Thanks AndrewUK,
I posted the main and the extra back-to-back
Deckard's System Scanner v20071014.68
Run by Compaq_Administrator on 2008-04-25 11:45:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
14: 2008-04-25 18:45:20 UTC - RP20 - Deckard's System Scanner Restore Point
13: 2008-04-25 17:40:14 UTC - RP19 - Installed Windows XP KB944533.
12: 2008-04-25 17:38:38 UTC - RP18 - Installed Windows XP KB938829.
11: 2008-04-25 17:37:51 UTC - RP17 - Installed Windows XP KB921503.
10: 2008-04-25 17:14:16 UTC - RP16 - Printer Driver Microsoft XPS Document Writer Installed
-- First Restore Point --
1: 2008-04-24 01:55:45 UTC - RP7 - Installed SUPERAntiSpyware Free Edition
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Compaq_Administrator.exe) --------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:46:45 AM, on 4/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\arservice.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\system32\spider.exe
C:\Documents and Settings\Compaq_Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Compaq_Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...a...&pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.h...a...&pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.h...a...&pf=desktopR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://ie.redirect.h...a...&pf=desktopR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...a...&pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.h...a...&pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.redirect.h...a...&pf=desktopR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: Free WebSite Tools.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://*.trymedia.com (HKLM)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
--
End of file - 7896 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-04-25 10:47:09 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
-- Files created between 2008-03-25 and 2008-04-25 -----------------------------
2008-04-25 10:54:12 0 d-------- C:\Program Files\Trend Micro
2008-04-25 10:14:58 0 d-------- C:\Program Files\MSBuild
2008-04-25 10:14:53 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-04-25 10:14:46 0 d-------- C:\Program Files\Reference Assemblies
2008-04-25 10:13:16 0 d-------- C:\Program Files\MSXML 6.0
2008-04-25 09:19:45 0 d-------- C:\WINDOWS\network diagnostic
2008-04-24 20:08:58 0 d-------- C:\Program Files\Sony Setup
2008-04-24 15:07:16 0 d-------- C:\Program Files\Easy Hi-Q Recorder
2008-04-24 08:43:16 0 d-------- C:\Program Files\Panda Security
2008-04-23 18:55:52 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-23 18:55:47 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-23 18:55:47 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\SUPERAntiSpyware.com
2008-04-23 18:53:25 0 d-------- C:\movedfrom desktop
2008-04-23 18:28:00 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
2008-04-23 18:27:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-23 18:27:48 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-23 18:26:09 0 d-------- C:\Program Files\Common Files\Download Manager
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\Flickr
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\FastStone
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\DVD Flick
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\DivX
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\Corel
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\CoffeeCup Software
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\Applied Acoustics Systems
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\Apple Computer
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\AdobeUM
2008-04-23 14:59:35 0 d-------- C:\Documents and Settings\Brad\Application Data\Adobe
2008-04-23 14:59:34 0 d-------- C:\Documents and Settings\Brad\Application Data\GlarySoft
2008-04-23 14:59:29 0 d-------- C:\Documents and Settings\Brad\Application Data\Leadertech
2008-04-23 14:59:29 0 d-------- C:\Documents and Settings\Brad\Application Data\Lavasoft
2008-04-23 14:59:29 0 d-------- C:\Documents and Settings\Brad\Application Data\InstallShield
2008-04-23 14:59:29 0 d-------- C:\Documents and Settings\Brad\Application Data\HPQ
2008-04-23 14:59:29 0 d-------- C:\Documents and Settings\Brad\Application Data\HP
2008-04-23 14:59:29 0 d-------- C:\Documents and Settings\Brad\Application Data\Help
2008-04-23 14:59:15 0 d-------- C:\Documents and Settings\Brad\Application Data\Media Player Classic
2008-04-23 14:59:15 0 d-------- C:\Documents and Settings\Brad\Application Data\Macromedia
2008-04-23 14:59:14 0 d-------- C:\Documents and Settings\Brad\Application Data\MixMeister Technology
2008-04-23 14:59:13 0 d-------- C:\Documents and Settings\Brad\Application Data\Publish Providers
2008-04-23 14:59:13 0 d-------- C:\Documents and Settings\Brad\Application Data\Propellerhead Software
2008-04-23 14:59:13 0 d-------- C:\Documents and Settings\Brad\Application Data\Otto
2008-04-23 14:59:13 0 d-------- C:\Documents and Settings\Brad\Application Data\Nikon
2008-04-23 14:59:13 0 d-------- C:\Documents and Settings\Brad\Application Data\Netscape
2008-04-23 14:59:13 0 d-------- C:\Documents and Settings\Brad\Application Data\NetMedia Providers
2008-04-23 14:59:13 0 d-------- C:\Documents and Settings\Brad\Application Data\Mozilla
2008-04-23 14:59:12 0 d-------- C:\Documents and Settings\Brad\Application Data\Waves Audio
2008-04-23 14:59:12 0 d-------- C:\Documents and Settings\Brad\Application Data\Uniblue
2008-04-23 14:59:12 0 d-------- C:\Documents and Settings\Brad\Application Data\Template
2008-04-23 14:59:12 0 d-------- C:\Documents and Settings\Brad\Application Data\Sun
2008-04-23 14:59:12 0 d-------- C:\Documents and Settings\Brad\Application Data\Sony
2008-04-23 14:59:12 0 d-------- C:\Documents and Settings\Brad\Application Data\Sony Setup
2008-04-23 14:59:12 0 d-------- C:\Documents and Settings\Brad\Application Data\Sonic
2008-04-23 14:59:12 0 d-------- C:\Documents and Settings\Brad\Application Data\Roxio
2008-04-23 14:58:54 0 d---s---- C:\Documents and Settings\Brad\UserData
2008-04-23 14:49:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Gtek
2008-04-23 14:49:46 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-04-23 14:49:46 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-04-23 14:49:46 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-04-23 14:49:46 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-04-23 14:49:46 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-04-23 14:49:46 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-04-23 14:49:46 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-04-23 14:49:46 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-04-23 14:49:46 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-04-23 14:49:46 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-04-23 14:49:46 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-04-23 14:49:46 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-04-23 14:49:46 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-04-23 14:49:46 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2008-04-23 14:49:46 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-04-23 14:49:46 0 d-------- C:\Documents and Settings\Administrator\Application Data\Intuit
2008-04-23 14:49:46 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-04-23 14:49:44 1048576 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-04-23 14:40:23 0 d--h----- C:\Documents and Settings\Brad\Local Settings
2008-04-23 14:40:23 0 dr------- C:\Documents and Settings\Brad\Favorites
2008-04-23 14:40:23 0 d-------- C:\Documents and Settings\Brad\Desktop
2008-04-23 14:40:23 0 d---s---- C:\Documents and Settings\Brad\Cookies
2008-04-23 14:40:23 0 dr-h----- C:\Documents and Settings\Brad\Application Data
2008-04-23 14:40:23 0 d-------- C:\Documents and Settings\Brad\Application Data\Real
2008-04-23 14:40:23 0 d---s---- C:\Documents and Settings\Brad\Application Data\Microsoft
2008-04-23 14:40:23 0 d-------- C:\Documents and Settings\Brad\Application Data\Intuit
2008-04-23 14:40:23 0 d-------- C:\Documents and Settings\Brad\Application Data\Identities
2008-04-23 14:40:23 0 d-------- C:\Documents and Settings\Brad\Application Data\Gtek
2008-04-23 14:40:22 0 d-------- C:\Documents and Settings\Brad\WINDOWS
2008-04-23 14:40:22 0 d--h----- C:\Documents and Settings\Brad\Templates
2008-04-23 14:40:22 0 dr------- C:\Documents and Settings\Brad\Start Menu
2008-04-23 14:40:22 0 dr-h----- C:\Documents and Settings\Brad\SendTo
2008-04-23 14:40:22 0 dr-h----- C:\Documents and Settings\Brad\Recent
2008-04-23 14:40:22 0 d--h----- C:\Documents and Settings\Brad\PrintHood
2008-04-23 14:40:22 1048576 --ah----- C:\Documents and Settings\Brad\NTUSER.DAT
2008-04-23 14:40:22 0 d--h----- C:\Documents and Settings\Brad\NetHood
2008-04-23 14:40:22 0 dr------- C:\Documents and Settings\Brad\My Documents
2008-04-23 14:37:37 0 d-------- C:\Documents and Settings\Brad2\Application Data\Intuit
2008-04-23 14:37:37 0 d-------- C:\Documents and Settings\Brad2\Application Data\Identities
2008-04-23 14:37:37 0 d-------- C:\Documents and Settings\Brad2\Application Data\Gtek
2008-04-23 14:37:36 0 d-------- C:\Documents and Settings\Brad2\WINDOWS
2008-04-23 14:37:36 0 d--h----- C:\Documents and Settings\Brad2\Templates
2008-04-23 14:37:36 0 dr------- C:\Documents and Settings\Brad2\Start Menu
2008-04-23 14:37:36 0 dr-h----- C:\Documents and Settings\Brad2\SendTo
2008-04-23 14:37:36 0 dr-h----- C:\Documents and Settings\Brad2\Recent
2008-04-23 14:37:36 0 d--h----- C:\Documents and Settings\Brad2\PrintHood
2008-04-23 14:37:36 1048576 --ah----- C:\Documents and Settings\Brad2\NTUSER.DAT
2008-04-23 14:37:36 0 d--h----- C:\Documents and Settings\Brad2\NetHood
2008-04-23 14:37:36 0 dr------- C:\Documents and Settings\Brad2\My Documents
2008-04-23 14:37:36 0 d--h----- C:\Documents and Settings\Brad2\Local Settings
2008-04-23 14:37:36 0 dr------- C:\Documents and Settings\Brad2\Favorites
2008-04-23 14:37:36 0 d-------- C:\Documents and Settings\Brad2\Desktop
2008-04-23 14:37:36 0 d---s---- C:\Documents and Settings\Brad2\Cookies
2008-04-23 14:37:36 0 dr-h----- C:\Documents and Settings\Brad2\Application Data
2008-04-23 14:37:36 0 d-------- C:\Documents and Settings\Brad2\Application Data\Real
2008-04-23 14:37:36 0 d---s---- C:\Documents and Settings\Brad2\Application Data\Microsoft
2008-04-23 13:34:57 0 d-------- C:\Program Files\Windows Defender
2008-04-22 18:05:00 0 d-------- C:\Program Files\Recovery Toolbox for Outlook Express
2008-04-22 17:21:47 0 d-------- C:\Program Files\Power Email Recovery for Outlook Express
2008-04-22 15:45:30 0 d-------- C:\WINDOWS\system32\PreInstall
2008-04-22 09:46:55 0 dr-h----- C:\Documents and Settings\Compaq_Administrator\Recent
2008-04-22 09:46:54 0 dr-hs---- C:\cmdcons
2008-04-22 09:46:36 0 d-------- C:\WINDOWS\setupupd
2008-04-22 09:38:54 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Intuit
2008-04-22 09:38:54 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Identities
2008-04-22 09:38:54 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Gtek
2008-04-22 09:38:53 0 d-------- C:\Documents and Settings\Compaq_Administrator\WINDOWS
2008-04-22 09:38:53 0 d--h----- C:\Documents and Settings\Compaq_Administrator\Templates
2008-04-22 09:38:53 0 dr------- C:\Documents and Settings\Compaq_Administrator\Start Menu
2008-04-22 09:38:53 0 dr-h----- C:\Documents and Settings\Compaq_Administrator\SendTo
2008-04-22 09:38:53 0 d--h----- C:\Documents and Settings\Compaq_Administrator\PrintHood
2008-04-22 09:38:53 2097152 --a------ C:\Documents and Settings\Compaq_Administrator\NTUSER.DAT
2008-04-22 09:38:53 0 d--h----- C:\Documents and Settings\Compaq_Administrator\NetHood
2008-04-22 09:38:53 0 dr------- C:\Documents and Settings\Compaq_Administrator\My Documents
2008-04-22 09:38:53 0 d--h----- C:\Documents and Settings\Compaq_Administrator\Local Settings
2008-04-22 09:38:53 0 dr------- C:\Documents and Settings\Compaq_Administrator\Favorites
2008-04-22 09:38:53 0 d-------- C:\Documents and Settings\Compaq_Administrator\Desktop
2008-04-22 09:38:53 0 d--hs---- C:\Documents and Settings\Compaq_Administrator\Cookies
2008-04-22 09:38:53 0 dr-h----- C:\Documents and Settings\Compaq_Administrator\Application Data
2008-04-22 09:38:53 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Real
2008-04-22 09:35:11 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-04-22 08:44:24 0 dr-hs---- C:\WINDOWS\system32\dllcache
2008-04-22 07:57:25 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\GlarySoft
2008-04-22 07:54:54 0 d-------- C:\Program Files\Registry Repair
2008-04-22 07:47:34 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Uniblue
2008-04-16 07:51:25 0 d-------- C:\videooutput
2008-04-13 14:32:56 0 d-------- C:\TubeHunter Ultra
2008-04-12 18:29:43 0 d-------- C:\Program Files\GPLGS
2008-04-12 18:28:02 0 d-------- C:\Program Files\Acro Software
2008-04-07 12:05:05 0 d-------- C:\Mp3 Output
2008-04-07 12:05:02 0 d-------- C:\Program Files\Smallvideosoft
2008-04-01 10:10:10 0 d-------- C:\Program Files\Neoretix
2008-04-01 10:08:52 0 d-------- C:\WINDOWS\Downloaded Installations
2008-03-31 14:51:22 0 d-------- C:\Movie Magic Screenwriter
-- Find3M Report ---------------------------------------------------------------
2008-04-25 09:35:10 0 d-------- C:\Program Files\Sony
2008-04-24 20:08:28 4820 --a------ C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
2008-04-24 08:43:16 3204 --a------ C:\WINDOWS\mozver.dat
2008-04-23 21:51:46 0 d-------- C:\Program Files\music_now
2008-04-23 18:55:29 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-23 18:26:09 0 d-------- C:\Program Files\Common Files
2008-04-23 14:47:08 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-23 11:52:44 0 d-------- C:\Program Files\Yahoo!
2008-04-23 08:13:17 0 d-------- C:\Program Files\PC-Doctor 5 for Windows
2008-04-22 08:03:19 129 --a------ C:\Documents and Settings\Compaq_Administrator\Application Data\EasyBejeweled.exe.ini
2008-04-21 15:29:01 0 d-------- C:\Program Files\RapidLeecher Ultimate 2007
2008-04-21 13:56:44 207 --a------ C:\Documents and Settings\Compaq_Administrator\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
2008-03-24 17:50:34 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Adobe
2008-03-24 17:49:55 0 d-------- C:\Program Files\Bonjour
2008-03-24 17:42:12 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-03-24 11:00:20 3012 --a------ C:\drmHeader.bin
2008-03-18 09:07:52 0 d-------- C:\Program Files\Player
2008-03-17 09:46:27 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Media Player Classic
2008-03-17 09:44:57 0 d-------- C:\Program Files\Real Alternative
2008-03-14 15:01:26 0 d-------- C:\Program Files\DivX
2008-03-14 11:43:48 0 d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Netscape
2008-03-06 12:20:05 0 d-------- C:\Program Files\Linksys EasyLink Advisor
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [09/29/2005 09:01 PM]
"ftutil2"="ftutil2.dll" [06/07/2004 02:05 PM C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [06/13/2006 08:05 PM C:\WINDOWS\RTHDCPL.EXE]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [08/02/2005 11:19 PM C:\WINDOWS\arpwrmsg.exe]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [07/22/2005 10:14 PM]
"@"="" []
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [02/15/2006 10:34 PM]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [12/14/2004 02:23 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [02/17/2005 06:11 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [08/08/2006 02:10 AM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/29/2008 11:37 AM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 07:20 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 04:24 PM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [04/24/2008 03:14 PM]
C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 8:16:50 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/24/2005 5:05:26 AM]
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [8/8/2006 2:27:56 AM]
Free WebSite Tools.lnk - C:\Program Files\CoffeeCup Software\CoffeeCup Free FTP\ThirtyDayTimer.exe [5/13/2007 8:11:12 PM]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [12/17/2002 6:23:32 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 04/24/2008 03:14 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
-- End of Deckard's System Scanner: finished at 2008-04-25 11:47:20 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® D CPU 2.80GHz
CPU 1: Intel® Pentium® D CPU 2.80GHz
Percentage of Memory in Use: 43%
Physical Memory (total/avail): 959.36 MiB / 541.47 MiB
Pagefile Memory (total/avail): 2314.13 MiB / 1882.92 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1932.75 MiB
C: is Fixed (NTFS) - 224.54 GiB total, 107.64 GiB free.
D: is Fixed (FAT32) - 8.33 GiB total, 0.35 GiB free.
E: is CDROM (Unformatted)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Fixed (FAT32) - 186.26 GiB total, 1.39 GiB free.
\\.\PHYSICALDRIVE0 - WDC WD2500JS-60NCB1 - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 224.54 GiB - C:
\PARTITION1 - Unknown - 8.33 GiB - D:
\\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device
\\.\PHYSICALDRIVE1 - ST320082 2A USB Device - 186.31 GiB - 1 partition
\PARTITION0 (bootable) - Unknown - 186.31 GiB - J:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AV: avast! antivirus 4.8.1169 [VPS 080425-1] v4.8.1169 (ALWIL Software)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\DISC\\DISCover.exe"="C:\\Program Files\\DISC\\DISCover.exe:*:Enabled:DISCover Drop & Play System"
"C:\\Program Files\\DISC\\DiscStreamHub.exe"="C:\\Program Files\\DISC\\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub"
"C:\\Program Files\\DISC\\myFTP.exe"="C:\\Program Files\\DISC\\myFTP.exe:*:Enabled:DISCover FTP"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Compaq_Administrator\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-4DACD0EA75
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Compaq_Administrator
LOGONSERVER=\\YOUR-4DACD0EA75
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0407
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
USERDOMAIN=YOUR-4DACD0EA75
USERNAME=Compaq_Administrator
USERPROFILE=C:\Documents and Settings\Compaq_Administrator
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Compaq_Administrator
(admin)Brad2
(admin)Brad
(admin)Administrator
(new local, admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Reader 7.0.5 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Compaq Connections (remove only) --> C:\WINDOWS\HPCPCUninstall-5577497\HPBWSetup.exe -appid 5577497 -uninstall
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
Data Fax SoftModem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -ITrx200Ck.inf
DISCover --> "C:\Program Files\DISC\uninstall.exe"
Easy Hi-Q Recorder 2.2 --> "C:\Program Files\Easy Hi-Q Recorder\unins000.exe"
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Boot Optimizer --> MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP DVD Play 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Support Overview --> "C:\WINDOWS\unins000.exe"
HP Web Helper --> regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Macromedia Flash Player 8 --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Away Mode -->
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Standard Edition 2003 60 days trial --> c:\hp\bin\cloaker.exe c:\hp\bin\MSOffice\uninst.cmd
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Netscape Browser (remove only) --> "C:\Program Files\Netscape\Netscape Browser\NSUninst.exe"
Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe"
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Power Email Recovery for Outlook Express 1.1 --> "C:\Program Files\Power Email Recovery for Outlook Express\unins000.exe"
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Recovery Toolbox for Outlook Express 1.1 --> "C:\Program Files\Recovery Toolbox for Outlook Express\unins000.exe"
Remove WeatherBug Installer --> c:\hp\bin\cloaker.exe c:\hp\bin\commands.exe /c c:\hp\bin\wbug\clean.bat
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sonic Express Labeler --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio --> MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony ACID Pro 6.0 --> MsiExec.exe /X{87DABCF7-2C38-4996-8FBE-053CA6536168}
Sony Media Manager 2.2 --> MsiExec.exe /X{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update Rollup 2 for Windows XP Media Center Edition 2005 -->
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067 --> "C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Pack 1.0 -->
-- Application Event Log -------------------------------------------------------
Event Record #/Type256 / Warning
Event Submitted/Written: 04/25/2008 10:44:23 AM
Event ID/Source: 19011 / MSSQL$SONY_MEDIAMGR
Event Description:
(SpnRegister) : Error 1355
Event Record #/Type252 / Warning
Event Submitted/Written: 04/25/2008 10:42:31 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type232 / Warning
Event Submitted/Written: 04/25/2008 10:15:19 AM
Event ID/Source: 0 / System.ServiceModel.Install 3.0.0.0
Event Description:
HTTP namespace reservations are not installed.
Event Record #/Type230 / Warning
Event Submitted/Written: 04/25/2008 10:15:13 AM
Event ID/Source: 0 / System.ServiceModel.Install 3.0.0.0
Event Description:
HttpModules node ServiceModel does not exist in System.Web section group.
Event Record #/Type229 / Warning
Event Submitted/Written: 04/25/2008 10:15:13 AM
Event ID/Source: 0 / System.ServiceModel.Install 3.0.0.0
Event Description:
HttpHandlers node *.svc does not exist in System.Web section group.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type853 / Warning
Event Submitted/Written: 04/25/2008 11:47:03 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-4DACD0EA7527 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-4DACD0EA7527 can't undo changes that you allow.
For more information please see the following:
%YOUR-4DACD0EA75275
Scan ID: {D7C4FE8D-5AB2-47C3-87AB-853F33116C61}
User: YOUR-4DACD0EA75\Compaq_Administrator
Name: %YOUR-4DACD0EA75271
ID: %YOUR-4DACD0EA75272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %YOUR-4DACD0EA75276
Alert Type: %YOUR-4DACD0EA75278
Detection Type: 1.1.1593.02
Event Record #/Type852 / Warning
Event Submitted/Written: 04/25/2008 11:47:03 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-4DACD0EA7527 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-4DACD0EA7527 can't undo changes that you allow.
For more information please see the following:
%YOUR-4DACD0EA75275
Scan ID: {4CD37970-D379-4A9B-AF4E-2E32CFBBDA06}
User: YOUR-4DACD0EA75\Compaq_Administrator
Name: %YOUR-4DACD0EA75271
ID: %YOUR-4DACD0EA75272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %YOUR-4DACD0EA75276
Alert Type: %YOUR-4DACD0EA75278
Detection Type: 1.1.1593.02
Event Record #/Type851 / Warning
Event Submitted/Written: 04/25/2008 11:47:03 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-4DACD0EA7527 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-4DACD0EA7527 can't undo changes that you allow.
For more information please see the following:
%YOUR-4DACD0EA75275
Scan ID: {D0070489-E887-4A81-B271-266AA76164E7}
User: YOUR-4DACD0EA75\Compaq_Administrator
Name: %YOUR-4DACD0EA75271
ID: %YOUR-4DACD0EA75272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %YOUR-4DACD0EA75276
Alert Type: %YOUR-4DACD0EA75278
Detection Type: 1.1.1593.02
Event Record #/Type850 / Warning
Event Submitted/Written: 04/25/2008 11:47:01 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-4DACD0EA7527 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-4DACD0EA7527 can't undo changes that you allow.
For more information please see the following:
%YOUR-4DACD0EA75275
Scan ID: {4B4760A8-4776-4773-AF31-5720A8C75A24}
User: YOUR-4DACD0EA75\Compaq_Administrator
Name: %YOUR-4DACD0EA75271
ID: %YOUR-4DACD0EA75272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %YOUR-4DACD0EA75276
Alert Type: %YOUR-4DACD0EA75278
Detection Type: 1.1.1593.02
Event Record #/Type849 / Warning
Event Submitted/Written: 04/25/2008 11:47:01 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-4DACD0EA7527 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-4DACD0EA7527 can't undo changes that you allow.
For more information please see the following:
%YOUR-4DACD0EA75275
Scan ID: {9AF6D8E6-E49C-4A1B-AB9E-5E815F5F8BD5}
User: YOUR-4DACD0EA75\Compaq_Administrator
Name: %YOUR-4DACD0EA75271
ID: %YOUR-4DACD0EA75272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %YOUR-4DACD0EA75276
Alert Type: %YOUR-4DACD0EA75278
Detection Type: 1.1.1593.02
-- End of Deckard's System Scanner: finished at 2008-04-25 11:47:20 ------------