Evilmistage
Thread Starter
- Joined
- Jan 18, 2003
- Messages
- 6
I have a Dell Dimension L500r computer that somehow got hosed by my sons friend. I am having a tremendous amount of trouble with programs shutting down, error messages, etc. I can't even run zztop to restore the computer back to original factory settings without getting an error message saying that it can't continue because of an internal error. I am currently running Windows 98. Any ideas? Please help. It's still a very good computer. The following is the startup list report:
StartupList report, 1/18/03, 7:01:26 PM
StartupList version: 1.51
Started from : C:\UNZIPPED\STARTUPLIST151\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v5.50 (5.50.4134.0600)
* Using default options
==================================================
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\MOUSE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\WJVIEW.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\ACS495\MIXGHOST.EXE
C:\PROGRAM FILES\SAVE\SAVE.EXE
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
C:\PROGRAM FILES\EZULA\MMOD.EXE
C:\PROGRAM FILES\COMMON FILES\GMT\GMT.EXE
C:\PROGRAM FILES\AOL COMPANION\COMPANION.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\EBATESMOEMONEYMAKER\EBATESMOEMONEYMAKER.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0\AOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0\WAOL.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\UNZIPPED\STARTUPLIST151\STARTUPLIST.EXE
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
America Online Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
CompuServe 2000 Tray Icon.lnk = C:\CompuServe 2000\cstray.exe
GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
PowerReg Scheduler.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
ScanRegistry = c:\windows\scanregw.exe /autorun
TaskMonitor = c:\windows\taskmon.exe
SystemTray = SysTray.Exe
TCASUTIEXE = TCAUDIAG.EXE -off
EM_EXEC = c:\mouse\system\em_exec.exe
LoadQM = loadqm.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
CMESys = "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
StillImageMonitor = C:\WINDOWS\SYSTEM\STIMON.EXE
RealTray = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
CashToolbar = C:\Program Files\CashToolbar\mistagee\version1.52a-cash\CashToolbar.exe
EbatesMoeMoneyMaker = wjview /cp
"C:\Program Files\EbatesMoeMoneyMaker\System\Code" Main lp: "C:\Program Files\EbatesMoeMoneyMaker"
ccApp = c:\Program Files\Common Files\Symantec Shared\ccApp.exe
ccRegVfy = c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
NPROTECT = c:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
QD FastAndSafe = C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\QDCSFS.exe /startup
AudioHQ = C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
Mixghost = C:\ACS495\MixGhost.exe
WhenUSave = C:\PROGRA~1\SAVE\Save.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
ccEvtMgr = c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
ScriptBlocking = "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
CSINJECT.EXE = c:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
NPROTECT = c:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
SymTray - Norton SystemWorks = c:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
AIM = C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\AIM\aim.exe -cnetwait.odl
MSMSGS = C:\Program Files\Messenger\msmsgs.exe /background
msbb = C:\PROGRAM FILES\MSBB.EXE
eZmmod = C:\PROGRA~1\ezula\mmod.exe
--------------------------------------------------
C:\WINDOWS\WININIT.BAK listing:
(Created 26/12/2002, 10:19:22)
[rename]
NUL=C:\PROGRA~1\CREATIVE\SURROU~1\CTSYSVOL.SKN
NUL=C:\PROGRA~1\CREATIVE\SURROU~1\CTSYSVOL.EXE
c:\windows\SYSTEM\msjstick.drv=c:\windows\SYSTEM\msjstick.001
[Leprechauns]
Reboot=yes
--------------------------------------------------
C:\AUTOEXEC.BAT listing:
SET PATH=%PATH%;C:\PROGRA~1\NETWOR~1\MCAFEE~1;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG
IF ERRORLEVEL 1 PAUSE
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_6.DLL - {02478D28-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\CASHTO~1\MISTAGEE\VERSIO~1.52A\CASHTO~1.DLL - {5F5564AC-DE7A-4DCD-9296-32E71A35DCB6}
(no name) - C:\WINDOWS\SYSTEM\BHO2.DLL - {53E10C2C-43B2-4657-BA29-AAE179E7D35C}
NAV Helper - c:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Tune-up Application Start.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job
WINALIGN.JOB
Symantec NetDetect.job
Norton SystemWorks One Button Checkup.job
Norton AntiVirus - Scan my computer.job
--------------------------------------------------
Enumerating Download Program Files:
[WildTangent Control]
InProcServer32 = C:\WINDOWS\WT\WEBDRIVER\WEBDRIVER.DLL
CODEBASE = http://www.wildtangent.com/install/wdriver/driveway/microsoft/wtinst.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[&Yahoo! Companion]
InProcServer32 = C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_6.DLL
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio4_0_2_10a.cab
[{2C38A62E-D257-40E8-8BB7-5624E38FEB0A}]
CODEBASE = http://66.230.220.3/dialerhost/download/yCltJYeu/sexsoftware.cab
[MSN Chat Control 4.2]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT42.OCX
CODEBASE = http://fdl.msn.com/public/chat/msnchat42.cab
[BHO.clsUrlSearch]
InProcServer32 = C:\WINDOWS\SYSTEM\BHO2.DLL
CODEBASE = http://207.44.176.11/auth/IE_InstllC.exe
--------------------------------------------------
End of report, 7,879 bytes
Report generated in 0.824 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
StartupList report, 1/18/03, 7:01:26 PM
StartupList version: 1.51
Started from : C:\UNZIPPED\STARTUPLIST151\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v5.50 (5.50.4134.0600)
* Using default options
==================================================
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\MOUSE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\WJVIEW.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\ACS495\MIXGHOST.EXE
C:\PROGRAM FILES\SAVE\SAVE.EXE
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
C:\PROGRAM FILES\EZULA\MMOD.EXE
C:\PROGRAM FILES\COMMON FILES\GMT\GMT.EXE
C:\PROGRAM FILES\AOL COMPANION\COMPANION.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\EBATESMOEMONEYMAKER\EBATESMOEMONEYMAKER.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0\AOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0\WAOL.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\UNZIPPED\STARTUPLIST151\STARTUPLIST.EXE
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
America Online Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
CompuServe 2000 Tray Icon.lnk = C:\CompuServe 2000\cstray.exe
GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
PowerReg Scheduler.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
ScanRegistry = c:\windows\scanregw.exe /autorun
TaskMonitor = c:\windows\taskmon.exe
SystemTray = SysTray.Exe
TCASUTIEXE = TCAUDIAG.EXE -off
EM_EXEC = c:\mouse\system\em_exec.exe
LoadQM = loadqm.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
CMESys = "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
StillImageMonitor = C:\WINDOWS\SYSTEM\STIMON.EXE
RealTray = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
CashToolbar = C:\Program Files\CashToolbar\mistagee\version1.52a-cash\CashToolbar.exe
EbatesMoeMoneyMaker = wjview /cp
ccApp = c:\Program Files\Common Files\Symantec Shared\ccApp.exe
ccRegVfy = c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
NPROTECT = c:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
QD FastAndSafe = C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\QDCSFS.exe /startup
AudioHQ = C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
Mixghost = C:\ACS495\MixGhost.exe
WhenUSave = C:\PROGRA~1\SAVE\Save.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
ccEvtMgr = c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
ScriptBlocking = "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
CSINJECT.EXE = c:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
NPROTECT = c:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
SymTray - Norton SystemWorks = c:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
AIM = C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\AIM\aim.exe -cnetwait.odl
MSMSGS = C:\Program Files\Messenger\msmsgs.exe /background
msbb = C:\PROGRAM FILES\MSBB.EXE
eZmmod = C:\PROGRA~1\ezula\mmod.exe
--------------------------------------------------
C:\WINDOWS\WININIT.BAK listing:
(Created 26/12/2002, 10:19:22)
[rename]
NUL=C:\PROGRA~1\CREATIVE\SURROU~1\CTSYSVOL.SKN
NUL=C:\PROGRA~1\CREATIVE\SURROU~1\CTSYSVOL.EXE
c:\windows\SYSTEM\msjstick.drv=c:\windows\SYSTEM\msjstick.001
[Leprechauns]
Reboot=yes
--------------------------------------------------
C:\AUTOEXEC.BAT listing:
SET PATH=%PATH%;C:\PROGRA~1\NETWOR~1\MCAFEE~1;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG
IF ERRORLEVEL 1 PAUSE
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_6.DLL - {02478D28-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\CASHTO~1\MISTAGEE\VERSIO~1.52A\CASHTO~1.DLL - {5F5564AC-DE7A-4DCD-9296-32E71A35DCB6}
(no name) - C:\WINDOWS\SYSTEM\BHO2.DLL - {53E10C2C-43B2-4657-BA29-AAE179E7D35C}
NAV Helper - c:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Tune-up Application Start.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job
WINALIGN.JOB
Symantec NetDetect.job
Norton SystemWorks One Button Checkup.job
Norton AntiVirus - Scan my computer.job
--------------------------------------------------
Enumerating Download Program Files:
[WildTangent Control]
InProcServer32 = C:\WINDOWS\WT\WEBDRIVER\WEBDRIVER.DLL
CODEBASE = http://www.wildtangent.com/install/wdriver/driveway/microsoft/wtinst.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[&Yahoo! Companion]
InProcServer32 = C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_6.DLL
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio4_0_2_10a.cab
[{2C38A62E-D257-40E8-8BB7-5624E38FEB0A}]
CODEBASE = http://66.230.220.3/dialerhost/download/yCltJYeu/sexsoftware.cab
[MSN Chat Control 4.2]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT42.OCX
CODEBASE = http://fdl.msn.com/public/chat/msnchat42.cab
[BHO.clsUrlSearch]
InProcServer32 = C:\WINDOWS\SYSTEM\BHO2.DLL
CODEBASE = http://207.44.176.11/auth/IE_InstllC.exe
--------------------------------------------------
End of report, 7,879 bytes
Report generated in 0.824 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only