Incident Status Location
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\ebqobb9j.default\cookies.txt[.did-it.com/]
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\ebqobb9j.default\cookies.txt[rightmedia.net/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\ebqobb9j.default\cookies.txt[searchportal.information.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ben\Cookies\ben@atwola[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Jane\Application Data\Mozilla\Firefox\Profiles\16a1erho.default\cookies.txt[.go.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[.realmedia.com/]
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[.target.com/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[.maxserving.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[.apmebf.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[.bravenet.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[.atwola.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[.go.com/]
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[.did-it.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[landing.domainsponsor.com/]
Spyware:Cookie/Clicktracks Not disinfected C:\Documents and Settings\Kathleen\Application Data\Mozilla\Firefox\Profiles\661dy0hn.kathleen\cookies.txt[stats1.clicktracks.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Sarah\Application Data\Mozilla\Firefox\Profiles\m4hmkxjj.default\cookies.txt[.atwola.com/]
Ken - 06-11-25 15:56:49.03 Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Ken"
((((((((((((((((((((((((((((((( Files Created from 2006-10-25 to 2006-11-25 ))))))))))))))))))))))))))))))))))
2006-11-25 14:53 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-11-25 14:53 <DIR> d-------- C:\WINDOWS\LastGood
2006-11-25 13:04 <DIR> dr-h----- C:\Documents and Settings\Ken\Recent
2006-11-25 12:57 <DIR> d-------- C:\Program Files\Common Files\Java
2006-11-19 19:25 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\Uniblue
2006-11-19 00:12 <DIR> d-------- C:\Program Files\MSXML 4.0
2006-11-19 00:11 <DIR> d-------- C:\6ae06e6e01b60cd8ace64c
2006-11-15 18:00 8,384 -ra------ C:\WINDOWS\system\QTHNDLR.DLL
2006-11-15 18:00 73,456 -ra------ C:\WINDOWS\system\QTOLE.DLL
2006-11-15 18:00 61,024 -ra------ C:\WINDOWS\PLAYER.EXE
2006-11-15 18:00 47,776 -ra------ C:\WINDOWS\VIEWER.EXE
2006-11-15 18:00 4,160 -ra------ C:\WINDOWS\system\QTNOTIFY.EXE
2006-11-15 18:00 358,192 -ra------ C:\WINDOWS\system\QTIM.DLL
2006-11-15 18:00 3,920 -ra------ C:\WINDOWS\system\MCIQTENU.DLL
2006-11-15 18:00 17,536 -ra------ C:\WINDOWS\VIEWENU.DLL
2006-11-15 18:00 16,912 -ra------ C:\WINDOWS\PLAYENU.DLL
2006-11-15 18:00 141,206 -ra------ C:\WINDOWS\README.EXE
2006-11-15 18:00 14,400 -ra------ C:\WINDOWS\system\QTIMCMGR.DLL
2006-11-15 17:59 92,208 --a------ C:\WINDOWS\system\WING.DLL
2006-11-15 17:59 <DIR> d-------- C:\QT$INST$.TMP
2006-11-15 17:59 <DIR> d-------- C:\PLAYSKL
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-10-29 22:48 <DIR> d-------- C:\Documents and Settings\Ken\.housecall6.6
2006-10-29 20:38 <DIR> d-------- C:\Program Files\CCleaner
2006-10-29 20:34 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-10-29 20:34 <DIR> d-------- C:\Program Files\Grisoft
2006-10-29 20:18 <DIR> d--h----- C:\WINDOWS\PIF
2006-10-29 13:06 <DIR> d-------- C:\Program Files\a-squared Free
2006-10-28 21:07 <DIR> d-------- C:\Program Files\SpywareBlaster
2006-10-28 21:03 <DIR> d-------- C:\Program Files\Windows Defender
2006-10-28 20:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CA
2006-10-28 20:48 <DIR> d-------- C:\Program Files\Common Files\Scanner
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-25 15:35 -------- d-------- C:\Program Files\Symantec AntiVirus
2006-11-25 15:35 -------- d-------- C:\Program Files\Spybot - Search & Destroy
2006-11-25 15:33 -------- d-------- C:\Program Files\palmOne
2006-11-25 15:30 -------- d-------- C:\Program Files\Mozilla Firefox
2006-11-25 15:28 -------- d-------- C:\Program Files\iTunes
2006-11-25 15:27 -------- d-------- C:\Program Files\Internet Explorer
2006-11-25 15:19 -------- d-------- C:\Program Files\EzButton
2006-11-25 15:17 -------- d-------- C:\Program Files\Common Files\DataViz
2006-11-25 15:11 -------- d-------- C:\Program Files\Apoint2K
2006-11-25 12:58 -------- d-------- C:\Program Files\Java
2006-11-25 12:57 -------- d-------- C:\Program Files\Common Files
2006-11-18 23:19 -------- d-------- C:\Program Files\Plaxo
2006-11-15 18:00 -------- d-------- C:\Program Files\QuickTime
2006-10-13 07:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-09-13 00:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-25 10:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"TOSCDSPD"="C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"\\\\FAMILYROOM\\EPSON Stylus CX4600 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9AA.EXE /P39 \"\\\\FAMILYROOM\\EPSON Stylus CX4600 Series\" /M \"Stylus CX4600\" /EF \"HKCU\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"CeEKEY"="C:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe"
"CeEPOWER"="C:\\Program Files\\TOSHIBA\\Power Management\\CePMTray.exe"
"TPNF"="C:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"EzButton"="C:\\Program Files\\EzButton\\EzButton.EXE"
"PadTouch"="C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe"
"NDSTray.exe"="NDSTray.exe"
"Pinger"="C:\\TOSHIBA\\IVP\\ISM\\pinger.exe /run"
"\\\\FAMILYONE\\EPSON Stylus CX4600 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9AA.EXE /P38 \"\\\\FAMILYONE\\EPSON Stylus CX4600 Series\" /O6 \"USB001\" /M \"Stylus CX4600\""
"Auto EPSON Stylus CX4600 Series on FAMILYONE"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9AA.EXE /P44 \"Auto EPSON Stylus CX4600 Series on FAMILYONE\" /O20 \"\\\\FAMILYONE\\EPSONSty\" /M \"Stylus CX4600\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"vptray"="C:\\PROGRA~1\\SYMANT~1\\VPTray.exe"
"EPSON Stylus CX4600 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9AA.EXE /P26 \"EPSON Stylus CX4600 Series\" /O6 \"USB001\" /M \"Stylus CX4600\""
"Notebook Maximizer"="C:\\Program Files\\Notebook Maximizer\\maximizer_startup.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"Auto EPSON Stylus CX4600 Series on FAMILYROOM"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9AA.EXE /P45 \"Auto EPSON Stylus CX4600 Series on FAMILYROOM\" /O21 \"\\\\FAMILYROOM\\Printer2\" /M \"Stylus CX4600\""
"HPWQTOOLBOX"="C:\\Program Files\\Hewlett-Packard\\HP Deskjet 9800 Series\\Toolbox\\HPWQTBX.exe \"-i\""
"EPSON Stylus CX4800 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIADA.EXE /P26 \"EPSON Stylus CX4800 Series\" /O6 \"USB004\" /M \"Stylus CX4800\""
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"eTrustPPAP"="\"C:\\Program Files\\CA\\eTrust Internet Security Suite\\eTrust PestPatrol Anti-Spyware\\PPActiveDetection.exe\""
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,23,00,00,00,7c,00,00,00,72,00,\
00,00,01,00,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1119886515.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
Completion time: 06-11-25 15:58:01.98
C:\ComboFix.txt ... 06-11-25 15:58
Ad-Aware SE Personal
Adobe Acrobat 5.0
Adobe Download Manager 2.0 (Remove Only)
AIM Toolbar
ALPS Touch Pad Driver
AOL Instant Messenger
ArcSoft Software Suite
ArcSoft Software Suite
a-squared Free 2.0
Atheros Wireless LAN MiniPCI card Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AVG Anti-Spyware 7.5
Baldur's Gate(TM) II - Shadows of Amn(TM) Bonus CD
Baldur's Gate(TM) II - Throne of Bhaal (TM)
Caesar 3
CCleaner (remove only)
CD/DVD Drive Acoustic Silencer
Civilization III
Civilization III: Conquests
Creative Jukebox Driver
Creative Removable Disk Manager
Creative System Information
Creative Zen Micro
Deskanker 1.5
Documents To Go
DVD-RAM Driver
Easy Button
EPSON CardMonitor
EPSON Copy Utility 3
EPSON CX4600 Reference Guide
EPSON Logiciel imprimante
EPSON PhotoStarter3.2
EPSON Scan
EPSON Smart Panel
HijackThis 1.99.1
HP Deskjet 9800
HP Deskjet 9800 Series
HP Memories Disc
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1200 series
hp psc 1200 series
hp psc 1200 series
Icewind Dale
Icewind Dale II
InterActual Player
InterVideo WinDVD for TOSHIBA
ItsDeductible Express
iTunes
J2SE Runtime Environment 5.0 Update 9
JumpStart Kindergarten v2.4b
LiveUpdate 2.0 (Symantec Corporation)
Macromedia Flash Player 8
Magic School Bus - Rainforest
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Office OneNote 2003
Microsoft Office Standard Edition 2003
Microsoft Office XP Professional
Microsoft Publisher 2002
Microsoft Works 7.0
Mission Research GiftWorks
Mozilla Firefox (2.0)
Mozilla Thunderbird (1.0)
MSXML 4.0 SP2 (KB927978)
Napster Burn Engine
Notebook Maximizer
palmOne
Panda ActiveScan
Plaxo Toolbar for Outlook (with AIM Enhancements)
PrintMusic! 2000
Quicken 2004
QuickTime
RealPlayer
Realtek AC'97 Audio
Realtek Fast Ethernet Adapter Driver
Rhapsody
Roxio Burn Engine
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Sid Meier's Civilization 4
SMSC IrCC V5.1.3600.3 SP1
Sonic & Knuckles Collection Documentation
Sonic & Knuckles Killer !
Sonic DLA
Sonic RecordNow!
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
SRS WOW XT Plug-In for Windows Media Player for Toshiba version 1.0.2
Symantec AntiVirus
TOSHIBA Access
TOSHIBA ConfigFree
TOSHIBA Console
TOSHIBA Fax Extension
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Management Utility
Toshiba Registration
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
Toshiba Tbiosdrv Driver
Touch and Launch
TouchPad On/Off Utility
TurboTax Deluxe 2004
TurboTax Deluxe 2005
TurboTax ItsDeductible 2005
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Viewpoint Media Player
WexTech AnswerWorks
Windows Defender
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Logfile of HijackThis v1.99.1
Scan saved at 4:07:42 PM, on 11/25/06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\WINDOWS\system32\svchost.exe
c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\EzButton\EzButton.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\TOSHIBA\IVP\ISM\pinger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\Ken\Desktop\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.toshiba.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshiba.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run
O4 - HKLM\..\Run: [\\FAMILYONE\EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P38 "\\FAMILYONE\EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
O4 - HKLM\..\Run: [Auto EPSON Stylus CX4600 Series on FAMILYONE] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P44 "Auto EPSON Stylus CX4600 Series on FAMILYONE" /O20 "\\FAMILYONE\EPSONSty" /M "Stylus CX4600"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
O4 - HKLM\..\Run: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Auto EPSON Stylus CX4600 Series on FAMILYROOM] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P45 "Auto EPSON Stylus CX4600 Series on FAMILYROOM" /O21 "\\FAMILYROOM\Printer2" /M "Stylus CX4600"
O4 - HKLM\..\Run: [HPWQTOOLBOX] C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe "-i"
O4 - HKLM\..\Run: [EPSON Stylus CX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE /P26 "EPSON Stylus CX4800 Series" /O6 "USB004" /M "Stylus CX4800"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AOL Toolbar search -
res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
Thanks.
Southern Man