Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Mouse & Keyboard Freeze/Monitor Distorted--Virus?


  • Please log in to reply

#271
Leurgy

Leurgy

    Member

  • Member
  • PipPipPip
  • 239 posts
How did you "delete" ZA?
  • 0

Advertisements


#272
totianni

totianni

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 315 posts
I removed a few programs, including ZoneAlarm, through add/remove programs.

Ok, this is really weird. I "released all," then "renewed all" (in winipcfg), opened IE and typed "yahoo.com" in the address line. The status bar read "opening www.yahoo.com" and the progress bar was moving, then the status bar said something about open a page response and then read "www.yahoo.com.com," then "www.yahoo.com.org," then "www.yahoo.com.net," etc. , until I got an "Internet Explorer could not open the search page" error. I clicked okay and typed in a new address "www.red.com." Status line reads: Finding site:www.red.com. It's doing the same thing with adding to and changing the extension .com.com .com.org .com.net .com.edu, etc. Obviously, I still cannot connect.
  • 0

#273
Leurgy

Leurgy

    Member

  • Member
  • PipPipPip
  • 239 posts
That sounds like a DNS problem, not one of my strong points.

Do you have HiJack This? If so, can you do a scan and post a log in here? I'm curious about your running processes.

It could be that your problem when using IE is being caused by ZA. A bad uninstall or disabling ZA will cause that behaviour. You can connect fine for a few minutes then IE fails to find pages. You need to enable ZA or uninstall it. Let me know what you want to do. I have manual uninstall instructions I can provide. Using Add/Remove sometimes doesn't cut it.

It took me a looooong time to figure that one out. :tazz:
  • 0

#274
peterm

peterm

    Trusted Tech

  • Technician
  • 3,173 posts
Thanks for jumping in Leurgy (could we have the instructions please)
I suggest you do use Leurgy's method and make sure Zone alarm is completley gone via his manual uninstall
What happens when you ping apple.com

Edited by peterm, 22 August 2005 - 09:55 PM.

  • 0

#275
peterm

peterm

    Trusted Tech

  • Technician
  • 3,173 posts
Ok if the manual uninstall does not work lets try a static Ip
on your sons computer go Start>run type in cmd press ok at the prompt type in ipconfig /all
this should give you a long list
DO NOT POST THIS but pm them to me
Ip address
subnetmask
default gateway
dhcp server
dns server

Edited by peterm, 22 August 2005 - 09:54 PM.

  • 0

#276
Leurgy

Leurgy

    Member

  • Member
  • PipPipPip
  • 239 posts
Instructions for manual ZA uninstall.

Attached Files


  • 0

#277
totianni

totianni

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 315 posts
The only object found in the manual uninstall list above was the INTERNET LOGS folder. I deleted it from c:\windows emptied the recycle bin and restarted the computer. Opened IE, "www.yahoo.com" in address window resulted same as previous post with changing double extensions.

I'll work on getting a HJT log to post here tomorrow night. Have to call it a night for now.

Thank you for your input, research and assistance. I really appreciate it. Have a good night.
  • 0

#278
peterm

peterm

    Trusted Tech

  • Technician
  • 3,173 posts
Step 1
Please go to my network places click once to highlight right click go to
properties go to yout tcpip network card highlight and go to properties.
Choose Static IP I will PM the Numbers to you
Put in your current ip address which I think will be xxx.xxx.xxx.xxx or xxx.xxx.xxx.xxx
Subnet mask xxx.xxx.xxx.xxx
On the WINS tab highlight disable WINS
On the DNS tab
Click enable DNS in Host put Name
in DNS search order put xxx.xxx.xxx.xxx click add then put xxx.xxx.xxx.xxx click add
we will leave gateway blank for now
Click ok and reboot can you connect now?
If No Step 2
Go back to the same place and on the DNS Tab in Domain(next to host) put ISP Name
Click Ok & reboot.
Can you connect now?
please do step 1 1st then step 2 if step 1 does not work
If this does not work Please call your ISP and tell them you are trouble shooting and would like to check the 2 DNS Numbers and static I gave you xxx.xxx.xxx.xxx and xxx.xxx.xxx.xxx are these correct.
If they give you 2 different DNS numbers Then remove the ones I gave you (highlight the number and click remove) and put in there numbers
Can you connect now.

Edited by peterm, 23 August 2005 - 01:11 AM.

  • 0

#279
peterm

peterm

    Trusted Tech

  • Technician
  • 3,173 posts
Lost disc space I wonder if on your reinstall is system restore now working
and taking up your disc space?
  • 0

#280
totianni

totianni

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 315 posts
I followed step 1, but couldn't connect. Tried step 2, still couldn't. Called isp. First, he gave me a hard time and continued to tell me that the DNS and static ip are obtained automatically. I finally got 2 new DNS addresses, but said the static ip is obtained automatically and he couldn't give it to me. I deleted the DNS addresses I put in previously and added the ones he gave me in order. Still no connection.

Lost disc space I wonder if on your reinstall is system restore now working
and taking up your disc space?

Yes, system restore is taking up space, but I think when I tried to use the restore, it told me it was unable to restore. I don't understand why it won't work. I reduced the amount of space it was using (yesterday), but don't know how much it really needs. It was set at maximum, but that was eating up my hard drive. Since I've never been able to use it when I need it, I wonder if I shouldn't just disable it again??? .....................:tazz:

Edited by totianni, 23 August 2005 - 11:52 AM.

  • 0

Advertisements


#281
totianni

totianni

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 315 posts
Ok, in a round about way, here are my HJT logs and startup list from today and prior to the internet connection failure. Please let me know what you discover.

Logfile of HijackThis v1.99.1
Scan saved at 2:39:01 PM, on 8/23/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS VER1.99.1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.n....0&bm=ho_search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
O2 - BHO: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} - http://a840.g.akamai...uditControl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - http://us.games2.yim...ctl_0_0_0_1.ocx
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - http://media.toontow...4.14/ttinst.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.c...ebio5_1_3_0.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/.../GrooveAX28.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn...pDownloader.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.n...tivePreQual.cab
O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} - http://www2.verizon....es/vzWebIns.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} - http://zone.msn.com/...bGameLoader.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} - http://zone.msn.com/...me/ZAxRcMgr.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F2A84794-EE6D-447B-8C21-3BA1DC77C5B4} - http://activex.micro...ate/sdkinst.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} - http://housecall60.t...all/xscan60.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - http://www.pandasoft...free/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - http://www.windowsec...scan/axscan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,23/mcgdmgr.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} - http://download.zone.../ICSScanner.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = xxxxxx.xxxxxx.xxxxx
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = xxx.xxx.xxx.xxx,xxx.xxx.xxx.xxx


StartupList report, 8/23/2005, 2:55:42 PM
StartupList version: 1.52.2
Started from : C:\WINDOWS\DESKTOP\HIJACKTHIS VER1.99.1.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS VER1.99.1.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

(Default) =

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*StateMgr = C:\WINDOWS\System\Restore\StateMgr.exe
StillImageMonitor = C:\WINDOWS\SYSTEM\STIMON.EXE

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = C:\WINDOWS\NOTEPAD.EXE %1

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=
drivers=mmsystem.dll power.drv

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 22/8/2005, 21:13:14)

[Rename]
NUL=C:\WINDOWS\INTERN~1\TVDEBUG.LOG
NUL=C:\WINDOWS\TEMP\ZAUNINST.EXE
NUL=C:\WINDOWS\TEMP\VSINIT.DLL
NUL=C:\WINDOWS\TEMP\VSUTIL.DLL
NUL=C:\PROGRA~1
NUL=C:\WINDOWS\SYSTEM\ZONELABS
NUL=C:\WINDOWS\INTERN~1\TVDEBUG.LOG
NUL=C:\WINDOWS\SYSTEM\VSXML.DLL
NUL=C:\WINDOWS\SYSTEM\ZONELABS\DBGHELP.DLL
NUL=C:\WINDOWS\INSTAL~1\831617.MSI
NUL=C:\WINDOWS\TEMP\_iu14D2N.tmp
NUL=C:\WINDOWS\TEMP\GLB1A2B.EXE

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

SET COMSPEC=C:\WINDOWS\COMMAND.COM
SET PROMPT=$p$g
SET windir=C:\WINDOWS
SET winbootdir=C:\WINDOWS
SET TMP=C:\WINDOWS\TEMP
SET TEMP=C:\WINDOWS\TEMP
SET BLASTER=A220 I5 D1 H5 P330 T6
SET CTSYN=C:\WINDOWS
C:\PROGRA~1\CREATIVE\SBLIVE\DOSDRV\SBEINIT.COM
SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND;C:\PROGRA~1\COMMON~1\AUTODE~1

--------------------------------------------------

C:\WINDOWS\WINSTART.BAT listing:

C:\WINDOWS\tmpcpyis.bat

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - (no file) - {EF99BD32-C1FB-11D2-892F-0090271D4F88}
(no name) - (no file) - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - (no file) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {53707962-6F74-2D53-2644-206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
Maintenance-Clean up Start menu.job
Maintenance-Anti-Virus.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job
McAfee.com Scan for Viruses - My Computer tsid_06242005155850.job
PCHealth Scheduler for Data Collection.job

--------------------------------------------------

Enumerating Download Program Files:

[CV3 Class]
InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
CODEBASE = http://windowsupdate...en/actsetup.cab

[{CD17FAAA-17B4-4736-AAEF-436EDC304C8C}]
CODEBASE = http://a840.g.akamai...uditControl.cab

[{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}]
CODEBASE = http://us.dl1.yimg.c...nst20040510.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://fpdownload.ma...director/sw.cab

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupd...8584.9407986111

[{6A060448-60F9-11D5-A6CD-0002B31F7455}]
CODEBASE = http://us.games2.yim...ctl_0_0_0_1.ocx

[{D18F962A-3722-4B59-B08D-28BB9EB2281E}]
CODEBASE = http://photos.yahoo....plorer1_9us.cab

[{C02226EB-A5D7-4B1F-BD7E-635E46C2288D}]
CODEBASE = http://media.toontow...4.14/ttinst.cab

[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
CODEBASE = http://us.dl1.yimg.c...ebio5_1_3_0.cab

[{77E32299-629F-43C6-AB77-6A1E6D7663F6}]
CODEBASE = http://www.nick.com/.../GrooveAX28.cab

[{B38870E4-7ECB-40DA-8C6A-595F0A5519FF}]
CODEBASE = http://messenger.msn...pDownloader.cab

[PreQualifier Class]
InProcServer32 = C:\PROGRAM FILES\COMMON FILES\VERIZON ONLINE\MOTIVE\MOTIVEPREQUAL.DLL
CODEBASE = http://www.verizon.n...tivePreQual.cab

[{A8658086-E6AC-4957-BC8E-8D54A7E8A790}]
CODEBASE = http://www.microsoft...DI/0/GDIChk.CAB

[{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}]
CODEBASE = http://www.apple.com...ex/qtplugin.cab

[{D06A22B4-6087-4D3D-B7AF-82B113E9ABD4}]
CODEBASE = http://www2.verizon....es/vzWebIns.CAB

[{B8BE5E93-A60C-4D26-A2DC-220313175592}]
CODEBASE = http://zone.msn.com/...ro.cab34246.cab

[{3FE16C08-D6A7-4133-84FC-D5BFB4F7D886}]
CODEBASE = http://zone.msn.com/...bGameLoader.cab

[{E5D419D6-A846-4514-9FAD-97E826C84822}]
CODEBASE = http://fdl.msn.com/z...s/heartbeat.cab

[{9AA73F41-EC64-489E-9A73-9CD52E528BC4}]
CODEBASE = http://zone.msn.com/...me/ZAxRcMgr.cab

[{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6}]
CODEBASE = http://chat.msn.com/bin/msnchat45.cab

[{F2A84794-EE6D-447B-8C21-3BA1DC77C5B4}]
CODEBASE = http://activex.micro...ate/sdkinst.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macr...ash/swflash.cab

[{04E214E5-63AF-4236-83C6-A7ADCBF9BD02}]
CODEBASE = http://housecall60.t...all/xscan60.cab

[{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}]
CODEBASE = http://www.pandasoft...free/asinst.cab

[{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}]
CODEBASE = http://www.windowsec...scan/axscan.cab

[{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}]
CODEBASE = http://www.bitdefend...can8/oscan8.cab

[{74D05D43-3236-11D4-BDCD-00C04F9A3B61}]
CODEBASE = http://a840.g.akamai...all/xscan53.cab

[{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}]
CODEBASE = http://download.mcaf...90/mcinsctl.cab

[{BCC0FF27-31D9-4614-A68E-C18E1ADA4389}]
CODEBASE = http://download.mcaf...,23/mcgdmgr.cab

[{7F8C8173-AD80-4807-AA75-5672F22B4582}]
CODEBASE = http://download.zone.../ICSScanner.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

AUHook: C:\WINDOWS\SYSTEM\AUHOOK.DLL
WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL
UPnPMonitor: C:\WINDOWS\SYSTEM\UPNPUI.DLL

--------------------------------------------------
End of report, 8,104 bytes
Report generated in 0.074 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


and this one is from before I couldn't connect to the internet:

StartupList report, 8/7/2005, 1:08:55 PM
StartupList version: 1.52.2
Started from : C:\WINDOWS\DESKTOP\HIJACKTHIS VER1.99.1.EXE
Detected: Windows ME (Win9x 4.90.3000)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS VER1.99.1.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\WINDOWS\All Users\Start Menu\Programs\StartUp]
*No files*

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

(Default) =

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\SYSTEM\MSHTA.EXE "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = C:\WINDOWS\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[SetupcPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection SetupcPerUser 64 C:\WINDOWS\INF\setupc.inf

[AppletsPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection AppletsPerUser 64 C:\WINDOWS\INF\applets.inf

[FontsPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection FontsPerUser 64 C:\WINDOWS\INF\fonts.inf

[PerUser_ICW_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_ICW_Inis 0 C:\WINDOWS\INF\icw97.inf

[{89820200-ECBD-11cf-8B85-00AA005B4395}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[>PerUser_MSN_Clean] *
StubPath = C:\WINDOWS\msnmgsr1.exe

[{CA0A4247-44BE-11d1-A005-00805F8ABE06}] *
StubPath = RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf

[PerUser_Msinfo] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Msinfo 64 C:\WINDOWS\INF\msinfo.inf

[PerUser_Msinfo2] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Msinfo2 64 C:\WINDOWS\INF\msinfo.inf

[MotownMmsysPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownMmsysPerUser 64 C:\WINDOWS\INF\motown.inf

[MotownAvivideoPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownAvivideoPerUser 64 C:\WINDOWS\INF\motown.inf

[MotownMPlayPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownMPlayPerUser 64 C:\WINDOWS\INF\motown.inf

[PerUser_Base] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Base 64 C:\WINDOWS\INF\msmail.inf

[ShellPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection ShellPerUser 64 C:\WINDOWS\INF\shell.inf

[Shell2PerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection Shell2PerUser 64 C:\WINDOWS\INF\shell2.inf

[PerUser_winbase_Links] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_winbase_Links 64 C:\WINDOWS\INF\subase.inf

[PerUser_winapps_Links] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_winapps_Links 64 C:\WINDOWS\INF\subase.inf

[PerUser_LinkBar_URLs] *
StubPath = C:\WINDOWS\COMMAND\sulfnbk.exe /L

[TapiPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection TapiPerUser 64 C:\WINDOWS\INF\tapi.inf

[{73fa19d0-2d75-11d2-995d-00c04f98bbc9}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\webfdr16.inf,PerUserStub.Install,1

[PerUserOldLinks] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUserOldLinks 64 C:\WINDOWS\INF\appletpp.inf

[MmoptRegisterPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MmoptRegisterPerUser 64 C:\WINDOWS\INF\mmopt.inf

[OlsPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsPerUser 64 C:\WINDOWS\INF\ols.inf

[OlsMsnPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsMsnPerUser 64 C:\WINDOWS\INF\ols.inf

[PerUser_Paint_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Paint_Inis 64 C:\WINDOWS\INF\applets.inf

[PerUser_Calc_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Calc_Inis 64 C:\WINDOWS\INF\applets.inf

[PerUser_CVT_Inis]
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CVT_Inis 64 C:\WINDOWS\INF\applets1.inf

[MotownRecPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownRecPerUser 64 C:\WINDOWS\INF\motown.inf

[PerUser_Vol] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Vol 64 C:\WINDOWS\INF\motown.inf

[PerUser_MSWordPad_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_MSWordPad_Inis 64 C:\WINDOWS\INF\wordpad.inf

[PerUser_RNA_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_RNA_Inis 64 C:\WINDOWS\INF\rna.inf

[PerUser_Dialer_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Dialer_Inis 64 C:\WINDOWS\INF\appletpp.inf

[PerUser_CDPlayer_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CDPlayer_Inis 64 C:\WINDOWS\INF\mmopt.inf

[{44BBA842-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.W95

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {44BBA840-CC51-11CF-AAFA-00AA00B6015C}

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {7790769C-0471-11d2-AF11-00C04FA35D02}

[OlsAolPerUser]
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsAolPerUserRemove 64 C:\WINDOWS\INF\ols.inf

[OlsAttPerUser]
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsAttPerUserRemove 64 C:\WINDOWS\INF\ols.inf

[OlsCompuservePerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsCompuservePerUser 64 C:\WINDOWS\INF\ols.inf

[OlsProdigyPerUser]
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsProdigyPerUserRemove 64 C:\WINDOWS\INF\ols.inf

[{44BBA851-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,PerUserStub

[{5945c046-1e7d-11d1-bc44-00c04fd912be}]
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Remove.PerUser

[PerUser_HNW_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_HNW_Inis 64 C:\WINDOWS\INF\ICS.inf

[PerUser_moviemaker] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_moviemaker 64 C:\WINDOWS\INF\moviemk.inf

[SamplerPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection SamplerPerUser 64 C:\WINDOWS\INF\sampler.inf

[PerUser_PCHealth] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_PCHealth 64 C:\WINDOWS\INF\pchealth.inf

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub

[PerUser_Wingames_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Wingames_Inis 64 C:\WINDOWS\INF\games.inf

[PerUser_ZoneGame_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_ZoneGame_Inis 64 C:\WINDOWS\INF\games.inf

[PerUser_PBGame_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_PBGame_Inis 64 C:\WINDOWS\INF\games.inf

[PerUser_DCC_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_DCC_Inis 64 C:\WINDOWS\INF\rna.inf

[OlsEarthlinkPerUser]
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsEarthlinkPerUserRemove 64 C:\WINDOWS\INF\ols.inf

[{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}] *
StubPath = C:\WINDOWS\SYSTEM\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\WINDOWS\SYSTEM\ie4uinit.exe

[PerUser_dxxspace_Links] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_dxxspace_Links 64 C:\WINDOWS\INF\applets1.inf

[PerUser_Sysmon_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Sysmon_Inis 64 C:\WINDOWS\INF\appletpp.inf

[PerUser_Sysmeter_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Sysmeter_Inis 64 C:\WINDOWS\INF\appletpp.inf

[PerUser_netwatch_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_netwatch_Inis 64 C:\WINDOWS\INF\appletpp.inf

[PerUser_CharMap_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CharMap_Inis 64 C:\WINDOWS\INF\appletpp.inf

[PerUser_ClipBrd_Inis] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_ClipBrd_Inis 64 C:\WINDOWS\INF\clip.inf

[EpgPerUser] *
StubPath = rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection EpgPerUser 64 C:\WINDOWS\INF\epg.inf

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\SYSTEM\Rundll32.exe C:\WINDOWS\SYSTEM\mscories.dll,Install

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] *
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=
run=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=
drivers=mmsystem.dll power.drv

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

C:\WINDOWS\WININIT.INI listing:

*File not found*

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 6/8/2005, 23:52:2)

[rename]
NUL=C:\WINDOWS\Cookies\index.dat

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

SET PROMPT=$p$g
SET windir=C:\WINDOWS
SET winbootdir=C:\WINDOWS
SET COMSPEC=C:\WINDOWS\COMMAND.COM
SET TMP=C:\WINDOWS\TEMP
SET TEMP=C:\WINDOWS\TEMP
SET BLASTER=A220 I5 D1 H5 P330 T6
SET CTSYN=C:\WINDOWS
C:\PROGRA~1\CREATIVE\SBLIVE\DOSDRV\SBEINIT.COM
SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND;C:\PROGRA~1\COMMON~1\AUTODE~1

--------------------------------------------------

C:\CONFIG.SYS listing:

*File is empty*

--------------------------------------------------

C:\WINDOWS\WINSTART.BAT listing:

C:\WINDOWS\tmpcpyis.bat

--------------------------------------------------

C:\WINDOWS\DOSSTART.BAT listing:

C:\PROGRA~1\CREATIVE\SBLIVE\DOSDRV\SBEINIT.COM

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YCOMP5_5_7_0.DLL - {EF99BD32-C1FB-11D2-892F-0090271D4F88}
(no name) - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YCOMP5_5_7_0.DLL - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL - {53707962-6F74-2D53-2644-206D7942484F}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
Maintenance-Clean up Start menu.job
Maintenance-Anti-Virus.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job
McAfee.com Scan for Viruses - My Computer tsid_06242005155850.job

--------------------------------------------------

Enumerating Download Program Files:

[Microsoft XML Parser for Java]
CODEBASE = file://C:\WINDOWS\Java\classes\xmldso.cab
OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

[DirectAnimation Java Classes]
CODEBASE = file://C:\WINDOWS\SYSTEM\dajava.cab
OSD = C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd

[Internet Explorer Classes for Java]
CODEBASE = file://C:\WINDOWS\SYSTEM\iejava.cab
OSD = C:\WINDOWS\Downloaded Program Files\Internet Explorer Classes for Java.osd

[CV3 Class]
InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
CODEBASE = http://windowsupdate...en/actsetup.cab

[ContentAuditX Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\CONTEN~1.OCX
CODEBASE = http://a840.g.akamai...uditControl.cab

[YInstStarter Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YINSTHELPER.DLL
CODEBASE = http://us.dl1.yimg.c...nst20040510.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://fpdownload.ma...director/sw.cab

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupd...7565.8776041667

[ExentInf Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\EXENTCTL_0_0_0_1.OCX
CODEBASE = http://us.games2.yim...ctl_0_0_0_1.ocx

[PhotosCtrl Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YPHOTOS.DLL
CODEBASE = http://photos.yahoo....plorer1_9us.cab

[Toontown Installer ActiveX Control]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\TTINST.DLL
CODEBASE = http://media.toontow...4.14/ttinst.cab

[Yahoo! Companion]
InProcServer32 = C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YCOMP5_5_7_0.DLL
CODEBASE = http://us.dl1.yimg.c...ebio5_1_3_0.cab

[Groove Control]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\GROOVEAX.DLL
CODEBASE = http://www.nick.com/.../GrooveAX28.cab

[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNMESSENGERSETUPDOWNLOADER.OCX
CODEBASE = http://messenger.msn...pDownloader.cab

[PreQualifier Class]
InProcServer32 = C:\PROGRAM FILES\COMMON FILES\VERIZON ONLINE\SFP\MOTIVEPREQUAL.DLL
CODEBASE = http://www.verizon.n...tivePreQual.cab

[GDIChk Object]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\GDICHK.DLL
CODEBASE = http://www.microsoft...DI/0/GDIChk.CAB

[QuickTime Object]
InProcServer32 = C:\WINDOWS\SYSTEM\QTPLUGIN.OCX
CODEBASE = http://www.apple.com...ex/qtplugin.cab

[CPostLaunch Object]
InProcServer32 = C:\PROGRAM FILES\COMMON FILES\VERIZON ONLINE\VOLMSN\POSTLAUNCHTASK.DLL
CODEBASE = http://www2.verizon....es/vzWebIns.CAB

[ZoneIntro Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\ZINTRO.OCX
CODEBASE = http://zone.msn.com/...ro.cab34246.cab

[WebGameLoader Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\REFLEXIVEWEBGAMELOADER.DLL
CODEBASE = http://zone.msn.com/...bGameLoader.cab

[HeartbeatCtl Class]
InProcServer32 = C:\WINDOWS\DOWNLO~1\HRTBEAT.OCX
CODEBASE = http://fdl.msn.com/z...s/heartbeat.cab

[ZoneAxRcMgr Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\ZAXRCMGR.OCX
CODEBASE = http://zone.msn.com/...me/ZAxRcMgr.cab

[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT45.OCX
CODEBASE = http://chat.msn.com/bin/msnchat45.cab

[SDKInstall Class]
InProcServer32 = C:\WINDOWS\SDKINST.DLL
CODEBASE = http://activex.micro...ate/sdkinst.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macr...ash/swflash.cab

[Java Plug-in 1.4.2_06]
InProcServer32 = C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
CODEBASE = http://java.sun.com/...indows-i586.cab

[Java Plug-in 1.4.2_06]
InProcServer32 = C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
CODEBASE = http://java.sun.com/...indows-i586.cab

[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\CONFLICT.1\XSCAN60.OCX
CODEBASE = http://housecall60.t...all/xscan60.cab

[ActiveScan Installer Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\ASINST.DLL
CODEBASE = http://www.pandasoft...free/asinst.cab

[ASquaredScanForm Element]
InProcServer32 = C:\WINDOWS\DOWNLO~1\AXSCAN.OCX
CODEBASE = http://www.windowsec...scan/axscan.cab

[BDSCANONLINE Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\OSCAN8.OCX
CODEBASE = http://www.bitdefend...can8/oscan8.cab

[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\XSCAN53.OCX
CODEBASE = http://a840.g.akamai...all/xscan53.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\SYSTEM\rnr20.dll
NameSpace #2: C:\WINDOWS\SYSTEM\rnr20.dll
Protocol #1: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #2: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #3: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #4: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #5: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #6: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #7: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #8: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #9: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #10: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #11: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #12: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #13: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #14: C:\WINDOWS\SYSTEM\mswsosp.dll
Protocol #15: C:\WINDOWS\SYSTEM\mswsosp.dll
Protocol #16: C:\WINDOWS\SYSTEM\msafd.dll
Protocol #17: C:\WINDOWS\SYSTEM\msafd.dll
Protocol #18: C:\WINDOWS\SYSTEM\msafd.dll
Protocol #19: C:\WINDOWS\SYSTEM\rsvpsp.dll
Protocol #20: C:\WINDOWS\SYSTEM\rsvpsp.dll
Protocol #21: C:\WINDOWS\SYSTEM\CSLSP.DLL
Protocol #22: C:\WINDOWS\SYSTEM\msafd.dll
Protocol #23: C:\WINDOWS\SYSTEM\rsvpsp.dll
Protocol #24: C:\WINDOWS\SYSTEM\rsvpsp.dll

--------------------------------------------------

Enumerating Win9x VxD services:

VNETSUP: vnetsup.vxd
NDIS: ndis.vxd
JAVASUP: (no file)
CONFIGMG: *CONFIGMG
NTKern: *NTKERN
VWIN32: *VWIN32
VFBACKUP: *VFBACKUP
VCOMM: *VCOMM
IFSMGR: *IFSMGR
IOS: *IOS
MTRR: *MTRR
SPOOLER: *SPOOLER
UDF: *UDF
VFAT: *VFAT
VCACHE: *VCACHE
VCOND: *VCOND
VCDFSD: *VCDFSD
VXDLDR: *VXDLDR
VDEF: *VDEF
VPICD: *VPICD
VTD: *VTD
REBOOT: *REBOOT
VDMAD: *VDMAD
VSD: *VSD
V86MMGR: *V86MMGR
PAGESWAP: *PAGESWAP
DOSMGR: *DOSMGR
VMPOLL: *VMPOLL
SHELL: *SHELL
PARITY: *PARITY
BIOSXLAT: *BIOSXLAT
VMCPD: *VMCPD
VTDAPI: *VTDAPI
PERF: *PERF
VNETBIOS: vnetbios.vxd
LMOUSE: lmouse.vxd
VPOWERD: *VPOWERD
FBWin95: (no file)
VREDIR: vredir.vxd
DFS: (no file)

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL
AUHook: C:\WINDOWS\SYSTEM\AUHOOK.DLL

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 27,897 bytes
Report generated in 0.783 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
  • 0

#282
Leurgy

Leurgy

    Member

  • Member
  • PipPipPip
  • 239 posts
All I really wanted to see were the running processes and I don't see anything out of place there. I'm not (officially) qualified to analyse HiJack logs so I won't comment on that part, but nothing jumps out at me.

Since the reinstall do you still have the video/mouse problems?

Edited by Leurgy, 23 August 2005 - 07:25 PM.

  • 0

#283
totianni

totianni

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 315 posts
Yes, I'm still having the display problems since the reinstall, but have a new mouse and it is working now. The display looks like a tv with bad reception. The top half of the screen is the worst, but it is really hard to see anything when I load in safe mode. However, the display is the least of my problems right now. I really just have to get back on-line. My system has been down for nearly a month now and I'm sure you can imagine my frustration. If it wasn't for my son's laptop, I'd have lost my mind by now. Between my son's laptop for the internet and my husband's computer for his floppy drive, I wouldn't be functioning.

I really appreciate all the assistance I've received here. I knew I was in for it when I couldn't get my system up on my own and had spent over a week working on it all day and all night. Thank God for all of you. You are all wonderful! :tazz:
  • 0

#284
Leurgy

Leurgy

    Member

  • Member
  • PipPipPip
  • 239 posts
Well I'm going to start looking at this from a hardware standpoint. Can you swap monitors and eliminate that? If the video problem is still there then we're getting closer.

Also download and run Belarc and let me know what your motherboard make and model is. It fits on a floppy.
  • 0

#285
totianni

totianni

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 315 posts
I guess you caught that, huh? I only have the ability to save things to a floppy. No access to a CDRW. I have to use my husband's computer in the basement (that he is remodelling and has all torn up) to access the floppy drive, which is not an easy task either and his monitor is more than I can handle with our staircase, so I'll have to attempt this when I have his assistance. I will get back to you as soon as I can. He may be able to bring it up tonight.

I have no idea where to find the motherboard information without taking the computer apart. My husband hates when I start taking it apart because I never put all the screws back in it. He thinks you should never have to take the cover off.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP