Deckard's System Scanner v20071014.68
Run by Compaq_Administrator on 2008-01-20 00:38:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
33: 2008-01-20 05:38:23 UTC - RP33 - Deckard's System Scanner Restore Point
32: 2008-01-20 05:29:14 UTC - RP32 - Installed Java 6 Update 4
31: 2008-01-19 12:57:52 UTC - RP31 - Removed Java SE Runtime Environment 6
30: 2008-01-19 12:56:49 UTC - RP30 - Removed Java 6 Update 2
29: 2008-01-19 03:50:56 UTC - RP29 - System Checkpoint
-- First Restore Point --
1: 2007-12-18 23:01:06 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Compaq_Administrator.exe) --------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 12:40:19 AM, on 1/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\3AM97YLY\dss[1].exe
C:\PROGRA~1\HIJACK~1\Compaq_Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [QuickenScheduledUpdates] C:\Program Files\Quicken\bagent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: WKCALREM.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Startup: WkCalRem.LNK.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01118A01-3E00-11D2-8470-0060089874ED} (SupportSoft Script Runner Class) -
https://password.bel...oad/tgctlsr.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) -
https://webdl.symant...ex/symdlmgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) -
http://www.photodex.com/pxplay.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------
backup-20061103-232941-122 O2 - BHO: (no name) - {E23CE468-9C2B-4D6C-8B0B-DE8A4ED911F7} - C:\WINDOWS\system32\awtqr.dll (file missing)
backup-20061103-232941-756 O20 - Winlogon Notify: winbjt32 - winbjt32.dll (file missing)
backup-20061103-232941-976 O15 - Trusted Zone:
http://*.trymedia.com (HKLM)
backup-20061104-233613-546 O2 - BHO: (no name) - {E23CE468-9C2B-4D6C-8B0B-DE8A4ED911F7} - C:\WINDOWS\system32\awtqr.dll (file missing)
backup-20061104-233613-649 O20 - Winlogon Notify: winbjt32 - winbjt32.dll (file missing)
backup-20061104-233613-870 O15 - Trusted Zone:
http://*.trymedia.com (HKLM)
backup-20061112-195648-608 O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
backup-20061112-200628-840 O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
backup-20061113-090028-390 O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
backup-20070120-172459-628 O21 - SSODL: hirtellous - {fa19bd7e-50bc-4203-80ac-c4edc81ca9a3} - (no file)
backup-20080119-080122-698 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
backup-20080119-080122-877 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20080119-080122-919 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20080120-003108-293 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20080120-003108-553 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20080120-003108-688 O15 - Trusted Zone:
http://*.ashleyfurniture.com
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 MCSTRM - c:\windows\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
S0 ftsata2 - c:\windows\system32\drivers\ftsata2.sys (file missing)
S1 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing)
S3 grmnusb - c:\windows\system32\drivers\grmnusb.sys <Not Verified; GARMIN Corp.; Garmin USB GPS>
S3 PCD5SRVC{8A863ACB-F5F6CC6A-05010003} (PCD5SRVC{8A863ACB-F5F6CC6A-05010003} - PCDR Kernel Mode Service Helper Driver) - c:\program files\pc-doctor 5 for windows\pcd5srvc.pkms <Not Verified; PC-Doctor, Inc.; PC-Doctor for Windows>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S4 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-01-20 00:40:00 452 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{BC3AEFBE-E14D-4663-828F-914798DAD592}.job
2008-01-19 12:56:00 322 --a------ C:\WINDOWS\Tasks\WebReg psc 1310 series.job
2008-01-19 03:00:00 490 --a------ C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job
2008-01-17 07:41:57 594 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Compaq_Administrator.job
2008-01-16 10:28:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-01-14 15:42:58 294 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job
2008-01-14 15:42:53 368 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser.job
2007-11-22 09:05:15 270 --a------ C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
-- Files created between 2007-12-20 and 2008-01-20 -----------------------------
2008-01-19 08:06:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-19 08:06:36 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-19 08:06:35 0 d-------- C:\WINDOWS\LastGood
2008-01-14 10:46:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Uniblue
2008-01-09 09:23:01 0 dr-h----- C:\Documents and Settings\Compaq_Administrator\Recent
2008-01-05 11:09:08 0 d-------- C:\Documents and Settings\Guest\Application Data\Mozilla
2008-01-03 13:46:25 0 d-------- C:\Program Files\Common Files\HP
2008-01-03 13:19:08 0 -----n--- C:\WINDOWS\hpimdl01.dat
2008-01-02 17:33:57 0 d-------- C:\Documents and Settings\Carol\Application Data\Mozilla
2008-01-02 12:35:43 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Talkback
2008-01-02 12:24:47 0 --a------ C:\WINDOWS\nsreg.dat
-- Find3M Report ---------------------------------------------------------------
2008-01-20 00:29:49 0 d-------- C:\Program Files\Java
2008-01-19 17:00:42 0 d-------- C:\Program Files\Google
2008-01-19 14:00:56 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-17 17:48:30 0 d-------- C:\Program Files\2nd Story Software
2008-01-17 16:53:25 1726 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-16 21:21:46 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-16 21:19:17 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Adobe
2008-01-14 10:46:55 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Uniblue
2008-01-04 12:55:52 29359 --a------ C:\WINDOWS\hpoins03.dat
2008-01-03 14:03:58 47807 --a------ C:\WINDOWS\hpiins01.dat
2008-01-03 14:03:36 0 d-------- C:\Program Files\HP
2008-01-03 14:03:26 0 d-------- C:\Program Files\Hewlett-Packard
2008-01-03 13:46:25 0 d-------- C:\Program Files\Common Files
2008-01-02 21:55:36 2088 --a------ C:\WINDOWS\mozver.dat
2008-01-02 21:08:05 0 d-------- C:\Program Files\PC-Doctor 5 for Windows
2008-01-02 12:24:41 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla
2007-12-18 12:24:47 3966 --a------ C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
2007-12-17 23:58:13 0 d-------- C:\Program Files\Hewlett Packard
2007-12-17 23:51:20 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-13 08:38:24 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Netscape
2007-12-05 05:50:07 0 d-------- C:\Program Files\Symantec
2007-12-04 10:36:58 0 d-------- C:\Program Files\MVReader
2007-12-03 08:01:13 0 d-------- C:\Program Files\Outlook Express Quick Backup
2007-12-03 07:49:25 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2007-12-01 18:18:43 0 d-------- C:\Program Files\TrackMaker
2007-11-30 19:42:33 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\AdobeUM
2007-11-25 00:04:06 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Help
2007-11-22 13:27:05 0 d-------- C:\Program Files\IObit
2007-11-20 08:19:55 0 d-------- C:\Program Files\SpywareBlaster
2007-11-20 07:48:11 0 d-------- C:\Program Files\PCPal
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [07/22/2005 05:14 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/09/2007 09:59 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [01/24/2006 02:15 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [12/14/2007 03:42 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickenScheduledUpdates"="C:\Program Files\Quicken\bagent.exe" [10/30/2006 06:39 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/09/2004 04:00 PM]
C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\
WKCALREM.LNK - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [6/23/2004 12:23:00 PM]
WkCalRem.LNK.disabled [9/12/2007 10:33:17 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk.disabled]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnk.disabledCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk]
backup=C:\WINDOWS\pss\Compaq Connections.lnkCommon Startup
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk.disabled]
backup=C:\WINDOWS\pss\Compaq Connections.lnk.disabledCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk.disabled]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnk.disabledCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=C:\WINDOWS\pss\HP Image Zone Fast Start.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Compaq_Administrator^Start Menu^Programs^Startup^WordWeb.lnk.disabled]
path=C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\WordWeb.lnk.disabled
backup=C:\WINDOWS\pss\WordWeb.lnk.disabledStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
"C:\Program Files\Norton Internet Security\osCheck.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrSmartMonitor]
"C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe" -r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser]
"C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"xmlprov"=3 (0x3)
"WZCSVC"=2 (0x2)
"SharedAccess"=2 (0x2)
"PCPalSrvHost"=2 (0x2)
"Netman"=3 (0x3)
"MDM"=2 (0x2)
"LiveUpdate Notice Service"=2 (0x2)
"LiveUpdate Notice Ex"=2 (0x2)
"LiveUpdate"=3 (0x3)
"LightScribeService"=2 (0x2)
"ISPwdSvc"=3 (0x3)
"iPod Service"=3 (0x3)
"IDriverT"=3 (0x3)
"GoogleDesktopManager"=3 (0x3)
"Fax"=3 (0x3)
"EventSystem"=3 (0x3)
"comHost"=3 (0x3)
"CLTNetCnService"=2 (0x2)
"AVG Anti-Spyware Guard"=2 (0x2)
"Automatic LiveUpdate Scheduler"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"UPS"=3 (0x3)
"aawservice"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
"PCPal"=C:\Program Files\PCPal\PalAgnt.exe /startup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"<NO NAME>"=
"KBD"=C:\HP\KBD\KBD.EXE
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"AlwaysReady Power Message APP"=ARPWRMSG.EXE
"DISCover"=C:\Program Files\DISC\DISCover.exe
"nwiz"=nwiz.exe /install
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"ehTray"=C:\WINDOWS\ehome\ehtray.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e3c4593-12d9-11db-9c31-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
*Newly Created Service* - COMHOST
-- End of Deckard's System Scanner: finished at 2008-01-20 00:40:50 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon 64 Processor 3800+
Percentage of Memory in Use: 41%
Physical Memory (total/avail): 958.48 MiB / 563.26 MiB
Pagefile Memory (total/avail): 2312.82 MiB / 1965.31 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.63 MiB
C: is Fixed (NTFS) - 224.68 GiB total, 205.79 GiB free.
D: is Fixed (FAT32) - 8.18 GiB total, 0.53 GiB free.
E: is CDROM (No Media)
F: is Fixed (NTFS) - 93.37 GiB total, 85.73 GiB free.
\\.\PHYSICALDRIVE0 - Maxtor 6L100P0 - 93.37 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 93.37 GiB - F:
\\.\PHYSICALDRIVE1 - WDC WD2500JS-60NCB1 - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 224.68 GiB - C:
\PARTITION1 - Unknown - 8.2 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: Norton Internet Security v2007 (Symantec Corporation)
AV: Norton Internet Security v2007 (Symantec Corporation)
Outdated
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\DISC\\DISCover.exe"="C:\\Program Files\\DISC\\DISCover.exe:*:Enabled:DISCover Drop & Play System"
"C:\\Program Files\\DISC\\DiscStreamHub.exe"="C:\\Program Files\\DISC\\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub"
"C:\\Program Files\\DISC\\myFTP.exe"="C:\\Program Files\\DISC\\myFTP.exe:*:Enabled:DISCover FTP"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Compaq_Administrator\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=COMPAQ-PRESARIO
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Compaq_Administrator
LOGONSERVER=\\COMPAQ-PRESARIO
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
USERDOMAIN=COMPAQ-PRESARIO
USERNAME=Compaq_Administrator
USERPROFILE=C:\Documents and Settings\Compaq_Administrator
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Compaq_Administrator
(admin)
Carol
Administrator
(admin)
Guest
(guest)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ace Utilities --> "C:\Documents and Settings\Compaq_Administrator\My Documents\Ace Utilities\uninstall.exe"
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Advanced WindowsCare 2.55 Personal --> "C:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
Agere Systems PCI-SV92PP Soft Modem --> agrsmdel
Ancient Sudoku --> "C:\Program Files\HP Games\Ancient Sudoku\Uninstall.exe"
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support --> MsiExec.exe /I{A43B2A2F-1DB5-47F9-A608-F11A4835D7CB}
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Bejeweled 2 Deluxe --> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
Big Kahuna Reef --> "C:\Program Files\HP Games\Big Kahuna Reef\Uninstall.exe"
Blackhawk Striker 2 --> "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
Blasterball 2 Remix --> "C:\Program Files\HP Games\Blasterball 2 Remix\Uninstall.exe"
Blasterball 2 Revolution --> "C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
Bookworm Deluxe --> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
Bounce Symphony --> "C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Chart Navigator --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Maptech\Chart Navigator\DeIsL1.isu"
Chuzzle Deluxe --> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
Compaq Connections (remove only) --> C:\WINDOWS\HPCPCUninstall-5577497\HPBWSetup.exe -appid 5577497 -uninstall
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
Diner Dash --> "C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
DISCover --> "C:\Program Files\DISC\uninstall.exe"
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
Fairies --> "C:\Program Files\HP Games\Fairies\Uninstall.exe"
Family Feud --> "C:\Program Files\HP Games\Family Feud\Uninstall.exe"
FATE --> "C:\Program Files\HP Games\FATE\Uninstall.exe"
Flip Words --> "C:\Program Files\HP Games\Flip Words\Uninstall.exe"
Garmin nRoute --> MsiExec.exe /X{C3EBEF79-DE34-44AE-8774-F6A17ABE27B2}
Garmin Trip and Waypoint Manager v3 --> MsiExec.exe /X{5414086B-AE06-4332-8A59-26FF0F630D1B}
GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
GemMaster Mystic --> "C:\Program Files\GemMaster\uninstallgemmaster.exe"
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
GPS TrackMaker --> MsiExec.exe /X{79ED0EE7-098C-465F-A853-B17F6FC6CDD8}
Hampton Hotels eDirectory with MultiView Reader --> "C:\Program Files\MVReader\HHD-0001\unins000.exe"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hijackthis 1.99.1 --> "C:\Program Files\Hijackthis\unins000.exe"
HP Boot Optimizer --> MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP DVD Play 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Image Zone 4.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart Cameras 4.5 --> C:\Program Files\HP\Digital Imaging\{5B1D8780-64B7-4F01-A250-A889BC51C9C4}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP PSC & OfficeJet 3.5 --> "C:\Program Files\HP\Digital Imaging\{18E0918E-1060-48f3-925C-56C82E88551B}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Rhapsody --> C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Software Update --> MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}
HP Support Overview --> "C:\WINDOWS\unins000.exe"
HP Update --> MsiExec.exe /X{D063F201-FAC4-4D5C-B10B-615058ADE5A7}
HP Web Helper --> regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\webhelper.dll"
IE7pro --> "C:\Program Files\IE7pro\unins000.exe"
Insaniquarium Deluxe --> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
Interactive User’s Guide --> MsiExec.exe /I{E786D4DB-EB0D-4474-ADC2-3C229BC17FCA}
iTunes --> MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
Java 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Jewel Quest --> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Lightning Study Bible --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\HeavenWord, Inc.\Lightning Study Bible\Uninst.isu"
LiveUpdate 3.1 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Mah Jong Quest --> "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
Map of South America --> MsiExec.exe /X{BB7C0C8E-CF0B-44C5-B838-9ED93D15DBDF}
Microsoft Away Mode -->
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
Mystery Case Files --> "C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_0_0_86\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
NVIDIA Drivers --> C:\WINDOWS\system32\nvunrm.exe UninstallGUI
Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe"
Outlook Express Quick Backup --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Outlook Express Quick Backup\ST6UNST.LOG"
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
PCFriendly --> C:\Program Files\PCFriendly\inuninst.exe
PCPal --> MsiExec.exe /X{CEEAC849-E39F-4974-A0FB-9BC34C244583}
Photodex Presenter --> C:\Program Files\Photodex Presenter\uninst.exe
Poker Superstars --> "C:\Program Files\HP Games\Poker Superstars\Uninstall.exe"
Polar Bowler --> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
Polar Golfer --> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Ricochet Lost Worlds --> "C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Serif DrawPlus 4.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Serif\dp40.isu"
Slingo Deluxe --> "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
Sonic Express Labeler --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio --> MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spell Checker For OE 2.1 --> C:\Program Files\Common Files\Microsoft Shared\proof\Uninstal.exe
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Super GameHouse Solitaire Vol. 1 --> C:\PROGRA~1\GAMEHO~1\SOLITA~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\SOLITA~1\INSTALL.LOG
Super Granny --> "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
TaxACT 2006 --> C:\PROGRA~1\2NDSTO~1\TAXACT~1\Unta06.exe C:\PROGRA~1\2NDSTO~1\TAXACT~1\Install.log
TaxACT 2007 --> C:\PROGRA~1\2NDSTO~1\TAXACT~2\Unta07.exe C:\PROGRA~1\2NDSTO~1\TAXACT~2\Install.log
TaxACT Georgia 2006 --> C:\PROGRA~1\2NDSTO~1\TAXACT~1\Unst06.exe C:\PROGRA~1\2NDSTO~1\TAXACT~1\GA.log
Tennis Titans --> "C:\Program Files\HP Games\Tennis Titans\Uninstall.exe"
Tradewinds --> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005 -->
Weather Exchange --> MsiExec.exe /X{D740DD9E-F1A1-11D7-8756-00036D1A98A9}
Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067 --> "C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
WordWeb --> C:\Program Files\WordWeb\uninst.exe
World Championship Checkers (Gold Plus) --> "C:\WCC\Uninstall.exe" "C:\WCC\install.log"
-- Application Event Log -------------------------------------------------------
Event Record #/Type22079 / Error
Event Submitted/Written: 01/20/2008 00:08:22 AM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Event Record #/Type22078 / Error
Event Submitted/Written: 01/19/2008 10:37:12 AM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Event Record #/Type22077 / Error
Event Submitted/Written: 01/19/2008 10:36:12 AM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Event Record #/Type22076 / Error
Event Submitted/Written: 01/19/2008 10:09:21 AM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Event Record #/Type22075 / Error
Event Submitted/Written: 01/19/2008 08:33:07 AM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070422 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type39144 / Error
Event Submitted/Written: 01/20/2008 00:08:22 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type39141 / Error
Event Submitted/Written: 01/20/2008 00:08:20 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
Event Record #/Type39140 / Error
Event Submitted/Written: 01/20/2008 00:08:20 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Event Record #/Type39139 / Error
Event Submitted/Written: 01/20/2008 00:08:16 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Event Record #/Type39135 / Error
Event Submitted/Written: 01/19/2008 10:40:04 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
-- End of Deckard's System Scanner: finished at 2008-01-20 00:40:50 ------------