 2003.

Thread Status:
Not open for further replies.
  1. Siskm

    Siskm Thread Starter

    Joined:
    Nov 7, 2002
    Messages:
    8
    Can those in the know please advise what all I need to get rid of?
    And how to fix or remove? I can mess with msconfig and have Registry First Aid, Spy-Bot, The Cleaner, Privacy Expert some might help out? This list is very long but I posted the regular scan from Hijack This and it was cut and pasted for easier viewing. Thanks for the help with it and hope you can help with this also!

    Also if this has stuff that doesn't need to be published please tell me!

    StartupList report, 9/30/2003, 7:55:42 PM
    StartupList version: 1.52
    Started from : C:\Program Files\HiJack This\HijackThis.EXE
    Detected: Windows XP SP1 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    * Using default options
    * Including empty and uninteresting sections
    * Showing rarely important sections
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\StarBand\Mission Control\TaskBarClient.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\StarBand\Mission Control\HsuGui\HsuGuiControl.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\Program Files\Gilat\QMS\QMS.exe
    C:\Program Files\Gilat\GSU\GSU.exe
    C:\Program Files\Gilat\IBQoS\ibqossvc.exe
    C:\Program Files\GILAT\Internet Page Accelerator\RPAService.exe
    C:\PROGRA~1\GILAT\INTERN~1\AS_Agent.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Flash Networks\NettGain2000\Bst\Srvany.exe
    C:\Program Files\Flash Networks\NettGain2000\Bst\WgwMngr.exe
    C:\Program Files\Gilat\NetAgent.exe
    C:\PROGRA~1\StarBand\MISSIO~1\evrep.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\Program Files\Steganos Password Manager 6\spm.exe
    c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    C:\Program Files\Trend Micro\PC-cillin 2003\Tmntsrv.exe
    C:\Program Files\Trend Micro\PC-cillin 2003\tmproxy.exe
    C:\Program Files\Trend Micro\PC-cillin 2003\PCCCLIENT.EXE
    C:\Program Files\Trend Micro\PC-cillin 2003\PCCGUIDE.EXE
    C:\Program Files\Trend Micro\PC-cillin 2003\POP3TRAP.EXE
    C:\WINDOWS\System32\wisptis.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\WinMX\WinMX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HiJack This\HijackThis.exe
    C:\WINDOWS\system32\notepad.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Startup:
    [C:\Documents and Settings\Owner.YOUR-US67PI6LUV\Start Menu\Programs\Startup]
    *No files*

    Shell folders AltStartup:
    *Folder not found*

    User shell folders Startup:
    *Folder not found*

    User shell folders AltStartup:
    *Folder not found*

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe

    Shell folders Common AltStartup:
    *Folder not found*

    User shell folders Common Startup:
    *Folder not found*

    User shell folders Alternate Common Startup:
    *Folder not found*

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    *Registry value not found*

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    TaskBarClient = C:\Program Files\StarBand\\Mission Control\TaskBarClient.exe
    Pop3trap.exe = "C:\Program Files\Trend Micro\PC-cillin 2003\Pop3trap.exe"
    pccguide.exe = "C:\Program Files\Trend Micro\PC-cillin 2003\pccguide.exe"
    PCCClient.exe = "C:\Program Files\Trend Micro\PC-cillin 2003\PCCClient.exe"
    NettGain2000 Verifier = C:\Program Files\Flash Networks\NettGain2000\Bst\NettGain2000 Verifier.exe
    KBD = C:\HP\KBD\KBD.EXE
    IgfxTray = C:\WINDOWS\System32\igfxtray.exe
    HsuGuiControl = C:\Program Files\StarBand\\Mission Control\HsuGui\HsuGuiControl.exe
    hpsysdrv = c:\windows\system\hpsysdrv.exe
    RealTray = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    NettGain2000 = C:\Program Files\Flash Networks\NettGain2000\Bst\WgwMngr.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    --------------------------------------------------

    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .COM:
    HKEY_CLASSES_ROOT\comfile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .BAT:
    HKEY_CLASSES_ROOT\batfile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .PIF:
    HKEY_CLASSES_ROOT\piffile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .SCR:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command

    (Default) = "%1" /S

    --------------------------------------------------

    File association entry for .HTA:
    HKEY_CLASSES_ROOT\htafile\shell\open\command

    (Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

    --------------------------------------------------

    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)

    [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

    [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
    StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    [{306D6C21-C1B6-4629-986C-E59E1875B8AF}]
    StubPath = "C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser

    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

    [{44BBA851-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\wpie4x86.inf,PerUserStub

    [{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser

    [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub

    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\system32\ie4uinit.exe

    [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
    StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install

    [{8b15971b-5355-4c82-8c07-7e181ea07608}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser

    --------------------------------------------------

    Enumerating ICQ Agent Autostart apps:
    HKCU\Software\Mirabilis\ICQ\Agent\Apps

    *Registry key not found*

    --------------------------------------------------

    Load/Run keys from C:\WINDOWS\WIN.INI:

    load=*INI section not found*
    run=*INI section not found*

    Load/Run keys from Registry:

    HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\Windows: load=
    HKCU\..\Windows NT\CurrentVersion\Windows: run=
    HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=wbsys.dll

    --------------------------------------------------

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=*Registry value not found*
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry value not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------

    Checking for EXPLORER.EXE instances:

    C:\WINDOWS\Explorer.exe: PRESENT!

    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present

    --------------------------------------------------

    Checking for superhidden extensions:

    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden

    --------------------------------------------------

    Verifying REGEDIT.EXE integrity:

    - Regedit.exe found in C:\WINDOWS
    - .reg open command is normal (regedit.exe %1)
    - Company name OK: 'Microsoft Corporation'
    - Original filename OK: 'REGEDIT.EXE'
    - File description: 'Registry Editor'

    Registry check passed

    --------------------------------------------------

    Enumerating Browser Helper Objects:

    (no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
    Webster Toolbar - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\m-wtoolbar.dll - {9E1128F1-53FA-11d5-8490-0048548030CA}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    McAfee.com Update Check (YOUR-US67PI6LUV-Owner).job
    Symantec NetDetect.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [Microsoft XML Parser for Java]
    OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

    [Checkers Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
    CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab

    [QuickTime Object]
    InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx
    CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

    [{03F998B2-0E00-11D3-A498-00104B6EB52E}]
    CODEBASE = https://components.viewpoint.com/MT...w.viewpoint.com/cgi-bin/vet_install_popup.pl?

    [MPChWrapper.Util]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\MPChWrapper.dll
    CODEBASE = http://instantsupport.hp.com/update/030227/MPChWrapper.CAB

    [PCPitstop Utility]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\CONFLICT.1\PCPITS~1.DLL
    CODEBASE = http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

    [{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}]
    CODEBASE = http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab

    [{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}]
    CODEBASE = http://download.yahoo.com/dl/installs/yinst.cab

    [WebDeployer5.ctlLoader]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\WebDeployer5.ocx
    CODEBASE = http://voicecafe.optecs.net/installables/WebDeployer5.CAB

    [Create and Print ActiveX Plug-in]
    InProcServer32 = C:\WINDOWS\System32\AxCtp.dll
    CODEBASE = http://www.imgag.com/cp/install/AxCtp.cab

    [AppDLCtrl Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\appdl.dll
    CODEBASE = http://download.howudodat.com/chatterbox/download/appdl.cab

    [{41F17733-B041-4099-A042-B518BB6A408C}]
    CODEBASE = http://a1540.g.akamai.net/7/1540/52...ple.com/drakken/us/win/QuickTimeInstaller.exe

    [OPUCatalog Class]
    InProcServer32 = C:\WINDOWS\System32\opuc.dll
    CODEBASE = http://office.microsoft.com/productupdates/content/opuc/opuc.cab

    [Microsoft.WinRep]
    InProcServer32 = C:\WINDOWS\System32\Winrep.dll
    CODEBASE = https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab

    [OPUCatalog Class]
    InProcServer32 = C:\WINDOWS\System32\opuc.dll
    CODEBASE = http://office.microsoft.com/productupdates/content/opuc.cab

    [{6FB9FE59-7D3B-483D-9909-C870BE5AFA1F}]
    CODEBASE = http://www.pcpitstop.com/pcpitstop/diskhealth.cab

    [HouseCall Control]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\CONFLICT.1\xscan53.ocx
    CODEBASE = http://a840.g.akamai.net/7/840/537/0251f502ac7d00/housecall.antivirus.com/housecall/xscan53.cab

    [{75D1F3B2-2A21-11D7-97B9-0010DC2A6243}]
    CODEBASE = http://secure2.comned.com/signuptemplates/ActiveSecurity.cab

    [AV Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\PAV.dll
    CODEBASE = http://www.pcpitstop.com/antivirus/PCPAV.CAB

    [WebDeployerUtil.ctlUtil]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\WebDeployerUtil.ocx
    CODEBASE = http://voicecafe.optecs.net/installables/WebDeployerUtil.CAB

    [CCMPGui Class]
    InProcServer32 = C:\WINDOWS\System32\ccmp392.dll
    CODEBASE = http://64.124.45.181/chaincast/proxy/CCMP.cab

    [NPEVPCFG.UserControl1]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\NPEVPCFG.ocx
    CODEBASE = http://voicecafe.optecs.net/confighelp/NPEVPCFG.CAB

    [{82202BE7-C56A-487E-9E55-D84BDC1A5776}]
    CODEBASE = http://install.anark.com/client/version1/windows-ie/en/AMClient.cab

    [Java Plug-in 1.4.1]
    InProcServer32 = C:\Program Files\Java\j2re1.4.1\bin\npjpi141.dll
    CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-1_4_1-windows-i586.cab

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
    CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab

    [{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}]
    CODEBASE = http://www.pandasoftware.com/activescan/as/asinst.cab

    [WebDeployer2.ctlLoader]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\WebDeployer2.ocx
    CODEBASE = http://voicecafe.optecs.net/installables/WebDeployer2.CAB

    [Update Class]
    InProcServer32 = C:\WINDOWS\System32\iuctl.dll
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37732.7940162037

    [YahooYMailTo Class]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\ymmapi.dll
    CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll

    [Java Plug-in 1.4.1]
    InProcServer32 = C:\Program Files\Java\j2re1.4.1\bin\npjpi141.dll
    CODEBASE = http://java.sun.com/products/plugin/1.4/jinstall-14-windows-i586.cab

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [Microsoft Office Tools on the Web Control]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\OUTC.DLL
    CODEBASE = http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab

    [Anark Client ActiveX Control]
    CODEBASE = http://install.anark.com/client/version2/windows-ie/en/AMClient.cab

    [Yahoo! Webcam Viewer Wrapper]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\yvwrctl.dll
    CODEBASE = http://chat.yahoo.com/cab/yvwrctl.cab

    [{E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD}]
    CODEBASE = http://download.abacast.com/download/files/abasetup.cab

    [{E93A6FCA-C052-45DF-AC9B-B729066092F8}]
    CODEBASE = http://isupport4.hp.com/motivedocs/linklauncher/MotUtil.cab

    [McFreeScan Class]
    InProcServer32 = C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll
    CODEBASE = http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4278/mcfscan.cab

    [Hotmail Attachments Control]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\HMAtchmt.ocx
    CODEBASE = http://lw15fd.law15.hotmail.msn.com/activex/HMAtchmt.ocx

    [CRegistryDownload Class]
    InProcServer32 = C:\WINDOWS\System32\RegDload.dll
    CODEBASE = http://download.paltalk.com/webregtest/RegDload.CAB

    [MSN Chat Control 4.5]
    InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MSNChat45.ocx
    CODEBASE = http://fdl.msn.com/public/chat/msnchat45.cab

    [{F798683C-FE05-436C-B0FF-35B9122E9787}]
    CODEBASE = http://www.m-w.com/tools/toolbar/cabs/m-w.cab

    --------------------------------------------------

    Enumerating Winsock LSP files:

    NameSpace #1: C:\WINDOWS\System32\mswsock.dll
    NameSpace #2: C:\WINDOWS\System32\winrnr.dll
    NameSpace #3: C:\WINDOWS\System32\mswsock.dll
    NameSpace #4: C:\WINDOWS\System32\nwprovau.dll
    Protocol #1: C:\WINDOWS\system32\mswsock.dll
    Protocol #2: C:\WINDOWS\system32\mswsock.dll
    Protocol #3: C:\WINDOWS\system32\mswsock.dll
    Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #6: C:\WINDOWS\system32\mswsock.dll
    Protocol #7: C:\WINDOWS\system32\mswsock.dll
    Protocol #8: C:\WINDOWS\system32\mswsock.dll
    Protocol #9: C:\WINDOWS\system32\mswsock.dll
    Protocol #10: C:\WINDOWS\system32\mswsock.dll
    Protocol #11: C:\WINDOWS\system32\mswsock.dll
    Protocol #12: C:\WINDOWS\system32\mswsock.dll
    Protocol #13: C:\WINDOWS\system32\mswsock.dll
    Protocol #14: C:\WINDOWS\system32\mswsock.dll
    Protocol #15: C:\WINDOWS\system32\mswsock.dll
    Protocol #16: C:\WINDOWS\system32\mswsock.dll
    Protocol #17: C:\WINDOWS\system32\mswsock.dll
    Protocol #18: C:\WINDOWS\system32\mswsock.dll
    Protocol #19: C:\WINDOWS\system32\mswsock.dll
    Protocol #20: C:\WINDOWS\system32\mswsock.dll
    Protocol #21: C:\WINDOWS\system32\mswsock.dll
    Protocol #22: C:\WINDOWS\system32\mswsock.dll
    Protocol #23: C:\WINDOWS\system32\mswsock.dll
    Protocol #24: C:\WINDOWS\system32\mswsock.dll
    Protocol #25: C:\WINDOWS\system32\mswsock.dll
    Protocol #26: C:\WINDOWS\system32\mswsock.dll
    Protocol #27: C:\WINDOWS\system32\mswsock.dll
    Protocol #28: C:\WINDOWS\system32\mswsock.dll
    Protocol #29: C:\WINDOWS\system32\mswsock.dll

    --------------------------------------------------

    Enumerating Windows NT/2000/XP services

    .NET Framework Service: C:\WINDOWS\system32\svchost.exe (autostart)
    IPv6 Helper Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
    Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
    AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (autostart)
    Intel AGP Bus Filter: System32\DRIVERS\agp440.sys (system)
    Service for Avance AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start)
    Alerter: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
    Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)
    RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
    Standard IDE/ESDI Hard Disk Controller: System32\DRIVERS\atapi.sys (system)
    ATM ARP Client Protocol: System32\DRIVERS\atmarpc.sys (manual start)
    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
    Belarc SMBios Access: \SystemRoot\System32\Drivers\BANTExt.sys (system)
    Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    CD-ROM Driver: System32\DRIVERS\cdrom.sys (system)
    Indexing Service: C:\WINDOWS\System32\cisvc.exe (autostart)
    ClipBook: %SystemRoot%\system32\clipsrv.exe (manual start)
    COM+ System Application: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
    Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Disk Driver: System32\DRIVERS\disk.sys (system)
    Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
    dmboot: System32\drivers\dmboot.sys (disabled)
    dmio: System32\drivers\dmio.sys (disabled)
    dmload: System32\drivers\dmload.sys (disabled)
    Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
    Deterministic Network Enhancer Miniport: System32\DRIVERS\dne2000.sys (manual start)
    DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
    MS IEEE-1284.4 Driver: System32\DRIVERS\Dot4.sys (manual start)
    Print Class Driver for IEEE-1284.4: System32\DRIVERS\Dot4Prt.sys (manual start)
    Scan Class Driver for IEEE-1284.4: System32\DRIVERS\Dot4Scan.sys (manual start)
    Dot4USB Filter Dot4USB Filter: System32\DRIVERS\dot4usb.sys (manual start)
    Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
    Intel(R) PRO Adapter Driver: System32\DRIVERS\e100b325.sys (manual start)
    Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Event Log: %SystemRoot%\system32\services.exe (autostart)
    COM+ Event System: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
    Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Fax: %systemroot%\system32\fxssvc.exe (autostart)
    Floppy Disk Controller Driver: System32\DRIVERS\fdc.sys (manual start)
    Floppy Disk Driver: System32\DRIVERS\flpydisk.sys (manual start)
    Volume Manager Driver: System32\DRIVERS\ftdisk.sys (system)
    Gilat Quality Measurement Service: C:\Program Files\Gilat\QMS\QMS.exe (autostart)
    Gilat host software update service: C:\Program Files\Gilat\GSU\GSU.exe (autostart)
    Gilat Network Agent Service: C:\Program Files\Gilat\NetAgent.exe (manual start)
    Generic Packet Classifier: System32\DRIVERS\msgpc.sys (manual start)
    Gilat SkyBlaster USB Adapter: System32\DRIVERS\gssNic.sys (manual start)
    Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Microsoft HID Class Driver: System32\DRIVERS\hidusb.sys (manual start)
    i8042 Keyboard and PS/2 Mouse Port Driver: System32\DRIVERS\i8042prt.sys (system)
    i81x: System32\DRIVERS\i81xnt5.sys (manual start)
    iAimFP0: System32\DRIVERS\wADV01nt.sys (manual start)
    iAimFP1: System32\DRIVERS\wADV02NT.sys (manual start)
    iAimFP2: System32\DRIVERS\wADV05NT.sys (manual start)
    iAimFP3: System32\DRIVERS\wSiINTxx.sys (manual start)
    iAimFP4: System32\DRIVERS\wVchNTxx.sys (manual start)
    iAimTV0: System32\DRIVERS\wATV01nt.sys (manual start)
    iAimTV1: System32\DRIVERS\wATV02NT.sys (manual start)
    iAimTV3: System32\DRIVERS\wATV04nt.sys (manual start)
    iAimTV4: System32\DRIVERS\wCh7xxNT.sys (manual start)
    ialm: System32\DRIVERS\ialmnt5.sys (manual start)
    Gilat IBQoS Agent: C:\Program Files\Gilat\IBQoS\ibqossvc.exe (autostart)
    %imapi_ServiceDesc%: System32\DRIVERS\imapi.sys (system)
    IMAPI CD-Burning COM Service: C:\WINDOWS\System32\imapi.exe (manual start)
    IntelIde: System32\DRIVERS\intelide.sys (system)
    IPv6 Firewall Driver: System32\DRIVERS\Ip6Fw.sys (manual start)
    IPv6 Internet Connection Firewall: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
    IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
    IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
    IPSEC driver: System32\DRIVERS\ipsec.sys (system)
    IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
    PnP ISA/EISA Bus Driver: System32\DRIVERS\isapnp.sys (system)
    Keyboard Class Driver: System32\DRIVERS\kbdclass.sys (system)
    Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
    Logitech PS/2 Mouse Filter Driver: System32\DRIVERS\L8042Pr2.sys (manual start)
    Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Logitech HID/USB Mouse Filter Driver: System32\DRIVERS\LHidFlt2.sys (manual start)
    Logitech USB Receiver device driver: system32\drivers\LHidUsb.Sys (manual start)
    Logitech Keyboard Class Filter Driver: System32\DRIVERS\LKbdFlt2.sys (manual start)
    TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    Logitech Mouse Class Filter Driver: System32\DRIVERS\LMouFlt2.sys (manual start)
    Lucent Modem Driver: System32\DRIVERS\ltmdmnt.sys (manual start)
    McAfee Firewall Network Filter Miniport: System32\DRIVERS\fw220.sys (manual start)
    Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    NetMeeting Remote Desktop Sharing: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
    Mouse Class Driver: System32\DRIVERS\mouclass.sys (system)
    Mouse HID Driver: System32\DRIVERS\mouhid.sys (manual start)
    WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
    MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
    Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
    Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start)
    Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
    Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
    Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
    Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
    NDIS Usermode I/O Protocol: System32\DRIVERS\ndisuio.sys (manual start)
    Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
    NetBIOS Interface: System32\DRIVERS\netbios.sys (system)
    NetBT: System32\DRIVERS\netbt.sys (system)
    Network DDE: %SystemRoot%\system32\netdde.exe (manual start)
    Network DDE DSDM: %SystemRoot%\system32\netdde.exe (manual start)
    Net Logon: %SystemRoot%\System32\lsass.exe (manual start)
    Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    NetPost: \??\C:\WINDOWS\System32\Drivers\netpost.sys (autostart)
    Network Location Awareness (NLA): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Network Monitor Driver: System32\DRIVERS\NMnt.sys (manual start)
    NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)
    Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    nv: System32\DRIVERS\nv4_mini.sys (manual start)
    nv4: System32\DRIVERS\nv4.sys (manual start)
    NVIDIA Driver Helper Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
    NVIDIA nForce AGP Bus Filter: System32\DRIVERS\nv_agp.sys (system)
    IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
    IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
    NWLink IPX/SPX/NetBIOS Compatible Transport Protocol: System32\DRIVERS\nwlnkipx.sys (autostart)
    NWLink NetBIOS: System32\DRIVERS\nwlnknb.sys (autostart)
    NWLink SPX/SPXII Protocol: System32\DRIVERS\nwlnkspx.sys (autostart)
    Parallel port driver: System32\DRIVERS\parport.sys (manual start)
    Pcdr Helper Driver: system32\drivers\PCDRDRV.sys (manual start)
    PcdrNt: \SystemRoot\System32\drivers\PcdrNt.sys (manual start)
    PCI Bus Driver: System32\DRIVERS\pci.sys (system)
    PCIIde: System32\DRIVERS\pciide.sys (system)
    Padus ASPI Shell: system32\drivers\pfc.sys (manual start)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
    WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
    Processor Driver: System32\DRIVERS\processr.sys (system)
    Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
    PS2: System32\DRIVERS\PS2.sys (manual start)
    QoS Packet Scheduler: System32\DRIVERS\psched.sys (manual start)
    Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
    PxHelp20: System32\DRIVERS\PxHelp20.sys (system)
    Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
    Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
    Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
    Direct Parallel: System32\DRIVERS\raspti.sys (manual start)
    Rdbss: System32\DRIVERS\rdbss.sys (system)
    RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
    Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
    Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
    Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Microsoft Legacy Modem Driver: System32\Drivers\RootMdm.sys (manual start)
    RPAService: C:\Program Files\GILAT\Internet Page Accelerator\RPAService.exe (autostart)
    Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)
    Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
    Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver: System32\DRIVERS\RTL8139.SYS (manual start)
    S3Psddr: System32\DRIVERS\s3gnbm.sys (manual start)
    Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
    Smart Card Helper: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Secdrv: System32\DRIVERS\secdrv.sys (manual start)
    Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Serenum Filter Driver: System32\DRIVERS\serenum.sys (manual start)
    Serial port driver: System32\DRIVERS\serial.sys (system)
    Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    SiS315: System32\DRIVERS\sisgrp.sys (manual start)
    SiS AGP Filter: System32\DRIVERS\SISAGP.sys (system)
    Acronis Snapshots Manager: System32\DRIVERS\snapman.sys (system)
    SNMP Service: %SystemRoot%\System32\snmp.exe (autostart)
    SNMP Trap Service: %SystemRoot%\System32\snmptrap.exe (manual start)
    Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
    Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
    System Restore Filter Driver: System32\DRIVERS\sr.sys (system)
    System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    SSDP Discovery Service: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
    Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
    Software Bus Driver: System32\DRIVERS\swenum.sys (manual start)
    Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
    MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{13C56707-A75E-427F-A3E7-375956BFF577} (manual start)
    Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
    Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (autostart)
    Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    TCP/IP Protocol Driver: System32\DRIVERS\tcpip.sys (system)
    Microsoft IPv6 Protocol Driver: System32\DRIVERS\tcpip6.sys (system)
    Terminal Device Driver: System32\DRIVERS\termdd.sys (system)
    Terminal Services: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Tmfilter: System32\drivers\TmXPFlt.sys (autostart)
    Trend NT Realtime Service: "C:\Program Files\Trend Micro\PC-cillin 2003\Tmntsrv.exe" (autostart)
    Tmpreflt: System32\drivers\Tmpreflt.sys (autostart)
    Trend Micro Proxy Service: C:\Program Files\Trend Micro\PC-cillin 2003\tmproxy.exe (autostart)
    Trend Micro TDI Driver: \SystemRoot\System32\Drivers\tmtdi.sys (autostart)
    Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
    Microsoft Tun Miniport Adapter Driver: System32\DRIVERS\tunmp.sys (manual start)
    Microcode Update Driver: System32\DRIVERS\update.sys (manual start)
    Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Universal Plug and Play Device Host: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
    Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: System32\DRIVERS\usbehci.sys (manual start)
    USB2 Enabled Hub: System32\DRIVERS\usbhub.sys (manual start)
    Microsoft USB Open Host Controller Miniport Driver: System32\DRIVERS\usbohci.sys (manual start)
    Microsoft USB Universal Host Controller Miniport Driver: System32\DRIVERS\usbuhci.sys (manual start)
    VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system)
    VIA AGP Filter: System32\DRIVERS\viaagp1.sys (system)
    ViaIde: System32\DRIVERS\viaide.sys (system)
    Vsapint: System32\drivers\Vsapint.sys (autostart)
    vsdatant: \??\C:\WINDOWS\System32\vsdatant.sys (autostart)
    TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart)
    Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
    Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
    Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
    WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    WgwService: C:\Program Files\Flash Networks\NettGain2000\Bst\Srvany.exe (autostart)
    Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    WMI Performance Adapter: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
    Windows Socket 2.0 Non-IFS Service Provider Support Environment: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled)
    Automatic Updates: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Intel(R) Graphics Platform (SoftBIOS) Driver: system32\drivers\ialmsbw.sys (system)
    Intel(R) Graphics Chipset (KCH) Driver: system32\drivers\ialmkchw.sys (manual start)


    --------------------------------------------------

    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*

    Windows NT checkdisk command:
    BootExecute = autocheck autochk *

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: *Registry value not found*

    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\System32\webcheck.dll
    SysTray: C:\WINDOWS\System32\stobject.dll

    --------------------------------------------------
    End of report, 41,282 bytes
    Report generated in 0.203 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  2. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    The startup list looks ok from a "security" standpoint, but you need to post a Scanlog which presents a different set of registry entries.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/168672

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice