Thank you for helping me again! Unfortunately, the file is still here, even after I followed every instruction. :-(
Here is the rapport from the Smitfraudfix.exe:
SmitFraudFix v2.276
Scan done at 12:14:43.14, Mon 01/28/2008
Run from C:\Users\Mercuryrose88\Desktop\SmitfraudFix
OS: Microsoft Windows [Version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
::1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix.exe by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{5CF63800-A8B9-4061-BFD6-E01C4FF176F2}: DhcpNameServer=141.165.1.10 141.165.1.9
HKLM\SYSTEM\CCS\Services\Tcpip\..\{67CFA30F-93A7-4FE4-9CED-3E3A754A1EDA}: DhcpNameServer=192.168.10.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{5CF63800-A8B9-4061-BFD6-E01C4FF176F2}: DhcpNameServer=141.165.1.10 141.165.1.9
HKLM\SYSTEM\CS1\Services\Tcpip\..\{67CFA30F-93A7-4FE4-9CED-3E3A754A1EDA}: DhcpNameServer=192.168.10.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{5CF63800-A8B9-4061-BFD6-E01C4FF176F2}: DhcpNameServer=141.165.1.10 141.165.1.9
HKLM\SYSTEM\CS3\Services\Tcpip\..\{67CFA30F-93A7-4FE4-9CED-3E3A754A1EDA}: DhcpNameServer=192.168.10.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=141.165.1.10 141.165.1.9
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=141.165.1.10 141.165.1.9
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.10.1
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
And here are the reports from DSS:
Deckard's System Scanner v20071014.68
Run by Mercuryrose88 on 2008-01-28 14:04:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 4 Restore Point(s) --
4: 2008-01-28 16:20:35 UTC - RP171 - Scheduled Checkpoint
3: 2008-01-27 20:22:07 UTC - RP170 - Scheduled Checkpoint
2: 2008-01-27 03:26:59 UTC - RP169 - Installed AVG 7.5
1: 2008-01-26 14:02:45 UTC - RP168 - Scheduled Checkpoint
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 76% (more than 75%).Total Physical Memory: 1014 MiB (1024 MiB recommended).-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-28 14:08:49
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\System32\csrss.exe
C:\Windows\System32\wininit.exe
C:\Windows\System32\csrss.exe
C:\Windows\System32\services.exe
C:\Windows\System32\lsass.exe
C:\Windows\System32\lsm.exe
C:\Windows\System32\winlogon.exe
C:\Windows\System32\svchost.exe
C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\SLsvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
C:\Program Files\McAfee\VirusScan\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\McAfee\MSK\msksrver.exe
C:\Toshiba\IVP\ISM\pinger.exe
C:\Windows\System32\svchost.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Enigma Software Group\SpyHunter\SHService.exe
C:\Windows\System32\svchost.exe
C:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Windows\System32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\SearchIndexer.exe
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Program Files\McAfee\MSC\mcmscsvc.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\conime.exe
C:\Program Files\McAfee\VirusScan\mcsysmon.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\System32\igfxsrvc.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG7\avgw.exe
C:\Users\Mercuryrose88\Desktop\dss.exe
C:\Windows\System32\svchost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://home.microsof...search.asp?p=%sR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SHStartup.exe
O4 - HKLM\..\RunOnce: [SpybotDeletingA7334] command /c del "C:\Windows\System32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC467] cmd /c del "C:\Windows\System32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\system32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\System32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgrssvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\msksrver.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: SpyHunter3 Service - Enigma Software Group, Inc. - C:\Program Files\Enigma Software Group\SpyHunter\SHService.exe
O23 - Service: Swupdtmr - Unknown owner - C:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\System32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 13307 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
S4 KR10I - c:\windows\system32\drivers\kr10i.sys <Not Verified; TOSHIBA CORPORATION; TOSHIBA RAID>
S4 KR10N - c:\windows\system32\drivers\kr10n.sys <Not Verified; TOSHIBA CORPORATION; TOSHIBA RAID>
S4 KR3NPXP - c:\windows\system32\drivers\kr3npxp.sys <Not Verified; TOSHIBA CORPORATION; TOSHIBA RAID>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree>
R2 SpyHunter3 Service - "c:\program files\enigma software group\spyhunter\shservice.exe" <Not Verified; Enigma Software Group, Inc.; SpyHunter3>
R2 TODDSrv (TOSHIBA Optical Disc Drive Service) - c:\windows\system32\toddsrv.exe <Not Verified; TOSHIBA Corporation; TDCSrv Application>
R2 TOSHIBA Bluetooth Service - c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe <Not Verified; TOSHIBA CORPORATION; Bluetooth Stack for Windows by TOSHIBA>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-01-01 01:00:16 368 --a------ C:\Windows\Tasks\McQcTask.job
2007-12-15 03:32:28 366 --a------ C:\Windows\Tasks\McDefragTask.job
-- Files created between 2007-12-28 and 2008-01-28 -----------------------------
2008-01-28 12:14:47 2412 --a------ C:\Windows\system32\tmp.reg
2008-01-28 12:14:29 25600 --a------ C:\Windows\system32\WS2Fix.exe
2008-01-28 12:14:29 289144 --a------ C:\Windows\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-28 12:14:29 288417 --a------ C:\Windows\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-28 12:14:29 53248 --a------ C:\Windows\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2008-01-28 12:14:29 81920 --a------ C:\Windows\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-28 12:14:29 51200 --a------ C:\Windows\system32\dumphive.exe
2008-01-27 20:16:10 0 d-------- C:\Program Files\Enigma Software Group
2008-01-27 12:09:38 86144 --a------ C:\Windows\system32\drivers\msteee.sys
2008-01-27 10:00:09 0 dr-h----- C:\$VAULT$.AVG
2008-01-26 23:27:08 0 d-------- C:\Program Files\Startup Mechanic
2008-01-26 22:29:01 0 d-------- C:\Users\All Users\Grisoft
2008-01-26 22:29:01 0 d-------- C:\Users\All Users\avg7
2008-01-23 13:00:23 143360 --a------ C:\Windows\system32\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 Multi-Threading UnZIP DLL>
2008-01-23 12:44:44 0 d-------- C:\Program Files\Cisco Systems
-- Find3M Report ---------------------------------------------------------------
2008-01-28 14:00:03 0 d-------- C:\Users\Mercuryrose88\AppData\Roaming\AVG7
2008-01-28 12:19:16 0 d-------- C:\Program Files\McAfee
2008-01-23 15:51:34 0 d-------- C:\Program Files\Common Files\McAfee
2008-01-18 18:37:21 0 d-------- C:\Program Files\QuickTime
2008-01-10 23:38:01 0 d-------- C:\Users\Mercuryrose88\AppData\Roaming\SiteAdvisor
2008-01-09 17:19:24 0 d-------- C:\Program Files\Windows Mail
2008-01-09 17:06:52 0 d-------- C:\Program Files\Windows Sidebar
2007-12-21 13:19:40 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-19 16:54:55 0 d-------- C:\Program Files\SiteAdvisor
2007-12-09 08:56:34 0 d-------- C:\Program Files\MSBuild
2007-12-09 08:48:11 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2007-12-07 16:26:37 0 d-------- C:\Program Files\Gravity
2007-12-07 16:25:21 65536 --a------ C:\Windows\IFinst27.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
09/19/2007 06:15 AM 329032 --a------ c:\PROGRA~1\mcafee\msk\mcapbho.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [06/29/2007 01:08 PM]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [10/18/2006 11:14 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [06/29/2007 05:24 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [09/14/2007 09:00 AM]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [08/24/2007 07:54 PM]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [08/24/2007 07:54 PM]
"Persistence"="C:\Windows\system32\igfxpers.exe" [08/24/2007 07:54 PM]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [10/29/2007 06:02 AM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/03/2007 10:33 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [01/26/2008 10:29 PM]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SHStartup.exe" [12/13/2007 09:21 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [11/22/2004 11:18 AM]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [01/18/2007 10:54 PM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 07:36 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SpybotDeletingA7334"=command /c del "C:\Windows\System32\drivers\core.cache.dsk_tobedeleted"
"SpybotDeletingC467"=cmd /c del "C:\Windows\System32\drivers\core.cache.dsk_tobedeleted"
"SpybotSnD"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
C:\Users\Mercuryrose88\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [10/26/2006 10:24:54 PM]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Clean Access Agent.lnk - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe [12/7/2007 5:12:50 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 01/26/2008 10:30 PM 9216 C:\Windows\System32\avgwlntf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-01-28 14:12:24 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English
CPU 0: Intel® Core2 CPU T5300 @ 1.73GHz
Percentage of Memory in Use: 77%
Physical Memory (total/avail): 1013.44 MiB / 227.49 MiB
Pagefile Memory (total/avail): 2274.37 MiB / 1242.16 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.38 MiB
C: is Fixed (NTFS) - 147.58 GiB total, 57.63 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - Hitachi HTS541616J9SA00 ATA Device - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 1500 MiB
\PARTITION1 (bootable) - Installable File System - 147.58 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: McAfee Personal Firewall v (McAfee)
AV: AVG 7.5.516 v7.5.516 (Grisoft)
AV: McAfee VirusScan v (McAfee)
AS: McAfee VirusScan v (McAfee)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
Disabled[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"="C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"="C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Mercuryrose88\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BANANA-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Mercuryrose88
LOCALAPPDATA=C:\Users\Mercuryrose88\AppData\Local
LOGONSERVER=\\BANANA-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f02
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\MERCUR~1\AppData\Local\Temp
TMP=C:\Users\MERCUR~1\AppData\Local\Temp
USERDOMAIN=Banana-PC
USERNAME=Mercuryrose88
USERPROFILE=C:\Users\Mercuryrose88
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Mercuryrose88
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support --> MsiExec.exe /I{3EBD3749-304E-4A4C-9575-C00E5F015217}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Rootkit Free --> C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
Bejeweled 2 Deluxe --> "C:\Program Files\TOSHIBA Games\Bejeweled 2 Deluxe\Uninstall.exe"
BitComet 0.90 --> C:\Program Files\BitComet\uninst.exe
Blackhawk Striker 2 --> "C:\Program Files\TOSHIBA Games\Blackhawk Striker 2\Uninstall.exe"
Blasterball 3 --> "C:\Program Files\TOSHIBA Games\Blasterball 3\Uninstall.exe"
Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Camera Assistant Software for Toshiba --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe" -l0x9
CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe" -l0x9
Chuzzle Deluxe --> "C:\Program Files\TOSHIBA Games\Chuzzle Deluxe\Uninstall.exe"
Cisco Clean Access Agent --> MsiExec.exe /X{04010300-6D72-4D54-8686-91D884A27B5C}
Combined Community Codec Pack 2007-07-22 --> "C:\Program Files\Combined Community Codec Pack\unins000.exe"
Deliverance-Online --> C:\Program Files\Gravity\RO\Uninstal.exe
Desktop Dialer --> C:\Windows\unvise32.exe C:\Program Files\DesktopDialer\uninstal.log
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD MovieFactory for TOSHIBA --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9
FATE --> "C:\Program Files\TOSHIBA Games\FATE\Uninstall.exe"
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Intel® Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall
Internet Offers --> C:\Program Files\Internet Offers\ToshUninst.exe
iTunes --> MsiExec.exe /I{7FF9CD9C-6E0C-4462-9670-F424DCB32DAF}
Java SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
JEOPARDY --> "C:\Program Files\TOSHIBA Games\JEOPARDY\Uninstall.exe"
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Money Essentials --> "C:\Program Files\Microsoft Money 2007\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Money Shared Libraries --> MsiExec.exe /X{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
On2 VP7 Personal Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}\Setup.exe" -l0x9
Penguins! --> "C:\Program Files\TOSHIBA Games\Penguins!\Uninstall.exe"
Polar Bowler --> "C:\Program Files\TOSHIBA Games\Polar Bowler\Uninstall.exe"
Polar Golfer --> "C:\Program Files\TOSHIBA Games\Polar Golfer\Uninstall.exe"
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Ragnarok Sakray --> "C:\Windows\IFinst27.exe" -UC:\Program Files\Gravity\RO\IFUBA90.inf
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
SCRABBLE --> "C:\Program Files\TOSHIBA Games\SCRABBLE\Uninstall.exe"
Security Update for Excel 2007 (KB936509) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A00724F5-82C4-4924-B707-0E5A84B52471}
Security Update for Excel 2007 (KB936509) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A00724F5-82C4-4924-B707-0E5A84B52471}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB934062) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB936514) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C7A78F7F-EF32-4477-BAD7-3439EA7571BF}
Security Update for Office 2007 (KB936514) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C7A78F7F-EF32-4477-BAD7-3439EA7571BF}
Security Update for Publisher 2007 (KB936646) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpyHunter --> "C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TBS WMP Plug-in --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{DB5F474C-B584-417F-810B-DEBBC1893C2A}
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0409
TOSHIBA Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x9
TOSHIBA ConfigFree --> C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe -runfromtemp -l0x0009uninstall -removeonly
TOSHIBA Disc Creator --> MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA Extended Tiles for Windows Mobility Center --> C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0409
TOSHIBA Game Console --> "C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\Uninstall.exe"
TOSHIBA Hardware Setup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B97599D2-01F7-4551-96D8-674D3D886F7B}\setup.exe" -l0x9
TOSHIBA Media Center Game Console --> "C:\Program Files\TOSHIBA Games\TOSHIBA Media Center Game Console\Uninstall.exe"
Toshiba Registration --> MsiExec.exe /I{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}
TOSHIBA SD Memory Utilities --> MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem --> Tosmreg -U
TOSHIBA Software Upgrades --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe" -l0x9 -removeonly
TOSHIBA Speech System Applications --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{744E2BC2-EC6F-44D5-AA68-451B4131383B}\setup.exe" -l0x9
TOSHIBA Value Added Package --> C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB932080) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934391) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update for Office 2007 (KB934393) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update for Outlook 2007 (KB937608) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CBB2454D-193F-4523-8A31-FEB343B7C30E}
Update for Outlook 2007 Junk Email Filter (kb943597) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A751F0DB-8476-4207-956E-20AEBBA4B1DA}
Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
Update for Word 2007 (KB934173) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinDVD for TOSHIBA --> C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0409
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type9183 / Error
Event Submitted/Written: 01/28/2008 01:57:56 PM
Event ID/Source: 24 / WinMgmt
Event Description:
$Coreselect * from __TimerEvent__TimerEvent//./root/wmi
Event Record #/Type9182 / Error
Event Submitted/Written: 01/28/2008 01:57:56 PM
Event ID/Source: 24 / WinMgmt
Event Description:
$Coreselect * from __SystemEvent__SystemEvent//./root/wmi
Event Record #/Type9181 / Error
Event Submitted/Written: 01/28/2008 01:57:56 PM
Event ID/Source: 24 / WinMgmt
Event Description:
$Coreselect * from __NamespaceOperationEvent__NamespaceOperationEvent//./root/wmi
Event Record #/Type9180 / Error
Event Submitted/Written: 01/28/2008 01:57:56 PM
Event ID/Source: 24 / WinMgmt
Event Description:
$Coreselect * from __ClassOperationEvent__ClassOperationEvent//./root/wmi
Event Record #/Type9179 / Error
Event Submitted/Written: 01/28/2008 01:57:55 PM
Event ID/Source: 24 / WinMgmt
Event Description:
$Coreselect * from __InstanceOperationEvent__InstanceOperationEvent//./root/wmi
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type30396 / Error
Event Submitted/Written: 01/28/2008 00:17:12 PM
Event ID/Source: 10005 / DCOM
Event Description:
1084McNASvc{24F616A1-B755-4053-8018-C3425DC8B68A}
Event Record #/Type30395 / Error
Event Submitted/Written: 01/28/2008 00:14:11 PM
Event ID/Source: 10005 / DCOM
Event Description:
1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Event Record #/Type30394 / Error
Event Submitted/Written: 01/28/2008 00:13:37 PM
Event ID/Source: 10005 / DCOM
Event Description:
1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}
Event Record #/Type30393 / Error
Event Submitted/Written: 01/28/2008 00:13:37 PM
Event ID/Source: 10005 / DCOM
Event Description:
1068netman{BA126AD1-2166-11D1-B1D0-00805FC1270E}
Event Record #/Type30392 / Error
Event Submitted/Written: 01/28/2008 00:13:36 PM
Event ID/Source: 10005 / DCOM
Event Description:
1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
-- End of Deckard's System Scanner: finished at 2008-01-28 14:12:24 ------------
Thank you for the previous advice, and if you had any further suggestions I would greatly appreciate it!! My boyfriend had bought a subscription to Panda Antivirus, good for up to 3 computers- would this help my laptop?
Thank you for your help!