Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My Log

Started by ajfalcon , Apr 18 2007 05:20 PM

  • Please log in to reply

#1
ajfalcon
Posted 18 April 2007 - 05:20 PM

ajfalcon

    New Member

  • Member
  • Pip
  • 2 posts
StartupList report, 4/18/2007, 7:06:08 PM
StartupList version: 1.52.2
Started from : E:\Documents and Settings\Aaron\Desktop\HiJackThis_v2.0.0.0.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================

Running processes:

E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\WINDOWS\ms010.exe
E:\WINDOWS\QWFyb24gRmFsY29u\command.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
E:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
E:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
E:\WINDOWS\system32\CTsvcCDA.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\System32\PAStiSvc.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Documents and Settings\Aaron\Desktop\HiJackThis_v2.0.0.0.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[E:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = E:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ATIPTA = E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ms010 = E:\WINDOWS\ms010.exe
{ZN} = E:\WINDOWS\system32\micro1\eno36.exe SKY003
AVG7_CC = E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
PC Pitstop Optimize Scheduler = E:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot
!AVG Anti-Spyware = "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Creative Detector = "E:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
ares lite = "E:\Program Files\Ares Lite\Ares.exe" -h
MtdAcq = E:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
ctfmon.exe = E:\WINDOWS\system32\ctfmon.exe
Yahoo! Pager = "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MsnMsgr = "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

--------------------------------------------------

Shell & screensaver key from E:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=E:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) - {02478D38-C3F9-4EFB-9B51-7695ECA05670}
(no name) - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
0 - E:\Program Files\ComPlus Applications\lavu.dll (file missing) - {464C32BB-12E2-4079-AA8E-843469E5BD99}
(no name) - E:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - E:\Program Files\Outlook Express\hokevofa.dll (file missing) - {C9EA2A6E-1E7A-4D44-AC2C-A5BB2FCCE469}

--------------------------------------------------

Enumerating Download Program Files:

[PCPitstop Utility]
InProcServer32 = E:\WINDOWS\Downloaded Program Files\PCPitstop.dll
CODEBASE = http://pcpitstop.com...p/PCPitStop.CAB

[Windows Genuine Advantage Validation Tool]
InProcServer32 = E:\WINDOWS\System32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft....k/?LinkID=39204

[YInstStarter Class]
InProcServer32 = E:\Program Files\Yahoo!\Common\yinsthelper.dll
CODEBASE = E:\Program Files\Yahoo!\Common\yinsthelper.dll

[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.micr...922/wmv9VCM.CAB

[WUWebControl Class]
InProcServer32 = E:\WINDOWS\System32\wuweb.dll
CODEBASE = http://update.micros...b?1160268245828

[ActiveScan Installer Class]
InProcServer32 = E:\WINDOWS\Downloaded Program Files\asinst.dll
CODEBASE = http://acs.pandasoft...free/asinst.cab

[Shockwave Flash Object]
InProcServer32 = E:\WINDOWS\System32\Macromed\Flash\Flash9.ocx
CODEBASE = http://fpdownload.ma...ash/swflash.cab

[AV Class]
InProcServer32 = E:\PROGRA~1\PCPITS~1\AV\Pav.dll
CODEBASE = http://www.pcpitstop...irus/PitPav.cab

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: E:\DOCUME~1\Aaron\LOCALS~1\Temp\_iu14D2N.tmp


--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: E:\WINDOWS\system32\SHELL32.dll
CDBurn: E:\WINDOWS\system32\SHELL32.dll
WebCheck: E:\WINDOWS\System32\webcheck.dll
SysTray: E:\WINDOWS\System32\stobject.dll
WPDShServiceObj: E:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

{90EDFC25-01C0-1033-1117-980109190001} = "E:\Program Files\Common Files\{90EDFC25-01C0-1033-1117-980109190001}\Update.exe" mc-110-12-0000140

--------------------------------------------------

End of report, 7,478 bytes
Report generated in 0.187 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP