Annoyances.org
Home » Windows Me Discussion Forum » Message 1073096203 » Entire Thread Search | Help | Home
  
scan disc
Showing all messages in thread #1073096203
Windows Me Annoyances Discussion Forum

The following are all of the messages in this thread (4 in all), shown in chronological order. Click any message subject to view that message by itself or to view the thread hierarchy.
scan disc
Friday, January 2, 2004 at 6:16 pm
Posted by scott werdin (1 messages posted)

unable to complete scan disc, see below. any suggestions? Logfile of HijackThis v1.97.7 Scan saved at 8:14:15 PM, on 1/2/04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\ATIPTAAA.EXE C:\WINDOWS\STARTER.EXE C:\WINDOWS\LOADQM.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\PROGRAM FILES\WINZIP\WINZIP32.EXE C:\WINDOWS\TEMP\HIJACKTHIS.EXE O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar_en_2.0.95-deleon.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\PROGRAM FILES\KONTIKI\BIN\BH309190.DLL O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar_en_2.0.95-deleon.dll O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [ATIGART] c:\ati\gart\atigart.exe O4 - HKLM\..\Run: [AtiPTA] Atiptaaa.exe O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - User Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsearch.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsimilar.html O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmbacklinks.html O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmtrans.html O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: AIM (HKLM) O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37863.386724537 O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst3_x.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab O16 - DPF: Toki Toki Boom - http://download.games.yahoo.com/games/clients/y/vtm_x.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1101709eea8aaf7b1c02/netzip/RdxIE601.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.brightstreet.com/cif/download/bin/actxcab.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products Installer Start) - http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab

[Reply or follow-up to this message]

Tip: Run a free scan for common Windows errors ad

re: scan disc
Friday, January 2, 2004 at 6:30 pm
Posted by Ms. Eagle (33507 messages posted) 


Sorry, but we don't just go through those logs, because someone decides to post one. 

Before running scan disk and defrag....clear out your temporary internet files and 
other temp files then run scan disk and defrag. Go to Start - Settings - Control 
Panel - Internet Options. Under the General tab click the Delete temporary internet 
files, choose to delete all Offline content and click Clear History button. 

Go to Start - Find - Files or folders - in the named box type: *.tmp and choose Edit 
- select all - File - delete. Do the same for *.chk. Then type: temp. Empty the contents 
of the C:\Windows\temp folder and C:\temp folder, if you have one. Delete this folder 
- C:\Windows\Applog; it will be re-created at bootup, but it'll be empty. Empty Recycle 
bin. 

You can safely uncheck Taskmon in msconfig, as it's unnecessary to have in your startup 
and uses resources unnecessarily. Go to Start - Run - type: msconfig. Enter or OK. 
Plus, download Windows ME's defrag tool and replace your original. It's much faster 
than Win98's. (this is the ME forum, btw) ME Defrag

Normal mode:
Close all tray applications then hit Ctl_Alt_Del and End task on all items except 
for Explorer and Systray. Disable your screensaver by temporarily setting to "None." 
Run scandisk in "Standard" then defrag, but first, in the defrag settings, uncheck 
"rearrange program files so my programs start faster". Reboot.

If you're using Microsoft Office, follow Microsoft's instructions to kill the Find 
Fast Indexer. It interferes with maintenance. Do NOT renable it; it's usless and 
uses lots of resources. Kill Find Fast

[Reply or follow-up to this message]

re: scan disc
Friday, January 2, 2004 at 8:24 pm
Posted by Doug (58 messages posted) 

Google toolbar & MyWebsearch are pretty obvious players.
Lose them for Health & Safety.






On Friday, January 2, 2004 at 6:16 pm, scott werdin wrote:
>unable to complete scan disc, see below. any suggestions?
>
>Logfile of HijackThis v1.97.7
>Scan saved at 8:14:15 PM, on 1/2/04
>Platform: Windows 98 SE (Win9x 4.10.2222A)
>MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
>Running processes:
>C:\WINDOWS\SYSTEM\KERNEL32.DLL
>C:\WINDOWS\SYSTEM\MSGSRV32.EXE
>C:\WINDOWS\SYSTEM\MPREXE.EXE
>C:\WINDOWS\SYSTEM\mmtask.tsk
>C:\WINDOWS\SYSTEM\MSTASK.EXE
>C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
>C:\WINDOWS\TASKMON.EXE
>C:\WINDOWS\SYSTEM\WMIEXE.EXE
>C:\WINDOWS\SYSTEM\DDHELP.EXE
>C:\WINDOWS\SYSTEM\SPOOL32.EXE
>C:\WINDOWS\EXPLORER.EXE
>C:\WINDOWS\SYSTEM\SYSTRAY.EXE
>C:\WINDOWS\SYSTEM\ATIPTAAA.EXE
>C:\WINDOWS\STARTER.EXE
>C:\WINDOWS\LOADQM.EXE
>C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE
>C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
>C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
>C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
>C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
>C:\WINDOWS\SYSTEM\RNAAPP.EXE
>C:\WINDOWS\SYSTEM\TAPISRV.EXE
>C:\WINDOWS\SYSTEM\PSTORES.EXE
>C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
>C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
>C:\WINDOWS\TEMP\HIJACKTHIS.EXE
>
>O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 
>5.0\READER\ACTIVEX\ACROIEHELPER.OCX
>O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton 
>SystemWorks\Norton AntiVirus\NavShExt.dll
>O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar_en_2.0.95-deleon.dll
>O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL
>O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} 
>- C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL
>O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\PROGRAM FILES\KONTIKI\BIN\BH309190.DLL
>O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program 
>Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
>O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar_en_2.0.95-deleon.dll
>O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM 
>FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL
>O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
>O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
>O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
>O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
>O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
>O4 - HKLM\..\Run: [ATIGART] c:\ati\gart\atigart.exe
>O4 - HKLM\..\Run: [AtiPTA] Atiptaaa.exe
>O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
>O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
>O4 - HKLM\..\Run: [LoadQM] loadqm.exe
>O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE
>O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" 
>-osboot
>O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
>O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
>O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe
>O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec 
>Shared\Script Blocking\SBServ.exe" -reg
>O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton 
>CleanSweep\CSINJECT.EXE
>O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton 
Utilities\NPROTECT.EXE
>O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common 
>Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
>O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
>O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton 
>SystemWorks\Norton CleanSweep\csinsm32.exe
>O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
>O4 - User Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton 
>SystemWorks\Norton CleanSweep\csinsm32.exe
>O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsearch.html
>O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmcache.html
>O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsimilar.html
>O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmbacklinks.html
>O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmtrans.html
>O9 - Extra button: Related (HKLM)
>O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
>O9 - Extra button: AIM (HKLM)
>O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
>O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37863.386724537
>O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information 
>Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
>O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
>O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the 
>Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
>O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst3_x.cab
>O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
>O16 - DPF: Toki Toki Boom - http://download.games.yahoo.com/games/clients/y/vtm_x.cab
>O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1101709eea8aaf7b1c02/netzip/RdxIE601.cab
>O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - 
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
>O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
>O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.brightstreet.com/cif/download/bin/actxcab.cab
>O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products Installer Start) 
>- http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab
>O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup 
>Player) - http://www.installengine.com/engine/isetup.cab
>

[Reply or follow-up to this message]

re: scan disc
Saturday, January 3, 2004 at 9:43 am
Posted by tom brown (5 messages posted)

boot up into safe mode first.....then run scandisk standard.....if this says it found errors, then run defrag from safe mode also'


On Friday, January 2, 2004 at 6:16 pm, scott werdin wrote:
>unable to complete scan disc, see below. any suggestions?
>
>Logfile of HijackThis v1.97.7
>Scan saved at 8:14:15 PM, on 1/2/04
>Platform: Windows 98 SE (Win9x 4.10.2222A)
>MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
>Running processes:
>C:\WINDOWS\SYSTEM\KERNEL32.DLL
>C:\WINDOWS\SYSTEM\MSGSRV32.EXE
>C:\WINDOWS\SYSTEM\MPREXE.EXE
>C:\WINDOWS\SYSTEM\mmtask.tsk
>C:\WINDOWS\SYSTEM\MSTASK.EXE
>C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
>C:\WINDOWS\TASKMON.EXE
>C:\WINDOWS\SYSTEM\WMIEXE.EXE
>C:\WINDOWS\SYSTEM\DDHELP.EXE
>C:\WINDOWS\SYSTEM\SPOOL32.EXE
>C:\WINDOWS\EXPLORER.EXE
>C:\WINDOWS\SYSTEM\SYSTRAY.EXE
>C:\WINDOWS\SYSTEM\ATIPTAAA.EXE
>C:\WINDOWS\STARTER.EXE
>C:\WINDOWS\LOADQM.EXE
>C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE
>C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
>C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
>C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
>C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
>C:\WINDOWS\SYSTEM\RNAAPP.EXE
>C:\WINDOWS\SYSTEM\TAPISRV.EXE
>C:\WINDOWS\SYSTEM\PSTORES.EXE
>C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
>C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
>C:\WINDOWS\TEMP\HIJACKTHIS.EXE
>
>O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT
>5.0\READER\ACTIVEX\ACROIEHELPER.OCX
>O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton
>SystemWorks\Norton AntiVirus\NavShExt.dll
>O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar_en_2.0.95-deleon.dll
>O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL
>O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D}
>- C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL
>O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\PROGRAM FILES\KONTIKI\BIN\BH309190.DLL
>O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program
>Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
>O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar_en_2.0.95-deleon.dll
>O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM
>FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL
>O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
>O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
>O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
>O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
>O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
>O4 - HKLM\..\Run: [ATIGART] c:\ati\gart\atigart.exe
>O4 - HKLM\..\Run: [AtiPTA] Atiptaaa.exe
>O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
>O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
>O4 - HKLM\..\Run: [LoadQM] loadqm.exe
>O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE
>O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"
>-osboot
>O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
>O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
>O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe
>O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec
>Shared\Script Blocking\SBServ.exe" -reg
>O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton
>CleanSweep\CSINJECT.EXE
>O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
>O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common
>Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
>O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
>O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton
>SystemWorks\Norton CleanSweep\csinsm32.exe
>O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
>O4 - User Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton
>SystemWorks\Norton CleanSweep\csinsm32.exe
>O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsearch.html
>O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmcache.html
>O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsimilar.html
>O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmbacklinks.html
>O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmtrans.html
>O9 - Extra button: Related (HKLM)
>O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
>O9 - Extra button: AIM (HKLM)
>O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
>O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37863.386724537
>O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information
>Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
>O16 - DPF: JT's Blocks - http://download.games.yahoo.com/games/clients/y/blt1_x.cab
>O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the
>Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
>O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst3_x.cab
>O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
>O16 - DPF: Toki Toki Boom - http://download.games.yahoo.com/games/clients/y/vtm_x.cab
>O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1101709eea8aaf7b1c02/netzip/RdxIE601.cab
>O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
>O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
>O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.brightstreet.com/cif/download/bin/actxcab.cab
>O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products Installer Start)
>- http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab
>O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup
>Player) - http://www.installengine.com/engine/isetup.cab
>

[Reply or follow-up to this message]

Tip: Use one of the [Reply or follow-up to this message] links above to add a message to this thread
Return to the Windows Me Discussion Forum


All content at Annoyances.org is Copyright © 1995-2009 Creative Elementtm All rights reserved.
Please do not plagiarize; redistributing these pages without permission is strictly prohibited.