Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty Virus Hijack This Log per Administrator Please Help


  • This topic is locked This topic is locked
2 replies to this topic

#1 iaff284

iaff284

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 26 February 2009 - 08:36 AM

Referred here from: http://www.bleepingcomputer.com/forums/t/206225/vundo-and-google-redirect-problems/ ~ OB

Orange Blossom was able to help me run a Hijack This Log. I tried to run the other preposting but could not get the dds to run. I was having issues with redirecting from google then I ran spybot and it removed stuff from the registry and now I can only get the laptop to boot into safe mode. The normal boot will only show the background picture with no icons or system tray. Please help!!!

Log File

Logfile of random's system information tool 1.05 (written by random/random)
Run by Administrator at 2009-02-26 07:21:49
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 58 GB (77%) free of 76 GB
Total RAM: 446 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:22:10 AM, on 2/26/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator.MIKE\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [SpybotDeletingA2239] command.com /c del "C:\WINDOWS\wt\webdriver\4.1.1\wdengine.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9282] cmd.exe /c del "C:\WINDOWS\wt\webdriver\4.1.1\wdengine.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5022] command.com /c del "C:\WINDOWS\wt\webdriver\4.1.1\webdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5525] cmd.exe /c del "C:\WINDOWS\wt\webdriver\4.1.1\webdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5699] command.com /c del "C:\WINDOWS\wt\webdriver\4.1.1\wthost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7456] cmd.exe /c del "C:\WINDOWS\wt\webdriver\4.1.1\wthost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7302] command.com /c del "C:\WINDOWS\wt\webdriver\4.1.1\wthostctl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7204] cmd.exe /c del "C:\WINDOWS\wt\webdriver\4.1.1\wthostctl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5538] command.com /c del "C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6042] cmd.exe /c del "C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3250] command.com /c del "C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.jar"
O4 - HKLM\..\RunOnce: [SpybotDeletingC469] cmd.exe /c del "C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.jar"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9893] command.com /c del "C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ax"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5830] cmd.exe /c del "C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ax"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7282] command.com /c del "C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingC279] cmd.exe /c del "C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9410] command.com /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC484] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA355] command.com /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6534] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7472] command.com /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9615] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9883] command.com /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6788] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA533] command.com /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3866] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8509] command.com /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1003] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4674] command.com /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingC810] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7606] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\actorobject.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8934] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\actorobject.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4372] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\dx5drv.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5640] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\dx5drv.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA286] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\dx7drv.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9769] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\dx7drv.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1656] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\jdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8820] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\jdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8806] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\npWTHost.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8878] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\npWTHost.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6544] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9162] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3431] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2496] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1248] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\rdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7421] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\rdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2008] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Sound.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9476] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Sound.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9144] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wdcaps.ded"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5856] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wdcaps.ded"
O4 - HKLM\..\RunOnce: [SpybotDeletingA190] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wdengine.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1999] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wdengine.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4542] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4000] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1983] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1307] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3767] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5184] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8767] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\webdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4321] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\webdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1952] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wildtangent.jar"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8716] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wildtangent.jar"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5861] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wt3d.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9985] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wt3d.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7920] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\WTHost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8996] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\WTHost.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA658] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7155] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA486] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtmulti.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1453] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtmulti.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3737] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtmulti.jar"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9024] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtmulti.jar"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6762] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtvh.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9175] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtvh.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4078] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3219] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6734] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9263] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8985] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8362] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6568] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\data.wts"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9720] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\data.wts"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7201] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3969] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8002] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3457] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4023] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\update_info\data.wts"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9277] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\update_info\data.wts"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9217] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2391] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2429] command.com /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4257] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2151] command.com /c del "C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\WireControl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5125] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\WireControl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2223] command.com /c del "C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\controlpanel\index.html"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4759] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\controlpanel\index.html"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8412] command.com /c del "C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl.cdanfo"
O4 - HKLM\..\RunOnce: [SpybotDeletingC313] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl.cdanfo"
O4 - HKLM\..\RunOnce: [SpybotDeletingA767] command.com /c del "C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl_Uninstall.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3445] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl_Uninstall.cdas"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2778] command.com /c del "C:\WINDOWS\wt\wtupdates\wtwebdriver\update_info\data.wts"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3364] cmd.exe /c del "C:\WINDOWS\wt\wtupdates\wtwebdriver\update_info\data.wts"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

--
End of file - 19118 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-02-22 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"THotkey"=C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [2006-03-06 356352]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2006-03-02 82012]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-02 761948]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-03-03 88204]
"TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-05-31 282624]
"dla"=C:\WINDOWS\system32\dla\DLACTRLW.exe [2005-10-06 122940]
"Pinger"=c:\toshiba\ivp\ism\pinger.exe [2005-03-17 151552]
"Tvs"=C:\Program Files\Toshiba\Tvs\TvsTray.exe [2006-02-02 73728]
"TFncKy"=TFncKy.exe []
"TDispVol"=C:\WINDOWS\system32\TDispVol.exe [2005-03-11 73728]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-12-09 15691264]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
""= []
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-02-22 1601304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingA2239"=command.com /c del C:\WINDOWS\wt\webdriver\4.1.1\wdengine.dll []
"SpybotDeletingC9282"=cmd.exe /c del C:\WINDOWS\wt\webdriver\4.1.1\wdengine.dll []
"SpybotDeletingA5022"=command.com /c del C:\WINDOWS\wt\webdriver\4.1.1\webdriver.dll []
"SpybotDeletingC5525"=cmd.exe /c del C:\WINDOWS\wt\webdriver\4.1.1\webdriver.dll []
"SpybotDeletingA5699"=command.com /c del C:\WINDOWS\wt\webdriver\4.1.1\wthost.exe []
"SpybotDeletingC7456"=cmd.exe /c del C:\WINDOWS\wt\webdriver\4.1.1\wthost.exe []
"SpybotDeletingA7302"=command.com /c del C:\WINDOWS\wt\webdriver\4.1.1\wthostctl.dll []
"SpybotDeletingC7204"=cmd.exe /c del C:\WINDOWS\wt\webdriver\4.1.1\wthostctl.dll []
"SpybotDeletingA5538"=command.com /c del C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.dll []
"SpybotDeletingC6042"=cmd.exe /c del C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.dll []
"SpybotDeletingA3250"=command.com /c del C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.jar []
"SpybotDeletingC469"=cmd.exe /c del C:\WINDOWS\wt\webdriver\4.1.1\wtmulti.jar []
"SpybotDeletingA9893"=command.com /c del C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ax []
"SpybotDeletingC5830"=cmd.exe /c del C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ax []
"SpybotDeletingA7282"=command.com /c del C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ini []
"SpybotDeletingC279"=cmd.exe /c del C:\WINDOWS\wt\webdriver\4.1.1\wtwmplug.ini []
"SpybotDeletingA9410"=command.com /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll []
"SpybotDeletingC484"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll []
"SpybotDeletingA355"=command.com /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar []
"SpybotDeletingC6534"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar []
"SpybotDeletingA7472"=command.com /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll []
"SpybotDeletingC9615"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll []
"SpybotDeletingA9883"=command.com /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll []
"SpybotDeletingC6788"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll []
"SpybotDeletingA533"=command.com /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html []
"SpybotDeletingC3866"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html []
"SpybotDeletingA8509"=command.com /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo []
"SpybotDeletingC1003"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo []
"SpybotDeletingA4674"=command.com /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas []
"SpybotDeletingC810"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas []
"SpybotDeletingA7606"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\actorobject.dll []
"SpybotDeletingC8934"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\actorobject.dll []
"SpybotDeletingA4372"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\dx5drv.dll []
"SpybotDeletingC5640"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\dx5drv.dll []
"SpybotDeletingA286"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\dx7drv.dll []
"SpybotDeletingC9769"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\dx7drv.dll []
"SpybotDeletingA1656"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\jdriver.dll []
"SpybotDeletingC8820"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\jdriver.dll []
"SpybotDeletingA8806"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\npWTHost.dll []
"SpybotDeletingC8878"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\npWTHost.dll []
"SpybotDeletingA6544"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt []
"SpybotDeletingC9162"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt []
"SpybotDeletingA3431"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll []
"SpybotDeletingC2496"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll []
"SpybotDeletingA1248"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\rdriver.dll []
"SpybotDeletingC7421"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\rdriver.dll []
"SpybotDeletingA2008"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Sound.dll []
"SpybotDeletingC9476"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Sound.dll []
"SpybotDeletingA9144"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wdcaps.ded []
"SpybotDeletingC5856"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wdcaps.ded []
"SpybotDeletingA190"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wdengine.dll []
"SpybotDeletingC1999"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wdengine.dll []
"SpybotDeletingA4542"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo []
"SpybotDeletingC4000"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo []
"SpybotDeletingA1983"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas []
"SpybotDeletingC1307"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas []
"SpybotDeletingA3767"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas []
"SpybotDeletingC5184"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas []
"SpybotDeletingA8767"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\webdriver.dll []
"SpybotDeletingC4321"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\webdriver.dll []
"SpybotDeletingA1952"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wildtangent.jar []
"SpybotDeletingC8716"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wildtangent.jar []
"SpybotDeletingA5861"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wt3d.ini []
"SpybotDeletingC9985"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wt3d.ini []
"SpybotDeletingA7920"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\WTHost.exe []
"SpybotDeletingC8996"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\WTHost.exe []
"SpybotDeletingA658"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll []
"SpybotDeletingC7155"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll []
"SpybotDeletingA486"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtmulti.dll []
"SpybotDeletingC1453"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtmulti.dll []
"SpybotDeletingA3737"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtmulti.jar []
"SpybotDeletingC9024"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtmulti.jar []
"SpybotDeletingA6762"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtvh.dll []
"SpybotDeletingC9175"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtvh.dll []
"SpybotDeletingA4078"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax []
"SpybotDeletingC3219"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax []
"SpybotDeletingA6734"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini []
"SpybotDeletingC9263"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini []
"SpybotDeletingA8985"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html []
"SpybotDeletingC8362"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html []
"SpybotDeletingA6568"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\data.wts []
"SpybotDeletingC9720"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\data.wts []
"SpybotDeletingA7201"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll []
"SpybotDeletingC3969"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll []
"SpybotDeletingA8002"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll []
"SpybotDeletingC3457"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll []
"SpybotDeletingA4023"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\update_info\data.wts []
"SpybotDeletingC9277"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\files\update_info\data.wts []
"SpybotDeletingA9217"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo []
"SpybotDeletingC2391"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo []
"SpybotDeletingA2429"=command.com /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas []
"SpybotDeletingC4257"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas []
"SpybotDeletingA2151"=command.com /c del C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\WireControl.dll []
"SpybotDeletingC5125"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\WireControl.dll []
"SpybotDeletingA2223"=command.com /c del C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\controlpanel\index.html []
"SpybotDeletingC4759"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\controlpanel\index.html []
"SpybotDeletingA8412"=command.com /c del C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl.cdanfo []
"SpybotDeletingC313"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl.cdanfo []
"SpybotDeletingA767"=command.com /c del C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl_Uninstall.cdas []
"SpybotDeletingC3445"=cmd.exe /c del C:\WINDOWS\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl_Uninstall.cdas []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2004-12-30 65536]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-05 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-08-16 236016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-03 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-02-22 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine"
"C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\1142882959\EE\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1142882959\EE\AOLServiceHost.exe:*:Disabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Disabled:AOL"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Disabled:AOL Application Loader"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Disabled:AOLTopSpeed"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Disabled:AOLTsMon"
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Disabled:AOL"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-02-26 07:21:50 ----D---- C:\Program Files\trend micro
2009-02-26 07:21:49 ----D---- C:\rsit
2009-02-25 18:53:11 ----D---- C:\Program Files\ImgBurn
2009-02-25 18:51:36 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\Macromedia
2009-02-25 18:46:00 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\Mozilla
2009-02-25 12:28:03 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-25 11:10:12 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-25 11:10:12 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-24 21:38:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-24 21:30:56 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-24 17:25:36 ----D---- C:\WINDOWS\ERDNT
2009-02-24 17:24:40 ----D---- C:\Program Files\ERUNT
2009-02-24 14:06:29 ----D---- C:\VundoFix Backups
2009-02-24 14:06:29 ----A---- C:\VundoFix.txt
2009-02-24 13:44:01 ----D---- C:\Program Files\Lavasoft RegHance
2009-02-24 08:49:54 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\Malwarebytes
2009-02-24 08:38:31 ----ASH---- C:\Documents and Settings\Administrator.MIKE\Application Data\desktop.ini
2009-02-24 08:38:19 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\Identities
2009-02-24 08:38:19 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\AOL
2009-02-24 08:38:19 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\Adobe
2009-02-24 08:38:18 ----SD---- C:\Documents and Settings\Administrator.MIKE\Application Data\Microsoft
2009-02-24 08:38:18 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\You've Got Pictures Screensaver
2009-02-24 08:38:18 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\toshiba
2009-02-24 08:38:18 ----D---- C:\Documents and Settings\Administrator.MIKE\Application Data\InterVideo
2009-02-22 16:26:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-22 16:26:06 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-22 14:17:49 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-02-12 13:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-03 09:05:16 ----D---- C:\Program Files\DIFX
2009-02-03 09:04:59 ----D---- C:\Program Files\Cricut Software

======List of files/folders modified in the last 1 months======

2009-02-26 07:21:50 ----D---- C:\Program Files
2009-02-26 07:18:15 ----SD---- C:\WINDOWS\Tasks
2009-02-26 07:16:42 ----D---- C:\Program Files\Mozilla Firefox
2009-02-25 18:35:23 ----A---- C:\WINDOWS\ModemLog_Standard Modem.txt
2009-02-25 18:35:17 ----A---- C:\WINDOWS\ModemLog_TOSHIBA Software Modem.txt
2009-02-25 18:34:54 ----D---- C:\WINDOWS\system32\DLA
2009-02-25 12:48:44 ----D---- C:\WINDOWS\Prefetch
2009-02-25 12:30:16 ----D---- C:\WINDOWS
2009-02-25 12:29:50 ----AD---- C:\WINDOWS\system32
2009-02-25 12:28:19 ----HD---- C:\WINDOWS\inf
2009-02-25 12:28:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-25 12:27:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-25 11:53:20 ----A---- C:\WINDOWS\wininit.ini
2009-02-25 11:40:33 ----D---- C:\WINDOWS\Temp
2009-02-25 10:10:00 ----D---- C:\WINDOWS\system32\Lang
2009-02-25 09:06:34 ----D---- C:\WINDOWS\system32\config
2009-02-25 08:15:28 ----AD---- C:\WINDOWS\system32\drivers
2009-02-25 07:45:52 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-24 21:22:57 ----D---- C:\WINDOWS\Debug
2009-02-24 08:44:35 ----SHD---- C:\RECYCLER
2009-02-24 08:38:12 ----D---- C:\Documents and Settings
2009-02-23 10:08:49 ----HD---- C:\$AVG8.VAULT$
2009-02-22 14:17:13 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-02-22 14:17:07 ----SHD---- C:\WINDOWS\Installer
2009-02-11 20:56:18 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-04 20:36:02 ----D---- C:\sa100a5v560
2009-01-31 09:18:01 ----D---- C:\WINDOWS\Minidump
2009-01-31 09:12:31 ----D---- C:\Program Files\Common Files
2009-01-31 09:12:08 ----DC---- C:\WINDOWS\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-02-22 107272]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-06-02 102384]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-09-15 468768]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-02 191968]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-02-22 325128]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-22 27656]
S1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
S1 SABKUTIL;SABKUTIL; \??\C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys []
S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.7.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-10-04 21035]
S2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2006-03-20 8552]
S2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628]
S2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496]
S2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524]
S2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684]
S2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364]
S2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036]
S2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332]
S2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-03 1124097]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2007-06-27 53184]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2007-06-27 71488]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-08 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-08 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-08 21456]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-12-09 4123136]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 qcusbmdm;Qualcomm Proprietary USB Driver (PID 3197); C:\WINDOWS\system32\DRIVERS\qcusbmdm.sys [2003-03-11 59632]
S3 qcusbser;Qualcomm Diagnostic Port 3197; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [2003-03-11 59632]
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2007-05-31 22656]
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 SVRPEDRV;SVRPEDRV; \??\C:\DOCUME~1\Michael\LOCALS~1\Temp\RarSFX0\SEPVWF\PEDrv.sys []
S3 tbiosdrv;Toshiba Logical Tbios Device; C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys [2005-08-24 9472]
S3 TVALD;Toshiba Mobile PC Service; C:\WINDOWS\system32\DRIVERS\NBSMI.sys [2005-10-20 6144]
S3 Tvs;TOSHIBA Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2006-03-31 43776]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2005-09-26 36864]
S2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-02-22 298264]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-28 110592]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-07-24 358896]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-08-16 309744]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-08-16 166384]
S2 Swupdtmr;Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [2005-07-12 40960]
S2 TAPPSRV;TOSHIBA Application Service; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [2006-02-07 35840]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-08 65795]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-07-24 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-08-16 1092080]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-03 380928]

-----------------EOF-----------------


Info File

info.txt logfile of random's system information tool 1.05 2009-02-26 07:22:14

======Uninstall list======

-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->MsiExec.exe /I{0ADEA8E1-B211-41B8-8DD4-D9A5FB04A5FA}
-->MsiExec.exe /I{267D350E-51AB-40B8-AF9F-DA7ED5687044}
-->MsiExec.exe /I{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}
-->MsiExec.exe /I{85BD5F12-49EF-4B40-B1E0-77D85F6E99BF}
-->MsiExec.exe /I{EA9741F6-A7F2-497B-BBE4-2ED0136649BE}
-->MsiExec.exe /X{C628EC93-8E17-4114-BCE7-2D181B93FA0F}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Home Architect Home Design Deluxe 6-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Atheros Client Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D658CF-4E0D-4DA8-AA67-8C0B6F1C01FE}\setup.exe" -l0x9
Atheros Wireless LAN MiniPCI/PCIe card Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}\setup.exe" -l0x9
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BitPim 1.0.5-->"C:\Program Files\BitPim\unins000.exe"
BlackBerry Desktop Software 4.3-->MsiExec.exe /I{C178B38F-613A-4EFE-B718-A675BD27A1E1}
BlackBerry Desktop Software 4.3-->MsiExec.exe /i{C178B38F-613A-4EFE-B718-A675BD27A1E1}
BlackBerry Device Software v4.5.0 for the BlackBerry 8310 smartphone-->MsiExec.exe /X{49395DDA-831C-4C18-8F02-A0445CE7B2E3}
BlackBerry® Media Sync-->MsiExec.exe /X{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon MP Navigator EX 1.0-->"C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini
Canon MP470 series User Registration-->C:\Program Files\Canon\IJEREG\MP470 series\UNINST.EXE
Canon MP470 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series /L0x0009
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD/DVD Drive Acoustic Silencer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
Cricut DesignStudio-->"C:\Program Files\Cricut Software\Cricut DesignStudio\uninstall.exe"
DH Mobility Modder.NET-->C:\Program Files\MobilityDotNET\Uninstall.exe
DVD-RAM Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
FTDI USB Serial Converter Drivers-->C:\WINDOWS\system32\ftdiunin.exe C:\WINDOWS\system32\ftdiun2k.ini
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
InterVideo WinDVD for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Ken Ward's Zipper 1.4000-->"C:\Program Files\Ken Ward's Zipper\unins000.exe"
Lavasoft Reghance 2.1-->C:\PROGRA~1\LAVASO~1\UNWISE.EXE C:\PROGRA~1\LAVASO~1\INSTALL.LOG
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Digital Image Starter Edition 2006-->"C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Picture It! Publishing Platinum 2002-->MsiExec.exe /I{C769A271-7E1C-48F9-B331-474600DD4C01}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
Photodex Presenter-->C:\Program Files\Photodex Presenter\uninst.exe
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
REALTEK GbE & FE Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe" -l0x9 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
RingJone-->MsiExec.exe /X{38BD9D37-9804-49E3-82EE-F16596FA1ED8}
Roxio Media Manager-->MsiExec.exe /X{5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1}
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x0009 -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x0009 -removeonly
ScanSoft OmniPage SE 4-->MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
Security Update for Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Setup_PWM_APEX-->MsiExec.exe /I{27D307AB-45F2-4E6B-9A48-D58C853F4464}
SetupOBDscan5-->MsiExec.exe /I{0CA40338-57BF-485D-AF8D-E4314278AAE7}
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TBS WMP Plug-in-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{13515135-48BB-4184-8C1F-2FAE0138E200}
TOSHIBA Controls-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA PC Diagnostic Tool-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
TOSHIBA Power Saver-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
Toshiba Registration-->MsiExec.exe /X{F6C405D2-C50D-4D10-B89E-73A233A14D74}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Software Upgrades-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe"
TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA TouchPad ON/Off Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x9
TOSHIBA Utilities-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x9
TOSHIBA Virtual Sound-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\Setup.exe" /uninstall
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)-->C:\PROGRA~1\DIFX\F5DE4F5A04FFC80D\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\ftdibus_1EFE8ACE84BF7FF75302177777293E12CA62079A\ftdibus.inf
Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)-->C:\PROGRA~1\DIFX\F5DE4F5A04FFC80D\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\ftdiport_E3FE268552211CE3257EFBEE0E69543753506151\ftdiport.inf
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: AVG Anti-Virus Free

System event log

Computer Name: MIKE
Event Code: 7036
Message: The Application Management service entered the stopped state.

Record Number: 39802
Source Name: Service Control Manager
Time Written: 20090131091259.000000-360
Event Type: information
User:

Computer Name: MIKE
Event Code: 7035
Message: The Application Management service was successfully sent a start control.

Record Number: 39801
Source Name: Service Control Manager
Time Written: 20090131091259.000000-360
Event Type: information
User: MIKE\Michael

Computer Name: MIKE
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 39800
Source Name: Service Control Manager
Time Written: 20090131091259.000000-360
Event Type: error
User:

Computer Name: MIKE
Event Code: 7036
Message: The Application Management service entered the stopped state.

Record Number: 39799
Source Name: Service Control Manager
Time Written: 20090131091259.000000-360
Event Type: information
User:

Computer Name: MIKE
Event Code: 7035
Message: The Application Management service was successfully sent a start control.

Record Number: 39798
Source Name: Service Control Manager
Time Written: 20090131091259.000000-360
Event Type: information
User: MIKE\Michael

Application event log

Computer Name: MIKE
Event Code: 1000
Message: Faulting application firefox.exe, version 1.8.20080.20121, faulting module js3250.dll, version 4.0.0.0, fault address 0x0001ec75.

Record Number: 1240
Source Name: Application Error
Time Written: 20080306083937.000000-360
Event Type: error
User:

Computer Name: MIKE
Event Code: 1800
Message: The Windows Security Center Service has started.

Record Number: 1239
Source Name: SecurityCenter
Time Written: 20080306070408.000000-360
Event Type: information
User:

Computer Name: MIKE
Event Code: 1
Message:
Record Number: 1238
Source Name: AVGEMS
Time Written: 20080306070343.000000-360
Event Type: information
User:

Computer Name: MIKE
Event Code: 1
Message:
Record Number: 1237
Source Name: Avg7UpdSvc
Time Written: 20080306070332.000000-360
Event Type: information
User:

Computer Name: MIKE
Event Code: 5001
Message: Bucket 11936967, bucket table 5, EventType mptelemetry, P1 80072ee2, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Record Number: 1236
Source Name: MPSampleSubmission
Time Written: 20080305143414.000000-360
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\ATI Technologies\ATI Control Panel
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

Edited by Orange Blossom, 26 February 2009 - 05:23 PM.


BC AdBot (Login to Remove)

 


#2 iaff284

iaff284
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 01 March 2009 - 11:21 AM

please close this topic I ran out of time and had to reinstall windows xp. I will post again when I can get a new hjt log.

Thanks for all your help

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:04:13 PM

Posted 01 March 2009 - 06:01 PM

Thanks for informing us.

Good luck.

This thread is closed.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users