Thank you ANDREWUK.
I did remove Norton last week to see if that was the cause of this issue. I was waiting to reinstall until I got to the root of the problem. I should add that this issue is really noticable when anything involes sound. The sounds stutter and slow down. On start up and when I listen to or watch anything. This is especially when I notice usage hitting 100%.
Malwarebytes' Anti-Malware 1.05
Database version: 436
Scan type: Quick Scan
Objects scanned: 25598
Time elapsed: 10 minute(s), 8 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 03/01/2008 at 08:37 PM
Application Version : 4.0.1154
Core Rules Database Version : 3412
Trace Rules Database Version: 1404
Scan type : Complete Scan
Total Scan Time : 05:30:26
Memory items scanned : 513
Memory threats detected : 0
Registry items scanned : 4297
Registry threats detected : 0
File items scanned : 42474
File threats detected : 11
Adware.Tracking Cookie
C:\Documents and Settings\REMOVED\Cookies\
[email protected][1].txt
C:\Documents and Settings\REMOVED\Cookies\broc_sleek@fastclick[2].txt
C:\Documents and Settings\REMOVED\Cookies\broc_sleek@atdmt[2].txt
C:\Documents and Settings\REMOVED\Cookies\broc_sleek@mediaplex[1].txt
C:\Documents and Settings\REMOVED\Cookies\
[email protected][1].txt
C:\Documents and Settings\REMOVED\Cookies\broc_sleek@doubleclick[1].txt
C:\Documents and Settings\REMOVED\Cookies\broc_sleek@advertising[1].txt
C:\Documents and Settings\REMOVED\Cookies\
[email protected][2].txt
C:\Documents and Settings\REMOVED\Cookies\broc_sleek@apmebf[1].txt
C:\Documents and Settings\REMOVED\Cookies\
[email protected][2].txt
C:\Documents and Settings\REMOVED\Cookies\broc_sleek@casalemedia[2].txt
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, March 02, 2008 12:24:16 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 2/03/2008
Kaspersky Anti-Virus database records: 592992
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
Scan Statistics:
Total number of scanned objects: 44113
Number of viruses found: 0
Number of infected objects: 0
Number of suspicious objects: 0
Duration of the scan process: 01:51:46
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\REMOVED\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\REMOVED\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\REMOVED\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\REMOVED\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\REMOVED\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\REMOVED\Local Settings\History\History.IE5\MSHist012008030120080302\index.dat Object is locked skipped
C:\Documents and Settings\REMOVED\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\REMOVED\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\REMOVED\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\REMOVED\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{E5F689B9-8C88-425A-878C-812257CD29D2}\RP30\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{77E68EA9-1089-4FE7-81DB-0F0C1F621AE0}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Deckard's System Scanner v20071014.68
Run by REMOVED on 2008-03-02 00:36:33
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
31: 2008-03-02 05:36:59 UTC - RP31 - Deckard's System Scanner Restore Point
30: 2008-03-01 20:02:17 UTC - RP30 - Installed SUPERAntiSpyware Free Edition
29: 2008-03-01 12:48:46 UTC - RP29 - Deckard's System Scanner Restore Point
28: 2008-03-01 12:36:43 UTC - RP28 - System Checkpoint
27: 2008-02-28 02:24:13 UTC - RP27 - System Checkpoint
-- First Restore Point --
1: 2008-02-18 03:46:50 UTC - RP1 - System Checkpoint
Performed disk cleanup.
-- HijackThis (run as REMOVED.exe) ------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:37:09 AM, on 3/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\toshiba\ivp\ism\pinger.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\REMOVED\desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\BROCSL~1.EXE
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1203298856937O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.mi...b?1203298849812O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -
http://www.crucial.c.../cpcScanner.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
--
End of file - 6325 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080301-122350-217 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
backup-20080301-122350-410 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896backup-20080301-122350-442 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
backup-20080301-122350-620 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157backup-20080301-122350-631 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157backup-20080301-122350-709 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
backup-20080301-122350-713 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.toshiba.com/searchbackup-20080301-122350-747 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20080301-122350-761 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
backup-20080301-122350-805 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896backup-20080301-122350-823 O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
backup-20080301-122351-665 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20080301-122924-336 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20080301-122924-820 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.9.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.9.0>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 TVALD (Toshiba Mobile PC Service) - c:\windows\system32\drivers\nbsmi.sys <Not Verified; Toshiba Corporation; Toshiba Notebook PC SMI Service>
R3 Tvs (TOSHIBA Virtual Sound with SRS technologies) - c:\windows\system32\drivers\tvs.sys <Not Verified; TOSHIBA Corporation; Audio Filter>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 tosrfec (Bluetooth ACPI from TOSHIBA) - c:\windows\system32\drivers\tosrfec.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth EC Driver>
S3 USBAAPL (Apple Mobile USB Driver) - c:\windows\system32\drivers\usbaapl.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree>
R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R2 Swupdtmr - c:\toshiba\ivp\swupdate\swupdtmr.exe
R2 TAPPSRV (TOSHIBA Application Service) - "c:\program files\toshiba\toshiba applet\tappsrv.exe" <Not Verified; TOSHIBA Corp.; TOSHIBA TAPPSRV>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Process Modules -------------------------------------------------------------
C:\WINDOWS\system32\winlogon.exe (pid 852)
2007-04-19 12:41:36 294912 --a------ C:\Program Files\SUPERAntiSpyware\SASWINLO.dll <Not Verified; SUPERAntiSpyware.com; SUPERAntiSpyware WinLogon Processor>
C:\WINDOWS\system32\svchost.exe (pid 1244)
2007-07-24 15:17:08 147456 --a------ C:\Program Files\Bonjour\mdnsNSP.dll <Not Verified; Apple Inc.; Bonjour>
C:\WINDOWS\explorer.exe (pid 1696)
2005-05-31 23:59:56 53248 --a------ C:\WINDOWS\system32\TPwrCfg.dll <Not Verified; TOSHIBA Corporation; TOSHIBA Power Saver>
2005-05-31 23:59:40 81920 --a------ C:\WINDOWS\system32\TPwrReg.dll <Not Verified; TOSHIBA Corporation; TOSHIBA Power Saver>
2005-05-31 23:59:46 53248 --a------ C:\WINDOWS\system32\TPSTrace.dll <Not Verified; TOSHIBA Corporation; TOSHIBA Powre Saver>
-- Scheduled Tasks -------------------------------------------------------------
2008-02-25 22:54:30 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-02-18 19:58:48 418 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
2008-02-18 18:36:02 280 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2008-02-18 18:35:59 402 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
-- Files created between 2008-02-02 and 2008-03-02 -----------------------------
2008-03-01 22:06:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-01 22:05:57 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-01 22:05:53 0 d-------- C:\WINDOWS\LastGood
2008-03-01 15:02:37 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-01 15:02:23 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-01 15:02:23 0 d-------- C:\Documents and Settings\REMOVED\Application Data\SUPERAntiSpyware.com
2008-03-01 15:01:43 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-01 14:46:02 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Malwarebytes
2008-03-01 14:45:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-01 14:45:52 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-01 12:25:58 0 d-------- C:\WINDOWS\Sun
2008-03-01 12:24:44 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Sun
2008-03-01 07:57:23 0 d-------- C:\Program Files\Trend Micro
2008-02-25 22:57:09 0 d-------- C:\Program Files\iPod
2008-02-25 22:56:27 0 d-------- C:\Program Files\iTunes
2008-02-25 22:54:38 0 d-------- C:\Program Files\Bonjour
2008-02-25 22:54:22 0 d-------- C:\Program Files\Apple Software Update
2008-02-25 22:53:23 0 d-------- C:\Program Files\Common Files\Apple
2008-02-25 22:53:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-02-23 01:02:44 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Roxio
2008-02-23 00:55:03 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-02-23 00:55:02 0 d-------- C:\Program Files\Common Files\Napster Shared
2008-02-23 00:52:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Napster
2008-02-23 00:52:27 0 d-------- C:\Program Files\Napster
2008-02-23 00:52:15 0 d-------- C:\Documents and Settings\REMOVED\Application Data\InstallShield
2008-02-19 20:29:58 153 --a------ C:\DelUS.bat
2008-02-19 20:20:59 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Leadertech
2008-02-19 20:13:02 0 d-------- C:\WINDOWS\Downloaded Installations
2008-02-19 19:49:34 0 d-------- C:\Documents and Settings\REMOVED\Application Data\AdobeUM
2008-02-19 08:34:48 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Google
2008-02-19 04:25:36 0 d-------- C:\Program Files\MSXML 4.0
2008-02-18 22:19:44 0 d-------- C:\WINDOWS\pss
2008-02-18 22:17:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-02-18 20:29:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-02-18 20:03:30 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-18 20:00:10 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-18 19:58:40 0 d-------- C:\Program Files\Norton Security Scan
2008-02-18 19:58:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-02-18 18:36:04 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Uniblue
2008-02-18 18:13:02 0 d-------- C:\WINDOWS\system32\PreInstall
2008-02-17 23:13:37 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-02-17 23:13:19 0 d-------- C:\WINDOWS\SHELLNEW
2008-02-17 22:47:01 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Intel
2008-02-17 22:47:01 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Identities
2008-02-17 22:47:01 0 d-------- C:\Documents and Settings\REMOVED\Application Data\AOL
2008-02-17 22:47:01 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Adobe
2008-02-17 22:47:00 0 d-------- C:\Documents and Settings\REMOVED\WINDOWS
2008-02-17 22:47:00 0 d--h----- C:\Documents and Settings\REMOVED\Templates
2008-02-17 22:47:00 0 dr------- C:\Documents and Settings\REMOVED\Start Menu
2008-02-17 22:47:00 0 dr-h----- C:\Documents and Settings\REMOVED\SendTo
2008-02-17 22:47:00 0 dr-h----- C:\Documents and Settings\REMOVED\Recent
2008-02-17 22:47:00 0 d--h----- C:\Documents and Settings\REMOVED\PrintHood
2008-02-17 22:47:00 0 d--h----- C:\Documents and Settings\REMOVED\NetHood
2008-02-17 22:47:00 0 dr------- C:\Documents and Settings\REMOVED\My Documents
2008-02-17 22:47:00 0 d--h----- C:\Documents and Settings\REMOVED\Local Settings
2008-02-17 22:47:00 0 dr------- C:\Documents and Settings\REMOVED\Favorites
2008-02-17 22:47:00 0 d-------- C:\Documents and Settings\REMOVED\Desktop
2008-02-17 22:47:00 0 d--hs---- C:\Documents and Settings\REMOVED\Cookies
2008-02-17 22:47:00 0 dr-h----- C:\Documents and Settings\REMOVED\Application Data
2008-02-17 22:47:00 0 d-------- C:\Documents and Settings\REMOVED\Application Data\You've Got Pictures Screensaver
2008-02-17 22:47:00 0 d-------- C:\Documents and Settings\REMOVED\Application Data\toshiba
2008-02-17 22:47:00 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Intuit
2008-02-17 22:46:59 2359296 --ah----- C:\Documents and Settings\REMOVED\NTUSER.DAT
2008-02-17 22:46:43 262144 --a------ C:\Documents and Settings\Intel\NTUSER.DAT
2008-02-17 22:46:42 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT
2008-02-17 22:46:30 0 d-------- C:\Documents and Settings\Intel\Application Data
2008-02-17 22:46:30 0 d-------- C:\Documents and Settings\Intel\Application Data\Intel
2008-02-17 22:46:20 21275 --a------ C:\WINDOWS\system32\drivers\AegisP.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.9.0>
2008-02-17 22:46:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Intel
2008-02-17 22:45:59 0 d-------- C:\Documents and Settings\Intel\Wireless
2008-02-17 22:45:59 0 d-------- C:\Documents and Settings\Default User\Application Data\Intel
2008-02-17 22:45:49 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-02-17 22:45:40 0 d-------- C:\Documents and Settings\Default User\WINDOWS
2008-02-17 22:45:40 0 d-------- C:\Documents and Settings\Default User\Application Data\You've Got Pictures Screensaver
2008-02-17 22:45:40 0 d-------- C:\Documents and Settings\Default User\Application Data\toshiba
2008-02-17 22:45:40 0 d-------- C:\Documents and Settings\Default User\Application Data\Intuit
2008-02-17 22:45:40 0 d-------- C:\Documents and Settings\Default User\Application Data\AOL
2008-02-17 22:45:40 0 d-------- C:\Documents and Settings\Default User\Application Data\Adobe
2008-02-17 22:36:35 0 d-------- C:\WINDOWS\system32\DLA
2008-02-17 22:34:15 212480 --a------ C:\WINDOWS\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2008-02-17 22:33:55 4528 -ra------ C:\WINDOWS\system32\SETBROWS.EXE
2008-02-17 22:33:54 0 d-------- C:\Program Files\Metamail Inc
2008-02-17 22:30:22 0 d--hs---- C:\System Volume Information
2008-02-17 22:01:41 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Apple Computer
2008-02-17 22:00:32 0 d-------- C:\Program Files\QuickTime
2008-02-17 22:00:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-17 20:41:16 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-02-17 20:40:29 0 d--hs---- C:\Documents and Settings\REMOVED\UserData
2008-02-17 20:11:48 0 d-------- C:\Program Files\Microsoft.NET
2008-02-17 20:09:57 0 dr-h----- C:\MSOCache
2008-02-17 20:05:34 0 d-------- C:\Documents and Settings\REMOVED\Application Data\Macromedia
-- Find3M Report ---------------------------------------------------------------
2008-03-01 15:01:43 0 d-------- C:\Program Files\Common Files
2008-02-23 00:52:44 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-19 20:27:02 0 d-------- C:\Program Files\InterVideo
2008-02-19 20:20:26 0 d-------- C:\Program Files\TOSHIBA
2008-02-19 20:17:11 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-19 04:14:54 0 d-------- C:\Program Files\Google
2008-02-18 22:15:25 0 d-------- C:\Program Files\Yahoo!
2008-02-17 22:46:07 0 d-------- C:\Program Files\Intel
2008-02-17 22:36:34 0 d-------- C:\Program Files\Sonic
2008-02-17 20:07:41 0 d-------- C:\Program Files\Pure Networks
2008-02-17 20:07:41 0 d-------- C:\Program Files\Common Files\AOL
2008-02-17 20:02:54 0 d-------- C:\Program Files\Quicken
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [11/28/2005 12:55 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [11/28/2005 12:52 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [11/28/2005 12:55 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [12/16/2005 07:32 PM]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [08/18/2004 06:37 AM]
"AGRSMMSG"="AGRSMMSG.exe" [10/15/2005 09:29 AM C:\WINDOWS\agrsmmsg.exe]
"NDSTray.exe"="NDSTray.exe" []
"Tvs"="C:\Program Files\Toshiba\Tvs\TvsTray.exe" [11/30/2005 03:25 PM]
"TPSMain"="TPSMain.exe" [06/01/2005 12:00 AM C:\WINDOWS\system32\TPSMain.exe]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [04/26/2005 07:13 PM]
"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [03/17/2005 08:37 PM]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [10/06/2005 08:20 AM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [12/05/2005 03:37 PM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [11/28/2005 02:41 PM]
"NapsterShell"="C:\Program Files\Napster\napster.exe" [12/10/2007 02:35 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/19/2008 01:10 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [12/30/2004 03:32 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [02/18/2008 07:58 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 07:00 AM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 12:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
-- End of Deckard's System Scanner: finished at 2008-03-02 00:38:39 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Genuine Intel® CPU T1300 @ 1.66GHz
Percentage of Memory in Use: 36%
Physical Memory (total/avail): 1525.98 MiB / 971.85 MiB
Pagefile Memory (total/avail): 3425.19 MiB / 3047.93 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1904.67 MiB
C: is Fixed (NTFS) - 74.28 GiB total, 43.17 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - HTS541080G9SA00 - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 74.28 GiB - C:
\PARTITION1 - Unknown - 251.02 MiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AV: McAfee VirusScan v (McAfee)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"="C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine"
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"="C:\\TOSHIBA\\IVP\\ISM\\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1137646052\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1137646052\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\REMOVED\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TOSHIBA-USER
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
GETMODEL=Satellite A105
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\REMOVED
LOGONSERVER=\\TOSHIBA-USER
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_04\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\BROCSL~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\BROCSL~1\LOCALS~1\Temp
USERDOMAIN=TOSHIBA-USER
USERNAME=REMOVED
USERPROFILE=C:\Documents and Settings\REMOVED
VERNUM=PSAA8U-05400JV
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
REMOVED
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
DVD-RAM Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hijackthis 1.99.1 --> "C:\Program Files\Hijackthis\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Intel® Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel® PRO Network Connections Drivers --> Prounstl.exe
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD for TOSHIBA --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Napster --> C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe -runfromtemp -l0x0009 -removeonly
Napster Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Norton Security Scan --> MsiExec.exe /I{3A4FFB84-D070-4DA5-AB7B-D41D87FD8D19}
Office 2003 Trial Assistant --> MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
SD Secure Module --> MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1033
TOSHIBA Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x9
TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
TOSHIBA Controls --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Hotkey Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x9
TOSHIBA PC Diagnostic Tool --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu"
TOSHIBA Power Saver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
TOSHIBA SD Memory Card Format --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe"
TOSHIBA Software Modem --> Tosmreg -U
TOSHIBA Software Upgrades --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe"
TOSHIBA Speech System Applications --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA TouchPad ON/Off Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x9
TOSHIBA Utilities --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x9
TOSHIBA Virtual Sound --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\Setup.exe" /uninstall
TOSHIBA Zooming Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
-- Application Event Log -------------------------------------------------------
Event Record #/Type139 / Error
Event Submitted/Written: 02/24/2008 02:15:19 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application YahooMessenger.exe, version 8.1.0.421, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type37 / Error
Event Submitted/Written: 02/17/2008 08:56:15 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application glb1b6.tmp, version 2008.2.13.1, faulting module urlmon.dll, version 6.0.2900.2753, fault address 0x0000380c.
Processing media-specific event for [glb1b6.tmp!ws!]
Event Record #/Type35 / Error
Event Submitted/Written: 02/17/2008 08:56:00 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application glb1a9.tmp, version 2008.2.13.1, faulting module urlmon.dll, version 6.0.2900.2753, fault address 0x0000380c.
Processing media-specific event for [glb1a9.tmp!ws!]
Event Record #/Type27 / Warning
Event Submitted/Written: 02/17/2008 11:13:45 PM
Event ID/Source: 5603 / WinMgmt
Event Description:
A provider, OffProv11, has been registered in the WMI namespace, Root\MSAPPS11, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.
Event Record #/Type26 / Warning
Event Submitted/Written: 02/17/2008 11:13:45 PM
Event ID/Source: 5603 / WinMgmt
Event Description:
A provider, OffProv11, has been registered in the WMI namespace, Root\MSAPPS11, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3514 / Warning
Event Submitted/Written: 03/01/2008 11:55:22 PM
Event ID/Source: 1003 / Dhcp