 Ultimate Defender, Ultimate Cleaner, Winifixer, Don't know how to Remove it. |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
 Apr 29 2008, 08:29 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 12 Joined: 29-April 08 Member No.: 206,158  |
Hey guys, I'm Panda.
I'm not really sure if i have Ultimate Defender, Ultimate Cleaner, and WinIFixer. Although there's a shortcut for each of them on my desktop. I also get pop-ups that for example say something like my computer is not safe and a window screen like this:  My Laptop is a Toshiba and runs on Windows XP. I used disk cleanup and it didn't really do anything. I also ran my antivirus program called Symantec Antivirus but it didn't detect anything that was wrong with the computer. I've also downloaded smitfraudfix and vundofix already. Here are the DSS Reports: Deckard's System Scanner v20071014.68 Run by Carol on 2008-04-29 21:11:14 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 3 Restore Point(s) -- 3: 2008-04-30 01:11:24 UTC - RP405 - Deckard's System Scanner Restore Point 2: 2008-04-29 23:10:30 UTC - RP404 - Installed Java™ 6 Update 5 1: 2008-04-28 14:29:02 UTC - RP403 - System Checkpoint Backed up registry hives. Performed disk cleanup. Total Physical Memory: 447 MiB (512 MiB recommended). -- HijackThis (run as Carol.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:12:44 PM, on 4/29/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\lxcycoms.exe C:\WINDOWS\system32\svchost.exe c:\TOSHIBA\IVP\swupdate\swupdtmr.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\cjb\cjb8.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\RAMASST.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\Carol\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Carol.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart R3 - Default URLSearchHook is missing O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll O2 - BHO: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - iSecurity.cpl (file missing) O2 - BHO: VideoInput - {AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4} - C:\WINDOWS\korad.dll (file missing) O2 - BHO: CIEObjectObj Object - {CA13D72F-2DAC-4D99-B08D-C5EA1C920E89} - C:\WINDOWS\IECodecPlg.dll O2 - BHO: IE - {D83A7B12-A4D4-4984-8F72-D41C6B4C1E6E} - C:\Program Files\eSoftware\studio.dll O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [dmsjb.exe] C:\WINDOWS\system32\dmsjb.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [cjb] C:\Program Files\cjb\cjb8.exe O4 - HKLM\..\Run: [iSecurity applet] rundll32.exe iSecurity.cpl,SecurityMonitor O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Carol\Start Menu\Programs\EuroTalk Interactive\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart O15 - Trusted Zone: http://mobile.coair.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1A734B13-7935-493E-84DC-1C812FD707F8}: NameServer = 85.255.113.92,85.255.112.195 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.195 O17 - HKLM\System\CS1\Services\Tcpip\..\{1A734B13-7935-493E-84DC-1C812FD707F8}: NameServer = 85.255.113.92,85.255.112.195 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.92 85.255.112.195 O20 - AppInit_DLLs: iSecurity.cpl O21 - SSODL: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - iSecurity.cpl (file missing) O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 10704 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsubleepa Electric Industrial Co.,Ltd.; > R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.2.0.3) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3> R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol> R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell> R3 TVALD (Toshiba Mobile PC Service) - c:\windows\system32\drivers\nbsmi.sys <Not Verified; Toshiba Corporation; Toshiba Notebook PC SMI Service> R3 Tvs (TOSHIBA Virtual Sound with SRS technologies) - c:\windows\system32\drivers\tvs.sys <Not Verified; TOSHIBA Corporation; Audio Filter> S3 npkcrypt - c:\program files\qro\qro full patch\npkcrypt.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 ACS (Atheros Configuration Service) - c:\windows\system32\acs.exe R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service> R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree™> R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsubleepa Electric Industrial Co., Ltd.; > R2 Swupdtmr - c:\toshiba\ivp\swupdate\swupdtmr.exe R2 TAPPSRV (TOSHIBA Application Service) - "c:\program files\toshiba\toshiba applet\tappsrv.exe" <Not Verified; TOSHIBA Corp.; TOSHIBA TAPPSRV> R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-04-23 12:20:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2008-03-29 and 2008-04-29 ----------------------------- 2008-04-29 21:12:26 0 d-------- C:\Program Files\Trend Micro 2008-04-29 21:06:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-04-29 21:06:47 0 d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-04-29 21:06:46 0 d-------- C:\WINDOWS\LastGood 2008-04-29 20:06:50 82944 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix> 2008-04-29 19:19:32 0 d-------- C:\VundoFix Backups 2008-04-28 10:57:13 48 --a------ C:\smp.bat 2008-04-28 08:58:08 0 d-------- C:\Program Files\Microsoft Silverlight 2008-04-19 21:06:17 0 d-------- C:\WINDOWS\pss 2008-04-19 20:31:20 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix> 2008-04-19 20:31:19 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-04-19 20:31:19 82432 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix> 2008-04-19 20:31:18 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; > 2008-04-19 20:31:17 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS> 2008-04-19 20:31:17 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility> 2008-04-19 20:31:17 51200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-04-19 20:19:07 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data\Intuit 2008-04-19 20:19:07 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data\Identities 2008-04-19 20:19:07 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data\ATI 2008-04-19 20:19:07 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data\AOL 2008-04-19 20:19:07 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data\Adobe 2008-04-19 20:19:06 0 d--h----- C:\Documents and Settings\Administrator.RCPAGADUAN\Local Settings 2008-04-19 20:19:06 0 dr------- C:\Documents and Settings\Administrator.RCPAGADUAN\Favorites 2008-04-19 20:19:06 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\Desktop 2008-04-19 20:19:06 0 d--hs---- C:\Documents and Settings\Administrator.RCPAGADUAN\Cookies 2008-04-19 20:19:06 0 dr-h----- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data 2008-04-19 20:19:06 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data\You've Got Pictures Screensaver 2008-04-19 20:19:06 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data\toshiba 2008-04-19 20:19:06 0 d---s---- C:\Documents and Settings\Administrator.RCPAGADUAN\Application Data\Microsoft 2008-04-19 20:19:05 0 d-------- C:\Documents and Settings\Administrator.RCPAGADUAN\WINDOWS 2008-04-19 20:19:05 0 d--h----- C:\Documents and Settings\Administrator.RCPAGADUAN\Templates 2008-04-19 20:19:05 0 dr------- C:\Documents and Settings\Administrator.RCPAGADUAN\Start Menu 2008-04-19 20:19:05 0 dr-h----- C:\Documents and Settings\Administrator.RCPAGADUAN\SendTo 2008-04-19 20:19:05 0 dr-h----- C:\Documents and Settings\Administrator.RCPAGADUAN\Recent 2008-04-19 20:19:05 0 d--h----- C:\Documents and Settings\Administrator.RCPAGADUAN\PrintHood 2008-04-19 20:19:05 0 d--h----- C:\Documents and Settings\Administrator.RCPAGADUAN\NetHood 2008-04-19 20:19:05 0 dr------- C:\Documents and Settings\Administrator.RCPAGADUAN\My Documents 2008-04-19 20:19:02 1310720 --ah----- C:\Documents and Settings\Administrator.RCPAGADUAN\NTUSER.DAT 2008-04-19 19:32:35 0 dr------- C:\Documents and Settings\Administrator\Favorites 2008-04-19 19:32:35 0 d-------- C:\Documents and Settings\Administrator\Desktop 2008-04-19 19:32:35 0 d---s---- C:\Documents and Settings\Administrator\Cookies 2008-04-19 19:32:35 0 dr-h----- C:\Documents and Settings\Administrator\Application Data 2008-04-19 19:32:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver 2008-04-19 19:32:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\toshiba 2008-04-19 19:32:35 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft 2008-04-19 19:32:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Intuit 2008-04-19 19:32:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities 2008-04-19 19:32:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\ATI 2008-04-19 19:32:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\AOL 2008-04-19 19:32:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe 2008-04-19 19:32:34 0 d-------- C:\Documents and Settings\Administrator\WINDOWS 2008-04-19 19:32:34 0 d--h----- C:\Documents and Settings\Administrator\Templates 2008-04-19 19:32:34 0 dr------- C:\Documents and Settings\Administrator\Start Menu 2008-04-19 19:32:34 0 dr-h----- C:\Documents and Settings\Administrator\SendTo 2008-04-19 19:32:34 0 dr-h----- C:\Documents and Settings\Administrator\Recent 2008-04-19 19:32:34 0 d--h----- C:\Documents and Settings\Administrator\PrintHood 2008-04-19 19:32:34 0 d--h----- C:\Documents and Settings\Administrator\NetHood 2008-04-19 19:32:34 0 dr------- C:\Documents and Settings\Administrator\My Documents 2008-04-19 19:32:34 0 d--h----- C:\Documents and Settings\Administrator\Local Settings 2008-04-19 19:32:30 1310720 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT 2008-04-19 09:36:45 0 d-------- C:\Program Files\PhotoFiltre 2008-04-18 15:54:40 0 d-------- C:\Documents and Settings\Carol\Application Data\WinIFixer.com 2008-04-18 10:47:48 0 d-------- C:\Program Files\IE Extensions 2008-04-18 10:47:48 0 d-------- C:\Program Files\cjb 2008-04-18 10:47:41 0 d-------- C:\Program Files\iSecurity 2008-04-18 07:51:05 0 d-------- C:\Program Files\Gravity 2008-04-02 12:43:21 0 d-------- C:\Program Files\Safari 2008-04-02 12:34:24 0 d-------- C:\Program Files\iPod -- Find3M Report --------------------------------------------------------------- 2008-04-29 20:56:37 0 d-------- C:\Program Files\Symantec AntiVirus 2008-04-29 20:44:23 4444 --a------ C:\WINDOWS\system32\tmp.reg 2008-04-29 19:14:46 0 d-------- C:\Program Files\Java 2008-04-28 18:10:39 0 d-------- C:\Program Files\lx_cats 2008-04-28 17:21:04 0 d-------- C:\Program Files\Common Files 2008-04-28 15:55:54 0 d-------- C:\Program Files\DivX 2008-04-28 15:54:36 0 d-------- C:\Program Files\Common Files\Real 2008-04-28 06:26:52 0 d-------- C:\Program Files\GatheringRO 2008-04-26 23:16:32 0 d-------- C:\Documents and Settings\Carol\Application Data\U3 2008-04-18 15:31:54 0 d-------- C:\Program Files\LimeWire 2008-04-18 07:54:08 0 d-------- C:\Documents and Settings\Carol\Application Data\LimeWire 2008-04-11 05:00:35 0 d-------- C:\Documents and Settings\Carol\Application Data\toshiba 2008-04-08 12:21:16 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-04-02 22:25:03 0 d-------- C:\Documents and Settings\Carol\Application Data\Apple Computer 2008-04-02 12:35:10 0 d-------- C:\Program Files\iTunes 2008-03-30 08:23:25 0 d-------- C:\Program Files\Windows Media Connect 2 2008-03-26 11:31:51 0 d-------- C:\Documents and Settings\Carol\Application Data\uTorrent 2008-03-24 09:34:38 0 d-------- C:\Program Files\Zune 2008-03-24 09:34:03 0 d-------- C:\Program Files\DIFX 2008-03-24 09:33:56 0 d-------- C:\Program Files\Common Files\ComponentOne 2008-03-24 06:39:31 0 d-------- C:\Documents and Settings\Carol\Application Data\IMVU 2008-03-14 21:06:46 0 d-------- C:\Program Files\Viewpoint 2008-03-14 21:06:43 0 d-------- C:\Program Files\Common Files\Viewpoint 2008-03-11 17:47:05 0 d-------- C:\Program Files\eSoftware 2008-03-05 01:05:05 0 d--h----- C:\Documents and Settings\Carol\Application Data\ijjigame 2008-02-29 01:39:24 0 d-------- C:\Program Files\WinBudget -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8311E8F-E459-4D22-89B4-CB9DCF10A425}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}] C:\WINDOWS\korad.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CA13D72F-2DAC-4D99-B08D-C5EA1C920E89}] 12/01/2005 07:39 PM 113152 --a------ C:\WINDOWS\IECodecPlg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D83A7B12-A4D4-4984-8F72-D41C6B4C1E6E}] 03/11/2008 05:45 PM 282636 --a------ C:\Program Files\eSoftware\studio.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [11/10/2005 03:14 PM C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [05/03/2005 10:43 PM C:\WINDOWS\Alcmtr.exe] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [02/27/2008 01:54 AM] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [02/27/2008 01:54 AM] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [02/27/2008 01:54 AM] "THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [02/27/2008 01:54 AM] "NDSTray.exe"="NDSTray.exe" [] "Tvs"="C:\Program Files\Toshiba\Tvs\TvsTray.exe" [02/27/2008 01:54 AM] "AGRSMMSG"="AGRSMMSG.exe" [10/15/2005 10:29 AM C:\WINDOWS\agrsmmsg.exe] "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [02/27/2008 01:54 AM] "TFncKy"="TFncKy.exe" [] "TPSMain"="TPSMain.exe" [06/01/2005 01:00 AM C:\WINDOWS\system32\TPSMain.exe] "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [02/27/2008 01:54 AM] "SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [02/27/2008 01:54 AM] "Pinger"="c:\toshiba\ivp\ism\pinger.exe" [02/27/2008 01:54 AM] "CFSServ.exe"="CFSServ.exe" [] "dmsjb.exe"="C:\WINDOWS\system32\dmsjb.exe" [] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [02/27/2008 01:54 AM] "vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [02/27/2008 01:54 AM] "lxcymon.exe"="C:\Program Files\Lexmark 3400 Series\lxcymon.exe" [02/27/2008 01:54 AM] "EzPrint"="C:\Program Files\Lexmark 3400 Series\ezprint.exe" [02/27/2008 01:54 AM] "FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [02/27/2008 01:54 AM] "LXCYCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll" [11/21/2006 01:27 PM] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [02/27/2008 01:54 AM] "Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" [10/31/2006 02:34 PM] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/19/2008 01:10 PM] "cjb"="C:\Program Files\cjb\cjb8.exe" [04/18/2008 10:47 AM] "iSecurity applet"="iSecurity.cpl" [04/18/2008 10:47 AM C:\WINDOWS\system32\iSecurity.cpl] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM] "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [02/27/2008 01:54 AM] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [02/27/2008 01:54 AM] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM] RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [11/4/2005 11:20:51 PM] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "iSecurity"= {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - iSecurity.cpl [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "System"="csfrc.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=iSecurity.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSecurity applet] rundll32.exe iSecurity.cpl,SecurityMonitor [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinIFixer] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ab2810a-a07b-11dc-bf8c-0016e3041f45}] AutoRun\command- New Folder.exe -- End of Deckard's System Scanner: finished at 2008-04-29 21:13:45 ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: Intel® Celeron® M processor 1.70GHz Percentage of Memory in Use: 59% Physical Memory (total/avail): 446.17 MiB / 179.42 MiB Pagefile Memory (total/avail): 1056.41 MiB / 642.84 MiB Virtual Memory (total/avail): 2047.88 MiB / 1913.56 MiB C: is Fixed (NTFS) - 74.29 GiB total, 50.49 GiB free. D: is CDROM (No Media) \\.\PHYSICALDRIVE0 - FUJITSU MHV2080BH - 74.53 GiB - 2 partitions \PARTITION0 (bootable) - Installable File System - 74.29 GiB - C: \PARTITION1 - Unknown - 251.02 MiB -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. AntiVirusDisableNotify is set. AntivirusOverride is set. FirewallOverride is set. AV: Symantec AntiVirus Corporate Edition v9.0.4.1000 (Symantec Corporation) Outdated [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"="C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine" "C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"="C:\\TOSHIBA\\IVP\\ISM\\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger" "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader" "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL" "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL" "C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL" "C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon" "C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed" "C:\\Program Files\\Common Files\\AOL\\1131163763\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1131163763\\EE\\AOLServiceHost.exe:*:Enabled:AOL" "C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL" "C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL" "C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL" "C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL" "C:\\Program Files\\Common Files\\AOL\\1146106896\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1146106896\\ee\\aolsoftware.exe:*:Enabled:AOL Services" "C:\\Program Files\\Common Files\\AOL\\1146106896\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1146106896\\ee\\aim6.exe:*:Enabled:AIM" "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent" "C:\\WINDOWS\\system32\\lxcycoms.exe"="C:\\WINDOWS\\system32\\lxcycoms.exe:*:Enabled:Lexmark Communications System" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Carol\Application Data CLASSPATH=.;C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=RCPAGADUAN ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO GETMODEL=Satellite A105 HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Carol LOGONSERVER=\\RCPAGADUAN NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0d08 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Carol\LOCALS~1\Temp TMP=C:\DOCUME~1\Carol\LOCALS~1\Temp USERDOMAIN=RCPAGADUAN USERNAME=Carol USERPROFILE=C:\Documents and Settings\Carol VERNUM=PSAA2U-123456V windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Carol (admin) Rene (admin) Administrator.RCPAGADUAN (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL ABBYY FineReader 6.0 Sprint --> MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002} AIM 6 --> C:\Program Files\AIM6\uninst.exe Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} ArcSoft Software Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA561482-C49D-4687-A61C-96236C1688F0}\Setup.exe" -l0x9 Atheros Client Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE}\setup.exe" -l0x9 Atheros Wireless LAN MiniPCI card Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}\setup.exe" -l0x9 ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9 Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} DVD-RAM Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver EuroTalk Talk Now Plus! --> C:\PROGRA~1\EuroTalk\TALKNO~1\UNWISE.EXE C:\PROGRA~1\EuroTalk\TALKNO~1\INSTALL.LOG High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" InterVideo WinDVD for TOSHIBA --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138} J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040} Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe Lexmark 3400 Series --> C:\Program Files\Lexmark 3400 Series\Install\x86\Uninst.exe Lexmark Fax Solutions --> C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe /R:faxunst Lexmark Toolbar --> regsvr32.exe /s /u "C:\Program Files\Lexmark Toolbar\toolband.dll" LiveUpdate 2.0 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46} Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Metamail (Toshiba Registration Utility) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE3F89C0-42D5-11D5-A40A-00105AC8331A}\setup.exe" -l0x9 Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office OneNote 2003 --> MsiExec.exe /I{91A10409-6000-11D3-8CFE-0150048383C9} Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} MSXML 6.0 Parser (KB927977) --> MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C} Office 2003 Trial Assistant --> MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726} On2 VP7 Personal Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}\Setup.exe" -l0x9 PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe" Quicken 2005 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{2DBE41DD-2129-4C65-A3D3-5647236A60F3} anything QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067} REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVE Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly Safari --> MsiExec.exe /I{F0E8F94D-6E68-4B35-92DF-3AA6DC6A6768} Safety Alert 2006 --> C:\DOCUME~1\Carol\LOCALS~1\Temp\laf62.tmp /del Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Symantec AntiVirus --> MsiExec.exe /I{3E172636-AE83-474A-9D07-E31C22C6DDC2} Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TOSHIBA Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x9 TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL TOSHIBA Controls --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x9 UNINSTALL TOSHIBA Hotkey Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x9 TOSHIBA PC Diagnostic Tool --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu" TOSHIBA Power Saver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll" TOSHIBA Software Modem --> Tosmreg -U TOSHIBA Software Upgrades --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe" TOSHIBA Speech System Applications --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9 TOSHIBA Speech System SR Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL TOSHIBA Speech System TTS Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9 TOSHIBA TouchPad ON/Off Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x9 TOSHIBA Utilities --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x9 TOSHIBA Virtual Sound --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\Setup.exe" /uninstall TOSHIBA Zooming Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe" Touch and Launch --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\Setup.exe" VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409 VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u Viewpoint Toolbar --> C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\Uninstaller.exe /u /k /url "http://www.viewpoint.com/pub/uninstallcompleted.html" Windows Driver Package - Microsoft WPD (8/28/2006 1.0.0.2) --> rundll32.exe C:\PROGRA~1\DIFX\7AA84A78695B31A503D9537A76801D74E0FD14BD\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\Zune_9C3D37D5063B767B2FEA1899B50894F1AC95FAA6\Zune.inf Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe Yahoo! Music Engine --> "C:\Program Files\Yahoo!\Yahoo! Music Engine\Uninstall.exe" Zune --> MsiExec.exe /X{ED55BFEF-90F3-4926-9536-D94FDBBF65DC} -- Application Event Log ------------------------------------------------------- Event Record #/Type175 / Error Event Submitted/Written: 04/29/2008 07:56:51 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application iexplore.exe, version 7.0.6000.16574, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type162 / Warning Event Submitted/Written: 04/29/2008 07:12:28 PM Event ID/Source: 6 / Symantec AntiVirus Event Description: Scan could not access path C:\pagefile.sys Event Record #/Type161 / Warning Event Submitted/Written: 04/29/2008 07:12:27 PM Event ID/Source: 6 / Symantec AntiVirus Event Description: Scan could not access path C:\hiberfil.sys Event Record #/Type160 / Warning Event Submitted/Written: 04/29/2008 07:12:25 PM Event ID/Source: 6 / Symantec AntiVirus Event Description: Scan could not access path C:\Documents and Settings\Rene Event Record #/Type159 / Warning Event Submitted/Written: 04/29/2008 07:12:25 PM Event ID/Source: 6 / Symantec AntiVirus Event Description: Scan could not open file C:\Documents and Settings\NetworkService\ntuser.dat.LOG [00000003] -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type24136 / Error Event Submitted/Written: 04/29/2008 08:53:58 PM Event ID/Source: 10005 / DCOM Event Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Event Record #/Type24135 / Error Event Submitted/Written: 04/29/2008 08:40:40 PM Event ID/Source: 10005 / DCOM Event Description: DCOM got error "%%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Event Record #/Type24134 / Error Event Submitted/Written: 04/29/2008 08:39:25 PM Event ID/Source: 10005 / DCOM Event Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Event Record #/Type24133 / Error Event Submitted/Written: 04/29/2008 08:38:43 PM Event ID/Source: 7026 / Service Control Manager Event Description: The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRT SYMTDI Tcpip Event Record #/Type24132 / Error Event Submitted/Written: 04/29/2008 08:38:43 PM Event ID/Source: 7001 / Service Control Manager Event Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: %%31 -- End of Deckard's System Scanner: finished at 2008-04-29 21:13:45 ------------ This post has been edited by Panda Moniium: Apr 30 2008, 07:52 AM |
 |
 
|
Posts in this topic
Panda Moniium Ultimate Defender, Ultimate Cleaner, Winifixer Apr 29 2008, 08:29 PM
teacup61 Hello Panda Moniium,
Welcome to Bleeping Computer... Apr 30 2008, 10:27 AM Panda Moniium Username "Carol" - 04/30/2008 13:19:07 [... Apr 30 2008, 12:46 PM teacup61 Hello,
Thanks for that. :)
Please be sure in you... Apr 30 2008, 01:07 PM Panda Moniium ComboFix 08-04-29.5 - Carol 2008-05-01 11:01:02.1 ... May 1 2008, 10:24 AM Panda Moniium Is it supposed to say:
WARNING -THIS MACHINE DOES... May 1 2008, 10:26 AM teacup61 Hello,
If you don't have it installed then it... May 1 2008, 02:28 PM Panda Moniium Directory of C:\PROGRA~1\ITUNES\BAK... May 1 2008, 11:21 PM teacup61 Hello,
You didn't post the whole report.....d... May 2 2008, 12:06 AM Panda Moniium I only ran option 1 and that was the only report t... May 2 2008, 06:57 AM Panda Moniium Find AWF report by noahdfear ©2006
... May 2 2008, 06:58 AM teacup61 Hello,
Thanks for letting me know. :)
Please dou... May 2 2008, 09:34 AM Panda Moniium Find AWF report by noahdfear ©2006
... May 2 2008, 01:18 PM teacup61 Hello,
I see that one remains. Your Adobe is out ... May 2 2008, 02:09 PM Panda Moniium I'm not sure which Adobe (flash player? reader... May 3 2008, 03:48 PM teacup61 Hi there,
C:\Program Files\Adobe\A... May 3 2008, 03:55 PM Panda Moniium Umm do i need to do anything else? May 5 2008, 09:23 AM teacup61 Yes, please follow my previous directions and post... May 5 2008, 10:52 AM Panda Moniium Hey sorry that it was taking so long. I didn't... May 7 2008, 02:44 PM teacup61 Hello,
http://i135.photobucket.com/albums/q150/te... May 7 2008, 03:15 PM Panda Moniium I removed all Viewpoint programs from the control ... May 8 2008, 01:06 PM teacup61 Hello,
Looks good. :thumbup2:
Please delete Co... May 8 2008, 01:43 PM
teacup61 Since this issue appears resolved ... this Topic i... May 13 2008, 11:28 PM  |
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 22nd November 2009 - 01:36 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.