Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ Percentage of Memory in Use: 17% Physical Memory (total/avail): 2046.36 MiB / 1679.08 MiB Pagefile Memory (total/avail): 3939.06 MiB / 3736.08 MiB Virtual Memory (total/avail): 2047.88 MiB / 1942.76 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 152.66 GiB total, 33.54 GiB free. D: is CDROM (No Media) E: is CDROM (No Media) F: is Fixed (NTFS) - 114.48 GiB total, 103.1 GiB free. \\.\PHYSICALDRIVE1 - Maxtor 6L160M0 - 152.66 GiB - 1 partition \PARTITION0 - Installable File System - 152.66 GiB - C: \\.\PHYSICALDRIVE0 - Maxtor 6Y120M0 - 114.49 GiB - 1 partition \PARTITION0 (bootable) - Installable File System - 114.48 GiB - F: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. AV: Kaspersky Anti-Virus v7.0.1.321 (Kaspersky Lab) [COLOR=RED]Disabled[/COLOR] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "F:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="F:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "F:\\Program Files\\uTorrent\\uTorrent.exe"="F:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent" "F:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="F:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "F:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="F:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "F:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="F:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "F:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="F:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=F:\Documents and Settings\All Users APPDATA=F:\Documents and Settings\Todd\Application Data CLIENTNAME=Console CommonProgramFiles=F:\Program Files\Common Files COMPUTERNAME=DESKTOP ComSpec=F:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=F: HOMEPATH=\Documents and Settings\Todd LOGONSERVER=\\DESKTOP NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=F:\WINDOWS\system32;F:\WINDOWS;F:\WINDOWS\System32\Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 67 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=4302 ProgramFiles=F:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=F: SystemRoot=F:\WINDOWS TEMP=F:\DOCUME~1\Todd\LOCALS~1\Temp TMP=F:\DOCUME~1\Todd\LOCALS~1\Temp USERDOMAIN=DESKTOP USERNAME=Todd USERPROFILE=F:\Documents and Settings\Todd windir=F:\WINDOWS -- User Profiles --------------------------------------------------------------- Todd [I](admin)[/I] -- Add/Remove Programs --------------------------------------------------------- --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663} --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 F:\WINDOWS\INF\PCHealth.inf µTorrent --> "F:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe Acrobat 8.1.1 Professional --> msiexec /I {AC76BA86-1033-F400-7760-000000000003} Adobe Flash Player ActiveX --> F:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe eyeQ --> RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{B33CD700-6738-11D4-87FE-0080C6F974A2}\setup.exe" -l0x9 -uninst High Definition Audio Driver Package - KB888111 --> F:\WINDOWS\$NtUninstallKB888111WXP$\spuninst\spuninst.exe HijackThis 2.0.2 --> "F:\Documents and Settings\Todd\Desktop\HijackThis.exe" /uninstall Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} JMB36X Raid Configurer --> RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonly Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "F:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE} Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE} Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Save as XPS Add-in for 2007 Microsoft Office programs --> MsiExec.exe /X{90120000-00B1-0409-0000-0000000FF1CE} Mozilla Firefox (2.0.0.12) --> F:\Program Files\Mozilla Firefox\uninstall\helper.exe NVIDIA Drivers --> F:\WINDOWS\System32\nvuide.exe UninstallGUI NVIDIA ForceWare Network Access Manager --> F:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033 PowerISO --> "F:\Program Files\PowerISO\uninstall.exe" SoundMAX --> RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly Spybot - Search & Destroy --> "F:\Program Files\Spybot - Search & Destroy\unins000.exe" Update for Outlook 2007 Junk Email Filter (kb944965) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA8C80AA-31D6-43F0-8CD8-CA85479A34F1} Winamp --> "F:\Program Files\Winamp\UninstWA.exe" WinRAR archiver --> F:\Program Files\WinRAR\uninstall.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type450 / Error Event Submitted/Written: 02/24/2008 09:49:54 PM Event ID/Source: 8 / crypt32 Event Description: Failed auto update retrieval of third-party root list sequence number from: with error: This operation returned because the timeout period expired. Event Record #/Type437 / Error Event Submitted/Written: 02/18/2008 11:09:46 AM Event ID/Source: 11601 / MsiInstaller Event Description: Product: Sins of a Solar Empire -- Disk full: Out of disk space -- Volume: 'F:'; required space: 1,590,148 KB; available space: 1,351,152 KB. Free some disk space and retry. Event Record #/Type429 / Error Event Submitted/Written: 02/12/2008 01:19:56 PM Event ID/Source: 2000 / Microsoft Office 12 Event Description: Accepted Safe Mode action : Microsoft Office Outlook. Event Record #/Type428 / Error Event Submitted/Written: 02/12/2008 01:11:36 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application OUTLOOK.EXE, version 12.0.4518.1014, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type423 / Warning Event Submitted/Written: 02/09/2008 03:54:27 PM Event ID/Source: 1001 / MsiInstaller Event Description: Detection of product '{AC76BA86-1033-F400-7760-000000000003}', feature 'PDFMaker' failed during request for component '{58F977F1-0B0D-44A5-BCDD-3B3E0238B430}' -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type4427 / Error Event Submitted/Written: 02/24/2008 06:34:19 PM Event ID/Source: 29 / W32Time Event Description: The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Event Record #/Type4426 / Error Event Submitted/Written: 02/24/2008 06:34:19 PM Event ID/Source: 17 / W32Time Event Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Event Record #/Type4424 / Error Event Submitted/Written: 02/24/2008 05:59:54 PM Event ID/Source: 29 / W32Time Event Description: The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 59 minutes. NtpClient has no source of accurate time. Event Record #/Type4423 / Error Event Submitted/Written: 02/24/2008 05:59:54 PM Event ID/Source: 17 / W32Time Event Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Event Record #/Type4422 / Error Event Submitted/Written: 02/24/2008 05:29:54 PM Event ID/Source: 29 / W32Time Event Description: The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 29 minutes. NtpClient has no source of accurate time. -- End of Deckard's System Scanner: finished at 2008-02-24 21:51:20 ------------