Virus Heat 4.3 w/ the stack buffer overrun - blue screen

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

blaaaa

Thread Starter
Joined
Mar 25, 2008
Messages
6
Hello forum.

I think I'm one of some people here w/ the Virus Heat + the blue screen restart problem.
Running here is Windows XP Pro (svc pack 2). I did install the latest Norton Internet Security 2008 right after I got it... but obviously it's not effective unless I'd remove the malwares.

I can only run short period of time under safe mode to run scan etc. (but attempts of emptying trash bin failed with the blue screen.) Yet I managed to yield the following results from SmitFraudFix v2.308 & Deckard's System Scanner v20071014.68.

I'll also pay attention to other posters w/ the similar situation... but decided to post anyway in case I have slightly different combination of files I may need to remove???
(If any of you - experts find that I should simply follow exact the same solution for someone else, please let me know. Then, you can merge the problem together.)

Thank you in advance for your great works!!

blaa

P.S. I'll post DSS scan result separately.

-----------

SmitFraudFix v2.308

Scan done at 18:04:43.34, Tue 03/25/2008
Run from C:\Documents and Settings\W. Bradford Paley\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

ªªªªªªªªªªªªªªªªªªªªªªªª SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{7d7bd0c4-4913-4933-b870-7388a7bffb82}"="figpecker"

[HKEY_CLASSES_ROOT\CLSID\{7d7bd0c4-4913-4933-b870-7388a7bffb82}\InProcServer32]
@="C:\WINDOWS\system32\lvhjtsa.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7d7bd0c4-4913-4933-b870-7388a7bffb82}\InProcServer32]
@="C:\WINDOWS\system32\lvhjtsa.dll"


ªªªªªªªªªªªªªªªªªªªªªªªª Killing process


ªªªªªªªªªªªªªªªªªªªªªªªª hosts


127.0.0.1 localhost

ªªªªªªªªªªªªªªªªªªªªªªªª VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


ªªªªªªªªªªªªªªªªªªªªªªªª Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


ªªªªªªªªªªªªªªªªªªªªªªªª Generic Renos Fix

GenericRenosFix by S!Ri


ªªªªªªªªªªªªªªªªªªªªªªªª Deleting infected files


ªªªªªªªªªªªªªªªªªªªªªªªª IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


ªªªªªªªªªªªªªªªªªªªªªªªª DNS



ªªªªªªªªªªªªªªªªªªªªªªªª Deleting Temp Files


ªªªªªªªªªªªªªªªªªªªªªªªª Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


ªªªªªªªªªªªªªªªªªªªªªªªª Registry Cleaning

Registry Cleaning done.

ªªªªªªªªªªªªªªªªªªªªªªªª SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{7d7bd0c4-4913-4933-b870-7388a7bffb82}"="figpecker"

[HKEY_CLASSES_ROOT\CLSID\{7d7bd0c4-4913-4933-b870-7388a7bffb82}\InProcServer32]
@="C:\WINDOWS\system32\lvhjtsa.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7d7bd0c4-4913-4933-b870-7388a7bffb82}\InProcServer32]
@="C:\WINDOWS\system32\lvhjtsa.dll"



ªªªªªªªªªªªªªªªªªªªªªªªª Reboot

C:\WINDOWS\system32\tdidrv32.sys Deleted
C:\Program Files\Helper Deleted


ªªªªªªªªªªªªªªªªªªªªªªªª End
 

blaaaa

Thread Starter
Joined
Mar 25, 2008
Messages
6
Here's the DSS result. (main.txt only. extra in a separate post.)

---------
Deckard's System Scanner v20071014.68
Run by W. Bradford Paley on 2008-03-25 18:09:35
Computer is in Safe Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...failed; computer is in safe mode.


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as W. Bradford Paley.exe) -----------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:11:03 PM, on 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\W. Bradford Paley\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\W. Bradford Paley.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: (no name) - {6860A44B-5D3E-433D-A7B5-D517F810D0E7} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [CrossMenu] C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ThpSrv] thpsrv /logon
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM\..\Run: [Kraidman] C:\Program Files\TOSHIBA\TOSHIBA RAID\Console\Kraidman.exe
O4 - HKLM\..\Run: [TRot.exe] c:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe
O4 - HKLM\..\Run: [PINGER] C:\TOSHIBA\IVP\ISM\pinger.exe /run
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TAudEffect] C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe /run
O4 - HKLM\..\Run: [TAcelMgr] C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
O4 - HKLM\..\Run: [TSkrMain] C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: TosBtNP - C:\WINDOWS\SYSTEM32\TosBtNP.dll
O20 - Winlogon Notify: TSigNP - C:\WINDOWS\SYSTEM32\TSigNP.dll
O22 - SharedTaskScheduler: figpecker - {7d7bd0c4-4913-4933-b870-7388a7bffb82} - C:\WINDOWS\system32\lvhjtsa.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA RAID\Service\kraidsvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)

--
End of file - 12107 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 Thpdrv (TOSHIBA HDD Protection Driver) - c:\windows\system32\drivers\thpdrv.sys <Not Verified; TOSHIBA Corporation; TOSHIBA HDD Protection>
R0 TVALZ (TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver) - c:\windows\system32\drivers\tvalz.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Common Modules>
R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
R3 tdcmdpst (TOSHIBA Writing Engine Filter Driver) - c:\windows\system32\drivers\tdcmdpst.sys <Not Verified; TOSHIBA Corporation.; >
R3 tosrfec (Bluetooth ACPI from TOSHIBA) - c:\windows\system32\drivers\tosrfec.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth EC Driver>

S1 TMEI3E - c:\windows\system32\drivers\tmei3e.sys <Not Verified; Toshiba Corporation; Toshiba Mobile Extension>
S2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.9.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.9.0>
S2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
S2 FdRedir - c:\program files\common files\protector suite ql\drivers\fdredir.sys <Not Verified; UPEK Inc.; Protector Suite QL>
S2 FileDisk2 (FileDisk Protector Kernel Driver) - c:\program files\common files\protector suite ql\drivers\filedisk.sys <Not Verified; UPEK Inc.; Protector Suite QL>
S2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
S2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
S2 smihlp (SMI helper driver) - c:\program files\protector suite ql\smihlp.sys <Not Verified; UPEK Inc.; Protector Suite QL>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 TEchoCan (Toshiba Audio Effect) - c:\windows\system32\drivers\techocan.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Mic Effect>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
S2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
S2 kraidsvc (TOSHIBA RAID Service) - "c:\program files\toshiba\toshiba raid\service\kraidsvc.exe" <Not Verified; TOSHIBA Corporation; TOSHIBA RAID Service>
S2 RegSrvc (Intel(R) PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel(R) PROSet/Wireless Registry Service>
S2 Swupdtmr - c:\toshiba\ivp\swupdate\swupdtmr.exe
S2 Thpsrv (TOSHIBA HDD Protection) - c:\windows\system32\thpsrv.exe <Not Verified; TOSHIBA Corporation; TOSHIBA HDD Protection>
S2 Tmesrv (Tmesrv3) - "c:\program files\toshiba\tme3\tmesrv31.exe" /service <Not Verified; TOSHIBA; TOSHIBA MobileExtension Service>
S2 TODDSrv (TOSHIBA Optical Disc Drive Service) - c:\windows\system32\toddsrv.exe <Not Verified; TOSHIBA Corporation; TDCSrv Application>
S2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/Wireless 3945ABG Network Connection
Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10408086&REV_02\4&2803E7C1&0&00E2
Manufacturer: Intel Corporation
Name: Intel(R) PRO/Wireless 3945ABG Network Connection
PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10408086&REV_02\4&2803E7C1&0&00E2
Service: w39n51


-- Scheduled Tasks -------------------------------------------------------------

2008-03-25 00:22:06 646 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - W. Bradford Paley.job
2008-02-19 19:07:14 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-09-10 17:12:20 258 --a------ C:\WINDOWS\Tasks\Registration reminder 3.job
2007-09-10 17:12:20 258 --a------ C:\WINDOWS\Tasks\Registration reminder 2.job
2007-09-10 17:12:19 258 --a------ C:\WINDOWS\Tasks\Registration reminder 1.job


-- Files created between 2008-02-25 and 2008-03-25 -----------------------------

2008-03-25 18:01:58 7032 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-25 18:01:32 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-25 18:01:32 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-03-25 18:01:32 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-03-25 18:01:32 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-03-25 18:01:32 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-03-25 18:01:32 82432 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-03-25 18:01:32 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-25 17:55:59 0 d-------- C:\Program Files\Trend Micro
2008-03-25 01:08:18 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-25 01:08:11 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-25 01:08:11 0 d-------- C:\Documents and Settings\W. Bradford Paley\Application Data\SUPERAntiSpyware.com
2008-03-25 00:58:28 0 d-------- C:\WINDOWS\pss
2008-03-25 00:16:13 0 d-------- C:\Documents and Settings\W. Bradford Paley\Application Data\Symantec
2008-03-25 00:13:17 0 d-------- C:\Program Files\Windows Sidebar
2008-03-25 00:11:32 0 d-------- C:\Program Files\Norton Internet Security
2008-03-25 00:09:26 0 d-------- C:\Program Files\Symantec
2008-03-25 00:09:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-25 00:06:53 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-03-24 23:41:22 1239277 --a------ C:\MGtools.exe
2008-03-24 18:26:16 0 d--hs---- C:\WINDOWS\CSC
2008-03-24 17:33:53 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-17 18:13:22 0 d-------- C:\Program Files\CCleaner


-- Find3M Report ---------------------------------------------------------------

2008-03-25 00:35:56 0 d-------- C:\Program Files\Common Files
2008-03-24 21:57:43 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-21 15:48:32 1327 --a------ C:\WINDOWS\mozver.dat
2008-03-14 20:04:41 0 d-------- C:\Program Files\Quicken
2008-02-19 19:09:00 0 d-------- C:\Program Files\QuickTime
2008-02-19 19:07:12 0 d-------- C:\Program Files\Apple Software Update
2008-02-19 17:58:13 0 d-------- C:\Program Files\Skype
2008-02-19 17:58:11 0 d-------- C:\Program Files\Common Files\Skype


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
08/24/2007 11:51 PM 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6860A44B-5D3E-433D-A7B5-D517F810D0E7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
03/25/2008 12:35 AM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [08/24/2007 11:51 PM 316784]

[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TabletWizard"="C:\WINDOWS\help\SplshWrp.exe" [08/04/2004 08:00 AM]
"TabletTip"="C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" [04/25/2005 11:10 PM]
"00THotkey"="C:\WINDOWS\system32\00THotkey.exe" [01/17/2006 05:00 AM]
"CrossMenu"="C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe" [09/20/2005 09:06 PM]
"000StTHK"="000StTHK.exe" [06/24/2001 12:28 AM C:\WINDOWS\system32\000StTHK.exe]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [03/23/2004 10:40 AM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [11/28/2005 01:55 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [11/28/2005 01:52 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [11/28/2005 01:55 AM]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [08/17/2004 03:37 PM]
"AGRSMMSG"="AGRSMMSG.exe" [10/14/2005 06:29 PM C:\WINDOWS\agrsmmsg.exe]
"NDSTray.exe"="NDSTray.exe" []
"TFncKy"="TFncKy.exe" []
"ThpSrv"="thpsrv /logon" []
"TFNF5"="TFNF5.exe" [11/09/2005 11:47 PM C:\WINDOWS\system32\TFNF5.exe]
"TMESRV.EXE"="C:\Program Files\TOSHIBA\TME3\TMESRV31.exe" [12/14/2005 04:00 PM]
"TMERzCtl.EXE"="C:\Program Files\TOSHIBA\TME3\TMERzCtl.exe" [12/20/2005 06:39 PM]
"TPSMain"="TPSMain.exe" [12/15/2005 06:28 PM C:\WINDOWS\system32\TPSMain.exe]
"TPSODDCtl"="TPSODDCtl.exe" [12/15/2005 06:28 PM C:\WINDOWS\system32\TPSODDCtl.exe]
"Kraidman"="C:\Program Files\TOSHIBA\TOSHIBA RAID\Console\Kraidman.exe" [09/30/2005 01:47 PM]
"TRot.exe"="c:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe" [11/29/2005 08:37 PM]
"PINGER"="C:\TOSHIBA\IVP\ISM\pinger.exe" [03/17/2005 09:37 PM]
"TosHKCW.exe"="C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [05/17/2005 03:42 PM]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [05/23/2005 08:21 PM]
"TouchED"="C:\Program Files\TOSHIBA\TouchED\TouchED.Exe" [06/29/2005 12:43 AM]
"TAudEffect"="C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe" [10/05/2005 04:33 PM]
"TAcelMgr"="C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe" [12/16/2004 03:56 PM]
"TSkrMain"="C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe" [06/30/2004 08:29 PM]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [10/06/2005 09:20 AM]
"PSQLLauncher"="C:\Program Files\Protector Suite QL\launcher.exe" [05/05/2006 08:36 PM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [12/05/2005 03:37 PM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [11/28/2005 02:41 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [12/14/2004 03:12 AM]
"@"="" []
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/04/2004 08:00 AM]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [08/04/2004 08:00 AM]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [08/04/2004 08:00 AM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 08:00 AM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 08:00 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/10/2008 04:27 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [02/14/2008 11:01 AM]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [08/25/2007 12:53 AM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [12/30/2004 04:32 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [02/05/2000 08:10 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/29/2008 04:03 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"TabletWizard"=%windir%\help\wizard.hta

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [11/12/2007 8:47:15 AM]
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 8:16:50 PM]
Billminder.lnk - C:\Program Files\Quicken\billmind.exe [9/20/2002 12:29:50 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 5:01:04 AM]
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [11/6/2007 5:40:54 PM]
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [9/20/2002 12:30:04 PM]
Quicken Startup.lnk - C:\Program Files\Quicken\QWDLLS.EXE [9/20/2002 12:30:06 PM]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [1/15/2006 12:49:44 AM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{7d7bd0c4-4913-4933-b870-7388a7bffb82}"= C:\WINDOWS\system32\lvhjtsa.dll [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= C:\PROGRA~1\Qualcomm\Eudora\EuShlExt.dll [08/17/2006 02:57 PM 86016]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 12:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]
C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll 08/04/2004 08:00 AM 47104 C:\Program Files\Common Files\Microsoft Shared\Ink\LoginKey.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
psqlpwd.dll 05/05/2006 08:48 PM 40448 C:\WINDOWS\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]
TabBtnWL.dll 08/29/2002 07:41 AM 11776 C:\WINDOWS\system32\tabbtnwl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TosBtNP]
TosBtNP.dll 01/27/2006 03:49 PM 61440 C:\WINDOWS\system32\TosBtNP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]
tpgwlnot.dll 08/04/2004 08:00 AM 30208 C:\WINDOWS\system32\tpgwlnot.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TSigNP]
TSigNP.dll 12/28/2005 02:05 AM 53248 C:\WINDOWS\system32\TSigNP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tdidrv32.sys]
@="Driver"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- D:\CDSTART.EXE

*Newly Created Service* - COMHOST



-- End of Deckard's System Scanner: finished at 2008-03-25 18:11:26 ------------
 

blaaaa

Thread Starter
Joined
Mar 25, 2008
Messages
6
Here's DSS' extra.txt:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Genuine Intel(R) CPU T2600 @ 2.16GHz
CPU 1: Genuine Intel(R) CPU T2600 @ 2.16GHz
Percentage of Memory in Use: 13%
Physical Memory (total/avail): 2038.85 MiB / 1768.65 MiB
Pagefile Memory (total/avail): 3934.92 MiB / 3855.76 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1926.11 MiB

A: is Removable (Unformatted)
C: is Fixed (NTFS) - 85.31 GiB total, 53.63 GiB free.
D: is CDROM (CDFS)
E: is Removable (FAT32)

\\.\PHYSICALDRIVE0 - TOSHIBA RAID LD0 SCSI Disk Device - 93.16 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 85.31 GiB - C:
\PARTITION1 - Unknown - 7.84 GiB

\\.\PHYSICALDRIVE1 - USB DISK Pro USB Device - 494.19 MiB - 1 partition
\PARTITION0 - Unknown - 494.16 MiB - E:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: Norton Internet Security v15.0.0.60 (Symantec Corporation)
AV: Norton Internet Security v15.0.0.60 (Symantec Corporation)
AV: v (McAfee) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
"C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"="C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"="C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1137343352\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1137343352\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\Intuit\\QuickBooks 2006\\QBDBMgrN.exe"="C:\\Program Files\\Intuit\\QuickBooks 2006\\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\W. Bradford Paley\Application Data
ASLOGDIR=C:\Program Files\Intuit\QuickBooks 2006\
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=CAROLINGIAN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\W. Bradford Paley
LOGONSERVER=\\CAROLINGIAN
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SAFEBOOT_OPTION=MINIMAL
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\WA4E9~1.BRA\LOCALS~1\Temp
TMP=C:\DOCUME~1\WA4E9~1.BRA\LOCALS~1\Temp
USERDOMAIN=CAROLINGIAN
USERNAME=W. Bradford Paley
USERPROFILE=C:\Documents and Settings\W. Bradford Paley
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

User (admin)
W. Bradford Paley (admin)
Keiko (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
--> msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
--> msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
--> MsiExec.exe /I{688A3383-3CE7-4094-9188-9C39D1E4FCB6}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Creative Suite 2 --> C:\PROGRA~1\INSTAL~1\{0134A~1\setup.exe /relaunched/rootloc=d:\adobe creative suite 2.0/lang=0409
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Agilix GoBinder Lite --> MsiExec.exe /I{5E71102C-2CEB-4C8B-99D3-D33B9741EEDA}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
ALPS Touch Pad Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
ccCommon --> MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
CodeWarrior Development Tools for Windows, v8.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8248F80A-4337-49C5-BC45-ED8B0ED807B1}\setup.exe" -l0x9
Component Framework --> MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
DVD-RAM Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\Setup.exe" -l0x9 -anything
Eudora --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D515BAF4-087E-4C78-A79D-F67BB4E5ED3F}\setup.exe" -l0x9
getPlus(R)_dll --> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Hard Disk Recovery Utilities --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Toshiba\Hard Disk Recovery Utilities\Uninst.isu"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) PRO Network Connections Drivers --> Prounstl.exe
Intel(R) PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD for TOSHIBA --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java 2 Runtime Environment, SE v1.4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4588301-0A06-11D6-A761-00B0D079AF64}\Setup.exe"
Java 2 SDK, SE v1.4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4588303-0A06-11D6-A761-00B0D079AF64}\Setup.exe" Anytext
Java DB 10.2.2.0 --> MsiExec.exe /X{0ECB59D5-A3FC-4D61-AD3B-6CE679B3F852}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Development Kit 6 Update 3 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160030}
LiveUpdate (Symantec Corporation) --> MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Office XP Professional --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
MyConnect Special Offer --> MsiExec.exe /I{97D8751D-18A4-482B-9E9C-31DAD9BEC1EC}
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Norton AntiVirus --> MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
Norton AntiVirus Help --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Confidential Core --> MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
Norton Internet Security --> MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D}
Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_0_0_60\Setup.exe" /X
Norton Protection Center --> MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
Office 2003 Trial Assistant --> MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
QuickBooks Pro 2006 --> msiexec.exe /I {688A3383-3CE7-4094-9188-9C39D1E4FCB6} UNIQUE_NAME="pro" QBFULLNAME="QuickBooks Pro 2006" ADDREMOVE=1
Quicken 2003 Basic --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{88D0E768-CD6A-42A9-97F9-2B12CF740019} anything
QuickTime --> MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
SD Secure Module --> MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Skypeô 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Suite Specific --> MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
Sun Download Manager 2.0 (web) --> C:\WINDOWS\system32\javaws.exe -uninstall -prompt "http://javadl-esd.sun.com/update/sdm20/sdm20.jnlp"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Tablet PC Tutorials for Microsoft Windows XP SP2 --> MsiExec.exe /X{0CAD092C-5D1E-48AD-A845-E1EBA9AF1AF8}
Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E18E644D-4FC1-4E7F-87B7-A0288A14A322} /l1033
TOSHIBA Accelerometer Utilities --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Acceleration Utilities\Uninst.isu" -c"C:\Program Files\TOSHIBA\Acceleration Utilities\SETUPSUB.dll"
TOSHIBA Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x9
TOSHIBA Backup Utility V2.0.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{3DE593E0-D44C-4E73-9A02-E59B970265CD} /l1033
TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
TOSHIBA Controls --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Display Devices Change Utility --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TDspBtn.inf,DefaultUninstall,5
TOSHIBA HDD Protection --> MsiExec.exe /X{94A90C69-71C1-470A-88F5-AA47ECC96B40}
TOSHIBA Hotkey Utility for Display Devices --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TFNF5Wxp.inf,DefaultUninstall,5
TOSHIBA Mic Effect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0577A2AA-DEA0-4D40-8372-4211102D43E4}\Setup.exe"
TOSHIBA Mobile Extension3 for Windows XP V3.78.00.XP --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\TME3\Uninst.isu" -c"C:\Program Files\TOSHIBA\TME3\uninstx.dll"
TOSHIBA Password Utility --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C0FC3B56-E345-40CD-A5CB-7EB791CE3E74} /l1033
TOSHIBA PC Diagnostic Tool --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
TOSHIBA Power Saver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
TOSHIBA RAID Utility --> MsiExec.exe /X{3E6FA9D9-D4CA-492B-AE98-83A2D853A355}
TOSHIBA Rotation Utility --> MsiExec.exe /X{B7F4B477-8EA3-4028-B458-2AE5E4A9D853}
TOSHIBA SD Memory Boot Utility --> MsiExec.exe /X{BBF5493A-05FB-4449-90DE-84A61EB78154}
TOSHIBA SD Memory Card Format --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe"
TOSHIBA Security Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}\setup.exe" -l0x9 -removeonly
TOSHIBA Software Modem --> Tosmreg -U
TOSHIBA Software Upgrades --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe"
TOSHIBA Tablet Access Code Logon Utility V1.14.00 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\TSigReco\Uninst.isu" -c"C:\Program Files\TOSHIBA\TSigReco\TSigInst.dll"
TOSHIBA TouchPad On/Off Utility V2.05.01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24300A63-DD78-4AA5-A914-4D582C41D33A}\Setup.exe" -uninst
TOSHIBA Utilities --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{56190F69-01D3-46CA-9861-43377C5E9B87} /l1033
TOSHIBA Wireless Key Logon --> MsiExec.exe /X{FC4C645F-8EBC-4F1E-A517-D1505B43A374}
TOSHIBA Zooming Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe"
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Wireless Hotkey --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7862BAD8-A379-4128-8AA1-EFD5A9603C53}\setup.exe" -l0x9


-- Application Event Log -------------------------------------------------------

Event Record #/Type1253 / Error
Event Submitted/Written: 03/25/2008 06:11:13 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type1252 / Error
Event Submitted/Written: 03/25/2008 06:11:12 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type1251 / Error
Event Submitted/Written: 03/25/2008 06:11:12 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type1250 / Error
Event Submitted/Written: 03/25/2008 06:11:12 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Event Record #/Type1138 / Warning
Event Submitted/Written: 03/25/2008 01:23:48 AM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{91110409-6000-11D3-8CFE-0050048383C9}', feature 'InternationalSupportFiles_JPN' failed during request for component '{D4C8BFFA-BF6F-11D1-843A-0000F807F120}'



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type1373 / Error
Event Submitted/Written: 03/25/2008 06:08:49 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Event Record #/Type1372 / Error
Event Submitted/Written: 03/25/2008 06:08:46 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
eeCtrl
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
SASDIFSV
SASKUTIL
SPBBCDrv
SRTSPX
SYMTDI
Tcpip
TMEI3E

Event Record #/Type1371 / Error
Event Submitted/Written: 03/25/2008 06:08:46 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Event Record #/Type1370 / Error
Event Submitted/Written: 03/25/2008 06:08:46 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

Event Record #/Type1369 / Error
Event Submitted/Written: 03/25/2008 06:08:45 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31



-- End of Deckard's System Scanner: finished at 2008-03-25 18:11:26 ------------
 

blaaaa

Thread Starter
Joined
Mar 25, 2008
Messages
6
I think I resolved the issue by running Malwarebytes' Anti-Malware 1.09, first. Then, the blue screen issue was a bit tamed - yet I had to stick with 'safe mode' until I followed through the process of XP cleaning suggested by majorgeeks.com (another great site offering many helps to rid of malwares.)
CCCleaner > SUPERAntiSpyware > SpyBotS&D > Malwarebytes (again) > MGtools (to make sure)
Up 'til I ran SUPERAntiSpyware, I couldn't run in normal mode w/o bumping into the blue screen. I also made internet connection minimum until after I finished with SpyBotS&D. (I've done all the net researches, downloads, and posting with my MacBook Pro running OSX 10.5.2.)

Hoping 'that's it!' The PC laptop is pretty much running normal. - but if you'd like to take a look at the final (second) DSS log, I can post it here.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top