tartupList report, 2003.09.02., 11:54:37
StartupList version: 1.52
Started from : E:\System 2\Internet\HijackThis.EXE
Detected: Windows XP Szervizcsomag 1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\NWTRAY.EXE
C:\Program Files\Winamp\Winampa.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\MMTray.exe
C:\WINDOWS\System32\MMTray2k.exe
C:\WINDOWS\System32\MMTrayLSI.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\GetRight\getright.exe
C:\program files\winsrv32.exe
C:\WINDOWS\System32\NALWIN32.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SmartPopupKiller\PopupKillerTray.exe
C:\wincmd\WINCMD32.EXE
E:\System 2\Internet\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Indítópult]
Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office XP\Office10\OSA.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
NWTRAY = NWTRAY.EXE
WinampAgent = "C:\Program Files\Winamp\Winampa.exe"
SoundMan = SOUNDMAN.EXE
CloneCDTray = C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
ElbyCheckElbyCDFL = "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
NeroCheck = C:\WINDOWS\system32\NeroCheck.exe
MMTray = MMTray.exe
MMTray2K = MMTray2k.exe
MMTrayLSI = MMTrayLSI.exe
QuickTime Task = "C:\WINDOWS\System32\qttask.exe" -atboottime
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE = C:\WINDOWS\System32\ctfmon.exe
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
win32 = c:\program files\winsrv32.exe
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\WHATIS~1.SCR
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\SmartPopupKiller\PopupKillerIEDLL.dll - {A09790E7-DD00-4A83-B632-5B563423CFBB}
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
--------------------------------------------------
End of report, 4 841 bytes
Report generated in 0,050 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only