1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Virus Heat 4.3 w/ the stack buffer overrun - blue screen

Discussion in 'Virus & Other Malware Removal' started by blaaaa, Mar 25, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. blaaaa

    blaaaa Thread Starter

    Joined:
    Mar 25, 2008
    Messages:
    6
    Hello forum.

    I think I'm one of some people here w/ the Virus Heat + the blue screen restart problem.
    Running here is Windows XP Pro (svc pack 2). I did install the latest Norton Internet Security 2008 right after I got it... but obviously it's not effective unless I'd remove the malwares.

    I can only run short period of time under safe mode to run scan etc. (but attempts of emptying trash bin failed with the blue screen.) Yet I managed to yield the following results from SmitFraudFix v2.308 & Deckard's System Scanner v20071014.68.

    I'll also pay attention to other posters w/ the similar situation... but decided to post anyway in case I have slightly different combination of files I may need to remove???
    (If any of you - experts find that I should simply follow exact the same solution for someone else, please let me know. Then, you can merge the problem together.)

    Thank you in advance for your great works!!

    blaa

    P.S. I'll post DSS scan result separately.

    -----------

    SmitFraudFix v2.308

    Scan done at 18:04:43.34, Tue 03/25/2008
    Run from C:\Documents and Settings\W. Bradford Paley\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in safe mode

    ªªªªªªªªªªªªªªªªªªªªªªªª SharedTaskScheduler Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{7d7bd0c4-4913-4933-b870-7388a7bffb82}"="figpecker"

    [HKEY_CLASSES_ROOT\CLSID\{7d7bd0c4-4913-4933-b870-7388a7bffb82}\InProcServer32]
    @="C:\WINDOWS\system32\lvhjtsa.dll"

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7d7bd0c4-4913-4933-b870-7388a7bffb82}\InProcServer32]
    @="C:\WINDOWS\system32\lvhjtsa.dll"


    ªªªªªªªªªªªªªªªªªªªªªªªª Killing process


    ªªªªªªªªªªªªªªªªªªªªªªªª hosts


    127.0.0.1 localhost

    ªªªªªªªªªªªªªªªªªªªªªªªª VACFix

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    ªªªªªªªªªªªªªªªªªªªªªªªª Winsock2 Fix

    S!Ri's WS2Fix: LSP not Found.


    ªªªªªªªªªªªªªªªªªªªªªªªª Generic Renos Fix

    GenericRenosFix by S!Ri


    ªªªªªªªªªªªªªªªªªªªªªªªª Deleting infected files


    ªªªªªªªªªªªªªªªªªªªªªªªª IEDFix

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    ªªªªªªªªªªªªªªªªªªªªªªªª DNS



    ªªªªªªªªªªªªªªªªªªªªªªªª Deleting Temp Files


    ªªªªªªªªªªªªªªªªªªªªªªªª Winlogon.System
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""


    ªªªªªªªªªªªªªªªªªªªªªªªª Registry Cleaning

    Registry Cleaning done.

    ªªªªªªªªªªªªªªªªªªªªªªªª SharedTaskScheduler After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{7d7bd0c4-4913-4933-b870-7388a7bffb82}"="figpecker"

    [HKEY_CLASSES_ROOT\CLSID\{7d7bd0c4-4913-4933-b870-7388a7bffb82}\InProcServer32]
    @="C:\WINDOWS\system32\lvhjtsa.dll"

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{7d7bd0c4-4913-4933-b870-7388a7bffb82}\InProcServer32]
    @="C:\WINDOWS\system32\lvhjtsa.dll"



    ªªªªªªªªªªªªªªªªªªªªªªªª Reboot

    C:\WINDOWS\system32\tdidrv32.sys Deleted
    C:\Program Files\Helper Deleted


    ªªªªªªªªªªªªªªªªªªªªªªªª End
     
  2. blaaaa

    blaaaa Thread Starter

    Joined:
    Mar 25, 2008
    Messages:
    6
    Here's the DSS result. (main.txt only. extra in a separate post.)

    ---------
    Deckard's System Scanner v20071014.68
    Run by W. Bradford Paley on 2008-03-25 18:09:35
    Computer is in Safe Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    System Restore is disabled; attempting to re-enable...failed; computer is in safe mode.


    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis (run as W. Bradford Paley.exe) -----------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:11:03 PM, on 3/25/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Safe mode

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SYSTEM32\WISPTIS.EXE
    C:\WINDOWS\System32\tabbtnu.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\W. Bradford Paley\Desktop\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\W. Bradford Paley.exe

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
    O2 - BHO: (no name) - {6860A44B-5D3E-433D-A7B5-D517F810D0E7} - (no file)
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
    O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
    O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
    O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
    O4 - HKLM\..\Run: [CrossMenu] C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
    O4 - HKLM\..\Run: [ThpSrv] thpsrv /logon
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
    O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
    O4 - HKLM\..\Run: [Kraidman] C:\Program Files\TOSHIBA\TOSHIBA RAID\Console\Kraidman.exe
    O4 - HKLM\..\Run: [TRot.exe] c:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe
    O4 - HKLM\..\Run: [PINGER] C:\TOSHIBA\IVP\ISM\pinger.exe /run
    O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
    O4 - HKLM\..\Run: [TAudEffect] C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe /run
    O4 - HKLM\..\Run: [TAcelMgr] C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe
    O4 - HKLM\..\Run: [TSkrMain] C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'Default user')
    O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: TosBtNP - C:\WINDOWS\SYSTEM32\TosBtNP.dll
    O20 - Winlogon Notify: TSigNP - C:\WINDOWS\SYSTEM32\TSigNP.dll
    O22 - SharedTaskScheduler: figpecker - {7d7bd0c4-4913-4933-b870-7388a7bffb82} - C:\WINDOWS\system32\lvhjtsa.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA RAID\Service\kraidsvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe
    O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
    O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)

    --
    End of file - 12107 bytes

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 Thpdrv (TOSHIBA HDD Protection Driver) - c:\windows\system32\drivers\thpdrv.sys <Not Verified; TOSHIBA Corporation; TOSHIBA HDD Protection>
    R0 TVALZ (TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver) - c:\windows\system32\drivers\tvalz.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Common Modules>
    R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
    R3 tdcmdpst (TOSHIBA Writing Engine Filter Driver) - c:\windows\system32\drivers\tdcmdpst.sys <Not Verified; TOSHIBA Corporation.; >
    R3 tosrfec (Bluetooth ACPI from TOSHIBA) - c:\windows\system32\drivers\tosrfec.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth EC Driver>

    S1 TMEI3E - c:\windows\system32\drivers\tmei3e.sys <Not Verified; Toshiba Corporation; Toshiba Mobile Extension>
    S2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.9.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.9.0>
    S2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
    S2 FdRedir - c:\program files\common files\protector suite ql\drivers\fdredir.sys <Not Verified; UPEK Inc.; Protector Suite QL>
    S2 FileDisk2 (FileDisk Protector Kernel Driver) - c:\program files\common files\protector suite ql\drivers\filedisk.sys <Not Verified; UPEK Inc.; Protector Suite QL>
    S2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
    S2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
    S2 smihlp (SMI helper driver) - c:\program files\protector suite ql\smihlp.sys <Not Verified; UPEK Inc.; Protector Suite QL>
    S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
    S3 TEchoCan (Toshiba Audio Effect) - c:\windows\system32\drivers\techocan.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Mic Effect>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    S2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
    S2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
    S2 kraidsvc (TOSHIBA RAID Service) - "c:\program files\toshiba\toshiba raid\service\kraidsvc.exe" <Not Verified; TOSHIBA Corporation; TOSHIBA RAID Service>
    S2 RegSrvc (Intel(R) PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel(R) PROSet/Wireless Registry Service>
    S2 Swupdtmr - c:\toshiba\ivp\swupdate\swupdtmr.exe
    S2 Thpsrv (TOSHIBA HDD Protection) - c:\windows\system32\thpsrv.exe <Not Verified; TOSHIBA Corporation; TOSHIBA HDD Protection>
    S2 Tmesrv (Tmesrv3) - "c:\program files\toshiba\tme3\tmesrv31.exe" /service <Not Verified; TOSHIBA; TOSHIBA MobileExtension Service>
    S2 TODDSrv (TOSHIBA Optical Disc Drive Service) - c:\windows\system32\toddsrv.exe <Not Verified; TOSHIBA Corporation; TDCSrv Application>
    S2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" (file missing)


    -- Device Manager: Disabled ----------------------------------------------------

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) PRO/Wireless 3945ABG Network Connection
    Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10408086&REV_02\4&2803E7C1&0&00E2
    Manufacturer: Intel Corporation
    Name: Intel(R) PRO/Wireless 3945ABG Network Connection
    PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10408086&REV_02\4&2803E7C1&0&00E2
    Service: w39n51


    -- Scheduled Tasks -------------------------------------------------------------

    2008-03-25 00:22:06 646 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - W. Bradford Paley.job
    2008-02-19 19:07:14 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2007-09-10 17:12:20 258 --a------ C:\WINDOWS\Tasks\Registration reminder 3.job
    2007-09-10 17:12:20 258 --a------ C:\WINDOWS\Tasks\Registration reminder 2.job
    2007-09-10 17:12:19 258 --a------ C:\WINDOWS\Tasks\Registration reminder 1.job


    -- Files created between 2008-02-25 and 2008-03-25 -----------------------------

    2008-03-25 18:01:58 7032 --a------ C:\WINDOWS\system32\tmp.reg
    2008-03-25 18:01:32 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-03-25 18:01:32 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
    2008-03-25 18:01:32 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
    2008-03-25 18:01:32 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
    2008-03-25 18:01:32 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
    2008-03-25 18:01:32 82432 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
    2008-03-25 18:01:32 51200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-03-25 17:55:59 0 d-------- C:\Program Files\Trend Micro
    2008-03-25 01:08:18 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-03-25 01:08:11 0 d-------- C:\Program Files\SUPERAntiSpyware
    2008-03-25 01:08:11 0 d-------- C:\Documents and Settings\W. Bradford Paley\Application Data\SUPERAntiSpyware.com
    2008-03-25 00:58:28 0 d-------- C:\WINDOWS\pss
    2008-03-25 00:16:13 0 d-------- C:\Documents and Settings\W. Bradford Paley\Application Data\Symantec
    2008-03-25 00:13:17 0 d-------- C:\Program Files\Windows Sidebar
    2008-03-25 00:11:32 0 d-------- C:\Program Files\Norton Internet Security
    2008-03-25 00:09:26 0 d-------- C:\Program Files\Symantec
    2008-03-25 00:09:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
    2008-03-25 00:06:53 0 d-------- C:\Program Files\Common Files\Symantec Shared
    2008-03-24 23:41:22 1239277 --a------ C:\MGtools.exe
    2008-03-24 18:26:16 0 d--hs---- C:\WINDOWS\CSC
    2008-03-24 17:33:53 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-03-17 18:13:22 0 d-------- C:\Program Files\CCleaner


    -- Find3M Report ---------------------------------------------------------------

    2008-03-25 00:35:56 0 d-------- C:\Program Files\Common Files
    2008-03-24 21:57:43 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-03-21 15:48:32 1327 --a------ C:\WINDOWS\mozver.dat
    2008-03-14 20:04:41 0 d-------- C:\Program Files\Quicken
    2008-02-19 19:09:00 0 d-------- C:\Program Files\QuickTime
    2008-02-19 19:07:12 0 d-------- C:\Program Files\Apple Software Update
    2008-02-19 17:58:13 0 d-------- C:\Program Files\Skype
    2008-02-19 17:58:11 0 d-------- C:\Program Files\Common Files\Skype


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    08/24/2007 11:51 PM 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6860A44B-5D3E-433D-A7B5-D517F810D0E7}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    03/25/2008 12:35 AM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [08/24/2007 11:51 PM 316784]

    [-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
    [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
    [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TabletWizard"="C:\WINDOWS\help\SplshWrp.exe" [08/04/2004 08:00 AM]
    "TabletTip"="C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" [04/25/2005 11:10 PM]
    "00THotkey"="C:\WINDOWS\system32\00THotkey.exe" [01/17/2006 05:00 AM]
    "CrossMenu"="C:\Program Files\Toshiba\CrossMenu\CrossMenu.exe" [09/20/2005 09:06 PM]
    "000StTHK"="000StTHK.exe" [06/24/2001 12:28 AM C:\WINDOWS\system32\000StTHK.exe]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [03/23/2004 10:40 AM]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [11/28/2005 01:55 AM]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [11/28/2005 01:52 AM]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [11/28/2005 01:55 AM]
    "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [08/17/2004 03:37 PM]
    "AGRSMMSG"="AGRSMMSG.exe" [10/14/2005 06:29 PM C:\WINDOWS\agrsmmsg.exe]
    "NDSTray.exe"="NDSTray.exe" []
    "TFncKy"="TFncKy.exe" []
    "ThpSrv"="thpsrv /logon" []
    "TFNF5"="TFNF5.exe" [11/09/2005 11:47 PM C:\WINDOWS\system32\TFNF5.exe]
    "TMESRV.EXE"="C:\Program Files\TOSHIBA\TME3\TMESRV31.exe" [12/14/2005 04:00 PM]
    "TMERzCtl.EXE"="C:\Program Files\TOSHIBA\TME3\TMERzCtl.exe" [12/20/2005 06:39 PM]
    "TPSMain"="TPSMain.exe" [12/15/2005 06:28 PM C:\WINDOWS\system32\TPSMain.exe]
    "TPSODDCtl"="TPSODDCtl.exe" [12/15/2005 06:28 PM C:\WINDOWS\system32\TPSODDCtl.exe]
    "Kraidman"="C:\Program Files\TOSHIBA\TOSHIBA RAID\Console\Kraidman.exe" [09/30/2005 01:47 PM]
    "TRot.exe"="c:\Program Files\TOSHIBA\TOSHIBA Rotation Utility\TRot.exe" [11/29/2005 08:37 PM]
    "PINGER"="C:\TOSHIBA\IVP\ISM\pinger.exe" [03/17/2005 09:37 PM]
    "TosHKCW.exe"="C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [05/17/2005 03:42 PM]
    "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [05/23/2005 08:21 PM]
    "TouchED"="C:\Program Files\TOSHIBA\TouchED\TouchED.Exe" [06/29/2005 12:43 AM]
    "TAudEffect"="C:\Program Files\TOSHIBA\TAudEffect\TAudEff.exe" [10/05/2005 04:33 PM]
    "TAcelMgr"="C:\Program Files\TOSHIBA\Acceleration Utilities\TAcelMgr\TAcelMgr.exe" [12/16/2004 03:56 PM]
    "TSkrMain"="C:\Program Files\TOSHIBA\Acceleration Utilities\Shaker\TSkrMain.exe" [06/30/2004 08:29 PM]
    "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [10/06/2005 09:20 AM]
    "PSQLLauncher"="C:\Program Files\Protector Suite QL\launcher.exe" [05/05/2006 08:36 PM]
    "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [12/05/2005 03:37 PM]
    "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [11/28/2005 02:41 PM]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM]
    "Acrobat Assistant 7.0"="C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [12/14/2004 03:12 AM]
    "@"="" []
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/04/2004 08:00 AM]
    "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [08/04/2004 08:00 AM]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [08/04/2004 08:00 AM]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 08:00 AM]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 08:00 AM]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/10/2008 04:27 PM]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [02/14/2008 11:01 AM]
    "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [08/25/2007 12:53 AM]
    "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
    "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [12/30/2004 04:32 AM]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [02/05/2000 08:10 AM]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/29/2008 04:03 PM]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "TabletWizard"=%windir%\help\wizard.hta

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [11/12/2007 8:47:15 AM]
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 8:16:50 PM]
    Billminder.lnk - C:\Program Files\Quicken\billmind.exe [9/20/2002 12:29:50 PM]
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 5:01:04 AM]
    QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [11/6/2007 5:40:54 PM]
    Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [9/20/2002 12:30:04 PM]
    Quicken Startup.lnk - C:\Program Files\Quicken\QWDLLS.EXE [9/20/2002 12:30:06 PM]
    RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [1/15/2006 12:49:44 AM]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{7d7bd0c4-4913-4933-b870-7388a7bffb82}"= C:\WINDOWS\system32\lvhjtsa.dll [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= C:\PROGRA~1\Qualcomm\Eudora\EuShlExt.dll [08/17/2006 02:57 PM 86016]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 12:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]
    C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll 08/04/2004 08:00 AM 47104 C:\Program Files\Common Files\Microsoft Shared\Ink\LoginKey.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
    psqlpwd.dll 05/05/2006 08:48 PM 40448 C:\WINDOWS\system32\psqlpwd.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]
    TabBtnWL.dll 08/29/2002 07:41 AM 11776 C:\WINDOWS\system32\tabbtnwl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TosBtNP]
    TosBtNP.dll 01/27/2006 03:49 PM 61440 C:\WINDOWS\system32\TosBtNP.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]
    tpgwlnot.dll 08/04/2004 08:00 AM 30208 C:\WINDOWS\system32\tpgwlnot.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TSigNP]
    TSigNP.dll 12/28/2005 02:05 AM 53248 C:\WINDOWS\system32\TSigNP.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Notification Packages"= scecli psqlpwd

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tdidrv32.sys]
    @="Driver"


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
    AutoRun\command- D:\CDSTART.EXE

    *Newly Created Service* - COMHOST



    -- End of Deckard's System Scanner: finished at 2008-03-25 18:11:26 ------------
     
  3. blaaaa

    blaaaa Thread Starter

    Joined:
    Mar 25, 2008
    Messages:
    6
    Here's DSS' extra.txt:

    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Professional (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: Genuine Intel(R) CPU T2600 @ 2.16GHz
    CPU 1: Genuine Intel(R) CPU T2600 @ 2.16GHz
    Percentage of Memory in Use: 13%
    Physical Memory (total/avail): 2038.85 MiB / 1768.65 MiB
    Pagefile Memory (total/avail): 3934.92 MiB / 3855.76 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1926.11 MiB

    A: is Removable (Unformatted)
    C: is Fixed (NTFS) - 85.31 GiB total, 53.63 GiB free.
    D: is CDROM (CDFS)
    E: is Removable (FAT32)

    \\.\PHYSICALDRIVE0 - TOSHIBA RAID LD0 SCSI Disk Device - 93.16 GiB - 2 partitions
    \PARTITION0 (bootable) - Installable File System - 85.31 GiB - C:
    \PARTITION1 - Unknown - 7.84 GiB

    \\.\PHYSICALDRIVE1 - USB DISK Pro USB Device - 494.19 MiB - 1 partition
    \PARTITION0 - Unknown - 494.16 MiB - E:



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    FirstRunDisabled is set.

    FW: Norton Internet Security v15.0.0.60 (Symantec Corporation)
    AV: Norton Internet Security v15.0.0.60 (Symantec Corporation)
    AV: v (McAfee) Disabled

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"="C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
    "C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"="C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"
    "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
    "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
    "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
    "C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
    "C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
    "C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
    "C:\\Program Files\\Common Files\\AOL\\1137343352\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1137343352\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
    "C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
    "C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
    "C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
    "C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
    "C:\\Program Files\\Intuit\\QuickBooks 2006\\QBDBMgrN.exe"="C:\\Program Files\\Intuit\\QuickBooks 2006\\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\W. Bradford Paley\Application Data
    ASLOGDIR=C:\Program Files\Intuit\QuickBooks 2006\
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=CAROLINGIAN
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\W. Bradford Paley
    LOGONSERVER=\\CAROLINGIAN
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=0e08
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
    SAFEBOOT_OPTION=MINIMAL
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\WA4E9~1.BRA\LOCALS~1\Temp
    TMP=C:\DOCUME~1\WA4E9~1.BRA\LOCALS~1\Temp
    USERDOMAIN=CAROLINGIAN
    USERNAME=W. Bradford Paley
    USERPROFILE=C:\Documents and Settings\W. Bradford Paley
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    User (admin)
    W. Bradford Paley (admin)
    Keiko (admin)
    Administrator (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
    --> msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
    --> msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
    --> MsiExec.exe /I{688A3383-3CE7-4094-9188-9C39D1E4FCB6}
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
    Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
    Adobe Creative Suite 2 --> C:\PROGRA~1\INSTAL~1\{0134A~1\setup.exe /relaunched/rootloc=d:\adobe creative suite 2.0/lang=0409
    Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
    Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
    Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
    Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
    Agilix GoBinder Lite --> MsiExec.exe /I{5E71102C-2CEB-4C8B-99D3-D33B9741EEDA}
    AIM 6 --> C:\Program Files\AIM6\uninst.exe
    ALPS Touch Pad Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL
    AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
    Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
    ccCommon --> MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
    CodeWarrior Development Tools for Windows, v8.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8248F80A-4337-49C5-BC45-ED8B0ED807B1}\setup.exe" -l0x9
    Component Framework --> MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
    DVD-RAM Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
    EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
    EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
    EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\Setup.exe" -l0x9 -anything
    Eudora --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D515BAF4-087E-4C78-A79D-F67BB4E5ED3F}\setup.exe" -l0x9
    getPlus(R)_dll --> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall
    Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
    Hard Disk Recovery Utilities --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Toshiba\Hard Disk Recovery Utilities\Uninst.isu"
    High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
    Intel(R) PRO Network Connections Drivers --> Prounstl.exe
    Intel(R) PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
    InterVideo WinDVD for TOSHIBA --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
    Java 2 Runtime Environment, SE v1.4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4588301-0A06-11D6-A761-00B0D079AF64}\Setup.exe"
    Java 2 SDK, SE v1.4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4588303-0A06-11D6-A761-00B0D079AF64}\Setup.exe" Anytext
    Java DB 10.2.2.0 --> MsiExec.exe /X{0ECB59D5-A3FC-4D61-AD3B-6CE679B3F852}
    Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) SE Development Kit 6 Update 3 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160030}
    LiveUpdate (Symantec Corporation) --> MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
    LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
    Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
    mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
    mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
    mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft Office XP Professional --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
    Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
    mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
    mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
    mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    MyConnect Special Offer --> MsiExec.exe /I{97D8751D-18A4-482B-9E9C-31DAD9BEC1EC}
    mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
    Norton AntiVirus --> MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
    Norton AntiVirus Help --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
    Norton Confidential Core --> MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
    Norton Internet Security --> MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D}
    Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_0_0_60\Setup.exe" /X
    Norton Protection Center --> MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
    Office 2003 Trial Assistant --> MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
    QuickBooks Pro 2006 --> msiexec.exe /I {688A3383-3CE7-4094-9188-9C39D1E4FCB6} UNIQUE_NAME="pro" QBFULLNAME="QuickBooks Pro 2006" ADDREMOVE=1
    Quicken 2003 Basic --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{88D0E768-CD6A-42A9-97F9-2B12CF740019} anything
    QuickTime --> MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
    RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
    SD Secure Module --> MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
    SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
    Skypeô 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
    Suite Specific --> MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
    Sun Download Manager 2.0 (web) --> C:\WINDOWS\system32\javaws.exe -uninstall -prompt "http://javadl-esd.sun.com/update/sdm20/sdm20.jnlp"
    SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
    Tablet PC Tutorials for Microsoft Windows XP SP2 --> MsiExec.exe /X{0CAD092C-5D1E-48AD-A845-E1EBA9AF1AF8}
    Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E18E644D-4FC1-4E7F-87B7-A0288A14A322} /l1033
    TOSHIBA Accelerometer Utilities --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Acceleration Utilities\Uninst.isu" -c"C:\Program Files\TOSHIBA\Acceleration Utilities\SETUPSUB.dll"
    TOSHIBA Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x9
    TOSHIBA Backup Utility V2.0.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{3DE593E0-D44C-4E73-9A02-E59B970265CD} /l1033
    TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
    TOSHIBA Controls --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x9 UNINSTALL
    TOSHIBA Display Devices Change Utility --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TDspBtn.inf,DefaultUninstall,5
    TOSHIBA HDD Protection --> MsiExec.exe /X{94A90C69-71C1-470A-88F5-AA47ECC96B40}
    TOSHIBA Hotkey Utility for Display Devices --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TFNF5Wxp.inf,DefaultUninstall,5
    TOSHIBA Mic Effect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0577A2AA-DEA0-4D40-8372-4211102D43E4}\Setup.exe"
    TOSHIBA Mobile Extension3 for Windows XP V3.78.00.XP --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\TME3\Uninst.isu" -c"C:\Program Files\TOSHIBA\TME3\uninstx.dll"
    TOSHIBA Password Utility --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C0FC3B56-E345-40CD-A5CB-7EB791CE3E74} /l1033
    TOSHIBA PC Diagnostic Tool --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
    TOSHIBA Power Saver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
    TOSHIBA RAID Utility --> MsiExec.exe /X{3E6FA9D9-D4CA-492B-AE98-83A2D853A355}
    TOSHIBA Rotation Utility --> MsiExec.exe /X{B7F4B477-8EA3-4028-B458-2AE5E4A9D853}
    TOSHIBA SD Memory Boot Utility --> MsiExec.exe /X{BBF5493A-05FB-4449-90DE-84A61EB78154}
    TOSHIBA SD Memory Card Format --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe"
    TOSHIBA Security Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}\setup.exe" -l0x9 -removeonly
    TOSHIBA Software Modem --> Tosmreg -U
    TOSHIBA Software Upgrades --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe"
    TOSHIBA Tablet Access Code Logon Utility V1.14.00 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\TSigReco\Uninst.isu" -c"C:\Program Files\TOSHIBA\TSigReco\TSigInst.dll"
    TOSHIBA TouchPad On/Off Utility V2.05.01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24300A63-DD78-4AA5-A914-4D582C41D33A}\Setup.exe" -uninst
    TOSHIBA Utilities --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{56190F69-01D3-46CA-9861-43377C5E9B87} /l1033
    TOSHIBA Wireless Key Logon --> MsiExec.exe /X{FC4C645F-8EBC-4F1E-A517-D1505B43A374}
    TOSHIBA Zooming Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe"
    Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
    Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
    Wireless Hotkey --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7862BAD8-A379-4128-8AA1-EFD5A9603C53}\setup.exe" -l0x9


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type1253 / Error
    Event Submitted/Written: 03/25/2008 06:11:13 PM
    Event ID/Source: 8 / crypt32
    Event Description:
    Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

    Event Record #/Type1252 / Error
    Event Submitted/Written: 03/25/2008 06:11:12 PM
    Event ID/Source: 8 / crypt32
    Event Description:
    Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

    Event Record #/Type1251 / Error
    Event Submitted/Written: 03/25/2008 06:11:12 PM
    Event ID/Source: 8 / crypt32
    Event Description:
    Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

    Event Record #/Type1250 / Error
    Event Submitted/Written: 03/25/2008 06:11:12 PM
    Event ID/Source: 8 / crypt32
    Event Description:
    Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

    Event Record #/Type1138 / Warning
    Event Submitted/Written: 03/25/2008 01:23:48 AM
    Event ID/Source: 1001 / MsiInstaller
    Event Description:
    Detection of product '{91110409-6000-11D3-8CFE-0050048383C9}', feature 'InternationalSupportFiles_JPN' failed during request for component '{D4C8BFFA-BF6F-11D1-843A-0000F807F120}'



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type1373 / Error
    Event Submitted/Written: 03/25/2008 06:08:49 PM
    Event ID/Source: 10005 / DCOM
    Event Description:
    DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
    in order to run the server:
    {A1F4E726-8CF1-11D1-BF92-0060081ED811}

    Event Record #/Type1372 / Error
    Event Submitted/Written: 03/25/2008 06:08:46 PM
    Event ID/Source: 7026 / Service Control Manager
    Event Description:
    The following boot-start or system-start driver(s) failed to load:
    AFD
    eeCtrl
    Fips
    intelppm
    IPSec
    MRxSmb
    NetBIOS
    NetBT
    RasAcd
    Rdbss
    SASDIFSV
    SASKUTIL
    SPBBCDrv
    SRTSPX
    SYMTDI
    Tcpip
    TMEI3E

    Event Record #/Type1371 / Error
    Event Submitted/Written: 03/25/2008 06:08:46 PM
    Event ID/Source: 7001 / Service Control Manager
    Event Description:
    The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
    %%31

    Event Record #/Type1370 / Error
    Event Submitted/Written: 03/25/2008 06:08:46 PM
    Event ID/Source: 7001 / Service Control Manager
    Event Description:
    The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
    %%31

    Event Record #/Type1369 / Error
    Event Submitted/Written: 03/25/2008 06:08:45 PM
    Event ID/Source: 7001 / Service Control Manager
    Event Description:
    The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
    %%31



    -- End of Deckard's System Scanner: finished at 2008-03-25 18:11:26 ------------
     
  4. blaaaa

    blaaaa Thread Starter

    Joined:
    Mar 25, 2008
    Messages:
    6
    I think I resolved the issue by running Malwarebytes' Anti-Malware 1.09, first. Then, the blue screen issue was a bit tamed - yet I had to stick with 'safe mode' until I followed through the process of XP cleaning suggested by majorgeeks.com (another great site offering many helps to rid of malwares.)
    CCCleaner > SUPERAntiSpyware > SpyBotS&D > Malwarebytes (again) > MGtools (to make sure)
    Up 'til I ran SUPERAntiSpyware, I couldn't run in normal mode w/o bumping into the blue screen. I also made internet connection minimum until after I finished with SpyBotS&D. (I've done all the net researches, downloads, and posting with my MacBook Pro running OSX 10.5.2.)

    Hoping 'that's it!' The PC laptop is pretty much running normal. - but if you'd like to take a look at the final (second) DSS log, I can post it here.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/697112

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice