08-16-2004, 11:01 PM
Ok, now I do run Windows XP Pro on my approx 3 year old computer, but for the most part I really havent had any problems. However, occasionally I'll get some strange happenings such as my cable modem shutting down for no reason while I'm playing a game or random slowdowns. Since I dont know everything about how NT systems operate I'm going to post a copy of the programs that run on Startup just to make sure I dont have any "bad" files/programs coming on without my notice.
Note that I do run Norton 2002 regularly along with AdAware and Spybot, so if there is something strange Its really in there.
StartupList report, 8/16/2004, 7:37:02 PM
StartupList version: 1.52
Started from : C:\Documents and Settings\Vincent\Desktop\StartupList.EXE
Detected: Windows XP (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2600.0000)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\SERV-U\ServUDaemon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\WINDOWS\TBPanel.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Norton Internet Security\ATRACK.EXE
C:\Program Files\AIM95\aim.exe
C:\Documents and Settings\Vincent\Desktop\StartupList.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Vincent\Start Menu\Programs\Startup]
Event Minder Reminders.lnk = C:\HALLMARK\EMREMIND.EXE
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SystemTray = SysTray.Exe
NAV Agent = C:\PROGRA~1\NORTON~1\navapw32.exe
iamapp = C:\Program Files\Norton Internet Security\IAMAPP.EXE
Gainward = C:\WINDOWS\TBPanel.exe /A
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
ywwifjpt = C:\WINDOWS\System32\ywwifjpt.exe
WinampAgent = "C:\Program Files\Winamp3\winampa.exe"
sysme = C:\WINDOWS\System32\sysme.exe
AutoUpdater = "C:\Program Files\AutoUpdate\AutoUpdate.exe"
zsysdll32.dll = C:\WINDOWS\system\sysdll32.exe
ViewMgr = C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C-Media Mixer = Mixer.exe /startup
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
(Default) =
ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
Ipswitch.WsftpBrowserHelper - C:\Program Files\WS_FTP Pro\wsbho2K0.dll - {601ED020-FB6C-11D3-87D8-0050DA59922B}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Tune-up Application Start.job
PCHealth Scheduler for Data Collection.job
Uninstall Expiration Reminder.job
Symantec NetDetect.job
Norton AntiVirus - Scan my computer.job
--------------------------------------------------
Enumerating Download Program Files:
[Checkers Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab
[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM32\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/shockwa...ector/swdir.cab
[YInstStarter Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yinsthelper.dll
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/...s/yinst0401.cab
[Info Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\Si.dll
CODEBASE = http://www.blizzard.com/register/wowbeta/si.cab
[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
[InstallShield International Setup Player]
InProcServer32 = c:\windows\downlo~1\isetup.dll
CODEBASE = http://www.installengine.com/engine/isetup.cab
[{9F1C11AA-197B-4942-BA54-47A8489BB47F}]
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/...7693.5292824074
[Symantec RuFSI Registry Information Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll
CODEBASE = http://security.symantec.com/SSC/SharedCon...n/bin/cabsa.cab
[JoyOnPlay Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\JOYONP~1.OCX
CODEBASE = http://gunbound.joyon.com/JoyOnPlay.cab
[Dialer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\CABEDialer.dll
CODEBASE = http://sessa.isprime.com:81/tel2net/CABEDialer.cab
[NPX Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\npx.ocx
CODEBASE = http://kr.pristontale.com/nprotect/nprotect/npx.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab
[PopCapLoader Object]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\popcaploader.dll
CODEBASE = http://antu.popcap.com/games/popcaploader_v5.cab
[Tukati Launcher]
InProcServer32 = C:\WINDOWS\System32\TukatiClientInstaller.dll
CODEBASE = http://3dgamers.tukati.com/tukati/1.7.20.20/tukati.cab
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
SysTray: C:\WINDOWS\System32\stobject.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
--------------------------------------------------
End of report, 7,704 bytes
Report generated in 0.109 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Note that I do run Norton 2002 regularly along with AdAware and Spybot, so if there is something strange Its really in there.
StartupList report, 8/16/2004, 7:37:02 PM
StartupList version: 1.52
Started from : C:\Documents and Settings\Vincent\Desktop\StartupList.EXE
Detected: Windows XP (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2600.0000)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\SERV-U\ServUDaemon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\WINDOWS\TBPanel.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Norton Internet Security\ATRACK.EXE
C:\Program Files\AIM95\aim.exe
C:\Documents and Settings\Vincent\Desktop\StartupList.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Vincent\Start Menu\Programs\Startup]
Event Minder Reminders.lnk = C:\HALLMARK\EMREMIND.EXE
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SystemTray = SysTray.Exe
NAV Agent = C:\PROGRA~1\NORTON~1\navapw32.exe
iamapp = C:\Program Files\Norton Internet Security\IAMAPP.EXE
Gainward = C:\WINDOWS\TBPanel.exe /A
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /install
ywwifjpt = C:\WINDOWS\System32\ywwifjpt.exe
WinampAgent = "C:\Program Files\Winamp3\winampa.exe"
sysme = C:\WINDOWS\System32\sysme.exe
AutoUpdater = "C:\Program Files\AutoUpdate\AutoUpdate.exe"
zsysdll32.dll = C:\WINDOWS\system\sysdll32.exe
ViewMgr = C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C-Media Mixer = Mixer.exe /startup
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
(Default) =
ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe
Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
Ipswitch.WsftpBrowserHelper - C:\Program Files\WS_FTP Pro\wsbho2K0.dll - {601ED020-FB6C-11D3-87D8-0050DA59922B}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Tune-up Application Start.job
PCHealth Scheduler for Data Collection.job
Uninstall Expiration Reminder.job
Symantec NetDetect.job
Norton AntiVirus - Scan my computer.job
--------------------------------------------------
Enumerating Download Program Files:
[Checkers Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab
[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM32\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/shockwa...ector/swdir.cab
[YInstStarter Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\yinsthelper.dll
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/...s/yinst0401.cab
[Info Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\Si.dll
CODEBASE = http://www.blizzard.com/register/wowbeta/si.cab
[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
[InstallShield International Setup Player]
InProcServer32 = c:\windows\downlo~1\isetup.dll
CODEBASE = http://www.installengine.com/engine/isetup.cab
[{9F1C11AA-197B-4942-BA54-47A8489BB47F}]
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/...7693.5292824074
[Symantec RuFSI Registry Information Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll
CODEBASE = http://security.symantec.com/SSC/SharedCon...n/bin/cabsa.cab
[JoyOnPlay Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\JOYONP~1.OCX
CODEBASE = http://gunbound.joyon.com/JoyOnPlay.cab
[Dialer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\CABEDialer.dll
CODEBASE = http://sessa.isprime.com:81/tel2net/CABEDialer.cab
[NPX Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\npx.ocx
CODEBASE = http://kr.pristontale.com/nprotect/nprotect/npx.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab
[PopCapLoader Object]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\popcaploader.dll
CODEBASE = http://antu.popcap.com/games/popcaploader_v5.cab
[Tukati Launcher]
InProcServer32 = C:\WINDOWS\System32\TukatiClientInstaller.dll
CODEBASE = http://3dgamers.tukati.com/tukati/1.7.20.20/tukati.cab
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
SysTray: C:\WINDOWS\System32\stobject.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
--------------------------------------------------
End of report, 7,704 bytes
Report generated in 0.109 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
"You can build a perfect machine out of imperfect parts."
-Urza
He's an old-fashioned Amish cyborg with no name. She's a virginal nymphomaniac fairy princess married to the Mob. Together, they fight crime!
The Blizzcon Class Discussion:
Crowd: "Our qq's will blot out the sun"
Warlocks: "Then we will pewpew in the shade"
-Urza
He's an old-fashioned Amish cyborg with no name. She's a virginal nymphomaniac fairy princess married to the Mob. Together, they fight crime!
The Blizzcon Class Discussion:
Crowd: "Our qq's will blot out the sun"
Warlocks: "Then we will pewpew in the shade"