Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another bleepingcomputer problem


  • Please log in to reply
13 replies to this topic

#1 m.hoyer

m.hoyer

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:36 AM

Posted 11 May 2005 - 08:54 AM

Logfile of HijackThis v1.99.0
Scan saved at 10:03:33 AM, on 5/11/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\PROGRAM FILES\ENCOMPASS\MONITOR.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\NTUP32.EXE
C:\WINDOWS\NETOD32.EXE
C:\WINDOWS\SDKGA.EXE
C:\WINDOWS\SYSTEM\APPPT.EXE
C:\WINDOWS\SYSTEM\MSLY32.EXE
C:\WINDOWS\ATLTC.EXE
C:\WINDOWS\D3HN.EXE
C:\WINDOWS\SYSTEM\MSWL.EXE
C:\WINDOWS\IPOZ.EXE
C:\WINDOWS\JAVAJS.EXE
C:\WINDOWS\APPIT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\IWP\NPFMNTOR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\COMSMD.EXE
C:\SCANJET\PRECISIONSCANPRO\HPLAMP.EXE
C:\WINDOWS\SYSTEM\HPSJVXD.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NORTON CRASHGUARD\CGMENU.EXE
C:\PROGRAM FILES\CAERE\OMNIPAGEPRO10.0\OPWARE32.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\PHOTO IMAGING\HPI_MONITOR.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\D-LINK\AIRPLUS XTREME G\AIRPLUSCFG.EXE
C:\PROGRAM FILES\ALPHA NETWORKS\ANIWZCS SERVICE\WZCSLDR.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\NORTON CRASHGUARD\CG16EH.EXE
C:\PROGRAM FILES\MSWORKS\CALENDAR\WKCALREM.EXE
C:\TOOLS_95\IMGICON.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\RAND MCNALLY\STREETFINDER\ROL\REMIND32.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKJOBS.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKTOPASS.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKSLAPI.EXE
C:\MY DOCUMENTS\SOFTWARE\HIJACKTHIS.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\zzzdd.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\zzzdd.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\zzzdd.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\zzzdd.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\zzzdd.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\zzzdd.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\zzzdd.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {783B9D22-B9F2-EDFC-3D2B-4F6A3D1BCF1B} - C:\WINDOWS\SYSIN32.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [HP Lamp] C:\SCANJET\PrecisionScanPro\HPLamp.exe
O4 - HKLM\..\Run: [HPSCANMonitor] c:\windows\SYSTEM\hpsjvxd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [Norton CrashGuard Monitor] "C:\PROGRAM FILES\NORTON CRASHGUARD\CGMenu.EXE"
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro10.0\opware32.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] c:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [CRCC.EXE] C:\WINDOWS\SYSTEM\CRCC.EXE
O4 - HKLM\..\Run: [NPROTECT] c:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [dRMON SmartAgent] drmon\SmartAgt\SmartAgt.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ccProxy] c:\PROGRA~1\COMMON~1\SYMANT~1\CCPROXY.EXE
O4 - HKLM\..\RunServices: [MSZX32.EXE] C:\WINDOWS\MSZX32.EXE /s
O4 - HKLM\..\RunServices: [NTMV.EXE] C:\WINDOWS\SYSTEM\NTMV.EXE /s
O4 - HKLM\..\RunServices: [NTUP32.EXE] C:\WINDOWS\NTUP32.EXE /s
O4 - HKLM\..\RunServices: [NETOD32.EXE] C:\WINDOWS\NETOD32.EXE /s
O4 - HKLM\..\RunServices: [SDKGA.EXE] C:\WINDOWS\SDKGA.EXE /s
O4 - HKLM\..\RunServices: [APPPT.EXE] C:\WINDOWS\SYSTEM\APPPT.EXE /s
O4 - HKLM\..\RunServices: [MSLY32.EXE] C:\WINDOWS\SYSTEM\MSLY32.EXE /s
O4 - HKLM\..\RunServices: [ATLTC.EXE] C:\WINDOWS\ATLTC.EXE /s
O4 - HKLM\..\RunServices: [D3HN.EXE] C:\WINDOWS\D3HN.EXE /s
O4 - HKLM\..\RunServices: [MSWL.EXE] C:\WINDOWS\SYSTEM\MSWL.EXE /s
O4 - HKLM\..\RunServices: [IPOZ.EXE] C:\WINDOWS\IPOZ.EXE /s
O4 - HKLM\..\RunServices: [JAVAJS.EXE] C:\WINDOWS\JAVAJS.EXE /s
O4 - HKLM\..\RunServices: [APPIT.EXE] C:\WINDOWS\APPIT.EXE /s
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] c:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [NPFMonitor] c:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] c:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "c:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
O4 - Startup: Iomega Startup Options.lnk = C:\Tools_95\IMGSTART.EXE
O4 - Startup: Iomega Watch.lnk = C:\Tools_95\IOWATCH.EXE
O4 - Startup: Zip Disk Icons.lnk = C:\Tools_95\IMGICON.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Reminder-ran40101.lnk = C:\Program Files\Rand McNally\StreetFinder\ROL\Remind32.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: PageKeeper Jobs.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:36 AM

Posted 11 May 2005 - 11:41 PM

Hello m.hoyer. You are currently running an older version of HijackThis. Please click on the link below and download the most current version:HijackThis_sfx.exe
Delete your current HijackThis.exe file and double-click on the file you just downloaded and then click on the Unzip button to install the newer version. It will be installed to the C:\Program Files\HijackThis\ directory by default.

Start HijackThis and perform a new scan. Post your new log file back here as a relpy to this topic and I will review it when it comes in.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 m.hoyer

m.hoyer
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:36 AM

Posted 12 May 2005 - 08:43 AM

Here's the updated log file:

Logfile of HijackThis v1.99.1
Scan saved at 9:55:33 AM, on 5/12/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\PROGRAM FILES\ENCOMPASS\MONITOR.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\NTUP32.EXE
C:\WINDOWS\NETOD32.EXE
C:\WINDOWS\SDKGA.EXE
C:\WINDOWS\SYSTEM\APPPT.EXE
C:\WINDOWS\SYSTEM\MSLY32.EXE
C:\WINDOWS\ATLTC.EXE
C:\WINDOWS\D3HN.EXE
C:\WINDOWS\SYSTEM\MSWL.EXE
C:\WINDOWS\IPOZ.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\JAVAJS.EXE
C:\WINDOWS\APPIT.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\IWP\NPFMNTOR.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\COMSMD.EXE
C:\SCANJET\PRECISIONSCANPRO\HPLAMP.EXE
C:\WINDOWS\SYSTEM\HPSJVXD.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\NORTON CRASHGUARD\CGMENU.EXE
C:\PROGRAM FILES\CAERE\OMNIPAGEPRO10.0\OPWARE32.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\PHOTO IMAGING\HPI_MONITOR.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\D-LINK\AIRPLUS XTREME G\AIRPLUSCFG.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\ALPHA NETWORKS\ANIWZCS SERVICE\WZCSLDR.EXE
C:\WINDOWS\SYSTEM\CRCC.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\NORTON CRASHGUARD\CG16EH.EXE
C:\PROGRAM FILES\MSWORKS\CALENDAR\WKCALREM.EXE
C:\TOOLS_95\IMGICON.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\RAND MCNALLY\STREETFINDER\ROL\REMIND32.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKJOBS.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKTOPASS.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKSLAPI.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: Class - {A0FA19B8-4264-CAFF-394E-D22550DD8481} - C:\WINDOWS\SYSTEM\SDKWZ32.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [HP Lamp] C:\SCANJET\PrecisionScanPro\HPLamp.exe
O4 - HKLM\..\Run: [HPSCANMonitor] c:\windows\SYSTEM\hpsjvxd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [Norton CrashGuard Monitor] "C:\PROGRAM FILES\NORTON CRASHGUARD\CGMenu.EXE"
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro10.0\opware32.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] c:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [CRCC.EXE] C:\WINDOWS\SYSTEM\CRCC.EXE
O4 - HKLM\..\Run: [NPROTECT] c:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [dRMON SmartAgent] drmon\SmartAgt\SmartAgt.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ccProxy] c:\PROGRA~1\COMMON~1\SYMANT~1\CCPROXY.EXE
O4 - HKLM\..\RunServices: [MSZX32.EXE] C:\WINDOWS\MSZX32.EXE /s
O4 - HKLM\..\RunServices: [NTMV.EXE] C:\WINDOWS\SYSTEM\NTMV.EXE /s
O4 - HKLM\..\RunServices: [NTUP32.EXE] C:\WINDOWS\NTUP32.EXE /s
O4 - HKLM\..\RunServices: [NETOD32.EXE] C:\WINDOWS\NETOD32.EXE /s
O4 - HKLM\..\RunServices: [SDKGA.EXE] C:\WINDOWS\SDKGA.EXE /s
O4 - HKLM\..\RunServices: [APPPT.EXE] C:\WINDOWS\SYSTEM\APPPT.EXE /s
O4 - HKLM\..\RunServices: [MSLY32.EXE] C:\WINDOWS\SYSTEM\MSLY32.EXE /s
O4 - HKLM\..\RunServices: [ATLTC.EXE] C:\WINDOWS\ATLTC.EXE /s
O4 - HKLM\..\RunServices: [D3HN.EXE] C:\WINDOWS\D3HN.EXE /s
O4 - HKLM\..\RunServices: [MSWL.EXE] C:\WINDOWS\SYSTEM\MSWL.EXE /s
O4 - HKLM\..\RunServices: [IPOZ.EXE] C:\WINDOWS\IPOZ.EXE /s
O4 - HKLM\..\RunServices: [JAVAJS.EXE] C:\WINDOWS\JAVAJS.EXE /s
O4 - HKLM\..\RunServices: [APPIT.EXE] C:\WINDOWS\APPIT.EXE /s
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] c:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [NPFMonitor] c:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [NPROTECT] c:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "c:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
O4 - Startup: Iomega Startup Options.lnk = C:\Tools_95\IMGSTART.EXE
O4 - Startup: Iomega Watch.lnk = C:\Tools_95\IOWATCH.EXE
O4 - Startup: Zip Disk Icons.lnk = C:\Tools_95\IMGICON.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Reminder-ran40101.lnk = C:\Program Files\Rand McNally\StreetFinder\ROL\Remind32.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: PageKeeper Jobs.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll

#4 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:36 AM

Posted 12 May 2005 - 01:32 PM

Hi m.hoyer. After reviewing your log I see a few items that require our attention. Please print these directions and then proceed with the following steps in order.

Step #1

Download Cwshredder.exe and save it to a folder of its own. Start the program and click on the Check for Update button. If an update is available then download and install it. Close the program (do not run it yet).

Download CCleaner and install it but do not run it yet.

Step #2

Restart in Safe Mode
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Step #3

Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ahjna.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {A0FA19B8-4264-CAFF-394E-D22550DD8481} - C:\WINDOWS\SYSTEM\SDKWZ32.DLL
O4 - HKLM\..\Run: [CRCC.EXE] C:\WINDOWS\SYSTEM\CRCC.EXE
O4 - HKLM\..\RunServices: [MSZX32.EXE] C:\WINDOWS\MSZX32.EXE /s
O4 - HKLM\..\RunServices: [NTMV.EXE] C:\WINDOWS\SYSTEM\NTMV.EXE /s
O4 - HKLM\..\RunServices: [NTUP32.EXE] C:\WINDOWS\NTUP32.EXE /s
O4 - HKLM\..\RunServices: [NETOD32.EXE] C:\WINDOWS\NETOD32.EXE /s
O4 - HKLM\..\RunServices: [SDKGA.EXE] C:\WINDOWS\SDKGA.EXE /s
O4 - HKLM\..\RunServices: [APPPT.EXE] C:\WINDOWS\SYSTEM\APPPT.EXE /s
O4 - HKLM\..\RunServices: [MSLY32.EXE] C:\WINDOWS\SYSTEM\MSLY32.EXE /s
O4 - HKLM\..\RunServices: [ATLTC.EXE] C:\WINDOWS\ATLTC.EXE /s
O4 - HKLM\..\RunServices: [D3HN.EXE] C:\WINDOWS\D3HN.EXE /s
O4 - HKLM\..\RunServices: [MSWL.EXE] C:\WINDOWS\SYSTEM\MSWL.EXE /s
O4 - HKLM\..\RunServices: [IPOZ.EXE] C:\WINDOWS\IPOZ.EXE /s
O4 - HKLM\..\RunServices: [JAVAJS.EXE] C:\WINDOWS\JAVAJS.EXE /s
O4 - HKLM\..\RunServices: [APPIT.EXE] C:\WINDOWS\APPIT.EXE /s

Now close ALL open windows except HijackThis and click the Fix Checked button to finish the repair.

Step #4

We need to make sure all hidden files are showing so please:
  • Open My Computer.
  • Select the View menu and click Folder Options.
  • Select the View tab.
  • In the Hidden files section select Show all files.
  • Click OK.
Find the following files/folders and delete them (don't worry if they are already gone):C:\WINDOWS\ahjna.dll
C:\WINDOWS\SYSTEM\SDKWZ32.DLL
C:\WINDOWS\SYSTEM\CRCC.EXE
C:\WINDOWS\MSZX32.EXE
C:\WINDOWS\SYSTEM\NTMV.EXE
C:\WINDOWS\NTUP32.EXE
C:\WINDOWS\NETOD32.EXE
C:\WINDOWS\SDKGA.EXE
C:\WINDOWS\SYSTEM\APPPT.EXE
C:\WINDOWS\SYSTEM\MSLY32.EXE
C:\WINDOWS\ATLTC.EXE
C:\WINDOWS\D3HN.EXE
C:\WINDOWS\SYSTEM\MSWL.EXE
C:\WINDOWS\IPOZ.EXE
C:\WINDOWS\JAVAJS.EXE
C:\WINDOWS\APPIT.EXE

Step #5

Start CCleaner and click on the Run Cleaner button in the lower right-hand corner. When it is finished close CCleaner.

Step #6

Run CWShredder
  • Double-click on CWShredder.exe.
  • Click "Fix ->" and click "OK" at the prompt.
  • CWShredder will scan and clean your system of CWS files.
  • Click "Next->" and then "Exit".
Step #7

Reboot normally and run at least 2 of the following on-line virus scans:Trend Micro Housecall
BitDefender On-Line Virus Scan
Panda ActiveScan
eTrust Antivirus Web Scanner
Make sure that you choose "fix" or "clean".

Step #8

AdAware SE

Download, install, update, configure and run a scan with Ad-aware SE:
  • Download and Install AdAware SE Personal, keeping the default options. However, some of the settings will need to be changed before your first scan.
  • Close ALL windows except Ad-Aware SE.
  • Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.
  • Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window:
    • In the ‘General’ window make sure the following are selected in green:
      • Under Safety:
        • Automatically save log-file
      • Automatically quarantine objects prior to removal
      • Safe Mode (always request confirmation)
    • Under Definitions:
      • Prompt to update outdated definitions - set the number of days
  • Click on the ‘Scanning’ button on the left and select in green:
    • Under Driver, Folders & Files:
      • Scan Within Archives
    • Under Select drives & folders to scan:
      • choose all hard drives
    • Under Memory & Registry: all green
      • Scan Active Processes
      • Scan Registry
      • Deep Scan Registry
      • Scan my IE favorites for banned URL’s
      • Scan my Hosts file
  • Click on the ‘Advanced’ button on the left and select in green:
    • Under Shell Integration:
      • Move deleted files to recycle bin
    • Under Logfile Detail Level: all green
      • include addtional object information
      • DESELECT - include negligible objects information
      • include environment information
    • Under Alternate Data Streams:
      • Don't log streams smaller than 0 bytes
      • Don't log ADS with the following names: CA_INOCULATEIT
  • Click the ‘Tweak’ button and select in green:
    • Under ‘Scanning Engine’:
      • Unload recognized processes during scanning
      • Scan registry for all users instead of current user only
    • Under ‘Cleaning Engine’:
      • Let Windows remove files in use at next reboot
    • Under Log Files:
      • Include basic Ad-aware SE settings in logfile
      • Include additional Ad-aware SE settings in logfile
      • Please do not check: Include Module list in logfile
  • Click on ‘Proceed’ to save the settings.
  • Click ‘Start’
  • Choose 'Perform Full System Scan'
  • DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.
  • Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.
  • If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window
  • Save the log file when it asks and then click ‘Finish’
  • REBOOT to complete the removal of what Ad-Aware SE found.
Step #9

OK. Reboot your computer normally, start HijackThis and perform a new scan. Use the Add Reply button to post your new log file back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#5 m.hoyer

m.hoyer
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:36 AM

Posted 18 May 2005 - 11:46 AM

Thanks for your help! We seem to have fixed all the problems except boot speed. I've unistalled Norton SystemWorks 2005, because I know it causes a significant performance hit. I plan to install someone else's AntiVirus software as soon as I can get this computer running - and booting - normally. It still takes more than 10 minutes to boot, though.

#6 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:36 AM

Posted 18 May 2005 - 12:32 PM

Hi m.hoyer. Post back a current HijackThis log and I will verify that everything has been removed. Then we can check for other problems related to the bootup.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#7 m.hoyer

m.hoyer
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:36 AM

Posted 18 May 2005 - 01:39 PM

Logfile of HijackThis v1.99.1
Scan saved at 2:33:34 PM, on 5/18/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wippell.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [HP Lamp] C:\SCANJET\PrecisionScanPro\HPLamp.exe
O4 - HKLM\..\Run: [HPSCANMonitor] c:\windows\SYSTEM\hpsjvxd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro10.0\opware32.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] c:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [dRMON SmartAgent] drmon\SmartAgt\SmartAgt.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
O4 - Startup: Iomega Startup Options.lnk = C:\Tools_95\IMGSTART.EXE
O4 - Startup: Iomega Watch.lnk = C:\Tools_95\IOWATCH.EXE
O4 - Startup: Zip Disk Icons.lnk = C:\Tools_95\IMGICON.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Reminder-ran40101.lnk = C:\Program Files\Rand McNally\StreetFinder\ROL\Remind32.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: PageKeeper Jobs.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab

#8 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:36 AM

Posted 18 May 2005 - 02:59 PM

Hi m.hoyer. It appears that this log was run from Safe Mode. Can you verify that the machine is booted normally and send in a current log?

Thanks.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#9 m.hoyer

m.hoyer
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:36 AM

Posted 19 May 2005 - 07:56 AM

Logfile of HijackThis v1.99.1
Scan saved at 9:10:45 AM, on 5/19/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\PROGRAM FILES\ENCOMPASS\MONITOR.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\COMSMD.EXE
C:\SCANJET\PRECISIONSCANPRO\HPLAMP.EXE
C:\WINDOWS\SYSTEM\HPSJVXD.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\CAERE\OMNIPAGEPRO10.0\OPWARE32.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\PHOTO IMAGING\HPI_MONITOR.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\PROGRAM FILES\D-LINK\AIRPLUS XTREME G\AIRPLUSCFG.EXE
C:\PROGRAM FILES\ALPHA NETWORKS\ANIWZCS SERVICE\WZCSLDR.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\PROGRAM FILES\MSWORKS\CALENDAR\WKCALREM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\TOOLS_95\IMGICON.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\RAND MCNALLY\STREETFINDER\ROL\REMIND32.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKJOBS.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKSLAPI.EXE
C:\PROGRAM FILES\CAERE\PAGEKEEPER30\SYSTEM\PKTOPASS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wippell.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [HP Lamp] C:\SCANJET\PrecisionScanPro\HPLamp.exe
O4 - HKLM\..\Run: [HPSCANMonitor] c:\windows\SYSTEM\hpsjvxd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro10.0\opware32.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [D-Link AirPlus Xtreme G] c:\Program Files\D-Link\AirPlus Xtreme G\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [dRMON SmartAgent] drmon\SmartAgt\SmartAgt.exe
O4 - HKLM\..\RunServices: [EncMonitor] C:\Program Files\Encompass\Monitor.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
O4 - Startup: Iomega Startup Options.lnk = C:\Tools_95\IMGSTART.EXE
O4 - Startup: Iomega Watch.lnk = C:\Tools_95\IOWATCH.EXE
O4 - Startup: Zip Disk Icons.lnk = C:\Tools_95\IMGICON.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Reminder-ran40101.lnk = C:\Program Files\Rand McNally\StreetFinder\ROL\Remind32.exe
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: PageKeeper Jobs.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab

#10 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:36 AM

Posted 19 May 2005 - 11:21 AM

Hi m.hoyer. Thanks for the new log. This log is clean. Good job! How are things running? Any more problems?

I see no signs of an anti-virus or firewall on this computer. These programs are your first line of defense in preventing infections. I highly recommend installing them to keep you computer safe and virus free. See the the links below for recommended applications that we recommend.

We have a couple of last steps to perform and then you're all set.

First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion.
  • Open My Computer.
  • Select the View menu and click Folder Options.
  • Select the View tab.
  • In the Hidden files section unselect Show all files.
  • Click OK.
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
  • SpywareBlaster to help prevent spyware from installing in the first place.
  • SpywareGuard to catch and block spyware before it can execute.
  • IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.
You should also have a good firewall. Here are 3 free ones available for personal use:and a good antivirus (these are also free for personal use):It is critical to have both a firewall and antivirus to protect your system and to keep them updated.

To keep your operating system up to date visit monthly. And to keep your system clean run these free malware scanners
weekly, and be aware of what emails you open and websites you visit.

To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place?

Have a safe and happy computing day!

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#11 m.hoyer

m.hoyer
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:36 AM

Posted 26 May 2005 - 09:36 AM

The computer seems to be working well once it gets booted, but it's still taking 20 minutes or more to boot up. Any suggestions?

#12 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:36 AM

Posted 26 May 2005 - 12:28 PM

Hi m.hoyer. Let's try this.

Go here and download the Bootlog Examiner. Follow the directions to create a bootlog and then start Bootlog Examiner to analyze the information. Post the information from Bootlog Examiner back here.

I will review the information when it comes in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#13 m.hoyer

m.hoyer
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:36 AM

Posted 02 June 2005 - 07:53 PM

Bootlog Examiner (C:\Bootlog.txt 6/2/2005 11:45:14 AM)


System Time Proc. Time Process
----------- ---------- -------
11:47:16 0.00 Loading Device = C:\WINDOWS\HIMEM.SYS
11:47:16 0.00 LoadSuccess = C:\WINDOWS\HIMEM.SYS
11:47:16 0.28 Loading Device = C:\WINDOWS\EMM386.EXE
11:47:16 0.00 LoadSuccess = C:\WINDOWS\EMM386.EXE
11:47:16 ** 2.11 Loading Device = C:\CDROM\OAKCDROM.SYS
11:47:18 0.00 LoadSuccess = C:\CDROM\OAKCDROM.SYS
11:47:18 0.67 Loading Device = C:\WINDOWS\DBLBUFF.SYS
11:47:19 0.00 LoadSuccess = C:\WINDOWS\DBLBUFF.SYS
11:47:19 0.56 Loading Device = C:\WINDOWS\IFSHLP.SYS
11:47:19 ** 38.67 LoadSuccess = C:\WINDOWS\IFSHLP.SYS
11:50:57 0.00 Loading Vxd = VMM
11:50:57 0.00 LoadSuccess = VMM
11:50:57 0.17 Loading Vxd = C:\WINDOWS\SMARTDRV.EXE
11:50:57 ** 2.39 LoadSuccess = C:\WINDOWS\SMARTDRV.EXE
11:50:59 ** 2.33 LoadSuccess = vnetsup.vxd
11:51:00 0.33 Loading Vxd = vnetsup.vxd
11:51:02 0.67 Loading Vxd = ndis.vxd
11:51:02 ** 2.44 LoadSuccess = ndis.vxd
11:51:04 ** 2.44 ** LoadFailed = ndis2sup.vxd
11:51:05 0.44 Loading Vxd = ndis2sup.vxd
11:51:07 0.67 Loading Vxd = JAVASUP.VXD
11:51:07 0.00 LoadSuccess = JAVASUP.VXD
11:51:07 0.56 Loading Vxd = CONFIGMG
11:51:07 0.00 LoadSuccess = CONFIGMG
11:51:07 0.00 Loading Vxd = NTKERN
11:51:07 0.00 LoadSuccess = NTKERN
11:51:07 0.00 Loading Vxd = VWIN32
11:51:07 0.00 LoadSuccess = VWIN32
11:51:07 0.00 Loading Vxd = VFBACKUP
11:51:07 0.00 LoadSuccess = VFBACKUP
11:51:07 0.00 Loading Vxd = VCOMM
11:51:07 0.00 LoadSuccess = VCOMM
11:51:07 0.00 Loading Vxd = COMBUFF
11:51:07 0.56 LoadSuccess = COMBUFF
11:51:07 0.56 Loading Vxd = C:\WINDOWS\system\VMM32\IFSMGR.VXD
11:51:07 0.00 LoadSuccess = C:\WINDOWS\system\VMM32\IFSMGR.VXD
11:51:07 0.00 Loading Vxd = C:\WINDOWS\system\VMM32\IOS.VXD
11:51:07 0.00 LoadSuccess = C:\WINDOWS\system\VMM32\IOS.VXD
11:51:07 0.00 Loading Vxd = mtrr
11:51:07 0.00 LoadSuccess = mtrr
11:51:07 0.00 Loading Vxd = SPOOLER
11:51:07 0.00 LoadSuccess = SPOOLER
11:51:07 0.00 Loading Vxd = UDF
11:51:07 0.00 LoadSuccess = UDF
11:51:07 0.00 Loading Vxd = VFAT
11:51:07 0.00 LoadSuccess = VFAT
11:51:07 0.00 Loading Vxd = VCACHE
11:51:07 0.00 LoadSuccess = VCACHE
11:51:07 0.00 Loading Vxd = VCOND
11:51:07 0.00 LoadSuccess = VCOND
11:51:07 0.00 Loading Vxd = VCDFSD
11:51:07 0.56 LoadSuccess = VCDFSD
11:51:07 0.00 Loading Vxd = VXDLDR
11:51:07 0.00 LoadSuccess = VXDLDR
11:51:07 0.00 Loading Vxd = VDEF
11:51:07 0.00 LoadSuccess = VDEF
11:51:07 0.00 Loading Vxd = VPICD
11:51:07 0.00 LoadSuccess = VPICD
11:51:07 0.00 Loading Vxd = VTD
11:51:07 0.00 LoadSuccess = VTD
11:51:07 0.00 Loading Vxd = REBOOT
11:51:07 0.00 LoadSuccess = REBOOT
11:51:07 0.00 Loading Vxd = VDMAD
11:51:07 0.00 LoadSuccess = VDMAD
11:51:07 0.00 Loading Vxd = VSD
11:51:07 0.00 LoadSuccess = VSD
11:51:07 0.56 Loading Vxd = V86MMGR
11:51:07 0.00 LoadSuccess = V86MMGR
11:51:07 0.00 Loading Vxd = PAGESWAP
11:51:07 0.00 LoadSuccess = PAGESWAP
11:51:07 0.00 Loading Vxd = DOSMGR
11:51:07 0.00 LoadSuccess = DOSMGR
11:51:07 0.00 Loading Vxd = VMPOLL
11:51:07 0.00 LoadSuccess = VMPOLL
11:51:07 0.00 Loading Vxd = SHELL
11:51:07 0.00 LoadSuccess = SHELL
11:51:07 0.00 Loading Vxd = PARITY
11:51:07 0.00 LoadSuccess = PARITY
11:51:07 0.00 Loading Vxd = BIOSXLAT
11:51:07 0.00 LoadSuccess = BIOSXLAT
11:51:07 0.00 Loading Vxd = VMCPD
11:51:07 0.00 LoadSuccess = VMCPD
11:51:07 0.56 Loading Vxd = C:\WINDOWS\system\VMM32\VTDAPI.VXD
11:51:07 0.00 LoadSuccess = C:\WINDOWS\system\VMM32\VTDAPI.VXD
11:51:07 0.00 Loading Vxd = PERF
11:51:07 0.00 LoadSuccess = PERF
11:51:07 ** 1.00 Loading Vxd = c:\windows\SYSTEM\vrtwd.386
11:51:08 0.00 LoadSuccess = c:\windows\SYSTEM\vrtwd.386
11:51:08 0.00 Loading Vxd = c:\windows\SYSTEM\vfixd.vxd
11:51:08 ** 4.00 LoadSuccess = c:\windows\SYSTEM\vfixd.vxd
11:51:12 0.56 Loading Vxd = vnetbios.vxd
11:51:13 ** 2.44 LoadSuccess = vnetbios.vxd
11:51:14 ** 2.56 LoadSuccess = vredir.vxd
11:51:15 0.50 Loading Vxd = vredir.vxd
11:51:17 0.50 Loading Vxd = dfs.vxd
11:51:18 ** 2.44 LoadSuccess = dfs.vxd
11:51:20 0.44 Loading Vxd = vserver.vxd
11:51:20 ** 2.39 Skipped (not needed) = vserver.vxd
11:51:22 0.67 Loading Vxd = Hpsjvxd.vxd
11:51:23 0.56 LoadSuccess = Hpsjvxd.vxd
11:51:23 0.00 Loading Vxd = ebios
11:51:23 0.00 LoadSuccess = ebios
11:51:23 0.00 Loading Vxd = vmouse
11:51:23 ** 2.39 LoadSuccess = vmouse
11:51:25 0.44 Loading Vxd = msmouse.vxd
11:51:25 0.00 LoadSuccess = msmouse.vxd
11:51:25 0.00 Loading Vxd = dynapage
11:51:25 0.00 LoadSuccess = dynapage
11:51:25 0.56 Loading Vxd = VCD
11:51:25 0.00 LoadSuccess = VCD
11:51:25 0.00 Loading Vxd = vpd
11:51:25 0.00 LoadSuccess = vpd
11:51:25 0.00 Loading Vxd = int13
11:51:25 0.00 LoadSuccess = int13
11:51:25 0.00 Loading Vxd = enable
11:51:25 0.00 LoadSuccess = enable
11:51:25 0.00 Loading Vxd = vkd
11:51:25 0.00 LoadSuccess = vkd
11:51:25 0.00 Loading Vxd = vdd
11:51:25 0.00 LoadSuccess = vdd
11:51:25 0.00 Loading Vxd = vflatd
11:51:25 0.11 LoadSuccess = vflatd
11:51:25 0.89 Loading Vxd = syswiz.386
11:51:26 0.56 LoadSuccess = syswiz.386
11:51:26 0.00 SYSCRITINIT = VMM
11:51:26 0.00 SYSCRITINITSUCCESS = VMM
11:51:26 0.00 SYSCRITINIT = MTRR
11:51:26 0.00 SYSCRITINITSUCCESS = MTRR
11:51:26 0.00 SYSCRITINIT = VCACHE
11:51:26 0.00 SYSCRITINITSUCCESS = VCACHE
11:51:26 0.00 SYSCRITINIT = DFS
11:51:26 0.00 SYSCRITINITSUCCESS = DFS
11:51:26 0.00 SYSCRITINIT = PERF
11:51:26 0.00 SYSCRITINITSUCCESS = PERF
11:51:26 0.00 SYSCRITINIT = VPICD
11:51:26 0.00 SYSCRITINITSUCCESS = VPICD
11:51:26 0.00 SYSCRITINIT = VrtwD
11:51:26 0.00 SYSCRITINITSUCCESS = VrtwD
11:51:26 0.00 SYSCRITINIT = VTD
11:51:26 0.00 SYSCRITINITSUCCESS = VTD
11:51:26 0.00 SYSCRITINIT = VWIN32
11:51:26 0.00 SYSCRITINITSUCCESS = VWIN32
11:51:26 0.00 SYSCRITINIT = VXDLDR
11:51:26 0.00 SYSCRITINITSUCCESS = VXDLDR
11:51:26 0.00 SYSCRITINIT = NTKERN
11:51:26 0.00 SYSCRITINITSUCCESS = NTKERN
11:51:26 0.00 SYSCRITINIT = CONFIGMG
11:51:26 0.00 SYSCRITINITSUCCESS = CONFIGMG
11:51:26 0.00 SYSCRITINIT = VCDFSD
11:51:26 0.00 SYSCRITINITSUCCESS = VCDFSD
11:51:26 0.00 SYSCRITINIT = IOS
11:51:26 0.00 SYSCRITINITSUCCESS = IOS
11:51:26 0.00 SYSCRITINIT = PAGEFILE
11:51:26 0.00 SYSCRITINITSUCCESS = PAGEFILE
11:51:26 0.00 SYSCRITINIT = PAGESWAP
11:51:26 0.00 SYSCRITINITSUCCESS = PAGESWAP
11:51:26 0.00 SYSCRITINIT = PARITY
11:51:26 0.00 SYSCRITINITSUCCESS = PARITY
11:51:26 0.00 SYSCRITINIT = REBOOT
11:51:26 0.00 SYSCRITINITSUCCESS = REBOOT
11:51:26 0.00 SYSCRITINIT = EBIOS
11:51:26 0.00 SYSCRITINITSUCCESS = EBIOS
11:51:26 0.00 SYSCRITINIT = VDD
11:51:26 0.00 SYSCRITINITSUCCESS = VDD
11:51:26 0.00 SYSCRITINIT = VSD
11:51:26 0.00 SYSCRITINITSUCCESS = VSD
11:51:26 0.00 SYSCRITINIT = COMBUFF
11:51:26 0.00 SYSCRITINITSUCCESS = COMBUFF
11:51:26 0.00 SYSCRITINIT = VCD
11:51:26 0.00 SYSCRITINITSUCCESS = VCD
11:51:26 0.00 SYSCRITINIT = VMOUSE
11:51:26 0.00 SYSCRITINITSUCCESS = VMOUSE
11:51:26 0.00 SYSCRITINIT = MSMINI
11:51:26 0.00 SYSCRITINITSUCCESS = MSMINI
11:51:26 0.00 SYSCRITINIT = ENABLE
11:51:26 0.00 SYSCRITINITSUCCESS = ENABLE
11:51:26 0.00 SYSCRITINIT = VKD
11:51:26 0.00 SYSCRITINITSUCCESS = VKD
11:51:26 0.00 SYSCRITINIT = VPD
11:51:26 0.00 SYSCRITINITSUCCESS = VPD
11:51:26 0.00 SYSCRITINIT = INT13
11:51:26 0.00 SYSCRITINITSUCCESS = INT13
11:51:26 0.00 SYSCRITINIT = VMCPD
11:51:26 0.00 SYSCRITINITSUCCESS = VMCPD
11:51:26 0.00 SYSCRITINIT = BIOSXLAT
11:51:26 0.00 SYSCRITINITSUCCESS = BIOSXLAT
11:51:26 0.00 SYSCRITINIT = SDVXD
11:51:26 0.00 SYSCRITINITSUCCESS = SDVXD
11:51:26 0.00 SYSCRITINIT = VNETBIOS
11:51:26 0.00 SYSCRITINITSUCCESS = VNETBIOS
11:51:26 0.00 SYSCRITINIT = NDIS
11:51:26 0.00 SYSCRITINITSUCCESS = NDIS
11:51:26 0.00 SYSCRITINIT = DOSMGR
11:51:26 0.00 SYSCRITINITSUCCESS = DOSMGR
11:51:26 0.00 SYSCRITINIT = VMPOLL
11:51:26 0.00 SYSCRITINITSUCCESS = VMPOLL
11:51:26 0.00 SYSCRITINIT = VFIXD
11:51:26 0.00 SYSCRITINITSUCCESS = VFIXD
11:51:26 0.00 SYSCRITINIT = JAVASUP
11:51:26 0.00 SYSCRITINITSUCCESS = JAVASUP
11:51:26 0.00 SYSCRITINIT = VCOMM
11:51:26 0.00 SYSCRITINITSUCCESS = VCOMM
11:51:26 0.00 SYSCRITINIT = VCOND
11:51:26 0.00 SYSCRITINITSUCCESS = VCOND
11:51:26 0.00 SYSCRITINIT = VTDAPI
11:51:26 0.00 SYSCRITINITSUCCESS = VTDAPI
11:51:26 0.00 SYSCRITINIT = HPSJVXD
11:51:26 0.00 SYSCRITINITSUCCESS = HPSJVXD
11:51:26 0.00 SYSCRITINIT = VFLATD
11:51:26 0.00 SYSCRITINITSUCCESS = VFLATD
11:51:26 0.00 SYSCRITINIT = VDMAD
11:51:26 0.00 SYSCRITINITSUCCESS = VDMAD
11:51:26 0.00 SYSCRITINIT = V86MMGR
11:51:26 0.00 SYSCRITINITSUCCESS = V86MMGR
11:51:26 0.00 SYSCRITINIT = GPT
11:51:26 0.00 SYSCRITINITSUCCESS = GPT
11:51:26 0.00 SYSCRITINIT = SPOOLER
11:51:26 0.00 SYSCRITINITSUCCESS = SPOOLER
11:51:26 0.00 SYSCRITINIT = UDF
11:51:26 0.00 SYSCRITINITSUCCESS = UDF
11:51:26 0.00 SYSCRITINIT = VFAT
11:51:26 0.00 SYSCRITINITSUCCESS = VFAT
11:51:26 0.00 SYSCRITINIT = VDEF
11:51:26 0.00 SYSCRITINITSUCCESS = VDEF
11:51:26 0.00 SYSCRITINIT = IFSMGR
11:51:26 0.00 SYSCRITINITSUCCESS = IFSMGR
11:51:26 0.00 SYSCRITINIT = VNETSUP
11:51:26 0.00 SYSCRITINITSUCCESS = VNETSUP
11:51:26 0.00 SYSCRITINIT = VREDIR
11:51:26 0.00 SYSCRITINITSUCCESS = VREDIR
11:51:26 0.00 SYSCRITINIT = VFBACKUP
11:51:26 0.00 SYSCRITINITSUCCESS = VFBACKUP
11:51:26 0.00 SYSCRITINIT = SHELL
11:51:26 0.56 SYSCRITINITSUCCESS = SHELL
11:51:26 0.00 DEVICEINIT = VMM
11:51:26 0.00 DEVICEINITSUCCESS = VMM
11:51:26 0.00 DEVICEINIT = MTRR
11:51:26 0.00 DEVICEINITSUCCESS = MTRR
11:51:26 0.00 DEVICEINIT = VCACHE
11:51:26 0.56 DEVICEINITSUCCESS = VCACHE
11:51:26 0.00 DEVICEINIT = DFS
11:51:26 0.00 DEVICEINITSUCCESS = DFS
11:51:26 0.00 DEVICEINIT = PERF
11:51:26 0.00 DEVICEINITSUCCESS = PERF
11:51:26 0.00 DEVICEINIT = VPICD
11:51:26 0.00 DEVICEINITSUCCESS = VPICD
11:51:26 0.00 DEVICEINIT = VrtwD
11:51:26 0.00 DEVICEINITSUCCESS = VrtwD
11:51:26 0.00 DEVICEINIT = VTD
11:51:26 0.00 DEVICEINITSUCCESS = VTD
11:51:26 0.00 DEVICEINIT = VWIN32
11:51:26 0.00 DEVICEINITSUCCESS = VWIN32
11:51:26 0.00 DEVICEINIT = VXDLDR
11:51:26 0.00 DEVICEINITSUCCESS = VXDLDR
11:51:26 0.28 DEVICEINIT = NTKERN
11:51:26 0.61 DEVICEINITSUCCESS = NTKERN
11:51:27 ** 2.00 DEVICEINIT = CONFIGMG
11:51:29 ** 3.44 Dynamic load device PCI.VXD
11:51:32 0.00 Dynamic init device PCI
11:51:32 0.00 Dynamic init success PCI
11:51:32 0.00 Dynamic load success PCI.VXD
11:51:32 ** 2.17 Dynamic load device VPOWERD.VXD
11:51:34 0.44 Dynamic init device VPOWERD
11:51:35 0.00 Dynamic init success VPOWERD
11:51:35 0.56 Dynamic load success VPOWERD.VXD
11:51:35 ** 2.50 Dynamic load device pci.vxd
11:51:37 0.00 Dynamic init device PCI
11:51:37 0.00 Dynamic init success PCI
11:51:37 0.56 Dynamic load success pci.vxd
11:51:38 ** 2.44 Dynamic load device isapnp.vxd
11:51:40 0.50 Dynamic init device ISAPNP
11:51:40 0.00 Dynamic init success ISAPNP
11:51:40 ** 1.94 Dynamic load success isapnp.vxd
11:51:42 0.00 DEVICEINITSUCCESS = CONFIGMG
11:51:42 ** 3.44 Dynamic load device PCI.VxD
11:51:45 0.00 Dynamic init device PCI
11:51:45 0.00 Dynamic init success PCI
11:51:45 0.00 Dynamic load success PCI.VxD
11:51:45 ** 3.22 Dynamic load device PCI.VxD
11:51:48 0.00 Dynamic init device PCI
11:51:48 0.00 Dynamic init success PCI
11:51:48 0.00 Dynamic load success PCI.VxD
11:51:48 ** 1.94 Dynamic load device PCI.VxD
11:51:50 0.61 Dynamic init device PCI
11:51:51 0.00 Dynamic init success PCI
11:51:51 0.00 Dynamic load success PCI.VxD
11:51:51 ** 2.56 Dynamic load device PCI.VxD
11:51:54 0.00 Dynamic init device PCI
11:51:54 0.00 Dynamic init success PCI
11:51:54 ** 1.67 Dynamic load success PCI.VxD
11:51:55 ** 3.17 Dynamic load device mmdevldr.vxd
11:51:58 0.67 Dynamic init device MMDEVLDR
11:51:59 0.00 Dynamic init success MMDEVLDR
11:51:59 0.00 Dynamic load success mmdevldr.vxd
11:51:59 ** 2.50 Dynamic load device hcfpnp.vxd
11:52:01 0.00 Dynamic init success HCFPNP
11:52:01 0.00 Dynamic load success hcfpnp.vxd
11:52:01 ** 2.56 Dynamic load device hcfpnp.vxd
11:52:02 0.44 Dynamic init device HCFPNP
11:52:04 0.00 Dynamic init device HCFPNP
11:52:04 0.00 Dynamic init success HCFPNP
11:52:04 0.00 Dynamic load success hcfpnp.vxd
11:52:04 ** 2.89 Dynamic load device mmdevldr.vxd
11:52:07 0.00 Dynamic init device MMDEVLDR
11:52:07 0.00 Dynamic init success MMDEVLDR
11:52:07 0.00 Dynamic load success mmdevldr.vxd
11:52:07 ** 2.11 Dynamic load device macxw4.vxd
11:52:09 0.00 Dynamic init device MACXW4
11:52:09 0.00 Dynamic init success MACXW4
11:52:09 0.61 Dynamic load success macxw4.vxd
11:52:09 0.00 Dynamic load device
11:52:09 ** 1.94 ** Dynamic load failed : [000BBC6F] File not found
11:52:11 0.00 DEVICEINIT = ACPI
11:52:11 0.00 DEVICEINITSUCCESS = ACPI
11:52:11 0.00 DEVICEINIT = VCDFSD
11:52:11 0.00 DEVICEINITSUCCESS = VCDFSD
11:52:11 ** 4.11 DEVICEINIT = IOS
11:52:15 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\apix.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\apix.vxd
11:52:15 0.11 Dynamic load device C:\WINDOWS\system\IOSUBSYS\atapchng.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\atapchng.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\cdfs.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\cdfs.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\cdtsd.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\cdtsd.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\cdvsd.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\cdvsd.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\disktsd.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\disktsd.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\diskvsd.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\diskvsd.vxd
11:52:15 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\necatapi.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\necatapi.vxd
11:52:15 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\scsi1hlp.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\scsi1hlp.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\torisan3.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\torisan3.vxd
11:52:15 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\voltrack.vxd
11:52:15 0.56 Dynamic load success C:\WINDOWS\system\IOSUBSYS\voltrack.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\drvspacx.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\drvspacx.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\drvwcdb.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\drvwcdb.vxd
11:52:15 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\drvwppqt.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\drvwppqt.vxd
11:52:15 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\drvwq117.vxd
11:52:15 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\drvwq117.vxd
11:52:15 0.94 Dynamic load device C:\WINDOWS\system\IOSUBSYS\iomega.vxd
11:52:16 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\iomega.vxd
11:52:16 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\ensqio.vxd
11:52:16 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\ensqio.vxd
11:52:16 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\rmm.pdr
11:52:16 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\rmm.pdr
11:52:16 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\bigmem.drv
11:52:16 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\bigmem.drv
11:52:16 0.00 DEVICEINITSUCCESS = IOS
11:52:16 0.00 DEVICEINIT = PAGEFILE
11:52:16 0.00 DEVICEINITSUCCESS = PAGEFILE
11:52:16 0.00 DEVICEINIT = PAGESWAP
11:52:16 0.00 DEVICEINITSUCCESS = PAGESWAP
11:52:16 0.00 DEVICEINIT = PARITY
11:52:16 0.00 DEVICEINITSUCCESS = PARITY
11:52:16 0.00 DEVICEINIT = REBOOT
11:52:16 0.00 DEVICEINITSUCCESS = REBOOT
11:52:16 0.00 DEVICEINIT = EBIOS
11:52:16 0.00 DEVICEINITSUCCESS = EBIOS
11:52:16 0.00 DEVICEINIT = VDD
11:52:16 0.00 DEVICEINITSUCCESS = VDD
11:52:16 0.00 DEVICEINIT = VSD
11:52:16 0.00 DEVICEINITSUCCESS = VSD
11:52:16 0.00 DEVICEINIT = COMBUFF
11:52:16 0.00 DEVICEINITSUCCESS = COMBUFF
11:52:16 0.00 DEVICEINIT = VCD
11:52:16 0.00 DEVICEINITSUCCESS = VCD
11:52:16 0.00 DEVICEINIT = VMOUSE
11:52:16 0.83 DEVICEINITSUCCESS = VMOUSE
11:52:17 0.00 DEVICEINIT = MSMINI
11:52:17 0.00 DEVICEINITSUCCESS = MSMINI
11:52:17 0.00 DEVICEINIT = ENABLE
11:52:17 0.00 DEVICEINITSUCCESS = ENABLE
11:52:17 0.00 DEVICEINIT = VKD
11:52:17 0.00 DEVICEINITSUCCESS = VKD
11:52:17 0.00 DEVICEINIT = VPD
11:52:17 0.00 DEVICEINITSUCCESS = VPD
11:52:17 0.00 DEVICEINIT = INT13
11:52:17 0.00 DEVICEINITSUCCESS = INT13
11:52:17 0.00 DEVICEINIT = VMCPD
11:52:17 0.00 DEVICEINITSUCCESS = VMCPD
11:52:17 0.00 DEVICEINIT = BIOSXLAT
11:52:17 0.00 DEVICEINITSUCCESS = BIOSXLAT
11:52:17 0.00 DEVICEINIT = SDVXD
11:52:17 0.00 DEVICEINITSUCCESS = SDVXD
11:52:17 0.00 DEVICEINIT = VNETBIOS
11:52:17 0.00 DEVICEINITSUCCESS = VNETBIOS
11:52:17 ** 2.94 DEVICEINIT = NDIS
11:52:20 0.28 DEVICEINITSUCCESS = NDIS
11:52:20 ** 3.44 Dynamic load device pppmac.vxd
11:52:23 0.00 Dynamic init device SPAP
11:52:23 0.00 Dynamic init success SPAP
11:52:23 0.00 Dynamic load success C:\WINDOWS\system\spap.vxd
11:52:23 0.00 Dynamic init success PPPMAC
11:52:23 ** 15.56 Dynamic load success pppmac.vxd
11:52:24 0.00 Dynamic init device PPPMAC
11:52:24 0.44 Dynamic load device C:\WINDOWS\system\spap.vxd
11:52:39 ** 2.78 Dynamic load device DTA.VXD
11:52:42 0.11 Dynamic init device DTA
11:52:42 0.00 Dynamic init success DTA
11:52:42 0.00 Dynamic load success DTA.VXD
11:52:42 ** 2.61 Dynamic load device vtdi.386
11:52:44 0.44 Dynamic init device VTDI
11:52:45 0.00 Dynamic init success VTDI
11:52:45 0.00 Dynamic load success vtdi.386
11:52:45 ** 2.67 Dynamic load device vip.386
11:52:47 0.33 Dynamic init device VIP
11:52:48 0.00 Dynamic init success VIP
11:52:48 0.00 Dynamic load success vip.386
11:52:48 ** 2.56 Dynamic load device vtcp.386
11:52:50 0.50 Dynamic init device MSTCP
11:52:50 0.00 Dynamic init success MSTCP
11:52:50 0.00 Dynamic load success vtcp.386
11:52:50 ** 2.67 Dynamic load device vdhcp.386
11:52:52 0.33 Dynamic init device VDHCP
11:52:53 0.00 Dynamic init success VDHCP
11:52:53 0.00 Dynamic load success vdhcp.386
11:52:53 ** 2.56 Dynamic load device vnbt.386
11:52:55 0.50 Dynamic init device VNBT
11:52:56 0.00 Dynamic init success VNBT
11:52:56 0.00 Dynamic load success vnbt.386
11:52:56 ** 2.67 Dynamic load device vserver.vxd
11:52:58 0.67 Dynamic init device VSERVER
11:52:58 0.00 Dynamic init success VSERVER
11:52:58 ** 1.00 Dynamic load success vserver.vxd
11:52:59 0.00 DEVICEINIT = DOSMGR
11:52:59 0.00 DEVICEINITSUCCESS = DOSMGR
11:52:59 0.56 DEVICEINIT = VMPOLL
11:52:59 0.00 DEVICEINITSUCCESS = VMPOLL
11:52:59 0.00 DEVICEINIT = VFIXD
11:52:59 0.00 DEVICEINITSUCCESS = VFIXD
11:52:59 0.00 DEVICEINIT = JAVASUP
11:52:59 0.00 DEVICEINITSUCCESS = JAVASUP
11:52:59 0.00 DEVICEINIT = VCOMM
11:52:59 0.00 DEVICEINITSUCCESS = VCOMM
11:52:59 0.00 DEVICEINIT = VCOND
11:52:59 0.00 DEVICEINITSUCCESS = VCOND
11:52:59 0.00 DEVICEINIT = VTDAPI
11:52:59 0.00 DEVICEINITSUCCESS = VTDAPI
11:52:59 0.00 DEVICEINIT = HPSJVXD
11:52:59 0.00 DEVICEINITSUCCESS = HPSJVXD
11:52:59 0.00 DEVICEINIT = VFLATD
11:52:59 0.00 DEVICEINITSUCCESS = VFLATD
11:52:59 0.00 DEVICEINIT = Display1
11:52:59 0.00 DEVICEINITSUCCESS = Display1
11:52:59 0.00 DEVICEINIT = VDMAD
11:52:59 0.00 DEVICEINITSUCCESS = VDMAD
11:52:59 0.00 DEVICEINIT = V86MMGR
11:52:59 0.00 DEVICEINITSUCCESS = V86MMGR
11:52:59 0.00 DEVICEINIT = GPT
11:52:59 0.00 DEVICEINITSUCCESS = GPT
11:52:59 0.00 DEVICEINIT = SPOOLER
11:52:59 0.00 DEVICEINITSUCCESS = SPOOLER
11:52:59 0.00 DEVICEINIT = UDF
11:52:59 0.00 DEVICEINITSUCCESS = UDF
11:52:59 0.00 DEVICEINIT = VFAT
11:52:59 0.00 DEVICEINITSUCCESS = VFAT
11:52:59 0.00 DEVICEINIT = VDEF
11:52:59 0.56 DEVICEINITSUCCESS = VDEF
11:52:59 0.11 Initing hsflop.pdr
11:52:59 0.56 Init Success hsflop.pdr
11:52:59 ** 1.39 Initing esdi_506.pdr
11:53:00 0.56 Init Success esdi_506.pdr
11:53:00 0.33 Initing esdi_506.pdr
11:53:01 0.00 Init Success esdi_506.pdr
11:53:01 ** 1.78 Initing drvwq117.vxd
11:53:02 ** 4.56 Init Success drvwq117.vxd
11:53:07 0.00 INITCOMPLETE = VMM
11:53:07 0.00 INITCOMPLETESUCCESS = VMM
11:53:07 0.00 INITCOMPLETE = MTRR
11:53:07 0.00 INITCOMPLETESUCCESS = MTRR
11:53:07 0.00 INITCOMPLETE = VCACHE
11:53:07 0.00 INITCOMPLETESUCCESS = VCACHE
11:53:07 0.00 INITCOMPLETE = DFS
11:53:07 0.00 INITCOMPLETESUCCESS = DFS
11:53:07 0.00 INITCOMPLETE = PERF
11:53:07 0.00 INITCOMPLETESUCCESS = PERF
11:53:07 0.00 INITCOMPLETE = VPOWERD
11:53:07 0.00 INITCOMPLETESUCCESS = VPOWERD
11:53:07 0.00 INITCOMPLETE = VPICD
11:53:07 0.00 INITCOMPLETESUCCESS = VPICD
11:53:07 0.00 INITCOMPLETE = VrtwD
11:53:07 0.00 INITCOMPLETESUCCESS = VrtwD
11:53:07 0.00 INITCOMPLETE = VTD
11:53:07 0.56 INITCOMPLETESUCCESS = VTD
11:53:07 0.56 INITCOMPLETE = VWIN32
11:53:07 0.00 INITCOMPLETESUCCESS = VWIN32
11:53:07 0.00 INITCOMPLETE = VXDLDR
11:53:07 0.00 INITCOMPLETESUCCESS = VXDLDR
11:53:07 0.00 INITCOMPLETE = NTKERN
11:53:07 0.00 INITCOMPLETESUCCESS = NTKERN
11:53:07 0.00 INITCOMPLETE = CONFIGMG
11:53:07 0.00 INITCOMPLETESUCCESS = CONFIGMG
11:53:07 0.00 INITCOMPLETE = PCI
11:53:07 0.00 INITCOMPLETESUCCESS = PCI
11:53:07 0.00 INITCOMPLETE = ISAPNP
11:53:07 0.00 INITCOMPLETESUCCESS = ISAPNP
11:53:07 0.00 INITCOMPLETE = ACPI
11:53:07 0.00 INITCOMPLETESUCCESS = ACPI
11:53:07 0.00 INITCOMPLETE = VCDFSD
11:53:07 0.00 INITCOMPLETESUCCESS = VCDFSD
11:53:07 0.00 INITCOMPLETE = IOS
11:53:07 0.00 INITCOMPLETESUCCESS = IOS
11:53:07 0.00 INITCOMPLETE = PAGEFILE
11:53:07 0.00 INITCOMPLETESUCCESS = PAGEFILE
11:53:07 0.00 INITCOMPLETE = PAGESWAP
11:53:07 0.00 INITCOMPLETESUCCESS = PAGESWAP
11:53:07 0.00 INITCOMPLETE = PARITY
11:53:07 0.00 INITCOMPLETESUCCESS = PARITY
11:53:07 0.00 INITCOMPLETE = REBOOT
11:53:07 0.00 INITCOMPLETESUCCESS = REBOOT
11:53:07 0.00 INITCOMPLETE = EBIOS
11:53:07 0.00 INITCOMPLETESUCCESS = EBIOS
11:53:07 0.00 INITCOMPLETE = VDD
11:53:07 0.00 INITCOMPLETESUCCESS = VDD
11:53:07 0.00 INITCOMPLETE = MACXW4
11:53:07 0.00 INITCOMPLETESUCCESS = MACXW4
11:53:07 0.00 INITCOMPLETE = VSD
11:53:07 0.00 INITCOMPLETESUCCESS = VSD
11:53:07 0.00 INITCOMPLETE = COMBUFF
11:53:07 0.00 INITCOMPLETESUCCESS = COMBUFF
11:53:07 0.00 INITCOMPLETE = VCD
11:53:07 0.00 INITCOMPLETESUCCESS = VCD
11:53:07 0.00 INITCOMPLETE = VMOUSE
11:53:07 0.00 INITCOMPLETESUCCESS = VMOUSE
11:53:07 0.00 INITCOMPLETE = MSMINI
11:53:07 0.00 INITCOMPLETESUCCESS = MSMINI
11:53:07 0.00 INITCOMPLETE = ENABLE
11:53:07 0.11 INITCOMPLETESUCCESS = ENABLE
11:53:07 0.00 INITCOMPLETE = VKD
11:53:07 0.00 INITCOMPLETESUCCESS = VKD
11:53:07 0.00 INITCOMPLETE = VPD
11:53:07 0.00 INITCOMPLETESUCCESS = VPD
11:53:07 0.00 INITCOMPLETE = INT13
11:53:07 0.00 INITCOMPLETESUCCESS = INT13
11:53:07 0.00 INITCOMPLETE = VMCPD
11:53:07 0.00 INITCOMPLETESUCCESS = VMCPD
11:53:07 0.00 INITCOMPLETE = BIOSXLAT
11:53:07 0.00 INITCOMPLETESUCCESS = BIOSXLAT
11:53:07 0.00 INITCOMPLETE = SDVXD
11:53:07 0.00 ** INITCOMPLETEFAILED = SDVXD
11:53:07 0.00 INITCOMPLETE = VNETBIOS
11:53:07 0.00 INITCOMPLETESUCCESS = VNETBIOS
11:53:07 0.00 INITCOMPLETE = NDIS
11:53:07 0.00 INITCOMPLETESUCCESS = NDIS
11:53:07 0.00 INITCOMPLETE = PPPMAC
11:53:07 0.00 INITCOMPLETESUCCESS = PPPMAC
11:53:07 0.00 INITCOMPLETE = DTA
11:53:07 0.00 INITCOMPLETESUCCESS = DTA
11:53:07 0.00 INITCOMPLETE = VTDI
11:53:07 0.00 INITCOMPLETESUCCESS = VTDI
11:53:07 0.00 INITCOMPLETE = VIP
11:53:07 0.00 INITCOMPLETESUCCESS = VIP
11:53:07 0.00 INITCOMPLETE = MSTCP
11:53:07 0.00 INITCOMPLETESUCCESS = MSTCP
11:53:07 0.00 INITCOMPLETE = VDHCP
11:53:07 0.00 INITCOMPLETESUCCESS = VDHCP
11:53:07 0.00 INITCOMPLETE = VNBT
11:53:07 0.00 INITCOMPLETESUCCESS = VNBT
11:53:07 ** 1.78 INITCOMPLETE = DOSMGR
11:53:09 0.00 INITCOMPLETESUCCESS = DOSMGR
11:53:09 0.00 INITCOMPLETE = VMPOLL
11:53:09 0.00 INITCOMPLETESUCCESS = VMPOLL
11:53:09 0.00 INITCOMPLETE = VFIXD
11:53:09 0.00 INITCOMPLETESUCCESS = VFIXD
11:53:09 0.00 INITCOMPLETE = JAVASUP
11:53:09 0.00 INITCOMPLETESUCCESS = JAVASUP
11:53:09 0.00 INITCOMPLETE = VCOMM
11:53:09 0.17 Dynamic load device serenum.vxd
11:53:09 0.00 Dynamic init device SERENUM
11:53:09 0.00 Dynamic init success SERENUM
11:53:09 0.00 Dynamic load success serenum.vxd
11:53:09 0.56 Dynamic load device lptenum.vxd
11:53:09 0.00 Dynamic init device LPTENUM
11:53:09 0.00 Dynamic init success LPTENUM
11:53:09 0.00 Dynamic load success lptenum.vxd
11:53:09 0.11 Dynamic load device serwave.vxd
11:53:09 0.00 Dynamic init device SERWAVE
11:53:09 0.00 Dynamic init success SERWAVE
11:53:09 0.00 Dynamic load success serwave.vxd
11:53:09 0.00 INITCOMPLETESUCCESS = VCOMM
11:53:09 0.56 Dynamic load device C:\WINDOWS\system\serial.vxd
11:53:09 0.00 Dynamic init device SERIAL
11:53:09 0.00 Dynamic init success SERIAL
11:53:09 0.33 Dynamic load success C:\WINDOWS\system\serial.vxd
11:53:10 0.11 Dynamic load device mmdevldr.vxd
11:53:10 0.00 Dynamic init device MMDEVLDR
11:53:10 0.00 Dynamic init success MMDEVLDR
11:53:10 0.00 Dynamic load success mmdevldr.vxd
11:53:10 0.56 Dynamic load device serwave.vxd
11:53:10 0.00 Dynamic init device SERWAVE
11:53:10 0.00 Dynamic init success SERWAVE
11:53:10 0.56 Dynamic load success serwave.vxd
11:53:10 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\atapchng.vxd
11:53:10 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\atapchng.vxd
11:53:10 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\diskvsd.vxd
11:53:10 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\diskvsd.vxd
11:53:10 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\necatapi.vxd
11:53:10 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\necatapi.vxd
11:53:10 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\torisan3.vxd
11:53:10 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\torisan3.vxd
11:53:10 0.00 Dynamic load device C:\WINDOWS\system\IOSUBSYS\drvspacx.vxd
11:53:10 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\drvspacx.vxd
11:53:10 0.56 Dynamic load device C:\WINDOWS\system\IOSUBSYS\iomega.vxd
11:53:10 0.00 Dynamic load success C:\WINDOWS\system\IOSUBSYS\iomega.vxd
11:53:10 0.22 Initing drvwppqt.vxd
11:53:10 0.00 Init Success drvwppqt.vxd
11:53:10 0.33 Dynamic load device riptide.vxd
11:53:11 0.00 Dynamic init device RIPTIDE
11:53:11 0.00 Dynamic init success RIPTIDE
11:53:11 0.00 Dynamic load success riptide.vxd
11:53:11 0.11 Dynamic load device vwstream.vxd
11:53:11 0.00 Dynamic init device VWSTREAM
11:53:11 0.00 Dynamic init success VWSTREAM
11:53:11 0.00 Dynamic load success vwstream.vxd
11:53:11 0.11 Dynamic load device riptide.vxd
11:53:11 0.00 Dynamic init device RIPTIDE
11:53:11 0.00 Dynamic init success RIPTIDE
11:53:11 0.00 Dynamic load success riptide.vxd
11:53:11 0.17 Dynamic load device dsound.vxd
11:53:11 0.00 Dynamic init device DSOUND
11:53:11 0.00 Dynamic init success DSOUND
11:53:11 0.00 Dynamic load success dsound.vxd
11:53:11 0.11 Dynamic load device mmdevldr.vxd
11:53:11 0.00 Dynamic init device MMDEVLDR
11:53:11 0.00 Dynamic init success MMDEVLDR
11:53:11 0.00 Dynamic load success mmdevldr.vxd
11:53:11 0.56 Dynamic load device riptide.vxd
11:53:11 0.00 Dynamic init device RIPTIDE
11:53:11 0.00 Dynamic init success RIPTIDE
11:53:11 0.00 Dynamic load success riptide.vxd
11:53:11 0.11 Dynamic load device mmdevldr.vxd
11:53:11 0.00 Dynamic init device MMDEVLDR
11:53:11 0.00 Dynamic init success MMDEVLDR
11:53:11 0.00 Dynamic load success mmdevldr.vxd
11:53:11 0.56 Dynamic load device vjoyd.vxd
11:53:11 0.00 Dynamic init device VJOYD
11:53:11 0.00 Dynamic init success VJOYD
11:53:11 0.00 Dynamic load success vjoyd.vxd
11:53:11 0.11 Dynamic load device RipTide.vxd
11:53:11 0.00 Dynamic init device RIPTIDE
11:53:11 0.00 Dynamic init success RIPTIDE
11:53:11 0.00 Dynamic load success RipTide.vxd
11:53:11 0.00 INITCOMPLETE = VCOND
11:53:11 0.00 INITCOMPLETESUCCESS = VCOND
11:53:11 0.00 INITCOMPLETE = VTDAPI
11:53:11 0.00 INITCOMPLETESUCCESS = VTDAPI
11:53:11 0.00 INITCOMPLETE = HPSJVXD
11:53:11 0.00 INITCOMPLETESUCCESS = HPSJVXD
11:53:11 0.00 INITCOMPLETE = VFLATD
11:53:11 0.00 INITCOMPLETESUCCESS = VFLATD
11:53:11 0.00 INITCOMPLETE = mmdevldr
11:53:11 0.00 INITCOMPLETESUCCESS = mmdevldr
11:53:11 0.00 INITCOMPLETE = HCFPNP


Bootup Time (min.): 05:55 Total Delays: 46 Total Failures: 3 Total Entries: 661

#14 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:01:36 AM

Posted 02 June 2005 - 02:46 PM

Hi m.hoyer. Looks good to me. For everything that is getting loaded at startup 5 minutes is not out of the order. I'd say you're good to go.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users