Tech Support Forum - View Single Post - Please, please help, HijackThis Log included

mphell0 · 02-27-2005, 09:19 PM

All are under:
HKEY_LOCAL_MACHINES\Software\Microsoft\Windows\Current Version\Explorer\Browser Helper Objects

Here is the log anyway:

StartDreck (build 2.1.7 public stable) - 2005-02-27 @ 23:13:32 (GMT -05:00)
Platform: Windows 2000 (Win NT 5.0.2195 Service Pack 4)
Internet Explorer: 6.0.2800.1106
Logged in as Administrator at MARTY

»Registry
»Run Keys
»Current User
»Run
*MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
»RunOnce
»Default User
»Run
»RunOnce
*^SetupICWDesktop=
»Local Machine
»Run
*Synchronization Manager=mobsync.exe /logon
*SAClient="C:\Program Files\Insight\BBClient\Programs\RegCon.exe" /admincheck
*iTunesHelper=C:\Program Files\iTunes\iTunesHelper.exe
*NeroFilterCheck=
*STOPzilla=C:\Program Files\STOPzilla!\Stopzilla.exe /autostart
*ccApp="C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
*GhostStartTrayApp=C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
*SymTray - Norton SystemWorks=C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
*Symantec NetDriver Monitor=C:\PROGRA~1\SYMNET~1\SNDMon.exe
*SSC_UserPrompt=C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
*EssSpkPhone=essspk.exe
*gcasServ="C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
+OptionalComponents
+MSFS
*Installed=1
+MAPI
*Installed=1
*NoChange=1
+MAPI
*Installed=1
*NoChange=1
»RunOnce
*SymTray - Norton SystemWorks=C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
»RunServices
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.disabled
*SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1"
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINNT\System32\mshta.exe "%1" %*
+.htm
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
+.html
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
+.js
*JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
+Internet Explorer Access/>{26923b43-4d38-484f-9b9e-de460746276c}
*StubPath="C:\WINNT\System32\shmgrate.exe" OCInstallUserConfigIE
+Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
+Outlook Express Access/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
*StubPath="C:\WINNT\System32\shmgrate.exe" OCInstallUserConfigOE
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+EnableRevocation/{6A5110B5-E14B-4268-A065-EF89FF33C325}
*StubPath=regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll
+Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserRemove
+Address Book 5/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\System32\ie4uinit.exe
+CRLUpdate/{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}
*StubPath=%SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl
»Browser Helper Objects (LM)
*{03A08522-1426-409B-7534-34DFE546E811}
`InprocServer32=
*{0FA37060-7A7A-2F4C-EE64-BF3652FFAD81}
`InprocServer32=
*{2718DD6D-E6FA-1188-2501-F0813784A5F3}
`InprocServer32=
*{8B138AE2-2BF0-4315-8220-9DCCA0BB9FA1}
`InprocServer32=
*{8E5DA144-B0C4-4CBD-9309-2666F6D7AD77}
`InprocServer32=
*{B54DA59F-5766-DB0B-2F4A-4E40B009C7B0}
`InprocServer32=
*{E3215F20-3212-11D6-9F8B-00D0B743919D}
`InprocServer32=C:\Program Files\STOPzilla!\SZIEBHO.dll
*{F5A35E7E-A94F-C946-C01A-9E563E708D87}
`InprocServer32=
»Internet Explorer
»Current User
*Local Page=C:\WINNT\system32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.msn.com/
*Window Title=Microsoft Internet Explorer provided by Insight Broadband
+SearchUrl
*provider=
»Default User
»Local Machine
*Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
*Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Local Page=C:\WINNT\system32\blank.htm
*Search Bar=http://home.microsoft.com/search/lobby/search.asp
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.msn.com/
*CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
*SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
+SearchUrl
»ShellServiceObjectDelayLoad (LM)
*Network.ConnectionTray={7007ACCF-3202-11D1-AAD2-00805FC1270E}
`InprocServer32=C:\WINNT\system32\NETSHELL.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=stobject.dll
»Special NT Values
»Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Local Machine
*AppInit_DLLs=
*SHELL=Explorer.exe
*Userinit=C:\WINNT\system32\userinit.exe,
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\SoftStuff Wallpaper Changer.lnk
»Default User
»Local Machine
*C:\Documents and Settings\All Users.WINNT\Start Menu\Programs\Startup\MSN Desktop Search.lnk
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect
*C:\msdos.sys
*C:\config.sys
*C:\WINNT\system32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\WINNT\system32\autoexec.nt
`@echo off
`lh %SystemRoot%\system32\mscdexnt.exe
`lh %SystemRoot%\system32\redir
`lh %SystemRoot%\system32\dosx
*C:\WINNT\wininit.ini
*C:\WINNT\system32\drivers\etc\hosts
`127.0.0.1 localhost
»Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINNT\system32\win.com
*C:\WINNT\explorer.exe
»%PATH% Companion Files
+C:\WINNT\system32\notepad.exe
*C:\WINNT\NOTEPAD.EXE
+C:\WINNT\system32\taskman.exe
*C:\WINNT\TASKMAN.EXE
+C:\WINNT\system32\winhlp32.exe
*C:\WINNT\winhlp32.exe
»System/Drivers
»Running Processes
+0=<idle>
+8=<system>
+140=\SystemRoot\System32\smss.exe
+168=<unkown>
+164=\??\C:\WINNT\system32\winlogon.exe
+216=C:\WINNT\system32\services.exe
+228=C:\WINNT\system32\lsass.exe
+364=C:\Program Files\Common Files\STOPzilla!\SZServer.exe
+472=C:\WINNT\system32\svchost.exe
+500=C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
+528=C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
+656=C:\WINNT\system32\spoolsv.exe
+688=C:\WINNT\System32\svchost.exe
+700=C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
+724=C:\Program Files\Norton AntiVirus\navapsvc.exe
+772=C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
+864=C:\WINNT\system32\regsvc.exe
+712=C:\Program Files\Norton AntiVirus\SAVScan.exe
+892=C:\WINNT\system32\MSTask.exe
+960=C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
+988=C:\WINNT\System32\WBEM\WinMgmt.exe
+1016=C:\WINNT\system32\svchost.exe
+1024=C:\WINNT\System32\svchost.exe
+1320=C:\Program Files\Common Files\Symantec Shared\SymTray.exe
+1388=C:\Program Files\iTunes\iTunesHelper.exe
+1384=C:\Program Files\Common Files\Symantec Shared\ccApp.exe
+1408=C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
+1444=C:\WINNT\essspk.exe
+1308=C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
+1456=C:\Program Files\iPod\bin\iPodService.exe
+328=C:\Program Files\MSN Toolbar Suite\DS\02.00.0001.1203\en-us\bin\msnlAdmin.exe
+1476=C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
+1692=C:\Program Files\MSN Toolbar Suite\DS\02.00.0001.1203\en-us\bin\msnindex.exe
+1356=C:\Program Files\Mozilla Firefox\firefox.exe
+1668=C:\WINNT\explorer.exe
+1124=C:\WINNT\regedit.exe
+1132=C:\Program Files\MSN Toolbar Suite\DS\02.00.0001.1203\en-us\bin\MSNGather.exe
+1500=C:\Documents and Settings\Administrator\Desktop\StartDreck.exe
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
»ICQ NetDetect
»Current User
»Default User

02-27-2005, 09:19 PM	#22 (permalink)
mphell0 Registered User Join Date: Feb 2005 Posts: 17 OS: Win2000	All are under: HKEY_LOCAL_MACHINES\Software\Microsoft\Windows\Current Version\Explorer\Browser Helper Objects Here is the log anyway: StartDreck (build 2.1.7 public stable) - 2005-02-27 @ 23:13:32 (GMT -05:00) Platform: Windows 2000 (Win NT 5.0.2195 Service Pack 4) Internet Explorer: 6.0.2800.1106 Logged in as Administrator at MARTY »Registry »Run Keys »Current User »Run MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background »RunOnce »Default User »Run »RunOnce ^SetupICWDesktop= »Local Machine »Run Synchronization Manager=mobsync.exe /logon SAClient="C:\Program Files\Insight\BBClient\Programs\RegCon.exe" /admincheck iTunesHelper=C:\Program Files\iTunes\iTunesHelper.exe NeroFilterCheck= STOPzilla=C:\Program Files\STOPzilla!\Stopzilla.exe /autostart ccApp="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" GhostStartTrayApp=C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe SymTray - Norton SystemWorks=C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg Symantec NetDriver Monitor=C:\PROGRA~1\SYMNET~1\SNDMon.exe SSC_UserPrompt=C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe EssSpkPhone=essspk.exe gcasServ="C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" +OptionalComponents +MSFS Installed=1 +MAPI Installed=1 NoChange=1 +MAPI Installed=1 NoChange=1 »RunOnce SymTray - Norton SystemWorks=C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe »RunServices »RunServicesOnce »RunOnceEx »RunServicesOnceEx »File Associations (CR) +.bat batfile="%1" % +.com comfile="%1" % +.disabled SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1" +.exe exefile="%1" %* +.hta htafile=C:\WINNT\System32\mshta.exe "%1" % +.htm htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome +.html htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome +.js JSFile=%SystemRoot%\System32\WScript.exe "%1" % +.jse JSEFile=%SystemRoot%\System32\WScript.exe "%1" % +.pif piffile="%1" % +.reg regfile=regedit.exe "%1" +.scr scrfile="%1" /S +.txt txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1 +.vbs VBSFile=%SystemRoot%\System32\WScript.exe "%1" %* +.vbe VBEFile=%SystemRoot%\System32\WScript.exe "%1" % +.wsh WSHFile=%SystemRoot%\System32\WScript.exe "%1" % +.wsf WSFFile=%SystemRoot%\System32\WScript.exe "%1" % +.lnk `lnkfile= [key or value does not exist] »Active Setup (LM) +Internet Explorer Access/>{26923b43-4d38-484f-9b9e-de460746276c} StubPath="C:\WINNT\System32\shmgrate.exe" OCInstallUserConfigIE +Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP +Outlook Express Access/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} StubPath="C:\WINNT\System32\shmgrate.exe" OCInstallUserConfigOE +Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C} StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install +NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B} StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT +EnableRevocation/{6A5110B5-E14B-4268-A065-EF89FF33C325} StubPath=regsvr32.exe /s /n /i:"S 2 true 3 true 4 true 5 true 6 true 7 true" initpki.dll +Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6} StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINNT\INF\wmp.inf,PerUserRemove +Address Book 5/{7790769C-0471-11d2-AF11-00C04FA35D02} StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install +Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340} StubPath=regsvr32.exe /s /n /i:U shell32.dll +Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383} StubPath=%SystemRoot%\System32\ie4uinit.exe +CRLUpdate/{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} StubPath=%SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl »Browser Helper Objects (LM) {03A08522-1426-409B-7534-34DFE546E811} `InprocServer32= {0FA37060-7A7A-2F4C-EE64-BF3652FFAD81} `InprocServer32= {2718DD6D-E6FA-1188-2501-F0813784A5F3} `InprocServer32= {8B138AE2-2BF0-4315-8220-9DCCA0BB9FA1} `InprocServer32= {8E5DA144-B0C4-4CBD-9309-2666F6D7AD77} `InprocServer32= {B54DA59F-5766-DB0B-2F4A-4E40B009C7B0} `InprocServer32= {E3215F20-3212-11D6-9F8B-00D0B743919D} `InprocServer32=C:\Program Files\STOPzilla!\SZIEBHO.dll {F5A35E7E-A94F-C946-C01A-9E563E708D87} `InprocServer32= »Internet Explorer »Current User Local Page=C:\WINNT\system32\blank.htm Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page=http://www.msn.com/ Window Title=Microsoft Internet Explorer provided by Insight Broadband +SearchUrl provider= »Default User »Local Machine Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Local Page=C:\WINNT\system32\blank.htm Search Bar=http://home.microsoft.com/search/lobby/search.asp Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page=http://www.msn.com/ CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm +SearchUrl »ShellServiceObjectDelayLoad (LM) Network.ConnectionTray={7007ACCF-3202-11D1-AAD2-00805FC1270E} `InprocServer32=C:\WINNT\system32\NETSHELL.dll WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED} `InprocServer32=%SystemRoot%\System32\webcheck.dll SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153} `InprocServer32=stobject.dll »Special NT Values »Current User Load= Run= Programs=com exe bat pif cmd SHELL= »Default User Load= Run= Programs=com exe bat pif cmd SHELL= »Local Machine AppInit_DLLs= SHELL=Explorer.exe Userinit=C:\WINNT\system32\userinit.exe, »Files »Autostart Folders »Current User C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\SoftStuff Wallpaper Changer.lnk »Default User »Local Machine C:\Documents and Settings\All Users.WINNT\Start Menu\Programs\Startup\MSN Desktop Search.lnk »INI-Files »WIN.INI\[windows] LOAD= RUN= »SYSTEM.INI\[boot] SHELL=Explorer.exe »Text Files C:\boot.ini `[boot loader] `timeout=30 `default=multi(0)disk(0)rdisk(0)partition(1)\WINNT `[operating systems] `multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect C:\msdos.sys C:\config.sys C:\WINNT\system32\config.nt `dos=high, umb `device=%SystemRoot%\system32\himem.sys `files=40 C:\WINNT\system32\autoexec.nt `@echo off `lh %SystemRoot%\system32\mscdexnt.exe `lh %SystemRoot%\system32\redir `lh %SystemRoot%\system32\dosx C:\WINNT\wininit.ini C:\WINNT\system32\drivers\etc\hosts `127.0.0.1 localhost »Program Files C:\ntldr C:\ntdetect.com C:\io.sys C:\WINNT\system32\win.com C:\WINNT\explorer.exe »%PATH% Companion Files +C:\WINNT\system32\notepad.exe C:\WINNT\NOTEPAD.EXE +C:\WINNT\system32\taskman.exe C:\WINNT\TASKMAN.EXE +C:\WINNT\system32\winhlp32.exe C:\WINNT\winhlp32.exe »System/Drivers »Running Processes +0=<idle> +8=<system> +140=\SystemRoot\System32\smss.exe +168=<unkown> +164=\??\C:\WINNT\system32\winlogon.exe +216=C:\WINNT\system32\services.exe +228=C:\WINNT\system32\lsass.exe +364=C:\Program Files\Common Files\STOPzilla!\SZServer.exe +472=C:\WINNT\system32\svchost.exe +500=C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe +528=C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe +656=C:\WINNT\system32\spoolsv.exe +688=C:\WINNT\System32\svchost.exe +700=C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE +724=C:\Program Files\Norton AntiVirus\navapsvc.exe +772=C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE +864=C:\WINNT\system32\regsvc.exe +712=C:\Program Files\Norton AntiVirus\SAVScan.exe +892=C:\WINNT\system32\MSTask.exe +960=C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe +988=C:\WINNT\System32\WBEM\WinMgmt.exe +1016=C:\WINNT\system32\svchost.exe +1024=C:\WINNT\System32\svchost.exe +1320=C:\Program Files\Common Files\Symantec Shared\SymTray.exe +1388=C:\Program Files\iTunes\iTunesHelper.exe +1384=C:\Program Files\Common Files\Symantec Shared\ccApp.exe +1408=C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe +1444=C:\WINNT\essspk.exe +1308=C:\Program Files\Microsoft AntiSpyware\gcasServ.exe +1456=C:\Program Files\iPod\bin\iPodService.exe +328=C:\Program Files\MSN Toolbar Suite\DS\02.00.0001.1203\en-us\bin\msnlAdmin.exe +1476=C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe +1692=C:\Program Files\MSN Toolbar Suite\DS\02.00.0001.1203\en-us\bin\msnindex.exe +1356=C:\Program Files\Mozilla Firefox\firefox.exe +1668=C:\WINNT\explorer.exe +1124=C:\WINNT\regedit.exe +1132=C:\Program Files\MSN Toolbar Suite\DS\02.00.0001.1203\en-us\bin\MSNGather.exe +1500=C:\Documents and Settings\Administrator\Desktop\StartDreck.exe »VMM32Files (LM) »%System%\VMM32 »%System%\IOSUBSYS »Application specific »MS Office 97/8.0 STARTUP-PATH »Current User »Default User »Local Machine »ICQ NetDetect »Current User »Default User