Thanks Geezer
StartupList report, 27/02/2006, 09:00:09
StartupList version: 1.52.2
Started from : C:\Program Files\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Alwil Software\Avast4\aswUpdSv.exe
C:\Program\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\wwSecure.exe
C:\Program\Alwil Software\Avast4\ashMaiSv.exe
C:\Program\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Creative\SBLive\Diagnostics\diagent.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program\ALWILS~1\Avast4\ashDisp.exe
C:\Program\Creative\ShareDLL\CtNotify.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Java\jre1.5.0_06\bin\jusched.exe
C:\Program\Microsoft AntiSpyware\gcasServ.exe
C:\Program\QuickTime\qttask.exe
C:\Program\Creative\ShareDLL\Mediadet.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program\Logitech\Video\LogiTray.exe
C:\Program\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Tony\Mina dokument\Rippleffect\Pocket Pardew\pardew.exe
C:\Program\Webroot\Washer\wwDisp.exe
C:\Program\Digital Line Detect\DLG.exe
C:\Program\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearch.exe
C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearchIndexer.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start-meny\Program\Autostart]
Adobe Gamma Loader.exe.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
Digital Line Detect.lnk = ?
Kodak EasyShare software.lnk = C:\Program\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Personal.lnk = C:\Program\Personal\bin\Personal.exe
Windows Desktop Search.lnk = C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearch.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
diagent = C:\Program\Creative\SBLive\Diagnostics\diagent.exe startup
UpdReg = C:\WINDOWS\UpdReg.EXE
DVDSentry = C:\WINDOWS\System32\DSentry.exe
AdaptecDirectCD = "C:\Program\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
LXSUPMON = C:\WINDOWS\System32\LXSUPMON.EXE RUN
avast! = C:\Program\ALWILS~1\Avast4\ashDisp.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
(Default) =
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe
LDM = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
LogitechSoftwareUpdate = C:\Program\Logitech\Video\ManifestEngine.exe boot
Pocket Pardew = C:\Documents and Settings\Tony\Mina dokument\Rippleffect\Pocket Pardew\pardew.exe
Window Washer = C:\Program\Webroot\Washer\wwDisp.exe
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\sstext3d.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll - {02478D38-C3F9-4EFB-9B51-7695ECA05670}
(no name) - C:\Program\DELADE~1\Real\Toolbar\realbar.dll - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D}
(no name) - C:\Program\Spybot - Search & Destroy\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - c:\program\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Symantec NetDetect.job
--------------------------------------------------
Enumerating Download Program Files:
[QuickTime Object]
InProcServer32 = C:\Program\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab
[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll
CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204
[BDSCANONLINE Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\oscan8.ocx
CODEBASE = http://download.bitdefender.com/resourc ... oscan8.cab
[ActiveScan Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll
CODEBASE = http://acs.pandasoftware.com/activescan ... asinst.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx
CODEBASE = http://download.macromedia.com/pub/shoc ... wflash.cab
[Microsoft Search Settings Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\searchsettings.ocx
CODEBASE = http://lg.home.microsoft.com/search/lob ... ttings.cab
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
--------------------------------------------------
End of report, 7,822 bytes
Report generated in 0.063 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only