Thread: z1.adserver problem
View Single Post
Old 05-26-2005, 08:06 AM   #8 (permalink)
derjusty
Registered User
 
Join Date: Sep 2004
Posts: 27
OS: XP


StartDreck (build 2.1.7 public stable) - 2005-05-26 @ 10:04:48 (GMT -05:00)
Platform: Windows XP (Win NT 5.1.2600 Service Pack 2)
Internet Explorer: 6.0.2900.2180
Logged in as Owner at MRCOMPY

Registry
Run Keys
Current User
Run
*ATI Launchpad=
*ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
RunOnce
Default User
Run
*ctfmon.exe=C:\WINDOWS\System32\ctfmon.exe
RunOnce
Local Machine
Run
*hpsysdrv=c:\windows\system\hpsysdrv.exe
*HotKeysCmds=C:\WINDOWS\System32\hkcmd.exe
*MoneyStartUp10.0="c:\Program Files\Microsoft Money\System\Activation.exe"
*WCOLOREAL="C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
*Recguard=C:\WINDOWS\SMINST\RECGUARD.EXE
*ATIModeChange=Ati2mdxx.exe
*LMPDPSRV=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
*IntelliPoint="C:\Program Files\Microsoft IntelliPoint\point32.exe"
*vptray=C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
*NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
*REGSHAVE=C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
*QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
*iTunesHelper=C:\Program Files\iTunes\iTunesHelper.exe
*PC Alarm Clock Master=
*SunJavaUpdateSched=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
*MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
*gcasServ="C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
+OptionalComponents
+MSFS
*Installed=1
+MAPI
*Installed=1
*NoChange=1
+MAPI
*Installed=1
*NoChange=1
RunOnce
RunServices
RunServicesOnce
RunOnceEx
RunServicesOnceEx
File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.disabled
*SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1"
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\System32\mshta.exe "%1" %*
+.htm
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.html
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.js
*JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
Active Setup (LM)
+Internet Explorer/>{26923b43-4d38-484f-9b9e-de460746276c}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
+Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
+Outlook Express/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
+Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+Internet Explorer/{4b218e3e-bc98-4770-93d3-2731b9329278}
*StubPath=%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
+Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
+Address Book 5/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\System32\ie4uinit.exe
+Fax/{8b15971b-5355-4c82-8c07-7e181ea07608}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
+CRLUpdate/{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}
*StubPath=%SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl
Browser Helper Objects (LM)
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
*SpywareGuardDLBLOCK.CBrowserHelper/{4A368E80-174F-4872-96B5-0B27DDD11DB2}
`InprocServer32=C:\Program Files\SpywareGuard\dlprotect.dll
*{53707962-6F74-2D53-2644-206D7942484F}
`InprocServer32=C:\PROGRA~1\SPYBOT~1\SDHelper.dll
*PCTools Site Guard/{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}
`InprocServer32=C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
*Google Toolbar Helper/{AA58ED58-01DD-4d91-8333-CF10577473F7}
`InprocServer32=c:\program files\google\googletoolbar_en_2.0.114-big.dll
*PCTools Browser Monitor/{B56A7D7D-6927-48C8-A975-17DF180C71AC}
`InprocServer32=C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
*MoneySide.BrowserHelperObject.10/{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
`InprocServer32=c:\Program Files\Microsoft Money\System\mnyviewer.dll
Internet Explorer
Current User
*Local Page=C:\WINDOWS\SYSTEM32\blank.htm
*Search Page=http://www.google.com
*Start Page=about:blank
+SearchUrl
*provider=gogl
Default User
Local Machine
*Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
*Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Local Page=C:\WINDOWS\SYSTEM32\blank.htm
*Search Bar=
*Search Page=http://www.google.com
*Start Page=about:blank
*CustomizeSearch=http://ie.search.msn.com
*SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
+SearchUrl
ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\System32\stobject.dll
Special NT Values
Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
Local Machine
*AppInit_DLLs=
*SHELL=Explorer.exe
*Userinit=C:\WINDOWS\system32\userinit.exe,
Files
Autostart Folders
Current User
*C:\Documents and Settings\Owner\Start Menu\Programs\Startup\desktop.ini
*C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Webshots.lnk
Default User
*C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
Local Machine
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
INI-Files
WIN.INI\[windows]
*LOAD=
*RUN=
SYSTEM.INI\[boot]
*SHELL=Explorer.exe
Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
*C:\msdos.sys
*C:\config.sys
*C:\WINDOWS\system32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\autoexec.bat
*C:\WINDOWS\system32\autoexec.nt
`@echo off
`lh %SystemRoot%\system32\mscdexnt.exe
`lh %SystemRoot%\system32\redir
`lh %SystemRoot%\system32\dosx
`SET BLASTER=A220 I5 D1 P330 T3
*C:\WINDOWS\wininit.ini
`[Rename]
`NUL=|8|2|||
*C:\WINDOWS\system32\drivers\etc\hosts
`127.0.0.1 localhost
Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINDOWS\system32\win.com
*C:\WINDOWS\explorer.exe
%PATH% Companion Files
+C:\WINDOWS\system32\atiiprxx.exe
*C:\Program Files\ATI Technologies\ATI Control Panel\atiiprxx.exe
+C:\WINDOWS\system32\hh.exe
*C:\WINDOWS\hh.exe
+C:\WINDOWS\system32\notepad.exe
*C:\WINDOWS\notepad.exe
+C:\WINDOWS\system32\slrundll.exe
*C:\WINDOWS\slrundll.exe
+C:\WINDOWS\system32\taskman.exe
*C:\WINDOWS\taskman.exe
+C:\WINDOWS\system32\winhlp32.exe
*C:\WINDOWS\winhlp32.exe
System/Drivers
Running Processes
+0=<idle>
+4=<system>
+400=\SystemRoot\System32\smss.exe
+448=\??\C:\WINDOWS\system32\csrss.exe
+472=\??\C:\WINDOWS\system32\winlogon.exe
+524=C:\WINDOWS\system32\services.exe
+536=C:\WINDOWS\system32\lsass.exe
+680=C:\WINDOWS\system32\svchost.exe
+744=C:\WINDOWS\system32\svchost.exe
+780=C:\WINDOWS\System32\svchost.exe
+824=C:\WINDOWS\System32\svchost.exe
+940=C:\WINDOWS\System32\svchost.exe
+1088=C:\WINDOWS\system32\LEXBCES.EXE
+1112=C:\WINDOWS\system32\spoolsv.exe
+1124=C:\WINDOWS\system32\LEXPPS.EXE
+1392=C:\WINDOWS\Explorer.EXE
+1480=C:\windows\system\hpsysdrv.exe
+1612=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LMPDPSRV.EXE
+1620=C:\Program Files\Microsoft IntelliPoint\point32.exe
+1632=C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
+1708=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
+1716=C:\Program Files\MessengerPlus! 3\MsgPlus.exe
+1732=C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
+1764=C:\WINDOWS\system32\ctfmon.exe
+1788=C:\Program Files\Webshots\WebshotsTray.exe
+1828=C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
+1900=C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
+1932=C:\WINDOWS\system32\inetsrv\inetinfo.exe
+1964=C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
+256=C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
+420=C:\WINDOWS\System32\svchost.exe
+452=C:\WINDOWS\System32\wdfmgr.exe
+2164=C:\WINDOWS\System32\alg.exe
+2620=C:\Program Files\Mozilla Firefox\firefox.exe
+2712=C:\WINDOWS\system32\wuauclt.exe
+2780=C:\Program Files\MSN Messenger\msnmsgr.exe
+3024=C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
+3212=c:\Program Files\Microsoft Money\System\urlmap.exe
+3296=C:\Program Files\StartDreck\StartDreck.exe
VMM32Files (LM)
%System%\VMM32
%System%\IOSUBSYS
Application specific
MS Office 97/8.0 STARTUP-PATH
Current User
Default User
Local Machine
ICQ NetDetect
Current User
Default User
derjusty is offline