Hello. I did all the steps that you told me to perform.
My new HJT log is:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:41:01 PM, on 1/17/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\mobsync.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\luis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K26G49Q1\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\luis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: Office toolbar - {5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46} - C:\Windows\sysosa.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebook.com/controls/Fac ... oader3.cabO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 9291 bytes
Decker Scan Report
Maint.txt:
Deckard's System Scanner v20071014.68
Run by luis on 2008-01-17 17:38:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
18: 2008-01-18 01:33:25 UTC - RP283 - Installed Java(TM) 6 Update 4
17: 2008-01-18 01:14:00 UTC - RP282 - Removed Java(TM) SE Runtime Environment 6
16: 2008-01-18 01:00:32 UTC - RP281 - Windows Update
15: 2008-01-17 02:41:31 UTC - RP280 - Scheduled Checkpoint
14: 2008-01-14 18:47:20 UTC - RP279 - Scheduled Checkpoint
-- First Restore Point --
1: 2007-12-22 01:35:56 UTC - RP265 - Installed Samsung Media Stuido
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 77% (more than 75%).Total Physical Memory: 1014 MiB (1024 MiB recommended).-- HijackThis (run as luis.exe) ------------------------------------------------
logfile has no content; running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-17 17:41:01
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\mobsync.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\luis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K26G49Q1\dss[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://home.microsoft.com/access/autosearch.asp?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: Office toolbar - {5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46} - C:\Windows\sysosa.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebook.com/controls/Fac ... oader3.cabO16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -
http://fpdownload.macromedia.com/get/fl ... rashim.cabO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\System32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Swupdtmr - Unknown owner - C:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\System32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10524 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
S3 USBAAPL (Apple Mobile USB Driver) - c:\windows\system32\drivers\usbaapl.sys <Not Verified; Apple, Inc.; Apple Mobile Device USB Driver>
S4 KR10I - c:\windows\system32\drivers\kr10i.sys <Not Verified; TOSHIBA CORPORATION; TOSHIBA RAID>
S4 KR10N - c:\windows\system32\drivers\kr10n.sys <Not Verified; TOSHIBA CORPORATION; TOSHIBA RAID>
S4 KR3NPXP - c:\windows\system32\drivers\kr3npxp.sys <Not Verified; TOSHIBA CORPORATION; TOSHIBA RAID>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
R2 TODDSrv (TOSHIBA Optical Disc Drive Service) - c:\windows\system32\toddsrv.exe <Not Verified; TOSHIBA Corporation; TDCSrv Application>
R2 TOSHIBA Bluetooth Service - c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe <Not Verified; TOSHIBA CORPORATION; Bluetooth Stack for Windows by TOSHIBA>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-01-01 01:00:57 330 --a------ C:\Windows\Tasks\McQcTask.job
2007-11-21 04:43:58 338 --a------ C:\Windows\Tasks\McDefragTask.job
-- Files created between 2007-12-17 and 2008-01-17 -----------------------------
2008-01-17 17:34:14 0 d-------- C:\Program Files\Common Files\Java
2008-01-16 18:57:56 0 d-------- C:\Program Files\Trend Micro
2008-01-16 17:15:44 53248 --a------ C:\Windows\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2008-01-16 17:08:29 0 d-------- C:\Users\All Users\Grisoft
2008-01-15 18:14:16 4948 --a------ C:\Windows\system32\tmp.reg
2008-01-15 17:54:05 25600 --a------ C:\Windows\system32\WS2Fix.exe
2008-01-15 17:54:05 81920 --a------ C:\Windows\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-15 17:54:04 289144 --a------ C:\Windows\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-15 17:54:04 51200 --a------ C:\Windows\system32\dumphive.exe
2008-01-15 17:54:03 288417 --a------ C:\Windows\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-15 17:53:52 0 d-------- C:\Windows\system32\SmitfraudFix <SMITFR~1>
2008-01-15 17:41:32 0 d-a------ C:\Users\All Users\TEMP
2008-01-15 17:08:18 0 d-------- C:\Program Files\Microsoft Silverlight
2008-01-14 20:56:31 0 d-------- C:\Program Files\Enigma Software Group
2008-01-14 17:06:21 228352 --a------ C:\Windows\sysosa.dll <Not Verified; Intel; >
2008-01-14 17:06:20 49 --a------ C:\tmp.bat
2007-12-21 17:51:26 0 d-------- C:\Program Files\MyFree Codec
2007-12-21 17:37:53 352256 --a------ C:\Windows\system32\MSLUR71.dll <Not Verified; Sample Corporation; Sample Application DLL>
2007-12-21 17:37:52 507904 --a------ C:\Windows\system32\MSLUP71.dll <Not Verified; Sample Corporation; Sample Application DLL>
2007-12-21 17:37:11 57344 --a------ C:\Windows\system32\MTXSYNCICON.dll <MTXSYN~1.DLL> <Not Verified; Marktek Inc.; MTXSYNCICON Module>
2007-12-21 17:37:11 155648 --a------ C:\Windows\system32\MSFLib.dll <Not Verified; Teruten Inc.; MSFLib>
2007-12-21 17:37:11 245760 --a------ C:\Windows\system32\MSCLib.dll <Not Verified; Teruten Inc.; MSCLib>
2007-12-21 17:37:10 40960 --a------ C:\Windows\system32\MTTELECHIP.dll <MTTELE~1.DLL> <Not Verified; Telechips Inc.,; TCC730 USB>
2007-12-21 17:37:09 364544 --a------ C:\Windows\system32\MASetupWizard.dll <MASETU~1.DLL> <Not Verified; (?)????; MASetupWizard Module>
2007-12-21 17:37:09 24576 --a------ C:\Windows\system32\MASetupCleaner.exe <MASETU~1.EXE> <Not Verified; (?)????; MASetupCleaner ?? ????>
2007-12-21 17:37:08 57344 --a------ C:\Windows\system32\MK_Lyric.dll <Not Verified; Marktek; Marktek MK_Lyric>
2007-12-21 17:37:08 45056 --a------ C:\Windows\system32\MaXMLProto.dll <MAXMLP~1.DLL> <Not Verified; (?) ????; XML ?? ???? ?????>
2007-12-21 17:37:08 40960 --a------ C:\Windows\system32\MAMACExtract.dll <MAMACE~1.DLL> <Not Verified; ???????; ??????? MAMACExtract>
2007-12-21 17:37:08 106609 --a------ C:\Windows\system32\MaJUtilLib.dll <MAJUTI~1.DLL> <Not Verified; (?) ????, ??? ???; MaJUtilLib ?? ?? ?????>
2007-12-21 17:37:08 49152 --a------ C:\Windows\system32\MaJGUILib.dll <MAJGUI~1.DLL> <Not Verified; (?) ????; MaJGUILib ?? ?? ?????>
2007-12-21 17:37:08 118784 --a------ C:\Windows\system32\MaDRM.dll <Not Verified; (?)????; MaDRM ?? ?? ????? with PKI>
2007-12-21 17:37:08 45056 --a------ C:\Windows\system32\MACXMLProto.dll <MACXML~1.DLL> <Not Verified; (?) ????; ????? ???? ?????>
2007-12-21 17:37:08 0 d-------- C:\Program Files\Samsung
-- Find3M Report ---------------------------------------------------------------
2008-01-17 17:35:56 0 d-------- C:\Program Files\Java
2008-01-17 17:34:14 0 d-------- C:\Program Files\Common Files
2008-01-16 17:08:52 0 d-------- C:\Users\luis\AppData\Roaming\Grisoft
2008-01-09 20:40:44 0 d-------- C:\Program Files\Windows Mail
2008-01-09 17:11:49 0 d-------- C:\Program Files\Windows Sidebar
2008-01-06 10:17:26 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-18 18:20:55 0 d-------- C:\Program Files\SiteAdvisor
2007-12-12 11:38:29 0 d-------- C:\Users\luis\AppData\Roaming\Ulead Systems
2007-12-12 10:54:04 0 d-------- C:\Users\luis\AppData\Roaming\Sony Corporation
2007-12-12 10:33:15 0 d-------- C:\Program Files\Sony
2007-12-10 15:18:25 0 d-------- C:\Program Files\PC Drivers HeadQuarters
2007-11-26 21:57:17 0 d-------- C:\Users\luis\AppData\Roaming\SiteAdvisor
2007-11-22 22:05:21 0 d-------- C:\Program Files\Netflix
2007-11-22 14:28:42 0 d-------- C:\Program Files\iTunes
2007-11-22 14:28:32 0 d-------- C:\Program Files\iPod
2007-11-22 14:26:29 0 d-------- C:\Program Files\QuickTime
2007-11-21 16:49:12 0 d-------- C:\Program Files\McAfee
2007-11-20 19:56:33 0 d-------- C:\Program Files\Common Files\McAfee
2007-11-20 19:55:57 0 d-------- C:\Program Files\McAfee.com
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46}]
01/14/2008 05:06 PM 228352 --a------ C:\Windows\sysosa.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [01/31/2007 02:40 PM]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [01/31/2007 02:40 PM]
"Persistence"="C:\Windows\system32\igfxpers.exe" [01/31/2007 02:40 PM]
"Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [02/13/2007 08:30 AM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [05/23/2007 06:04 PM]
"RtHDVCpl"="RtHDVCpl.exe" [02/06/2007 05:50 PM C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [02/02/2007 01:36 PM]
"NDSTray.exe"="NDSTray.exe" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [02/28/2007 12:10 PM]
"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [12/19/2006 11:16 PM]
"HSON"="C:\Program Files\TOSHIBA\TBS\HSON.exe" [12/07/2006 04:49 PM]
"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [01/18/2007 10:24 PM]
"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [01/17/2007 01:46 PM]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [08/24/2007 01:57 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [11/14/2007 11:43 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [11/15/2007 01:11 PM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 01:25 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [12/14/2007 03:42 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"TOSCDSPD"="TOSCDSPD.EXE" []
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [03/27/2007 02:22 PM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 11:54 AM]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [11/02/2006 04:35 AM]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [12/18/2007 05:47 PM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 04:36 AM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Users\luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [12/12/2007 10:33:54 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-01-17 17:42:54 ------------
EXTRA.TXT is:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English
CPU 0: Intel(R) Core(TM)2 CPU T5300 @ 1.73GHz
Percentage of Memory in Use: 77%
Physical Memory (total/avail): 1013.44 MiB / 230.62 MiB
Pagefile Memory (total/avail): 2274.13 MiB / 1181.7 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1924.56 MiB
C: is Fixed (NTFS) - 147.58 GiB total, 107.42 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - Hitachi HTS541616J9SA00 ATA Device - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 1500 MiB
\PARTITION1 (bootable) - Installable File System - 147.58 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
AS: McAfee VirusScan v (McAfee)
AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.)
Disabled OutdatedAS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"="C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"="C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\luis\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HOME
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\luis
LOCALAPPDATA=C:\Users\luis\AppData\Local
LOGONSERVER=\\HOME
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\QuickTime\QTSystem\;C:\Windows\Microsoft.NET\Framework\v2.0.50727
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f02
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\luis\AppData\Local\Temp
TMP=C:\Users\luis\AppData\Local\Temp
USERDOMAIN=Home
USERNAME=luis
USERPROFILE=C:\Users\luis
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
luis
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{02FB2C63-5763-4CDD-99E6-566C57189742}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x9 /cont -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3881DD58-780F-4FCF-8A16-6E6800C2FEE0}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9225EABF-4457-403B-A82B-91614C9DDDF7}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9EFF51A-C925-4F1A-9DEB-DB5F970DE983}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E9CCEA28-3608-4078-8A07-997646E1A357}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD7FF74D-0AB5-48D6-929C-7E93A5162521}\setup.exe" -l0x9 -removeonly
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Bejeweled 2 Deluxe --> "C:\Program Files\TOSHIBA Games\Bejeweled 2 Deluxe\Uninstall.exe"
Blackhawk Striker 2 --> "C:\Program Files\TOSHIBA Games\Blackhawk Striker 2\Uninstall.exe"
Blasterball 3 --> "C:\Program Files\TOSHIBA Games\Blasterball 3\Uninstall.exe"
Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Camera Assistant Software for Toshiba --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe" -l0x9
CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe" -l0x9
Chuzzle Deluxe --> "C:\Program Files\TOSHIBA Games\Chuzzle Deluxe\Uninstall.exe"
Desktop Dialer --> C:\Windows\unvise32.exe C:\Program Files\DesktopDialer\uninstal.log
Driver Detective --> C:\Program Files\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
DVD MovieFactory for TOSHIBA --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9
FATE --> "C:\Program Files\TOSHIBA Games\FATE\Uninstall.exe"
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel(R) Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall
Internet Offers --> C:\Program Files\Internet Offers\ToshUninst.exe
iTunes --> MsiExec.exe /I{4F5CE18C-D97D-48FF-A510-A0D90C918294}
Java(TM) 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
JEOPARDY --> "C:\Program Files\TOSHIBA Games\JEOPARDY\Uninstall.exe"
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Money Essentials --> "C:\Program Files\Microsoft Money 2007\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Money Shared Libraries --> MsiExec.exe /X{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe
Netflix Movie Viewer --> MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
Penguins! --> "C:\Program Files\TOSHIBA Games\Penguins!\Uninstall.exe"
Polar Bowler --> "C:\Program Files\TOSHIBA Games\Polar Bowler\Uninstall.exe"
Polar Golfer --> "C:\Program Files\TOSHIBA Games\Polar Golfer\Uninstall.exe"
QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
SCRABBLE --> "C:\Program Files\TOSHIBA Games\SCRABBLE\Uninstall.exe"
Sony Picture Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x9 UNINSTALL -removeonly
SoulSeek Client 156c --> "C:\Program Files\Soulseek\uninstall.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0409
TOSHIBA Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x9
TOSHIBA ConfigFree --> C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe -runfromtemp -l0x0009uninstall -removeonly
TOSHIBA Disc Creator --> MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA Extended Tiles for Windows Mobility Center --> C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0409
TOSHIBA Game Console --> "C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\Uninstall.exe"
TOSHIBA Hardware Setup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B97599D2-01F7-4551-96D8-674D3D886F7B}\setup.exe" -l0x9
TOSHIBA Media Center Game Console --> "C:\Program Files\TOSHIBA Games\TOSHIBA Media Center Game Console\Uninstall.exe"
Toshiba Registration --> MsiExec.exe /I{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}
TOSHIBA SD Memory Utilities --> MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem --> Tosmreg -U
TOSHIBA Software Upgrades --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe" -l0x9 -removeonly
TOSHIBA Speech System Applications --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{744E2BC2-EC6F-44D5-AA68-451B4131383B}\setup.exe" -l0x9
TOSHIBA Value Added Package --> C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409
TurboTax Basic 2006 --> C:\Program Files\TurboTax\Basic 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Basic 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2005 --> MsiExec.exe /X{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}
WexTech AnswerWorks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\SETUP.EXE" -l0x9 -eliminate
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinDVD for TOSHIBA --> C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0409
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Music Jukebox --> "C:\Program Files\Yahoo!\Yahoo! Music Jukebox\Uninstall.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type17244 / Success
Event Submitted/Written: 01/17/2008 05:17:40 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type17243 / Success
Event Submitted/Written: 01/17/2008 05:17:38 PM
Event ID/Source: 5615 / WinMgmt
Event Description:
Event Record #/Type17241 / Success
Event Submitted/Written: 01/17/2008 05:17:36 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
Event Record #/Type17231 / Warning
Event Submitted/Written: 01/17/2008 05:16:11 PM
Event ID/Source: 1530 / profsvc
Event Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2946146890-1700853830-992958295-1000_Classes:
Process 940 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000_CLASSES
Event Record #/Type17230 / Warning
Event Submitted/Written: 01/17/2008 05:16:09 PM
Event ID/Source: 1530 / profsvc
Event Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
8 user registry handles leaked from \Registry\User\S-1-5-21-2946146890-1700853830-992958295-1000:
Process 2264 (\Device\HarddiskVolume2\Program Files\SiteAdvisor\6253\SAService.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000
Process 2264 (\Device\HarddiskVolume2\Program Files\SiteAdvisor\6253\SAService.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000
Process 940 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000
Process 2264 (\Device\HarddiskVolume2\Program Files\SiteAdvisor\6253\SAService.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000\Software\Microsoft\SystemCertificates\trust
Process 2264 (\Device\HarddiskVolume2\Program Files\SiteAdvisor\6253\SAService.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2264 (\Device\HarddiskVolume2\Program Files\SiteAdvisor\6253\SAService.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000\Software\Microsoft\SystemCertificates\CA
Process 2264 (\Device\HarddiskVolume2\Program Files\SiteAdvisor\6253\SAService.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000\Software\Microsoft\SystemCertificates\Root
Process 2264 (\Device\HarddiskVolume2\Program Files\SiteAdvisor\6253\SAService.exe) has opened key \REGISTRY\USER\S-1-5-21-2946146890-1700853830-992958295-1000\Software\Policies\Microsoft\SystemCertificates
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type53093 / Warning
Event Submitted/Written: 01/17/2008 05:41:21 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Home27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Home27 can't undo changes that you allow.
For more information please see the following:
%Home275
Scan ID: {63715866-3FD7-4EA9-9683-C556B21F26CE}
User: Home\luis
Name: %Home271
ID: %Home272
Severity ID: %Home273
Category ID: %Home274
Path Found: %Home276
Alert Type: %Home278
Detection Type: 1.1.1505.02
Event Record #/Type53092 / Warning
Event Submitted/Written: 01/17/2008 05:41:21 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Home27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Home27 can't undo changes that you allow.
For more information please see the following:
%Home275
Scan ID: {2EF93A0A-CF11-4430-8BBE-0FFC19061A34}
User: Home\luis
Name: %Home271
ID: %Home272
Severity ID: %Home273
Category ID: %Home274
Path Found: %Home276
Alert Type: %Home278
Detection Type: 1.1.1505.02
Event Record #/Type53091 / Warning
Event Submitted/Written: 01/17/2008 05:41:18 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Home27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Home27 can't undo changes that you allow.
For more information please see the following:
%Home275
Scan ID: {38276E83-1CB4-4935-A228-FEDC772B29CB}
User: Home\luis
Name: %Home271
ID: %Home272
Severity ID: %Home273
Category ID: %Home274
Path Found: %Home276
Alert Type: %Home278
Detection Type: 1.1.1505.02
Event Record #/Type53090 / Warning
Event Submitted/Written: 01/17/2008 05:41:18 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Home27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Home27 can't undo changes that you allow.
For more information please see the following:
%Home275
Scan ID: {851618AC-778C-4914-BDC6-2D37DA81FFF9}
User: Home\luis
Name: %Home271
ID: %Home272
Severity ID: %Home273
Category ID: %Home274
Path Found: %Home276
Alert Type: %Home278
Detection Type: 1.1.1505.02
Event Record #/Type53089 / Warning
Event Submitted/Written: 01/17/2008 05:41:18 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Home27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Home27 can't undo changes that you allow.
For more information please see the following:
%Home275
Scan ID: {AEFC52FE-9DA8-45A0-BDF1-74D78858A562}
User: Home\luis
Name: %Home271
ID: %Home272
Severity ID: %Home273
Category ID: %Home274
Path Found: %Home276
Alert Type: %Home278
Detection Type: 1.1.1505.02
-- End of Deckard's System Scanner: finished at 2008-01-17 17:42:54 ------------