We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
My poor laptop
VanyaHargreeves
Posts: 937 Forumite
in Techie Stuff
Just discovered this part of the board...:rotfl:
On about the 18th last month my laptop did something weird. It deleted all my files and won't load my user profile properly - that means that anything I do isn't saved. Anything at all- documents, history, new shortcuts, new installations etc.
I THINK it might have something to do with that annoying MSN virus that I got from a link sent by an unknowing friend.
So now I can't save a single thing
Is there any way of fixing this? I know I can make a new profile but I really dont want to do that unless there's no other option.
Also, my all-in-one scanner refuses stubbornly to work. I have rang up Lexmark CS and we went through an hour and a half of painstakingly uninstalling and reinstalling things, clicking buttons and waiting for my painfully slow laptop to load things. That didn't help one bit.
My all-in-one type is Lexmark X2580.
Any advice is greatly appreciated
On about the 18th last month my laptop did something weird. It deleted all my files and won't load my user profile properly - that means that anything I do isn't saved. Anything at all- documents, history, new shortcuts, new installations etc.
I THINK it might have something to do with that annoying MSN virus that I got from a link sent by an unknowing friend.
So now I can't save a single thing
Is there any way of fixing this? I know I can make a new profile but I really dont want to do that unless there's no other option.
Also, my all-in-one scanner refuses stubbornly to work. I have rang up Lexmark CS and we went through an hour and a half of painstakingly uninstalling and reinstalling things, clicking buttons and waiting for my painfully slow laptop to load things. That didn't help one bit.
My all-in-one type is Lexmark X2580.
Any advice is greatly appreciated
Undergrad law student. Take my advice with a pinch of salt! :rotfl:
0
Comments
-
Download HIJACK THIS (Top right)
http://www.filehippo.com/download_hijackthis/
SCAN and post the log so we can see whats running:idea:0 -
downloading Undergrad law student. Take my advice with a pinch of salt! :rotfl:0
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:44:07, on 06/02/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lexmark 2500 Series\lxddmon.exe
C:\Program Files\Lexmark 2500 Series\lxddamon.exe
C:\Windows\tsnpstd3.exe
C:\Program Files\TOSHIBA\Utilities\VolControl.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\vsnpstd3.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - !!3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Family Safety Browser Helper - !!4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - !!5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - !!6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - !!9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: &Windows Live Toolbar - !!21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [TOSHIBA Volume Indicator] "C:\Program Files\Toshiba\Utilities\VolControl.exe"
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Blog This - !!219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - !!219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - !!92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?EN (file missing)
O13 - Gopher Prefix:
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUplden-gb.cab
O16 - DPF: !!67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: lxcf_device - - C:\Windows\system32\lxcfcoms.exe
O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxddserv.exe
O23 - Service: lxdd_device - - C:\Windows\system32\lxddcoms.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 11067 bytesUndergrad law student. Take my advice with a pinch of salt! :rotfl:0 -
I cant see anything really wrong with it
You still have some norton on, so use the removal tool
http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039
Then id suggest a run with COMBOFIX
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
(Please post the log after)
Reboot and do a fresh hijack log:idea:0 -
you could do with running the norton removal tool to shift the dregs of it.........Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple
0 -
^ you posted as I was typing...sorry...
..G-J heads back to his box...........Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple0 -
ComboFix 09-02-06.01 - Jenny 2009-02-07 1:13:45.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.446.88 [GMT 0:00]
Running from: c:\users\TEMP.Jenny-PC.003\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2009-01-07 to 2009-02-07 )))))))))))))))))))))))))))))))
.
2009-02-07 00:50 . 2009-02-07 00:50 <DIR> d
c:\users\TEMP.Jenny-PC.003\AppData\Roaming\ATI
2009-02-07 00:49 . 2009-02-07 00:50 <DIR> d
c:\users\TEMP.Jenny-PC.003\AppData\Roaming\PC Suite
2009-02-07 00:49 . 2009-02-07 00:49 <DIR> d
c:\users\TEMP.Jenny-PC.003\AppData\Roaming\FaxCtr
2009-02-07 00:45 . 2009-02-07 00:45 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Searches
2009-02-07 00:44 . 2009-02-07 00:44 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Contacts
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Videos
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Saved Games
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Pictures
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Music
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Links
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Downloads
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> dr
c:\users\TEMP.Jenny-PC.003\Documents
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> d--h
c:\users\TEMP.Jenny-PC.003\AppData
2009-02-07 00:43 . 2009-02-07 00:45 <DIR> d
c:\users\TEMP.Jenny-PC.003
2009-02-07 00:29 . 2009-02-07 00:29 <DIR> d
c:\users\All Users\NortonInstaller
2009-02-07 00:29 . 2009-02-07 00:29 <DIR> d
c:\programdata\NortonInstaller
2009-02-06 23:34 . 2009-02-06 23:34 <DIR> d
c:\program files\Trend Micro
2009-02-05 08:17 . 2009-02-05 08:17 107,272 --a
c:\windows\System32\drivers\avgtdix.sys
2009-02-04 12:47 . 2009-02-04 13:16 35,422,208 --a
c:\windows\ocsetup_install_NetFx3.etl
2009-02-04 12:47 . 2009-02-04 13:15 24,576 --a
c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-02-04 12:47 . 2009-02-04 13:15 8,192 --a
c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-01-31 22:34 . 2009-01-31 22:35 <DIR> d--h
C:\$AVG8.VAULT$
2009-01-29 15:23 . 2009-01-30 07:57 <DIR> d--h
c:\users\TEMP.Jenny-PC.002\AppData
2009-01-29 15:23 . 2009-01-30 08:10 <DIR> d
c:\users\TEMP.Jenny-PC.002
2009-01-25 12:17 . 2009-01-25 12:17 <DIR> d
c:\program files\iPod
2009-01-25 12:16 . 2009-01-25 12:18 <DIR> d
c:\users\All Users\!!3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-25 12:16 . 2009-01-25 12:18 <DIR> d
c:\programdata\!!3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-25 12:16 . 2009-01-25 12:18 <DIR> d
c:\program files\iTunes
2009-01-25 12:04 . 2009-01-25 12:06 <DIR> d
c:\program files\QuickTime
2009-01-25 11:49 . 2009-01-25 11:49 <DIR> d
c:\program files\Bonjour
2009-01-24 17:24 . 2009-01-24 17:24 <DIR> d
c:\users\TEMP.Jenny-PC.001\AppData\Roaming\Apple Computer
2009-01-24 17:16 . 2009-01-24 17:17 <DIR> d
c:\users\TEMP.Jenny-PC.001\AppData\Roaming\PC Suite
2009-01-24 17:15 . 2009-01-24 17:16 <DIR> d
c:\users\TEMP.Jenny-PC.001\AppData\Roaming\FaxCtr
2009-01-24 17:14 . 2009-01-24 17:14 <DIR> d
c:\users\TEMP.Jenny-PC.001\Searches
2009-01-24 17:13 . 2009-01-24 17:13 <DIR> d
c:\users\TEMP.Jenny-PC.001\Contacts
2009-01-24 17:12 . 2009-01-24 17:14 <DIR> d
c:\users\TEMP.Jenny-PC.001\AppData
2009-01-24 17:12 . 2009-01-24 21:55 <DIR> d
c:\users\TEMP.Jenny-PC.001
2009-01-23 15:33 . 2009-01-23 15:33 <DIR> dr
c:\windows\System32\config\systemprofile\Videos
2009-01-23 15:33 . 2009-01-23 15:33 <DIR> dr
c:\windows\System32\config\systemprofile\Pictures
2009-01-23 15:33 . 2009-01-23 15:33 <DIR> dr
c:\windows\System32\config\systemprofile\Downloads
2009-01-23 15:31 . 2009-01-23 15:31 <DIR> dr
c:\windows\System32\config\systemprofile\Documents
2009-01-21 15:30 . 2009-01-22 07:59 <DIR> d
c:\users\TEMP.Jenny-PC.000
2009-01-14 15:37 . 2008-12-16 03:14 290,304 --a
c:\windows\System32\drivers\srv.sys
2009-01-14 15:15 . 2009-01-23 20:58 <DIR> d
c:\windows\System32\config\systemprofile\Tracing
2009-01-08 21:45 . 2009-01-24 21:52 <DIR> d
c:\program files\Microsoft Silverlight
2009-01-08 21:44 . 2008-12-08 17:01 55,264 --a
c:\windows\System32\drivers\fssfltr.sys
2009-01-08 21:41 . 2009-01-24 21:52 <DIR> d
c:\program files\Microsoft Sync Framework
2009-01-08 21:15 . 2009-01-08 21:15 <DIR> d
c:\program files\Windows Live SkyDrive
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-07 00:33
d
w c:\programdata\Symantec
2009-02-07 00:32
d
w c:\program files\Common Files\Symantec Shared
2009-02-05 21:50
d
w c:\program files\Lx_cats
2009-02-05 08:20
d
w c:\programdata\avg8
2009-02-05 08:17 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-05 08:17 10,520 ----a-w c:\windows\System32\avgrsstx.dll
2009-01-30 15:49 49,256 ----a-w c:\windows\system32\drivers\partmgr.sys
2009-01-25 12:17
d
w c:\program files\Common Files\Apple
2009-01-24 21:52
d
w c:\program files\Windows Live
2009-01-24 21:52
d
w c:\program files\Microsoft SQL Server Compact Edition
2009-01-15 15:35
d
w c:\program files\Windows Mail
2009-01-08 21:44
d
w c:\program files\Microsoft
2008-12-27 20:16
d
w c:\program files\Flock
2008-12-26 23:16 107,888 ----a-w c:\windows\System32\CmdLineExt.dll
2008-12-22 10:45
d
w c:\program files\Common Files\Adobe
2008-12-13 13:14 174 --sha-w c:\program files\desktop.ini
2008-12-12 11:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-12-12 11:11 61,440 ----a-w c:\windows\System32\dnssd.dll
2008-12-04 22:55 307,560 ----a-w c:\windows\WLXPGSS.SCR
2008-12-02 22:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-06-07 13:30 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-06-07 13:30 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-06-07 13:30 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2008-01-03 03:58 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-03 03:58 32,768 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-03 03:58 16,384 --sha-w c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-13 413696]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 c:\windows\System32\oobefldr.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-06-11 291760]
"lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-04-30 20480]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2006-11-29 262144]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-14 411768]
"TOSHIBA Volume Indicator"="c:\program files\Toshiba\Utilities\VolControl.exe" [2006-12-13 94208]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2006-12-13 554640]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2006-12-15 577536]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 815104]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2006-12-20 77824]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2006-12-14 493688]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"LXCFCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [2005-09-14 73728]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2007-05-04 312240]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-05 1601304]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2006-12-11 530552]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2008-12-08 453984]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-01 c:\windows\RtHDVCpl.exe]
"NDSTray.exe"="NDSTray.exe" [BU]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"!!372662BA-EABE-42AD-9DE9-DF9B67A5FB62}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"!!13E646D2-2A47-4665-AA1E-61881B82DE46}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D4917BB7-3043-4CF7-B67B-9923A0A78039}"= UDP:c:\windows\System32\lxcfcoms.exe:Lexmark Communications System
"!!4F849793-5E96-4596-A7DE-22E417AE14CA}"= TCP:c:\windows\System32\lxcfcoms.exe:Lexmark Communications System
"{DA2CFD56-D7B3-4F14-A6A8-94A82F4D233C}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxcfpswx.exe:Printer Status Window
"!!446A3D46-7DAE-416D-AE25-7B32C07C6CE8}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxcfpswx.exe:Printer Status Window
"!!9FE2D671-D991-4B60-8DC2-83D7E9ACD0FC}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"!!368A2AF2-A42C-4398-BF50-616A4958D054}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{FD444E5E-F1BC-4D97-A23D-F136DADE86C9}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"!!44F2BB0A-DF7E-4151-A9B1-26CC5B0985B9}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{ABD9300D-9DB4-4423-A946-BA83D4AEDAF1}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"!!8EB19CF7-845A-40A2-8428-2EB572370358}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"!!818577BE-9747-4B08-A5A8-36575D095B75}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"!!1E79B14D-7AD4-4AA4-8957-39851CFFE0F9}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{F5836A9B-7E20-4047-B742-57A65093145B}"= UDP:c:\windows\System32\lxddcoms.exe:Lexmark Communications System
"{A0A4F577-59B2-45E5-9AAF-5C6484172283}"= TCP:c:\windows\System32\lxddcoms.exe:Lexmark Communications System
"!!4CF7002E-E581-4145-AF0D-E6D5CAA706DA}"= UDP:c:\windows\System32\lxcfcoms.exe:Lexmark Communications System
"{D7D773B2-8E13-4D22-8253-F347356764A3}"= TCP:c:\windows\System32\lxcfcoms.exe:Lexmark Communications System
"!!3DF6594C-EC41-4175-8887-B9CEFD144A46}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxcfpswx.exe:Printer Status Window
"{D60C417F-5F80-4660-A13C-4A719FFEA622}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxcfpswx.exe:Printer Status Window
"{A5C8540B-BB3E-4535-BCB0-F3361ACB4D90}"= UDP:c:\windows\System32\lxddcoms.exe:Lexmark Communications System
"!!32AE848E-92A7-4CCF-A013-8B71C8341D20}"= TCP:c:\windows\System32\lxddcoms.exe:Lexmark Communications System
"{A90EAAB6-7BBA-4424-9460-88995C1B6671}"= UDP:c:\program files\Lexmark 2500 Series\lxddamon.exe:Lexmark Device Monitor
"!!3339909A-85E5-4D25-8430-B77FC177EB6A}"= TCP:c:\program files\Lexmark 2500 Series\lxddamon.exe:Lexmark Device Monitor
"!!602CD63E-CDDF-44C9-B6C5-E6C649A8EAE7}"= UDP:c:\program files\Lexmark 2500 Series\App4R.exe:Lexmark Imaging Studio
"!!9CC600CF-4BC5-4184-8043-91C3BCC52D22}"= TCP:c:\program files\Lexmark 2500 Series\App4R.exe:Lexmark Imaging Studio
"{ADEDB974-111F-4B24-873E-F0623EF9423C}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxddjswx.exe:
"!!24861670-C196-4B35-9F67-4DE636252D9F}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxddjswx.exe:
"{B7B89BF1-3CC4-45AC-9BC0-D12ED004CEF6}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxddtime.exe:
"{EF111AD2-6051-4266-89FF-86D1FFF3DD41}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxddtime.exe:
"{EAECAF0F-F470-4980-AD72-ACDA07F7A883}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxddpswx.exe:
"{F6DCD6D7-3D33-4281-863E-08D82E461180}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxddpswx.exe:
"!!303ACDBC-E273-4CE4-8495-E8D3979398B5}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxddwbgw.exe:
"{AE2E8087-960E-4FA1-9C16-63FC45E97DBC}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxddwbgw.exe:
"!!0CDAFFAC-75A1-454D-87D7-E58DEFB7CF57}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{A73A594A-2E47-4D10-8887-1748B33A9A73}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"!!858174A6-965A-4435-827D-87C5BDCAA202}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{D363EB19-10F1-44C4-B3D3-329C46DD8D72}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"!!8A9FE15D-30CF-44BA-A7CF-8BEA0E661672}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"!!292A69F8-4B33-4541-9377-DE928E6D36CA}"= UDP:c:\program files\Lexmark 2500 Series\lxddmon.exe:
"!!4AB5F390-3A9E-40F6-930A-8BB1386310D9}"= TCP:c:\program files\Lexmark 2500 Series\lxddmon.exe:
"{C9E148BC-8696-4477-86F0-6D755B053E43}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxddpswx.exe:
"!!8A2B13A6-F7C9-4D73-A507-F0D200B48C65}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxddpswx.exe:
"!!2E828F2F-50EF-45AF-B916-3400767D7A41}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxddjswx.exe:
"!!774D6230-E7A8-48C2-8119-30E579BA56A3}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxddjswx.exe:
"!!565A7BB4-8915-4490-A474-6F66644F14B5}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxddtime.exe:
"{F188E369-B1D7-4C70-9FF9-8228E9243493}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxddtime.exe:
"!!28E0C286-5621-44B5-BDB1-F1A710041E59}"= UDP:c:\users\TEMP.Jenny-PC.003\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"!!733E386A-49DE-4F65-B7A3-5A4A9A308858}"= TCP:c:\users\TEMP.Jenny-PC.003\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{F2438B70-73AC-43DE-82BC-D374A4E60A3E}"= UDP:c:\program files\Lexmark 2500 Series\lxddmon.exe:
"{F201899A-06B5-4813-BBCA-04C67872912B}"= TCP:c:\program files\Lexmark 2500 Series\lxddmon.exe:
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxddserv.exe [2007-05-25 99248]
R3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-02-05 325128]
S1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-02-05 107272]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-05 903960]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-05 298264]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe [2007-05-25 537520]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
--- Other Services/Drivers In Memory ---
*Deregistered* - FileInfo
*Deregistered* - FltMgr
*Deregistered* - fssfltr
*Deregistered* - HTTP
*Deregistered* - iScsiPrt
*Deregistered* - KSecDD
*Deregistered* - lltdio
*Deregistered* - luafv
*Deregistered* - MountMgr
*Deregistered* - mpsdrv
*Deregistered* - MRxDAV
*Deregistered* - mrxsmb
*Deregistered* - mrxsmb10
*Deregistered* - mrxsmb20
*Deregistered* - Msfs
*Deregistered* - msisadrv
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NativeWifiP
*Deregistered* - NDIS
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - netbt
*Deregistered* - Npfs
*Deregistered* - nsiproxy
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PEAUTH
*Deregistered* - PptpMiniport
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasPppoe
*Deregistered* - rdbss
*Deregistered* - RDPCDD
*Deregistered* - RDPENCDD
*Deregistered* - rspndr
*Deregistered* - secdrv
*Deregistered* - Smb
*Deregistered* - spldr
*Deregistered* - sptd
*Deregistered* - srv
*Deregistered* - srv2
*Deregistered* - srvnet
*Deregistered* - swenum
*Deregistered* - Tcpip
*Deregistered* - tcpipreg
*Deregistered* - tdx
*Deregistered* - TermDD
*Deregistered* - tunmp
*Deregistered* - tunnel
*Deregistered* - udfs
*Deregistered* - umbus
*Deregistered* - VgaSave
*Deregistered* - volmgr
*Deregistered* - volmgrx
*Deregistered* - volsnap
*Deregistered* - Wanarpv6
*Deregistered* - Wdf01000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
.
Supplementary Scan
.
IE: !!{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?EN
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-07 01:32:44
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i????????????? ???H?????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'Explorer.exe'(5168)
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
.
Completion time: 2009-02-07 1:44:26
ComboFix-quarantined-files.txt 2009-02-07 01:42:55
Pre-Run: 38,643,752,960 bytes free
Post-Run: 38,890,508,288 bytes free
295 --- E O F --- 2009-02-05 15:46:59Undergrad law student. Take my advice with a pinch of salt! :rotfl:0 -
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:21:07, on 07/02/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Lexmark 2500 Series\lxddmon.exe
C:\Program Files\Lexmark 2500 Series\lxddamon.exe
C:\Windows\tsnpstd3.exe
C:\Program Files\TOSHIBA\Utilities\VolControl.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\vsnpstd3.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - !!3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Family Safety Browser Helper - !!4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - !!5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - !!6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - !!9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: &Windows Live Toolbar - !!21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [TOSHIBA Volume Indicator] "C:\Program Files\Toshiba\Utilities\VolControl.exe"
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Blog This - !!219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - !!219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - !!92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?EN (file missing)
O13 - Gopher Prefix:
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUplden-gb.cab
O16 - DPF: !!67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcf_device - - C:\Windows\system32\lxcfcoms.exe
O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxddserv.exe
O23 - Service: lxdd_device - - C:\Windows\system32\lxddcoms.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 9363 bytesUndergrad law student. Take my advice with a pinch of salt! :rotfl:0 -
This stuff makes no sense to me - thank goodness for this board! Thank you!Undergrad law student. Take my advice with a pinch of salt! :rotfl:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.4K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards