Thnx
Running Mozilla Firefox in occasions IE 7
Win XP Prof on Thinkpad X41
StartupList report, 12/5/2007, 7:48:41 PM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Hassan\My Documents\Downloads\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16544)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\tp4mon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Sharp\Sharpdesk\IndexTray.exe
C:\Program Files\Sharp\Sharpdesk\SharpTray.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
C:\PROGRA~1\Sharp\SHARPD~1\Indexer.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Sharp\Sharpdesk\sdFTP.exe
C:\WINDOWS\system32\svchost.exe
C:\UPS\WSTD\Messages\WSTDMessaging.exe
C:\Program Files\Mcafee\MWL\MwlSvc.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mcafee\MWL\MwlGui.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Hassan\My Documents\Downloads\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Start Network Scanner Tool.lnk = C:\Program Files\Sharp\Sharpdesk\sdFTP.exe
UPS WorldShip Messaging Utility.lnk = C:\UPS\WSTD\Messages\WSTDMessaging.exe
UPS WorldShip PLD Reminder Utility.lnk = C:\UPS\WSTD\wstdPldReminder.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
TrackPointSrv = tp4mon.exe
IgfxTray = C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe
Adobe Photo Downloader = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
IndexTray = "C:\Program Files\Sharp\Sharpdesk\IndexTray.exe"
SharpTray = "C:\Program Files\Sharp\Sharpdesk\SharpTray.exe"
RemoteControl = "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
EverioService = "C:\Program Files\CyberLink\PCM4Everio\EverioService.exe"
SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
LogitechCommunicationsManager = "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
LogitechQuickCamRibbon = "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
MWLExe = C:\Program Files\Mcafee\MWL\MWLGuiSt.exe
SiteAdvisor = C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
McENUI = C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
NWEReboot =
NeroFilterCheck = C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MBkLogOnHook = C:\Program Files\McAfee\MBK\LogOnHook.exe
mcagent_exe = C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
mxomssmenu = "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
H/PC Connection Agent = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
=
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll - {089FD14D-132B-48FC-8861-0048AE113215}
McAntiPhishingBHO - C:\Program Files\McAfee\MSK\mcapbho.dll - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4}
(no name) - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll - {7DB2D5A0-7241-4E79-B68D-6309F01C5231}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
--------------------------------------------------
Enumerating Task Scheduler jobs:
AppleSoftwareUpdate.job
McDefragTask.job
McQcTask.job
Rescue Reminder for 2HAP1LXT.job
--------------------------------------------------
Enumerating Download Program Files:
[NetCamPlayerWeb11g Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\NETCAM~1.OCX
CODEBASE = http://192.168.2.115...layerWeb11g.ocx
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
CODEBASE = http://fpdownload.ma...ash/swflash.cab
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\WINDOWS\TEMP\025947~1.EXE||C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee\MSC\Updates\Installs\1\msk\mcinst.exe||C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee\MSC\Updates\Installs\1\msk\mcinst.exe||C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee\MSC\Updates\Installs\1\msk\mcinst.exe||C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee\MSC\Updates\Installs\1\msk\mcinst.exe
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll
--------------------------------------------------
End of report, 9,936 bytes
Report generated in 0.421 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Attached Files
-
startuplist.txt 9.54KB
173 downloads
Edited by Hass, 06 December 2007 - 05:20 PM.
Sign In
Create Account
