StartupList report, 2/27/2008, 8:15:20 AM StartupList version: 1.52.2 Started from : C:\Documents and Settings\LEE\My Documents\Download\HiJackThis_v2.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Razer\Diamondback\razerhid.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Razer\Diamondback\razertra.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Razer\Diamondback\razerofa.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\LEE\My Documents\Download\HiJackThis_v2.exe -------------------------------------------------- Listing of startup folders: Shell folders Common Startup: [C:\Documents and Settings\All Users\Start Menu\Programs\Startup] BTTray.lnk = ? -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 PHIME2002ASync = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC PHIME2002A = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName NVMixerTray = "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup nwiz = nwiz.exe /install SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" MSPY2002 = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe Diamondback = C:\Program Files\Razer\Diamondback\razerhid.exe Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" Launch LCDMon = "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" Launch LGDCore = "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run PowerBar = ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe NVIDIA nTune = "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear H/PC Connection Agent = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] = -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} QFX Software KeyScrambler - C:\Program Files\KeyScrambler\KeyScramblerIE.dll - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} (no name) - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045} -------------------------------------------------- Enumerating Download Program Files: [Minesweeper Flags Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\minesweeper.dll CODEBASE = http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab [WUWebControl Class] InProcServer32 = C:\WINDOWS\system32\wuweb.dll CODEBASE = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143997524229 [MUWebControl Class] InProcServer32 = C:\WINDOWS\system32\muweb.dll CODEBASE = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1144257959654 [MessengerStatsClient Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [Solitaire Showdown Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll CODEBASE = http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab -------------------------------------------------- Enumerating Winsock LSP files: Protocol #1: C:\WINDOWS\system32\nvappfilter.dll Protocol #2: C:\WINDOWS\system32\nvappfilter.dll Protocol #3: C:\WINDOWS\system32\nvappfilter.dll Protocol #4: C:\WINDOWS\system32\nvappfilter.dll Protocol #5: C:\WINDOWS\system32\nvappfilter.dll Protocol #6: C:\WINDOWS\system32\nvappfilter.dll Protocol #7: C:\WINDOWS\system32\nvappfilter.dll Protocol #8: C:\WINDOWS\system32\nvappfilter.dll Protocol #9: C:\WINDOWS\system32\nvappfilter.dll Protocol #10: C:\WINDOWS\system32\nvappfilter.dll Protocol #11: C:\WINDOWS\system32\nvappfilter.dll Protocol #12: C:\WINDOWS\system32\nvappfilter.dll Protocol #13: C:\WINDOWS\system32\nvappfilter.dll Protocol #14: C:\WINDOWS\system32\nvappfilter.dll Protocol #15: C:\WINDOWS\system32\nvappfilter.dll Protocol #16: C:\WINDOWS\system32\nvappfilter.dll Protocol #17: C:\WINDOWS\system32\nvappfilter.dll Protocol #18: C:\WINDOWS\system32\nvappfilter.dll Protocol #19: C:\WINDOWS\system32\nvappfilter.dll Protocol #20: C:\WINDOWS\system32\nvappfilter.dll Protocol #21: C:\WINDOWS\system32\nvappfilter.dll Protocol #22: C:\WINDOWS\system32\nvappfilter.dll Protocol #45: C:\WINDOWS\system32\nvappfilter.dll -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\System32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- End of report, 9,275 bytes Report generated in 0.063 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only