Jump to content


Flash.10.exe

Started by hahnlee, Aug 23 2007 05:12 AM

  • You cannot reply to this topic
No replies to this topic

#1 OFFLINE   hahnlee

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 23 August 2007 - 05:12 AM

Hi!

I have a problem with Flash.10.exe and I paste my log file as below.
If anyone can help me on, I really appreciate it.

Thanks in advance.

hahnlee


StartupList report, 23/Aug/2007, 12:43:25 PM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\DSX1AMQI\HiJackThis[1].EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16512)
* Using default options
==================================================

Running processes:

C:\WINDOWSH\System32\smss.exe
C:\WINDOWSH\system32\winlogon.exe
C:\WINDOWSH\system32\services.exe
C:\WINDOWSH\system32\lsass.exe
C:\WINDOWSH\system32\svchost.exe
C:\WINDOWSH\System32\svchost.exe
C:\WINDOWSH\system32\svchost.exe
C:\WINDOWSH\system32\ACS.exe
C:\WINDOWSH\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWSH\system32\drivers\CDAC11BA.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWSH\system32\svchost.exe
C:\WINDOWSH\Explorer.EXE
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\WINDOWSH\SOUNDMAN.EXE
C:\WINDOWSH\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\WINDOWSH\system32\hkcmd.exe
C:\WINDOWSH\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE
C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWSH\system32\ctfmon.exe
C:\PROGRAM FILES\PCCloneEX\PCCloneEX.EXE
C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE
C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAEP.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\DSX1AMQI\HiJackThis[1].exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWSH\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IndicatorUtility = C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
SoundMan = SOUNDMAN.EXE
AGRSMMSG = AGRSMMSG.exe
LtMoh = C:\Program Files\ltmoh\Ltmoh.exe
SynTPLpr = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
ACU = "C:\Program Files\Atheros\ACU.exe" -nogui
DisableWinXPWZCS = C:\Program Files\Atheros\DisableWinXPWZCS.exe
HotKeysCmds = C:\WINDOWSH\system32\hkcmd.exe
IMJPMIG8.1 = "C:\WINDOWSH\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
MSPY2002 = C:\WINDOWSH\system32\IME\PINTLGNT\ImScInst.exe /SYNC
dla = C:\WINDOWSH\system32\dla\tfswctrl.exe
Adobe Photo Downloader = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
EPSON Stylus CX4100 Series = C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAEP.EXE /P26 "EPSON Stylus CX4100 Series" /O11 "PS40CD20-P3" /M "Stylus CX4100"
EPSON Stylus Photo R230 Series = C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P30 "EPSON Stylus Photo R230 Series" /O11 "PS40CD20-P2" /M "Stylus Photo R230"
EPSON Stylus CX3500 Series (Copy 1) = C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE /P35 "EPSON Stylus CX3500 Series (Copy 1)" /O6 "USB002" /M "Stylus CX3500"
EPSON Stylus CX4100 Series (Copy 1) = C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAEP.EXE /P35 "EPSON Stylus CX4100 Series (Copy 1)" /O6 "USB003" /M "Stylus CX4100"
nod32kui = "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
PCCloneEX = C:\PROGRAM FILES\PCCloneEX\PCCloneEX.EXE
Auto EPSON Stylus Photo R230 Series on ATZ2 = C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P43 "Auto EPSON Stylus Photo R230 Series on ATZ2" /O15 "\\ATZ2\Printer5" /M "Stylus Photo R230"
Auto EPSON Stylus Photo R230 Series on ATZ3 = C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P43 "Auto EPSON Stylus Photo R230 Series on ATZ3" /O15 "\\ATZ3\EPSONSty" /M "Stylus Photo R230"
Auto EPSON Stylus CX4100 Series on ATZLAURETTA = C:\WINDOWSH\System32\spool\DRIVERS\W32X86\3\E_FATIAEP.EXE /P46 "Auto EPSON Stylus CX4100 Series on ATZLAURETTA" /O23 "\\ATZLAURETTA\EPSON4100" /M "Stylus CX4100"
QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
Syslog =
PCSuiteTrayApplication = C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
!AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWSH\system32\ctfmon.exe
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
H/PC Connection Agent = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
YSearchProtection = C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
Windows MSN = C:\Program Files\Common Files\Microsoft Shared\DAO\MSN.msn

--------------------------------------------------

Load/Run keys from C:\WINDOWSH\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=Flash.10.exe
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWSH\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=C:\WINDOWSH\system32\kitty.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\WINDOWSH\system32\dla\tfswshx.dll - {5CA3D70E-1895-11CF-8E15-001234567890}
(no name) - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

--------------------------------------------------

Enumerating Task Scheduler jobs:

AppleSoftwareUpdate.job

--------------------------------------------------

Enumerating Download Program Files:

[PlxInstall Class]
InProcServer32 = C:\WINDOWSH\Downloaded Program Files\PlaxoInstall.dll
CODEBASE = https://www.plaxo.co...laxoInstall.cab

[SystemCheck Class]
InProcServer32 = C:\WINDOWSH\DOWNLO~1\ALTCON~1.DLL
CODEBASE = file:///D:/HTML%20Pages/media/ALTControl.cab

[iPIX ActiveX Control]
InProcServer32 = C:\WINDOWSH\DOWNLO~1\ipixx.ocx
CODEBASE = http://www.ipix.com/download/ipixx.cab

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWSH\system32\LegitCheckControl.DLL
CODEBASE = http://download.microsoft.com/download/9/b...heckControl.cab

[LProtect Control]
InProcServer32 = C:\WINDOWSH\DOWNLO~1\LProtect.ocx
CODEBASE = http://download.haur...ce/livecall.cab

[YInstStarter Class]
InProcServer32 = C:\WINDOWSH\Downloaded Program Files\yinsthelper1.dll
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab

[Autodesk MapGuide ActiveX Control]
InProcServer32 = C:\WINDOWSH\Downloaded Program Files\MgAxCtrl.dll
CODEBASE = http://www.can.com.sg/mwf/mgaxctrl.cab

[WUWebControl Class]
InProcServer32 = C:\WINDOWSH\system32\wuweb.dll
CODEBASE = http://update.microsoft.com/windowsupdate/...b?1147833229738

[VrsKSecOcxCtrl Class]
InProcServer32 = C:\Program Files\HAURI\Live KeyProtector\hksecocx.ocx
CODEBASE = http://fx.hauri.net/HProduct/livesuite/hau...VEKEY/hksec.exe

[CDialupCtrl Class]
InProcServer32 = C:\WINDOWSH\DOWNLO~1\DIALUP~1.DLL
CODEBASE = file:///D:/HTML%20Pages/media/DialupCtrl.cab

[ToonsXComicPlus Control]
InProcServer32 = C:\WINDOWSH\system32\TOONSX~1.OCX
CODEBASE = http://comicplus.don...sXComicPlus.cab

[SBSToolBar Control]
InProcServer32 = C:\WINDOWSH\DOWNLO~1\SBSTOO~1.OCX
CODEBASE = http://toolbar.sbs.c.../SBSToolBar.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWSH\system32\SHELL32.dll
CDBurn: C:\WINDOWSH\system32\SHELL32.dll
WebCheck: C:\WINDOWSH\system32\webcheck.dll
SysTray: C:\WINDOWSH\system32\stobject.dll
WPDShServiceObj: C:\WINDOWSH\system32\WPDShServiceObj.dll
hirtellous: *Registry key not found*

--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

isamonitor.exe = C:\Program Files\Video ActiveX Object\isamonitor.exe
none = C:\Program Files\Video ActiveX Object\pmsngr.exe

--------------------------------------------------

End of report, 11,245 bytes
Report generated in 0.070 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Back to Spyware Hell


  1. Piriform Community Forums
  2. Computer Help and Discussion
  3. Spyware Hell