Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Start Up List

    Încărcat de

    ninoarendse
    9 vizualizări3 pagini

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    TXT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    9 vizualizări3 pagini

    Start Up List

    Încărcat de

    ninoarendse

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 3

    StartupList report, 9/23/2010, 8:53:37 PM

    StartupList version: 1.52.2


    Started from : C:\Documents and Settings\nino.DELL\Desktop\HijackThis.EXE
    Detected: Windows XP SP3 (WinNT 5.01.2600)
    Detected: Internet Explorer v8.00 (8.00.6001.18702)
    * Using default options
    ==================================================
    Running processes:
    C:\WINDOWS.1\System32\smss.exe
    C:\WINDOWS.1\system32\winlogon.exe
    C:\WINDOWS.1\system32\services.exe
    C:\WINDOWS.1\system32\lsass.exe
    C:\WINDOWS.1\system32\svchost.exe
    C:\WINDOWS.1\system32\svchost.exe
    C:\WINDOWS.1\System32\svchost.exe
    C:\WINDOWS.1\system32\svchost.exe
    C:\WINDOWS.1\System32\svchost.exe
    C:\WINDOWS.1\System32\svchost.exe
    C:\WINDOWS.1\Explorer.exe
    C:\WINDOWS.1\system32\spoolsv.exe
    C:\WINDOWS.1\system32\28463\svchost.exe
    C:\WINDOWS.1\system32\RUNDLL32.EXE
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS.1\system32\ctfmon.exe
    C:\WINDOWS.1\system32\nvsvc32.exe
    C:\WINDOWS.1\system32\locator.exe
    C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
    C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    C:\WINDOWS.1\system32\vmnat.exe
    C:\WINDOWS.1\system32\vmnetdhcp.exe
    C:\WINDOWS.1\system32\wuauclt.exe
    C:\Documents and Settings\nino.DELL\Desktop\HijackThis.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS.1\system32\NOTEPAD.EXE
    C:\Program Files\Spyware Doctor\swdoctor.exe
    --------------------------------------------------
    Checking Windows NT UserInit:
    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS.1\system32\userinit.exe,
    --------------------------------------------------
    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    svchost Agent = C:\WINDOWS.1\system32\28463\svchost.exe
    NvCplDaemon = RUNDLL32.EXE C:\WINDOWS.1\system32\NvCpl.dll,NvStartup
    nwiz = nwiz.exe /install
    NvMediaCenter = RUNDLL32.EXE C:\WINDOWS.1\system32\NvMcTray.dll,NvTaskbarInit
    GrooveMonitor = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    ctfmon.exe = C:\WINDOWS.1\system32\ctfmon.exe
    Spyware Doctor = "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    --------------------------------------------------
    Shell & screensaver key from C:\WINDOWS.1\SYSTEM.INI:
    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*
    Shell & screensaver key from Registry:
    Shell=explorer.exe
    SCRNSAVE.EXE=C:\WINDOWS.1\System32\logon.scr
    drivers=*Registry value not found*
    Policies Shell key:
    HKCU\..\Policies: Shell=*Registry value not found*
    HKLM\..\Policies: Shell=*Registry value not found*
    --------------------------------------------------

    Enumerating Browser Helper Objects:


    (no name) - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll - {5C8B2A36-3DB1-42A4-A3CB-D42
    6709BBFEB}
    (no name) - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL - {72853161-30C5-4D22-B7F
    9-0BBC1D38A37E}
    (no name) - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll - {B56A7D7D-6927-48C8-A975-17D
    F180C71AC}
    --------------------------------------------------
    Enumerating Task Scheduler jobs:
    AppleSoftwareUpdate.job
    At1.job
    --------------------------------------------------
    Enumerating ShellServiceObjectDelayLoad items:
    WebCheck: C:\WINDOWS.1\system32\webcheck.dll
    WPDShServiceObj: C:\WINDOWS.1\system32\wpdshserviceobj.dll
    PostBootReminder: C:\WINDOWS.1\system32\SHELL32.dll
    CDBurn: C:\WINDOWS.1\system32\SHELL32.dll
    SysTray: C:\WINDOWS.1\system32\stobject.dll
    --------------------------------------------------
    End of report, 4,441 bytes
    Report generated in 0.031 seconds
    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only

    S-ar putea să vă placă și