StartupList version: 1.52.2
Started from : C:\Documents and Settings\Laptop\Desktop\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ntnl32.exe
C:\Program Files\The Cleaner\tca.exe
C:\Program Files\The Cleaner\tcm.exe
C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\hookdump.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Laptop\Desktop\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Laptop\Start Menu\Programs\Startup]
HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SynTPLpr = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Dell QuickSet = C:\Program Files\Dell\QuickSet\quickset.exe
SunJavaUpdateSched = C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
Client Access Service = "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
Client Access Help Update = "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
Client Access Check Version = "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
Client Access Express Welcome = "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray = C:\PROGRA~1\SYMANT~1\VPTray.exe
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
ntnl32.exe = C:\WINDOWS\system32\ntnl32.exe
tcactive = C:\Program Files\The Cleaner\tca.exe
tcmonitor = C:\Program Files\The Cleaner\tcm.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
sdkkp.exe = C:\WINDOWS\system32\sdkkp.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SpeedswitchXP = C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe
DellSupport = "C:\Program Files\Dell Support\DSAgnt.exe" /startup
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
Sonic RecordNow! = C:\WINDOWS\system32\ctfmon.exe
Intel system tool = C:\WINDOWS\system32\hookdump.exe
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\sstext3d.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\WINDOWS\system32\mfcls.dll - {4014B4D5-2904-EAE9-66BC-9F97C5F321F8}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
--------------------------------------------------
Enumerating Download Program Files:
[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.micros...ntent/opuc2.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\flash.ocx
CODEBASE = https://download.mac...ash/swflash.cab
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
UPnPMonitor: C:\WINDOWS\system32\upnpui.dll
--------------------------------------------------
End of report, 6,384 bytes
Report generated in 0.140 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Sign In
Create Account
