This topic is locked
StartupList report, 9/3/2004, 6:50:18 PM
StartupList version: 1.52.2
Started from : C:\hijackthis\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\SpyCatcher\DeleteSatellite.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\Program Files\SpyCatcher\Scheduler daemon.exe
C:\Program Files\SpyCatcher\Protector.exe
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\hijackthis\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Rob\Start Menu\Programs\Startup]
HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
Scheduler.lnk = C:\Program Files\SpyCatcher\Scheduler daemon.exe
Protector.lnk = C:\Program Files\SpyCatcher\Protector.exe
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cmaudio = RunDll32 cmicnfg.cpl,CMICtrlWnd
ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
McAfee Guardian = "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
EM_EXEC = C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
zBrowser Launcher = C:\Program Files\Logitech\iTouch\iTouch.exe
AVG_CC = C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
GhostSurfDelSatellite = "C:\Program Files\SpyCatcher\DeleteSatellite.exe"
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
GhostSurfDelSatellite = "C:\Program Files\SpyCatcher\DeleteSatellite.exe" nowait
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
(Default) =
ATI Launchpad =
LDM = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
SPYKILLER = C:\Program Files\SpyWare Killer\SpyWareKiller.exe /BOOT
BestPopUpKiller = C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ssstars.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - (no file) - {0479C968-64F0-4246-8A5E-74807CCF8B8C}
(no name) - C:\WINDOWS\System32\msdoh.dll - {CE0ACA77-4947-4C68-9087-BC36C3C36037}
--------------------------------------------------
Enumerating Task Scheduler jobs:
SpyWareKiller.job
--------------------------------------------------
Enumerating Download Program Files:
[QuickTime Object]
InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com...ex/qtplugin.cab
[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.micr...922/wmv9VCM.CAB
[Update Class]
InProcServer32 = C:\WINDOWS\System32\iuctl.dll
CODEBASE = http://v4.windowsupd...8201.8515740741
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macr...ash/swflash.cab
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
--------------------------------------------------
End of report, 6,059 bytes
Report generated in 0.150 seconds
Sign In
Create Account
