gmc717
08-27-2003, 04:50 PM
After rebooting my computer, the IE homepage defaults back to http://members:fortunecity.com/.
I tried to delete this line in the registry but once again after rebooting the line reappears in the registry. How can I get rid of this problem. I have generated a startup list log posted below. Can anyone check it and kindly advise. Thanks.
Here the startup list log:
StartupList report, 27/08/2003, 5:12:47 PM
StartupList version: 1.52
Started from : C:\PROGRAM FILES\HIJACK\HIJACKTHIS.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\GAMING DEVICES\DAEMON32.EXE
C:\WINDOWS\SYSTEM\PMGAMMA.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\MONEY EXPRESS.EXE
C:\COREL\SUITE8\PROGRAMS\DAD8.EXE
C:\WINDOWS\DESKMENU.EXE
C:\WINDOWS\QUICKRES.EXE
C:\ESM2\STMS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\ESM2\EBRR.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\LOGITECH\ENTRTAIN\LGEVNTRT.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\GETRIGHT\GETRIGHT.EXE
C:\PROGRAM FILES\HIJACK\HIJACKTHIS.EXE
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
Corel Desktop Application Director 8.LNK = C:\Corel\Suite8\Programs\DAD8.EXE
Deskmenu.lnk = C:\WINDOWS\DESKMENU.EXE
QuickRes.lnk = C:\WINDOWS\QUICKRES.EXE
EPSON Background Monitor.lnk = C:\ESM2\Stms.exe
PowerReg Scheduler.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SystemTray = SysTray.Exe
Daemon = C:\Program Files\Microsoft Hardware\Gaming Devices\DAEMON32.EXE
GrIP Control Center = C:\GRAVIS\GRIP\GCC.EXE
ProMotion1 = pmgamma.exe
Tweak UI = RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
LINUX32 = C:\WINDOWS\SYSTEM\LINUX32.vbs
ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
TaskMonitor = C:\WINDOWS\taskmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services
reload = C:\WINDOWS\reload.vbs
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Mirabilis ICQ = C:\Program Files\ICQ\ICQDetect.exe
MoneyAgent = "C:\Program Files\Microsoft Money\System\Money Express.exe"
--------------------------------------------------
Load/Run keys from C:\WINDOWS\WIN.INI:
load=
run=Qtstub.exe
--------------------------------------------------
C:\WINDOWS\WININIT.BAK listing:
(Created 26/8/2003, 22:55:24)
[Rename]
NUL=C:\WINDOWS\SYSTEM\RSAENH.DLL
C:\WINDOWS\SYSTEM\RSAENH.DLL=C:\WINDOWS\SYSTEM\SET 3054.TMP
NUL=C:\WINDOWS\SYSTEM\SCHANNEL.DLL
C:\WINDOWS\SYSTEM\SCHANNEL.DLL=C:\WINDOWS\SYSTEM\S ET3056.TMP
NUL=C:\WINDOWS\SYSTEM\SCHANNEL.DLL
C:\WINDOWS\SYSTEM\SCHANNEL.DLL=C:\WINDOWS\SYSTEM\S ET3060.TMP
C:\WINDOWS\SYSTEM\IEPEERS.DLL=C:\WINDOWS\SYSTEM\IE PEERS.RCX
C:\WINDOWS\SYSTEM\RSASIG.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\RSASIG.DLL
C:\WINDOWS\SYSTEM\XENROLL.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\XENROLL.DLL
C:\WINDOWS\SYSTEM\MSCAT32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\MSCAT32.DLL
C:\WINDOWS\SYSTEM\MSSIP32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\MSSIP32.DLL
C:\WINDOWS\SYSTEM\MSSIGN32.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MSSIGN32.DLL
C:\WINDOWS\SYSTEM\CRYPTUI.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\CRYPTUI.DLL
C:\WINDOWS\SYSTEM\CRYPTNET.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\CRYPTNET.DLL
C:\WINDOWS\SYSTEM\CRYPTEXT.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\CRYPTEXT.DLL
C:\WINDOWS\SYSTEM\MSXMLR.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\MSXMLR.DLL
C:\WINDOWS\SYSTEM\WLDAP32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\WLDAP32.DLL
C:\WINDOWS\SYSTEM\MSTIME.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\MSTIME.DLL
C:\WINDOWS\SYSTEM\MMUTILSE.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MMUTILSE.DLL
C:\WINDOWS\SYSTEM\PLUGIN.OCX=C:\WINDOWS\SYSTEM\IE4 SETUP\PLUGIN.OCX
C:\WINDOWS\SYSTEM\MSRATING.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MSRATING.DLL
C:\WINDOWS\SYSTEM\HLINK.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\HLINK.DLL
C:\WINDOWS\SYSTEM\PROCTEXE.OCX=C:\WINDOWS\SYSTEM\I E4SETUP\PROCTEXE.OCX
C:\WINDOWS\SYSTEM\URL.DLL=C:\WINDOWS\SYSTEM\IE4SET UP\URL.DLL
C:\WINDOWS\SYSTEM\IMAGEHLP.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM\COMCTL32.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM4334.TMP
C:\WINDOWS\SYSTEM\ADVPACK.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4345.TMP
C:\PROGRA~1\INTERN~1\IEXPLORE.EXE=C:\WINDOWS\SYSTE M\IE4SETUP\ACM4360.TMP
C:\WINDOWS\SYSTEM\MSHTML.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM4364.TMP
C:\WINDOWS\SYSTEM\MSHTML.TLB=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM4381.TMP
C:\WINDOWS\SYSTEM\MSHTMLED.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM4384.TMP
C:\WINDOWS\SYSTEM\SHDOCVW.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4390.TMP
C:\WINDOWS\SYSTEM\SHDOCLC.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4394.TMP
C:\WINDOWS\SYSTEM\URLMON.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM43A1.TMP
C:\WINDOWS\SYSTEM\JSCRIPT.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43A3.TMP
C:\WINDOWS\SYSTEM\WININET.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43A4.TMP
C:\WINDOWS\SYSTEM\SHLWAPI.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43B4.TMP
C:\WINDOWS\SYSTEM\ACTXPRXY.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5003.TMP
C:\WINDOWS\SYSTEM\DISPEX.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM5004.TMP
C:\WINDOWS\SYSTEM\MLANG.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\ACM5006.TMP
C:\WINDOWS\SYSTEM\IMGUTIL.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5013.TMP
C:\WINDOWS\SYSTEM\MSXML.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\ACM5015.TMP
C:\WINDOWS\SYSTEM\MSXMLA.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM5020.TMP
C:\WINDOWS\SYSTEM\BROWSEUI.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5043.TMP
C:\WINDOWS\SYSTEM\BROWSELC.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5051.TMP
C:\WINDOWS\SYSTEM\SHDOC401.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5053.TMP
C:\WINDOWS\SYSTEM\SHD401LC.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5054.TMP
C:\WINDOWS\SYSTEM\SHFOLDER.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5060.TMP
C:\WINDOWS\SYSTEM\ATL.DLL=C:\WINDOWS\SYSTEM\IE4SET UP\ACM5063.TMP
C:\WINDOWS\SYSTEM\DXTRANS.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5071.TMP
C:\WINDOWS\SYSTEM\DXTMSFT.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5072.TMP
C:\WINDOWS\SYSTEM\MSLS31.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM50A1.TMP
C:\WINDOWS\SYSTEM\DIGEST.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM50A4.TMP
NUL=C:\WINDOWS\SHELLI~1
NUL=C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE=C:\WINDOWS\SYSTEM\SET 51B5.TMP
NUL=C:\WINDOWS\SYSTEM\WEBCHECK.DLL
C:\WINDOWS\SYSTEM\WEBCHECK.DLL=C:\WINDOWS\SYSTEM\S ET5234.TMP
NUL=C:\WINDOWS\SYSTEM\MSIDLE.DLL
C:\WINDOWS\SYSTEM\MSIDLE.DLL=C:\WINDOWS\SYSTEM\SET 5235.TMP
C:\WINDOWS\SYSTEM\Macromed\Flash\swflash.ocx=C:\WI NDOWS\SYSTEM\Macromed\Flash\swflash.001
C:\WINDOWS\SYSTEM\dispex.dll=C:\WINDOWS\SYSTEM\dis pex.001
C:\WINDOWS\SYSTEM\jscript.dll=C:\WINDOWS\SYSTEM\js cript.001
C:\WINDOWS\SYSTEM\vbscript.dll=C:\WINDOWS\SYSTEM\v bscript.001
C:\WINDOWS\SYSTEM\OLEAUT32.DLL=C:\WINDOWS\SYSTEM\O LEAUT32.002
C:\WINDOWS\SYSTEM\STDOLE2.TLB=C:\WINDOWS\SYSTEM\ST DOLE2.001
--------------------------------------------------
C:\AUTOEXEC.BAT listing:
SET CLASSPATH=C:\Program Files\PhotoDeluxe 2.0\AdobeConnectables
SET GRIP=C:\GRAVIS\GRIP
SET SOUND=C:\PROGRA~1\CREATIVE\CTSND
SET MIDI=SYNTH:1 MAP:E
SET BLASTER=A220 I7 D1 H7 P300 T6
SET PATH=%PATH%;C:\GRAVIS\GRIP
SET PATH=%PATH%
SET lmouse=c:\logitech\entrtain
mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi)
mode con codepage select=850
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Low disk space notification.job
ScanDisk for Windows (Standard test).job
Disk Defragmenter.job
ScanDisk for Windows (Thorough test).job
Tune-up Application Start.job
--------------------------------------------------
Enumerating Download Program Files:
[InstallFromTheWeb ActiveX Control]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\IFTW.DLL
CODEBASE = http://www.installfromtheweb.com/install/iftwclix.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\SWFLASH.OCX
CODEBASE = http://activex.microsoft.com/activex/controls/macromedia/Swflash.cab
[SurferNETWORK Plugin]
InProcServer32 = C:\WINDOWS\DOWNLO~1\SURFER~1.OCX
CODEBASE = http://64.89.104.83/surferplugin.ocx
[RdxIE Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RDXIE.DLL
CODEBASE = http://207.188.7.150/13a70aa1c22959c20404/netzip/RdxIE601.cab
[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37859.7605208333
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL
--------------------------------------------------
End of report, 10,060 bytes
Report generated in 1.317 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
I tried to delete this line in the registry but once again after rebooting the line reappears in the registry. How can I get rid of this problem. I have generated a startup list log posted below. Can anyone check it and kindly advise. Thanks.
Here the startup list log:
StartupList report, 27/08/2003, 5:12:47 PM
StartupList version: 1.52
Started from : C:\PROGRAM FILES\HIJACK\HIJACKTHIS.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\GAMING DEVICES\DAEMON32.EXE
C:\WINDOWS\SYSTEM\PMGAMMA.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\MONEY EXPRESS.EXE
C:\COREL\SUITE8\PROGRAMS\DAD8.EXE
C:\WINDOWS\DESKMENU.EXE
C:\WINDOWS\QUICKRES.EXE
C:\ESM2\STMS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\ESM2\EBRR.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\LOGITECH\ENTRTAIN\LGEVNTRT.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\GETRIGHT\GETRIGHT.EXE
C:\PROGRAM FILES\HIJACK\HIJACKTHIS.EXE
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
Corel Desktop Application Director 8.LNK = C:\Corel\Suite8\Programs\DAD8.EXE
Deskmenu.lnk = C:\WINDOWS\DESKMENU.EXE
QuickRes.lnk = C:\WINDOWS\QUICKRES.EXE
EPSON Background Monitor.lnk = C:\ESM2\Stms.exe
PowerReg Scheduler.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SystemTray = SysTray.Exe
Daemon = C:\Program Files\Microsoft Hardware\Gaming Devices\DAEMON32.EXE
GrIP Control Center = C:\GRAVIS\GRIP\GCC.EXE
ProMotion1 = pmgamma.exe
Tweak UI = RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
LINUX32 = C:\WINDOWS\SYSTEM\LINUX32.vbs
ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
TaskMonitor = C:\WINDOWS\taskmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services
reload = C:\WINDOWS\reload.vbs
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Mirabilis ICQ = C:\Program Files\ICQ\ICQDetect.exe
MoneyAgent = "C:\Program Files\Microsoft Money\System\Money Express.exe"
--------------------------------------------------
Load/Run keys from C:\WINDOWS\WIN.INI:
load=
run=Qtstub.exe
--------------------------------------------------
C:\WINDOWS\WININIT.BAK listing:
(Created 26/8/2003, 22:55:24)
[Rename]
NUL=C:\WINDOWS\SYSTEM\RSAENH.DLL
C:\WINDOWS\SYSTEM\RSAENH.DLL=C:\WINDOWS\SYSTEM\SET 3054.TMP
NUL=C:\WINDOWS\SYSTEM\SCHANNEL.DLL
C:\WINDOWS\SYSTEM\SCHANNEL.DLL=C:\WINDOWS\SYSTEM\S ET3056.TMP
NUL=C:\WINDOWS\SYSTEM\SCHANNEL.DLL
C:\WINDOWS\SYSTEM\SCHANNEL.DLL=C:\WINDOWS\SYSTEM\S ET3060.TMP
C:\WINDOWS\SYSTEM\IEPEERS.DLL=C:\WINDOWS\SYSTEM\IE PEERS.RCX
C:\WINDOWS\SYSTEM\RSASIG.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\RSASIG.DLL
C:\WINDOWS\SYSTEM\XENROLL.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\XENROLL.DLL
C:\WINDOWS\SYSTEM\MSCAT32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\MSCAT32.DLL
C:\WINDOWS\SYSTEM\MSSIP32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\MSSIP32.DLL
C:\WINDOWS\SYSTEM\MSSIGN32.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MSSIGN32.DLL
C:\WINDOWS\SYSTEM\CRYPTUI.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\CRYPTUI.DLL
C:\WINDOWS\SYSTEM\CRYPTNET.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\CRYPTNET.DLL
C:\WINDOWS\SYSTEM\CRYPTEXT.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\CRYPTEXT.DLL
C:\WINDOWS\SYSTEM\MSXMLR.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\MSXMLR.DLL
C:\WINDOWS\SYSTEM\WLDAP32.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\WLDAP32.DLL
C:\WINDOWS\SYSTEM\MSTIME.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\MSTIME.DLL
C:\WINDOWS\SYSTEM\MMUTILSE.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MMUTILSE.DLL
C:\WINDOWS\SYSTEM\PLUGIN.OCX=C:\WINDOWS\SYSTEM\IE4 SETUP\PLUGIN.OCX
C:\WINDOWS\SYSTEM\MSRATING.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\MSRATING.DLL
C:\WINDOWS\SYSTEM\HLINK.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\HLINK.DLL
C:\WINDOWS\SYSTEM\PROCTEXE.OCX=C:\WINDOWS\SYSTEM\I E4SETUP\PROCTEXE.OCX
C:\WINDOWS\SYSTEM\URL.DLL=C:\WINDOWS\SYSTEM\IE4SET UP\URL.DLL
C:\WINDOWS\SYSTEM\IMAGEHLP.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\IMAGEHLP.DLL
C:\WINDOWS\SYSTEM\COMCTL32.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM4334.TMP
C:\WINDOWS\SYSTEM\ADVPACK.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4345.TMP
C:\PROGRA~1\INTERN~1\IEXPLORE.EXE=C:\WINDOWS\SYSTE M\IE4SETUP\ACM4360.TMP
C:\WINDOWS\SYSTEM\MSHTML.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM4364.TMP
C:\WINDOWS\SYSTEM\MSHTML.TLB=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM4381.TMP
C:\WINDOWS\SYSTEM\MSHTMLED.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM4384.TMP
C:\WINDOWS\SYSTEM\SHDOCVW.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4390.TMP
C:\WINDOWS\SYSTEM\SHDOCLC.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM4394.TMP
C:\WINDOWS\SYSTEM\URLMON.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM43A1.TMP
C:\WINDOWS\SYSTEM\JSCRIPT.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43A3.TMP
C:\WINDOWS\SYSTEM\WININET.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43A4.TMP
C:\WINDOWS\SYSTEM\SHLWAPI.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM43B4.TMP
C:\WINDOWS\SYSTEM\ACTXPRXY.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5003.TMP
C:\WINDOWS\SYSTEM\DISPEX.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM5004.TMP
C:\WINDOWS\SYSTEM\MLANG.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\ACM5006.TMP
C:\WINDOWS\SYSTEM\IMGUTIL.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5013.TMP
C:\WINDOWS\SYSTEM\MSXML.DLL=C:\WINDOWS\SYSTEM\IE4S ETUP\ACM5015.TMP
C:\WINDOWS\SYSTEM\MSXMLA.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM5020.TMP
C:\WINDOWS\SYSTEM\BROWSEUI.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5043.TMP
C:\WINDOWS\SYSTEM\BROWSELC.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5051.TMP
C:\WINDOWS\SYSTEM\SHDOC401.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5053.TMP
C:\WINDOWS\SYSTEM\SHD401LC.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5054.TMP
C:\WINDOWS\SYSTEM\SHFOLDER.DLL=C:\WINDOWS\SYSTEM\I E4SETUP\ACM5060.TMP
C:\WINDOWS\SYSTEM\ATL.DLL=C:\WINDOWS\SYSTEM\IE4SET UP\ACM5063.TMP
C:\WINDOWS\SYSTEM\DXTRANS.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5071.TMP
C:\WINDOWS\SYSTEM\DXTMSFT.DLL=C:\WINDOWS\SYSTEM\IE 4SETUP\ACM5072.TMP
C:\WINDOWS\SYSTEM\MSLS31.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM50A1.TMP
C:\WINDOWS\SYSTEM\DIGEST.DLL=C:\WINDOWS\SYSTEM\IE4 SETUP\ACM50A4.TMP
NUL=C:\WINDOWS\SHELLI~1
NUL=C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE=C:\WINDOWS\SYSTEM\SET 51B5.TMP
NUL=C:\WINDOWS\SYSTEM\WEBCHECK.DLL
C:\WINDOWS\SYSTEM\WEBCHECK.DLL=C:\WINDOWS\SYSTEM\S ET5234.TMP
NUL=C:\WINDOWS\SYSTEM\MSIDLE.DLL
C:\WINDOWS\SYSTEM\MSIDLE.DLL=C:\WINDOWS\SYSTEM\SET 5235.TMP
C:\WINDOWS\SYSTEM\Macromed\Flash\swflash.ocx=C:\WI NDOWS\SYSTEM\Macromed\Flash\swflash.001
C:\WINDOWS\SYSTEM\dispex.dll=C:\WINDOWS\SYSTEM\dis pex.001
C:\WINDOWS\SYSTEM\jscript.dll=C:\WINDOWS\SYSTEM\js cript.001
C:\WINDOWS\SYSTEM\vbscript.dll=C:\WINDOWS\SYSTEM\v bscript.001
C:\WINDOWS\SYSTEM\OLEAUT32.DLL=C:\WINDOWS\SYSTEM\O LEAUT32.002
C:\WINDOWS\SYSTEM\STDOLE2.TLB=C:\WINDOWS\SYSTEM\ST DOLE2.001
--------------------------------------------------
C:\AUTOEXEC.BAT listing:
SET CLASSPATH=C:\Program Files\PhotoDeluxe 2.0\AdobeConnectables
SET GRIP=C:\GRAVIS\GRIP
SET SOUND=C:\PROGRA~1\CREATIVE\CTSND
SET MIDI=SYNTH:1 MAP:E
SET BLASTER=A220 I7 D1 H7 P300 T6
SET PATH=%PATH%;C:\GRAVIS\GRIP
SET PATH=%PATH%
SET lmouse=c:\logitech\entrtain
mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi)
mode con codepage select=850
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Low disk space notification.job
ScanDisk for Windows (Standard test).job
Disk Defragmenter.job
ScanDisk for Windows (Thorough test).job
Tune-up Application Start.job
--------------------------------------------------
Enumerating Download Program Files:
[InstallFromTheWeb ActiveX Control]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\IFTW.DLL
CODEBASE = http://www.installfromtheweb.com/install/iftwclix.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\SWFLASH.OCX
CODEBASE = http://activex.microsoft.com/activex/controls/macromedia/Swflash.cab
[SurferNETWORK Plugin]
InProcServer32 = C:\WINDOWS\DOWNLO~1\SURFER~1.OCX
CODEBASE = http://64.89.104.83/surferplugin.ocx
[RdxIE Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RDXIE.DLL
CODEBASE = http://207.188.7.150/13a70aa1c22959c20404/netzip/RdxIE601.cab
[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37859.7605208333
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL
--------------------------------------------------
End of report, 10,060 bytes
Report generated in 1.317 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only