Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My Log


  • Please log in to reply

#1
ajfalcon

ajfalcon

    New Member

  • Member
  • Pip
  • 2 posts
StartupList report, 4/18/2007, 7:06:08 PM
StartupList version: 1.52.2
Started from : E:\Documents and Settings\Aaron\Desktop\HiJackThis_v2.0.0.0.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================

Running processes:

E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\WINDOWS\ms010.exe
E:\WINDOWS\QWFyb24gRmFsY29u\command.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
E:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
E:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
E:\WINDOWS\system32\CTsvcCDA.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\System32\PAStiSvc.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Documents and Settings\Aaron\Desktop\HiJackThis_v2.0.0.0.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[E:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = E:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ATIPTA = E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
ms010 = E:\WINDOWS\ms010.exe
{ZN} = E:\WINDOWS\system32\micro1\eno36.exe SKY003
AVG7_CC = E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
PC Pitstop Optimize Scheduler = E:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot
!AVG Anti-Spyware = "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Creative Detector = "E:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
ares lite = "E:\Program Files\Ares Lite\Ares.exe" -h
MtdAcq = E:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
ctfmon.exe = E:\WINDOWS\system32\ctfmon.exe
Yahoo! Pager = "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MsnMsgr = "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

--------------------------------------------------

Shell & screensaver key from E:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=E:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) - {02478D38-C3F9-4EFB-9B51-7695ECA05670}
(no name) - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
0 - E:\Program Files\ComPlus Applications\lavu.dll (file missing) - {464C32BB-12E2-4079-AA8E-843469E5BD99}
(no name) - E:\Program Files\Yahoo!\Common\yiesrvc.dll (file missing) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - E:\Program Files\Outlook Express\hokevofa.dll (file missing) - {C9EA2A6E-1E7A-4D44-AC2C-A5BB2FCCE469}

--------------------------------------------------

Enumerating Download Program Files:

[PCPitstop Utility]
InProcServer32 = E:\WINDOWS\Downloaded Program Files\PCPitstop.dll
CODEBASE = http://pcpitstop.com...p/PCPitStop.CAB

[Windows Genuine Advantage Validation Tool]
InProcServer32 = E:\WINDOWS\System32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft....k/?LinkID=39204

[YInstStarter Class]
InProcServer32 = E:\Program Files\Yahoo!\Common\yinsthelper.dll
CODEBASE = E:\Program Files\Yahoo!\Common\yinsthelper.dll

[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.micr...922/wmv9VCM.CAB

[WUWebControl Class]
InProcServer32 = E:\WINDOWS\System32\wuweb.dll
CODEBASE = http://update.micros...b?1160268245828

[ActiveScan Installer Class]
InProcServer32 = E:\WINDOWS\Downloaded Program Files\asinst.dll
CODEBASE = http://acs.pandasoft...free/asinst.cab

[Shockwave Flash Object]
InProcServer32 = E:\WINDOWS\System32\Macromed\Flash\Flash9.ocx
CODEBASE = http://fpdownload.ma...ash/swflash.cab

[AV Class]
InProcServer32 = E:\PROGRA~1\PCPITS~1\AV\Pav.dll
CODEBASE = http://www.pcpitstop...irus/PitPav.cab

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: E:\DOCUME~1\Aaron\LOCALS~1\Temp\_iu14D2N.tmp


--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: E:\WINDOWS\system32\SHELL32.dll
CDBurn: E:\WINDOWS\system32\SHELL32.dll
WebCheck: E:\WINDOWS\System32\webcheck.dll
SysTray: E:\WINDOWS\System32\stobject.dll
WPDShServiceObj: E:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

{90EDFC25-01C0-1033-1117-980109190001} = "E:\Program Files\Common Files\{90EDFC25-01C0-1033-1117-980109190001}\Update.exe" mc-110-12-0000140

--------------------------------------------------

End of report, 7,478 bytes
Report generated in 0.187 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP