Thanks for helping.
Here are the 2 reports.
This is Main..
Deckard's System Scanner v20071014.68
Run by A04665 on 2008-01-26 20:24:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
46: 2008-01-27 01:24:47 UTC - RP328 - Deckard's System Scanner Restore Point
45: 2008-01-26 21:58:06 UTC - RP327 - Removed ScanSoft PDF Professional 4
44: 2008-01-26 18:48:25 UTC - RP326 - System Checkpoint
43: 2008-01-25 14:18:57 UTC - RP325 - Installed ThinkPad Keyboard Customizer Utility
42: 2008-01-25 14:12:23 UTC - RP324 - Installed ThinkPad Keyboard Customizer Utility
-- First Restore Point --
1: 2008-01-22 03:27:04 UTC - RP283 - Software Distribution Service 3.0
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as A04665.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:26:45 PM, on 1/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Cisco Systems\VPN client\cvpnd.exe
C:\Program Files\Common Files\EPSON Projector\EMP_NSMOSV.exe
C:\Program Files\EPSON Projector\EMP NS Connection V2\EMP_NSWLSV.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\lotus\notes\ntmulti.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\A04665\Desktop\dss.exe
C:\DOCUME~1\A04665\MYDOCU~1\HIJACK~1\HIJACK~1\A04665.exe
N1 - Netscape 4: user_pref("browser.startup.homepage", "
http://home.netscape.com/"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {A051B1FF-8D7E-418B-AABE-4FF82F4280A2} - C:\WINDOWS\system32\ssqoljh.dll
O2 - BHO: (no name) - {AD56BA6B-D201-436B-86FC-277E740244C8} - C:\WINDOWS\system32\jkhfc.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EPSON Stylus C88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P23 "EPSON Stylus C88 Series" /O15 "IP_192.168.1.50" /M "Stylus C88"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [PSDiagnosticM] "C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - HKCU\..\Run: [NPDTRAY] C:\PROGRA~1\Lenovo\NPDIRECT\NPDTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Epson America Inc. -- EAI VPN Client.lnk = C:\Program Files\Cisco Systems\VPN client\vpngui.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} -
https://components.v...l?noreloadredirO16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
http://downloads.ewi...oOnlineScan.cabO16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://D:\components\hidinputmonitorx.ocx
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://www2.snapfish...fishActivia.cabO16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file://D:\components\wmvhdrating.ocx
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) -
http://web1.shutterf...ds/Uploader.cabO20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: ssqoljh - C:\WINDOWS\SYSTEM32\ssqoljh.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: EMP_NSMOSV - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON Projector\EMP_NSMOSV.exe
O23 - Service: EMP_NSWLSV - SEIKO EPSON CORPORATION - C:\Program Files\EPSON Projector\EMP NS Connection V2\EMP_NSWLSV.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
--
End of file - 9905 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 EMP_MAP (EPSON Network Presentation Driver Service) - c:\windows\system32\drivers\emp_map.sys
R1 EMP_MOMM (EPSON Network Presentation Service for Moderator) - c:\windows\system32\drivers\emp_momm.sys
R1 Smapint - c:\windows\system32\drivers\smapint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows NT Operating System>
R1 TDSMAPI - c:\windows\system32\drivers\tdsmapi.sys
R1 TSMAPIP - c:\windows\system32\drivers\tsmapip.sys
R2 PROCDD (IPS Helper Driver) - c:\windows\system32\drivers\procdd.sys <Not Verified; Lenovo Group Limited; Away Manager>
R2 smihlp (SMI helper driver) - c:\program files\thinkvantage fingerprint software\smihlp.sys <Not Verified; UPEK Inc.; ThinkVantage Fingerprint Software>
R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft® ASPI Shell>
R3 EMP_Mirr - c:\windows\system32\drivers\emp_mirr.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R3 EMP_MOMR - c:\windows\system32\drivers\emp_momr.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R3 lknuhst (Linksys Network USB Host Controller) - c:\windows\system32\drivers\lknuhst.sys <Not Verified; SerComm; Linksys Network USB Host Controller Driver>
R3 LKNUHUB (Linksys Network USB Root Hub) - c:\windows\system32\drivers\lknuhub.sys <Not Verified; SerComm; Linksys Network USB Hub Driver>
R3 NETGEARUHOST (NETGEAR Network USB Host Controller) - c:\windows\system32\drivers\netgearuhost.sys <Not Verified; SerComm; NETGEAR Network USB Host Controller>
R3 NETGEARUHUB (NETGEAR Network USB Root Hub) - c:\windows\system32\drivers\netgearuhub.sys <Not Verified; SerComm; NETGEAR Network USB Root Hub>
S3 Ndisprot (EP_NSWD NDIS Protocol Driver) - c:\windows\system32\drivers\ep_nswd.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S3 NSNDIS5 (NSNDIS5 NDIS Protocol Driver) - c:\windows\system32\nsndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); NetStumbler>
S3 PCTINDIS5 (PCTINDIS5 NDIS Protocol Driver) - c:\windows\system32\pctindis5.sys (file missing)
S3 vdisp - c:\windows\system32\drivers\emp_vd1.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S3 vdisp2 - c:\windows\system32\drivers\emp_vd2.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S3 vdisp3 - c:\windows\system32\drivers\emp_vd3.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S3 vdisp4 - c:\windows\system32\drivers\emp_vd4.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 EMP_NSMOSV - c:\program files\common files\epson projector\emp_nsmosv.exe
R2 EMP_NSWLSV - c:\program files\epson projector\emp ns connection v2\emp_nswlsv.exe
R2 EpsonBidirectionalService - c:\program files\common files\epson\ebapi\eebsvc.exe <Not Verified; SEIKO EPSON CORPORATION; Enhanced EPSON Bi-directional API>
R2 IPSSVC (IPS Core Service) - c:\windows\system32\ipssvc.exe <Not Verified; Lenovo Group Limited; Away Manager>
R2 Multi-user Cleanup Service - "c:\program files\lotus\notes\ntmulti.exe" <Not Verified; IBM Corp; IBM Lotus Notes/Domino>
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R2 TpKmpSVC (IBM KCU Service) - c:\windows\system32\tpkmpsvc.exe
S4 Lotus Notes Single Logon - "c:\program files\lotus\notes\nslsvice.exe" <Not Verified; IBM Corp; IBM Lotus Notes/Domino>
S4 RetroExp Helper (Retrospect Express HD Helper) - "c:\progra~1\retros~1\retros~1.1\rthlpsvc.exe" <Not Verified; EMC Dantz; Retrospect Express HD>
S4 RetroExpLauncher (Retrospect Express HD Launcher) - c:\progra~1\retros~1\retros~1.1\retrorun.exe <Not Verified; EMC Dantz; Retrospect Express HD>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
-- Scheduled Tasks -------------------------------------------------------------
2008-01-26 17:54:09 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
-- Files created between 2007-12-26 and 2008-01-26 -----------------------------
2008-01-26 15:14:04 89152 --a------ C:\WINDOWS\system32\xwqpvaci.dll
2008-01-25 15:17:35 87104 --a------ C:\WINDOWS\system32\rteydrrk.dll
2008-01-24 11:13:31 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Intel
2008-01-24 11:13:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\Intel
2008-01-24 11:13:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Intel
2008-01-24 10:40:56 0 d-------- C:\Program Files\MSBuild
2008-01-24 10:38:28 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-01-24 10:37:57 0 d-------- C:\Program Files\Reference Assemblies
2008-01-21 22:26:54 422120 --ahs---- C:\WINDOWS\system32\cfhkj.ini2
2008-01-21 22:26:50 334848 --a------ C:\WINDOWS\system32\jkhfc.dll
2008-01-21 22:22:53 41723 ---hs---- C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe
2008-01-21 22:21:49 38400 --a------ C:\WINDOWS\system32\ljjkjig.dll
2008-01-21 22:21:43 38400 --a------ C:\WINDOWS\system32\ssqoljh.dll
2008-01-21 22:21:36 0 d-------- C:\WINDOWS\system32\nGpxx01
2008-01-15 17:47:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-01-15 16:52:24 140800 ---hs---- C:\Program Files\Common Files\Yazzle1281OinAdmin.exe
2008-01-14 21:48:16 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-01-03 10:34:20 0 d-------- C:\Program Files\EPDCalc
2008-01-02 12:27:07 150528 --a------ C:\WINDOWS\unSpySweeper.exe <Not Verified; Webroot Software, Inc.; >
2008-01-02 12:27:06 0 d-------- C:\Program Files\Webroot
-- Find3M Report ---------------------------------------------------------------
2008-01-26 16:58:13 0 d-------- C:\Program Files\Common Files
2008-01-25 09:04:13 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-25 09:04:05 0 d-------- C:\Program Files\Lenovo
2008-01-25 08:45:11 25024 --a------ C:\Documents and Settings\A04665\Application Data\GDIPFONTCACHEV1.DAT
2008-01-24 10:37:11 0 d-------- C:\Program Files\Messenger
2008-01-23 15:31:42 0 d-------- C:\Program Files\HP
2008-01-23 15:23:25 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-21 22:27:02 0 d-------- C:\Program Files\QuickTime
2008-01-21 22:26:59 0 d-------- C:\Program Files\Linksys Wireless-G Print Server
2008-01-21 22:26:57 0 d-------- C:\Program Files\Windows Defender
2008-01-21 22:26:56 0 d-------- C:\Program Files\ThinkVantage Fingerprint Software
2008-01-21 22:26:56 0 d-------- C:\Program Files\Symantec AntiVirus
2008-01-21 22:26:56 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-21 22:26:55 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-01-15 17:47:35 0 d-------- C:\Documents and Settings\A04665\Application Data\AdobeUM
2008-01-15 09:28:02 30707 --a------ C:\WINDOWS\nsreg.dat
2008-01-11 09:16:40 0 d-------- C:\Documents and Settings\A04665\Application Data\Adobe
2008-01-03 10:51:18 0 d-------- C:\Program Files\Viewpoint
2008-01-03 10:37:36 0 d-------- C:\Documents and Settings\A04665\Application Data\ScanSoft
2008-01-03 10:34:15 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-01-01 16:38:02 0 d-------- C:\Documents and Settings\A04665\Application Data\Real
2007-12-30 10:20:17 0 d-------- C:\Documents and Settings\A04665\Application Data\LimeWire
2007-12-25 15:07:42 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-12-25 15:04:01 0 d-------- C:\Program Files\DivX
2007-12-22 08:33:51 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-20 10:49:52 0 d-------- C:\Program Files\Common Files\EPSON
2007-12-11 17:34:56 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-12-11 17:33:14 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-12-07 18:28:42 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-12-05 07:34:01 0 d-------- C:\Program Files\Picasa2
2007-12-05 07:34:00 0 d-------- C:\Program Files\Google
2007-12-05 07:32:34 0 d-------- C:\Program Files\VisualRoute Lite Edition
2007-12-04 02:33:16 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2007-11-30 14:34:11 0 d-------- C:\Program Files\ExtractNow
2007-11-30 14:34:07 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-30 14:34:04 0 d-------- C:\Program Files\PCDR5
2007-11-30 14:34:01 0 d-------- C:\Program Files\Microsoft Location Finder
2007-11-30 14:34:01 0 d-------- C:\Program Files\LimeWire
2007-11-19 14:45:38 208896 --a------ C:\WINDOWS\system32\NetProvCredMan.dll <Not Verified; Intel Corporation; NetProvCredMan Dynamic Link Library>
2007-10-31 13:12:26 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A051B1FF-8D7E-418B-AABE-4FF82F4280A2}]
01/21/2008 10:21 PM 38400 --a------ C:\WINDOWS\system32\ssqoljh.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AD56BA6B-D201-436B-86FC-277E740244C8}]
01/21/2008 10:26 PM 334848 --a------ C:\WINDOWS\system32\jkhfc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" []
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" []
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" []
"PSQLLauncher"="C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" []
"TPHOTKEY"="C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe" []
"EPSON Stylus C88 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.exe" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" []
"MXOBG"="C:\WINDOWS\MXOALDR.EXE" []
"TPKMAPHELPER"="C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe" []
"TP4EX"="tp4ex.exe" [10/17/2005 03:11 AM C:\WINDOWS\system32\TP4EX.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" []
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" []
"AwaySch"="C:\Program Files\Lenovo\AwayTask\AwaySch.EXE" []
"LPManager"="C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe" []
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"PSDiagnosticM"="C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe" []
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" []
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/04/2004 02:56 AM C:\WINDOWS\system32\bthprops.cpl]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [01/08/2007 12:50 PM]
"TPFNF7"="C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 07:00 AM]
"H/PC Connection Agent"="C:\PROGRA~1\MICROS~4\wcescomm.exe" []
"DrvMon.exe"="C:\WINDOWS\system32\DrvMon.exe" []
"ProjectorControl"="" []
"TPKMAPMN"="C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe" []
"NPDTRAY"="C:\PROGRA~1\Lenovo\NPDIRECT\NPDTray.exe" []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [5/12/2007 1:25:05 AM]
Epson America Inc. -- EAI VPN Client.lnk - C:\Program Files\Cisco Systems\VPN client\vpngui.exe [5/1/2007 7:19:23 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 3:01:04 AM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{A051B1FF-8D7E-418B-AABE-4FF82F4280A2}"= C:\WINDOWS\system32\ssqoljh.dll [01/21/2008 10:21 PM 38400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]
C:\Program Files\Lenovo\AwayTask\AwayNotify.dll 10/19/2006 04:08 AM 49152 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
psqlpwd.dll 04/25/2006 09:20 PM 40448 C:\WINDOWS\system32\psqlpwd.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqoljh]
ssqoljh.dll 01/21/2008 10:21 PM 38400 C:\WINDOWS\system32\ssqoljh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
C:\Program Files\Lenovo\HOTKEY\notifyf2.dll 09/06/2006 04:37 PM 34344 C:\Program Files\Lenovo\HOTKEY\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
C:\Program Files\Lenovo\HOTKEY\tphklock.dll 12/14/2006 11:06 AM 28672 C:\Program Files\Lenovo\HOTKEY\tphklock.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\jkhfc
"Notification Packages"= scecli psqlpwd
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=C:\WINDOWS\pss\Bluetooth.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
C:\WINDOWS\system32\jkhfc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxtorOneTouch]
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Network EPSON Stylus C120 Ser...]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICCA.EXE /FU "C:\DOCUME~1\A04665\LOCALS~1\Temp\E_S38E.tmp" /EF "HKCU"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProjectorControl]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RetroExpress]
C:\PROGRA~1\RETROS~1\RETROS~1.1\RetroExpress.exe /h
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TivoNotify]
"C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TivoServer]
"C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TivoTransfer]
"C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RetroExpLauncher"=2 (0x2)
"RetroExp Helper"=2 (0x2)
"LiveUpdate"=3 (0x3)
"ERSvc"=2 (0x2)
"helpsvc"=2 (0x2)
"btwdins"=2 (0x2)
"BthServ"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{73731e14-0729-11dc-925e-001641e6e4a7}]
AutoRun\command- E:\Loaderw.exe
-- Hosts -----------------------------------------------------------------------
192.168.1.140 HP000D9D1B5CD0
;
;
;
;
;
;
;
;
This is "Extra"
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Core Duo CPU T2500 @ 2.00GHz
CPU 1: Intel® Core Duo CPU T2500 @ 2.00GHz
Percentage of Memory in Use: 27%
Physical Memory (total/avail): 2046.36 MiB / 1486.99 MiB
Pagefile Memory (total/avail): 3938.52 MiB / 3568.1 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.55 MiB
C: is Fixed (NTFS) - 88.61 GiB total, 29.99 GiB free.
D: is CDROM (UDF)
\\.\PHYSICALDRIVE0 - ST910021AS - 93.16 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 88.61 GiB - C:
\PARTITION1 - Unknown - 4.55 GiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AV: Symantec AntiVirus Corporate Edition v10.1.5.5000 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Cisco Systems\\VPN client\\ipsecdialer.exe"="C:\\Program Files\\Cisco Systems\\VPN client\\ipsecdialer.exe:*:Enabled:EAI VPN Client"
"C:\\Program Files\\EPSON Projector\\EMP Monitor V4.10\\EMPMonitor.exe"="C:\\Program Files\\EPSON Projector\\EMP Monitor V4.10\\EMPMonitor.exe:*:Enabled:EMP Monitor V4.10"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\A04665\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EPSON-EADC6B417
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\A04665
LOGONSERVER=\\EPSON-EADC6B417
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\ThinkPad\Utilities;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\;;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Intel\Wireless\Bin\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 12, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e0c
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\A04665\LOCALS~1\Temp
TMP=C:\DOCUME~1\A04665\LOCALS~1\Temp
TPCCommon=C:\PROGRA~1\THINKV~2\PrdCtr
USERDOMAIN=EPSON-EADC6B417
USERNAME=A04665
USERPROFILE=C:\Documents and Settings\A04665
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
xpuser
(new local, admin)A04665
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
--> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> MsiExec.exe /I{219B0DA4-8F1A-499D-8795-4A07C632521E}
--> MsiExec.exe /I{644B991F-B109-4360-9DA3-40CDAD13961C}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Access Help --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6FA39A7-26B1-480A-BC74-6D17531AC222}\setup.exe" -l0x9 UNINSTALL
ACT! 2000 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Symantec\ACT\Uninst5.isu" -c"C:\Program Files\Symantec\ACT\UNINSTAL.DLL"
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 7.0.8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
ArcSoft PhotoImpression 6 --> C:\Program Files\InstallShield Installation Information\{D03E7B00-CA85-4684-9321-1888873C34BD}\Setup.exe -runfromtemp -l0x0009 -removeonly
ArcSoft Print Creations --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}\Setup.exe" -l0x9
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5357
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ccc-Branding --> MsiExec.exe /I{7379FDD1-D0ED-4FF2-B168-E246772E731E}
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
EMP Monitor V4.10 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E443863-1C81-4D8A-8099-0BF9DE4CDDE6}\setup.exe" -l0x9
EMP NS Connection V2.20 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4A515955-A3D4-4FE6-98C0-E7987FF3279A}\setup.exe" -l0x9
EMP SlideMaker2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06DAA6C4-06F6-4D95-8BCF-7976C9196D74}\Setup.exe" -l0x9
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Esker Print to Fax for Notes --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7CB387BD-A22C-4FDB-94C3-F05F35BB8F5B}\Setup.exe" -l0x9 UNINSTALL
ExtractNow --> "C:\Program Files\ExtractNow\unins000.exe"
HijackThis 2.0.2 --> "C:\Documents and Settings\A04665\My Documents\hijackthis\Hijackthis 2beta\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IBM Lotus Sametime Connect 7.5 --> MsiExec.exe /I{4AA455FB-BFEE-473C-AA0E-4FDA505F6FB7}
IBM RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
IDOL 1.2.0 --> C:\WINDOWS\eiunin2.exe "C:\EPSON\IDOL1.2.0\install.DAT"
Intel® PRO Network Connections Drivers --> Prounstl.exe
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
K-Lite Mega Codec Pack 3.6.2 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire 4.12.15 --> "C:\Program Files\LimeWire\uninstall.exe"
Linksys Wireless-G Print Server --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C61244F9-C335-4EE4-BF7B-5CAB855555E3}\setup.exe" -l0x9 -removeonly
LiveUpdate (Symantec Corporation) --> MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Lotus Notes 7.0.1 --> MsiExec.exe /I{C5C10BD4-49AA-4C25-ACE6-902A37ED51FF}
Maxtor OneTouch --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3EC91FDF-FE9A-43D5-96C4-8A9C24372500} /l1033
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver --> MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Microsoft ActiveSync 4.0 --> MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Location Finder --> MsiExec.exe /I{9D18F7F8-B984-4249-8512-CC621BC59F12}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Reader --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x9
Microsoft Reader Text-to-Speech for English --> MsiExec.exe /X{E0E400F5-422B-4540-A14F-B0739D71FEE7}
Microsoft Streets & Trips 2006 --> MsiExec.exe /I{83ED1E80-A1B7-4226-BCF1-AC4A88151A6B}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Moderator --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC5F77D7-9821-4911-A6CB-0ACD85954B34}\setup.exe" -l0x9 -UnInstall
Mozilla Firefox (2.0.0.9) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
Netscape Communicator 4.51 --> C:\WINDOWS\cd32.exe 4.51 (en)
Network Stumbler 0.4.0 (remove only) --> "C:\Program Files\Network Stumbler\uninst.exe"
On Screen Display --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.XP 132 C:\Program Files\Lenovo\HOTKEY\tphk_tp.inf
Outerinfo --> "C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe"
PC-Doctor 5 for Windows --> C:\Program Files\PCDR5\uninst.exe
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
Presentation Director --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65706020-7B6F-41F2-8047-FC69579E386A}\Setup.exe" -l0x9 -AddRemove
Productivity Center Supplement for ThinkPad --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D728E945-256D-4477-B377-6BBA693714AC}\setup.exe" -l0x9 -AddRemove
Projection Distance Calculator --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\EPDCalc\ST6UNST.LOG"
Projector Control V1.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB112E15-F479-4D1D-A083-AD88211D6A5F}\Setup.exe" -l0x9 -UnInstall
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
Retrospect Express HD 1.1 --> MsiExec.exe /I{A4952AA3-FCBF-4D28-9DC4-A3935FDC5805}
Salesforce.com Lotus Notes Edition 3.2 --> MsiExec.exe /X{6B81281F-38A3-4AA4-B198-81CF3BA32940}
salesforce.com Offline Edition 2.0 --> MsiExec.exe /X{C6EA8029-DF3F-4752-AC37-A88455F82000}
Software Installer --> swiif.exe /U
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Spy Sweeper --> C:\WINDOWS\unSpySweeper.exe
SwiftFile 3.0 --> MsiExec.exe /I{438C7648-31F3-4DAD-81C4-407893984D8D}
Symantec AntiVirus --> MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83}
Symantec Technical Support Web Controls --> MsiExec.exe /X{9743AF47-B746-4324-B4C4-512E67D04370}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ThinkPad Bluetooth with Enhanced Data Rate Software --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
ThinkPad Configuration --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC081D4D-DF1B-4CF1-B530-027E4118D846}\setup.exe" -l0x9 -AddRemove
ThinkPad FullScreen Magnifier --> RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.inf
ThinkPad Keyboard Customizer Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\Setup.exe" -l0x9 anything
ThinkPad Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588\UIU32m.exe -U -ITkp0588k.inf
ThinkPad Power Management Driver --> RunDll32.exe tpinspm.dll,Uninstall
ThinkPad UltraNav Wizard --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}\setup.exe" -l0x9 UNINSTALL
ThinkVantage Away Manager --> Rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AWAYTASK.INF
ThinkVantage Productivity Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}\setup.exe" -l0x9 -AddRemove
TrackPoint Accessibility Features --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA664480-3844-11D5-8C25-444553540000}\setup.exe"
USB Storage Adapter FX (MXO) --> MXOun.exe MXOFX
VPN Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
XML Paper Specification Shared Components Pack 1.0 -->
-- Application Event Log -------------------------------------------------------
Event Record #/Type11138 / Warning
Event Submitted/Written: 01/26/2008 05:32:49 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type11135 / Error
Event Submitted/Written: 01/26/2008 05:26:16 PM
Event ID/Source: 11706 / MsiInstaller
Event Description:
Product: Symantec AntiVirus -- Error 1706.No valid source could be found for product Symantec AntiVirus. The Windows Installer cannot continue.
Event Record #/Type11134 / Warning
Event Submitted/Written: 01/26/2008 05:26:07 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{33CFCF98-F8D6-4549-B469-6F4295676D83}', feature 'SAVUI' failed during request for component '{0ABF6425-272D-4795-9BD8-F2428110EC95}'
Event Record #/Type11133 / Warning
Event Submitted/Written: 01/26/2008 05:26:07 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{33CFCF98-F8D6-4549-B469-6F4295676D83}', feature 'SAVMain', component '{12ED2D07-8DEF-43FF-8C44-4F3AD17001A1}' failed. The resource 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe' does not exist.
Event Record #/Type11131 / Error
Event Submitted/Written: 01/26/2008 05:03:36 PM
Event ID/Source: 10005 / MsiInstaller
Event Description:
Product: Symantec AntiVirus -- Internal Error 2318. C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\APTemp\AP1.html
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type65561 / Warning
Event Submitted/Written: 01/26/2008 07:53:55 PM
Event ID/Source: 7 / Print
Event Description:
Printer Network EPSON Stylus C120 Ser... was resumed.
Event Record #/Type65549 / Warning
Event Submitted/Written: 01/26/2008 05:56:17 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type65542 / Warning
Event Submitted/Written: 01/26/2008 05:42:33 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type65530 / Error
Event Submitted/Written: 01/26/2008 05:34:18 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Symantec AntiVirus Definition Watcher service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type65529 / Error
Event Submitted/Written: 01/26/2008 05:34:15 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the Symantec AntiVirus service to connect.
-- End of Deckard's System Scanner: finished at 2008-01-26 20:27:11 ------------
-- End of Deckard's System Scanner: finished at 2008-01-26 20:27:11 ------------