This is the report from CW Shredder first. Then the Hijak This log follows.
So far, nothing was detected on my last reboot. Should I run my antispy software again and/or reboot?
Thanks.
Debbie.
**** Run Keys ****
RUN: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
RUN: []
RUN: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
RUN: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
RUN: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
RUN: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
RUN: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
RUN: [AGRSMMSG] AGRSMMSG.exe
RUN: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
RUN: [EzButton] C:\Program Files\EzButton\EzButton.EXE
RUN: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
RUN: [NDSTray.exe] NDSTray.exe
RUN: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
RUN: [CFSServ.exe] CFSServ.exe -NoClient
RUN: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
RUN: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RUN: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
RUN: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
RUN: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe
RUN: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
RUN: [HP Lamp] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe
RUN: [mladct] C:\WINDOWS\mladct.exe
RUN: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
RUN: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
RUN: [IDNlYD] C:\WINDOWS\qijmnpv.exe
RUN: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
RUN: [vs2X3FR] mlavtmsg.exe
RUN: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
RUN: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
RUN: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
RUN: [eBt7RPd6e] mdihts.exe
RUN: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
**** Browser Helper Objects ****
BHO: [Yahoo! Companion BHO] C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
BHO: [AcroIEHlprObj Class] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [] C:\PROGRA~1\SPYBOT~1\SDHelper.dll
BHO: [DriveLetterAccess] C:\WINDOWS\system32\dla\tfswshx.dll
BHO: [Google Toolbar Helper] c:\program files\google\googletoolbar1.dll
BHO: [Google Toolbar Helper] c:\program files\google\googletoolbar1.dll
**** IE Toolbars ****
TOOLBAR: [AOL Toolbar] C:\Program Files\AOL Toolbar\toolbar.dll
TOOLBAR: [&Google] c:\program files\google\googletoolbar1.dll
TOOLBAR: [AIM Search] C:\Program Files\AIM Toolbar\AIMBar.dll
TOOLBAR: [Yahoo! Companion] C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
TOOLBAR: [Yahoo! Companion] C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
**** IE Extensions ****
IEExt: []
IEExt: [Messenger]
IEExt: [Research]
IEExt: [AIM] C:\Program Files\AIM\aim.exe
IEExt: [PartyPoker.com] C:\Program Files\AIM\aim.exe
IEExt: [Real.com] C:\Program Files\AIM\aim.exe
IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe
**** Hosts File Entries ****
HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost
**** IE Settings ****
Default Page:
http://www.toshiba.com Default Search:
http://www.microsoft...=ie&ar=iesearch Local Page: C:\WINDOWS\system32\blank.htm
Search Page:
http://www.google.com **** IE Context Menu (Right click) ****
IEContext: [&AIM Search] res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IEContext: [&AOL Toolbar search] res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IEContext: [&Google Search] res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IEContext: [&Yahoo! Search] file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
IEContext: [Backward Links] res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IEContext: [Cached Snapshot of Page] res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
IEContext: [E&xport to Microsoft Excel] res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IEContext: [Similar Pages] res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IEContext: [Translate into English] res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IEContext: [Yahoo! &Dictionary] file:///C:\Program Files\Yahoo!\Common/ycdict.htm
IEContext: [Yahoo! &Maps] file:///C:\Program Files\Yahoo!\Common/ycdict.htm
**** Layered Service Providers ****
LSP: MSAFD Irda [IrDA]
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{469DFF52-1F02-46E2-A067-B900A884CFF2}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{469DFF52-1F02-46E2-A067-B900A884CFF2}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4F4FB80E-A1BB-4E75-BB2A-EE5384E38C58}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{4F4FB80E-A1BB-4E75-BB2A-EE5384E38C58}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{678AA9F6-B866-45EC-B4F1-05DB346D5800}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{678AA9F6-B866-45EC-B4F1-05DB346D5800}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{95ED3546-EB6B-4DAF-932E-6B91403C9384}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{95ED3546-EB6B-4DAF-932E-6B91403C9384}] DATAGRAM 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9F6221E6-E288-446F-A918-C1B2BE10F9C9}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9F6221E6-E288-446F-A918-C1B2BE10F9C9}] DATAGRAM 3
**** Blocked Control Panel Items ****
BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No
**** Downloaded Program Files ****
{166B1BCA-3F9C-11CF-8075-444553540000} [
http://download.macr...irector/sw.cab] {17492023-C23A-453E-A040-C7C580BBF700} [
http://go.microsoft....67&clcid=0x409] C:\WINDOWS\system32\GWFSPidGen.DLL C:\WINDOWS\system32\LegitCheckControl.DLL
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [
http://office.micros...ntent/opuc.cab] {80DD2229-B8E4-4C77-B72F-F22972D723EA} [
http://www.bitdefend...itdefender.cab] C:\WINDOWS\system32\xcommsvr.dll C:\WINDOWS\system32\xcomm.dll C:\WINDOWS\Downloaded Program Files\fxfileop.dll C:\WINDOWS\Downloaded Program Files\bitdefender.ocx
{8AD9C840-044E-11D1-B3E9-00805F499D93} [
http://java.sun.com/...ndows-i586.cab] {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} [
https://h17000.www1....oadManager.ocx] {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} [
http://java.sun.com/...ndows-i586.cab] {E2F9D054-D2B5-4CE8-9BDF-8BF3A81DB7E9} [
http://download.micr...IDGatherer.CAB] C:\WINDOWS\Downloaded Program Files\ProductIDGatherer.dll
{EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} [
http://lg.home.micro...chsettings.cab] **** Windows Services ****
[ACS] C:\WINDOWS\system32\ACS.exe
[Alerter] %SystemRoot%\system32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AOL ACS] C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[Ati HotKey Poller] %SystemRoot%\system32\Ati2evxx.exe
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\system32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\system32\svchost.exe -k netsvcs
[CeEPwrSvc] C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
[CFSvcs] C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[CVPND] "C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe"
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[DVD-RAM_Service] C:\WINDOWS\system32\DVDRAMSV.exe
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[Fax] %systemroot%\system32\fxssvc.exe
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] C:\WINDOWS\system32\imapi.exe
[Irmon] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanserver] %SystemRoot%\system32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService
[Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe
[MSDTC] C:\WINDOWS\system32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\system32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\system32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[ose] "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\system32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\system32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\system32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\system32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{E24E51F8-0CD8-42E2-8D99-80D56FAEEE55}
[Swupdtmr] c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
[SymWSC] "C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe"
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[UMWdf] C:\WINDOWS\system32\wdfmgr.exe
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs
**** Custom IE Search Items ****
SEARCH: [SearchAssistant]
http://ie.search.msn...st/srchasst.htm SEARCH: [CustomizeSearch]
http://ie.search.msn...st/srchcust.htm **** Complete IE Options ****
IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Start Page]
http://www.toshiba.com/ IEOPT: [Use Custom Search URL]
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Search Page]
http://www.google.com IEOPT: [Check_Associations] No
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [Use FormSuggest] yes
IEOPT: [AddToFavoritesExpanded]
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [Expand Alt Text] no
IEOPT: [Move System Caret] no
IEOPT: [NscSingleExpand]
IEOPT: [DisableScriptDebuggerIE] yes
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [NoWebJITSetup]
IEOPT: [Page_Transitions]
IEOPT: [FavIntelliMenus] no
IEOPT: [Enable Browser Extensions] yes
IEOPT: [UseThemes]
IEOPT: [Force Offscreen Composition]
IEOPT: [AllowWindowReuse]
IEOPT: [Friendly http errors] yes
IEOPT: [ShowGoButton] yes
IEOPT: [SmoothScroll]
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Display Inline Videos] yes
IEOPT: [Show image placeholders]
IEOPT: [Print_Background] no
IEOPT: [FormSuggest Passwords] yes
IEOPT: [FormSuggest PW Ask] yes
IEOPT: [Save Directory]
IEOPT: [Error Dlg Details Pane Open] yes
IEOPT: [Default_Page_URL]
http://www.toshiba.com IEOPT: [Default_Search_URL]
http://www.microsoft...=ie&ar=iesearch IEOPT: [Search Page]
http://www.microsoft...=ie&ar=iesearch IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page]
http://www.cnn.com/ IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 5.50.4134.100
IEOPT: [FullScreen] no
IEOPT: [Search Bar]
http://home.microsof...obby/search.asp Logfile of HijackThis v1.99.1
Scan saved at 4:46:15 PM, on 4/2/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\EzButton\EzButton.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HThis\hijackthis1991.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.toshiba.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshiba.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.cnn.com/R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\system32\pavdr.exe,C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [HP Lamp] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPLamp.exe
O4 - HKLM\..\Run: [mladct] C:\WINDOWS\mladct.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IDNlYD] C:\WINDOWS\qijmnpv.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vs2X3FR] mlavtmsg.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [eBt7RPd6e] mdihts.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone:
http://www.partypoker.comO15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....467&clcid=0x409O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) -
http://www.bitdefend...bitdefender.cabO16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1....loadManager.ocxO16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) -
http://lg.home.micro...rchsettings.cabO23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe