Below are the results of running DSS. I work 2 jobs so I am very late doing this tonight. The first is the main.txt file created and the 2nd is the extra.txt file created. Thanks!
Deckard's System Scanner v20071014.68
Run by Tracy on 2008-07-03 00:16:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
8: 2008-07-03 04:00:02 UTC - RP316 - Scheduled Checkpoint
7: 2008-07-02 12:52:24 UTC - RP315 - Installed Ad-Aware
6: 2008-07-02 04:28:01 UTC - RP313 - Last good restore point
5: 2008-07-01 23:19:20 UTC - RP312 - Installed Ad-Aware
4: 2008-07-01 23:05:41 UTC - RP311 - Restore Operation
-- First Restore Point --
1: 2008-06-30 05:49:39 UTC - RP308 - Last known good configuration
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Tracy.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:39 AM, on 7/3/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Users\Tracy\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tracy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {C28459E5-CF56-4F9F-8FA9-69A3302D897C} - C:\Windows\system32\hgGxWqoN.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [WeatherClock] C:\Program Files\Weather Clock\WeatherClock.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Tracy\AppData\Local\Temp\rqrolkki.dll,#1
O4 - HKCU\..\Run: [BM07e1bc95] Rundll32.exe "C:\Windows\system32\ogwobsxa.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 5613 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080630-231145-205 O4 - HKLM\..\Run: [BM07e1bc95] Rundll32.exe "C:\Windows\system32\njwpoecb.dll",s
backup-20080630-231145-315 O2 - BHO: (no name) - {3827DB86-C061-4238-A30D-7BED7EDE2DFF} - C:\Windows\system32\hgGxWqoN.dll
backup-20080630-231145-556 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
backup-20080630-231145-646 O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
backup-20080630-231145-832 O2 - BHO: (no name) - {99DCA8DD-A2CE-4611-8EAB-A613DA149022} - C:\Windows\system32\fccbAPgh.dll (file missing)
backup-20080630-231145-938 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\pmnKDuuU.dll,#1
backup-20080630-231145-942 O2 - BHO: {8dd58874-3a02-f6b9-c864-581d123d5f41} - {14f5d321-d185-468c-9b6f-20a347885dd8} - C:\Windows\system32\jsuebh.dll
backup-20080630-232343-209 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.systemreq.../sysreqlab2.cabbackup-20080630-232343-308 O2 - BHO: (no name) - {86FAFDC2-ECCF-4ECE-B226-D9B68AD476A8} - C:\Windows\system32\hgGxWqoN.dll
backup-20080630-232343-474 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\hgGxWQJc.dll,#1
backup-20080630-232343-684 O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) -
http://www.pogo.com/...erInstaller.CABbackup-20080630-232343-694 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
backup-20080630-232343-847 O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace....ploader1005.cabbackup-20080630-232343-869 O4 - HKLM\..\Run: [BM07e1bc95] Rundll32.exe "C:\Windows\system32\njwpoecb.dll",s
backup-20080630-232344-110 O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
backup-20080630-232344-611 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabbackup-20080630-232344-847 O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
backup-20080630-232344-897 O16 - DPF: {B198A72B-B4C3-42B5-B8DA-B364E76429AA} (Cerebus Class) -
http://qaorg50.mlxch...trol/WebDog.cabbackup-20080630-232344-979 O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} (GeacRevw Control) -
http://inrp4.qa.firs...ol/IRCSharc.cabbackup-20080630-233021-132 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\cbXOEvtU.dll,#1
backup-20080630-233021-248 O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
backup-20080630-233021-527 O4 - HKLM\..\Run: [BM07e1bc95] Rundll32.exe "C:\Windows\system32\njwpoecb.dll",s
backup-20080630-233021-696 O2 - BHO: (no name) - {E67CA54C-C14A-4B9F-8E46-91E4866C865D} - C:\Windows\system32\hgGxWqoN.dll
backup-20080630-233021-873 O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
backup-20080701-001953-116 R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
backup-20080701-001953-396 O13 - Gopher Prefix:
backup-20080701-001953-574 O4 - HKLM\..\Run: [BM07e1bc95] Rundll32.exe "C:\Windows\system32\njwpoecb.dll",s
backup-20080701-001953-663 O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
backup-20080701-001953-759 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\cbXOEvtU.dll,#1
backup-20080701-001953-813 O2 - BHO: (no name) - {E67CA54C-C14A-4B9F-8E46-91E4866C865D} - C:\Windows\system32\hgGxWqoN.dll
backup-20080701-002528-120 O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
backup-20080701-002528-415 O2 - BHO: (no name) - {EF22A291-5ABC-4D5B-8E62-8017A45E9826} - C:\Windows\system32\hgGxWqoN.dll
backup-20080701-002528-725 O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
backup-20080701-002528-935 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
backup-20080701-002528-945 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\fccdayxu.dll,#1
backup-20080701-003232-993 O2 - BHO: (no name) - {3AE447A0-2C65-4EEE-A1E4-8D18DAB47DD4} - C:\Windows\system32\hgGxWqoN.dll
backup-20080701-003233-290 O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
backup-20080701-003233-510 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\xxywVlLD.dll,#1
backup-20080701-003417-432 O2 - BHO: (no name) - {3AE447A0-2C65-4EEE-A1E4-8D18DAB47DD4} - C:\Windows\system32\hgGxWqoN.dll
backup-20080701-003417-877 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\xxywVlLD.dll,#1
backup-20080701-003417-919 O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
backup-20080701-004407-637 O2 - BHO: (no name) - {120CE670-59E8-4AC0-8A1C-7C852B2F4323} - C:\Windows\system32\hgGxWqoN.dll
backup-20080701-004407-947 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\awtsTkLf.dll,#1
backup-20080701-005550-475 O2 - BHO: (no name) - {73ECF96F-376E-4537-B13E-527427BFB02D} - C:\Windows\system32\hgGxWqoN.dll
backup-20080701-005550-613 O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\ssqOFYSM.dll,#1
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
S3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys
S3 SRTSPL - c:\windows\system32\drivers\srtspl.sys <Not Verified; Symantec Corporation; AutoProtect>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S4 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
-- Files created between 2008-06-03 and 2008-07-03 -----------------------------
2008-07-02 00:28:09 0 d-------- C:\Program Files\rhcar8j0e5d3
2008-07-01 09:11:34 0 d-------- C:\Program Files\Lavasoft
2008-07-01 09:11:33 0 d-------- C:\Users\All Users\Lavasoft
2008-07-01 02:37:44 0 d-------- C:\VundoFix Backups
2008-07-01 01:05:53 91136 --a------ C:\Windows\system32\ogwobsxa.dll
2008-07-01 01:05:12 345 --ahs---- C:\Windows\system32\NoUwxyay.ini2
2008-07-01 01:05:02 320000 --a------ C:\Windows\system32\yayxwUoN.dll
2008-07-01 00:59:59 57856 --a------ C:\Windows\system32\mlJBSlKc.dll
2008-06-30 23:01:25 81920 --a------ C:\Windows\system32\ksrglolc.dll
2008-06-30 22:47:13 103424 --a------ C:\Windows\system32\jsuebh.dll
2008-06-30 22:47:12 103424 --a------ C:\Windows\system32\onfsunat.dll
2008-06-30 22:44:03 91136 --a------ C:\Windows\system32\njwpoecb.dll
2008-06-30 22:43:23 654315 --ahs---- C:\Windows\system32\NoqWxGgh.ini2
2008-06-30 22:43:19 320000 --a------ C:\Windows\system32\hgGxWqoN.dll
2008-06-30 22:38:11 0 -rahs---- C:\MSDOS.SYS
2008-06-30 22:38:11 0 -rahs---- C:\IO.SYS
2008-06-30 01:50:29 82432 --a------ C:\Windows\system32\xrqselqm.dll
2008-06-30 01:48:39 1233 --ahs---- C:\Windows\system32\hgPAbccf.ini2
2008-06-30 01:06:02 0 d-------- C:\Program Files\Acoustica CD Label Maker
2008-06-11 09:41:01 368912 --a------ C:\Windows\system32\vbar332.dll <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-06-11 09:41:01 29696 --a------ C:\Windows\system32\vb5stkit.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-06-11 09:41:01 0 d-------- C:\Windows\MSAPPS
2008-06-11 09:41:00 317952 --a------ C:\Windows\system32\ROBOEX32.DLL <Not Verified; Blue Sky Software Corporation.; RoboHELP Classic>
2008-06-11 09:40:59 72704 --a------ C:\Windows\system32\Odbctl32.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2008-06-11 09:40:59 407312 --a------ C:\Windows\system32\MSREPL35.DLL <Not Verified; Microsoft Corporation; Microsoft® Access>
2008-06-11 09:40:59 252176 --a------ C:\Windows\system32\MSRD2X35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-06-11 09:40:59 169984 --a------ C:\Windows\system32\MSLTUS35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-06-11 09:40:59 24848 --a------ C:\Windows\system32\MSJTER35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-06-11 09:40:59 123664 --a------ C:\Windows\system32\MSJINT35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-06-11 09:40:58 540944 --a------ C:\Windows\system32\sqloledb.dll <Not Verified; Microsoft Corporation; Microsoft OLE DB Provider for SQL Server>
2008-06-11 09:40:58 1045776 --a------ C:\Windows\system32\Msjet35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-06-11 09:40:57 28944 --a------ C:\Windows\system32\msrecr40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2008-06-11 09:40:57 74000 --a------ C:\Windows\system32\msrclr40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2008-06-11 09:40:56 217088 --a------ C:\Windows\system32\Missouri.dll <Not Verified; ; Missouri.DLL>
2008-06-11 09:40:47 0 d-------- C:\Program Files\GeacInterealty
2008-06-10 17:35:12 0 d-------- C:\Program Files\QuickTime
-- Find3M Report ---------------------------------------------------------------
2008-07-03 00:15:08 0 d-------- C:\Users\Tracy\AppData\Roaming\uTorrent
2008-07-02 08:46:07 0 d-------- C:\Users\Tracy\AppData\Roaming\Weather Clock
2008-07-02 08:46:07 0 d-------- C:\Users\Tracy\AppData\Roaming\Mp3tag
2008-07-02 08:46:00 0 d-------- C:\Program Files\DivX
2008-07-02 08:46:00 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-01 17:29:16 0 d-------- C:\Program Files\PeerGuardian2
2008-07-01 15:19:06 0 d-------- C:\Program Files\Common Files
2008-06-30 23:00:15 0 d-------- C:\Program Files\Trend Micro
2008-06-30 22:50:53 0 d-------- C:\Program Files\Google
2008-06-11 09:41:02 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-10 22:39:04 0 d-------- C:\Program Files\Windows Mail
2008-05-20 22:53:42 0 d-------- C:\Program Files\AnMing
2008-05-20 20:45:42 0 d-------- C:\Program Files\LG Electronics
2008-05-15 08:40:17 0 d-------- C:\Program Files\Weather Clock
2008-05-14 09:34:37 0 d-------- C:\Program Files\uTorrent
2008-05-10 14:27:17 0 d-------- C:\Program Files\Zune
2008-05-06 12:41:09 0 d-------- C:\Program Files\Citrix
2008-05-06 10:14:59 23104 --a------ C:\Windows\system32\svcprmpt.dll
2008-05-06 10:14:58 30976 --a------ C:\Windows\rascntrl.dll
2008-05-05 23:55:13 0 d-------- C:\Program Files\Apple Software Update
2008-04-15 17:17:46 385060 --a------ C:\Windows\system32\GeacView.dll <Not Verified; Geac Corp; GeacView Dynamic Link Library>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C28459E5-CF56-4F9F-8FA9-69A3302D897C}]
06/30/2008 10:43 PM 320000 --a------ C:\Windows\system32\hgGxWqoN.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [11/22/2006 07:12 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [11/28/2006 08:34 AM]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [07/15/2005 05:48 PM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [02/05/2007 07:52 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [09/18/2005 08:40 PM]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [01/30/2008 12:34 AM]
"WeatherClock"="C:\Program Files\Weather Clock\WeatherClock.exe" [05/07/2008 10:39 PM]
"Weather Clock"="" []
"MSServer"="C:\Users\Tracy\AppData\Local\Temp\rqrolkki.dll,#1" []
"BM07e1bc95"="C:\Windows\system32\ogwobsxa.dll,s" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{28C1EEFB-DD85-4227-BC29-C17D7366B27D}"= C:\Windows\system32\mlJBSlKc.dll [06/30/2008 01:43 AM 57856]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\Windows\system32\hgGxWqoN
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
backup=C:\Windows\pss\VPN Client.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\04d28f09]
rundll32.exe "C:\Windows\system32\ksrglolc.dll",b
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM07e1bc95]
Rundll32.exe "C:\Windows\system32\ogwobsxa.dll",s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\DellSupport\DSAgnt.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
c:\dell\dsca.exe 3
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
C:\Dell\E-Center\EULALauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]
rundll32.exe C:\Users\Tracy\AppData\Local\Temp\qoMCuvTn.dll,#1
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"C:\Program Files\Winamp\winampa.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
"c:\Program Files\Zune\ZuneLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient SstpSvc
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork PLA DPS BFE mpssvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-07-03 00:20:51 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Basic (build 6001) SP 1.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® Dual CPU E2160 @ 1.80GHz
Percentage of Memory in Use: 45%
Physical Memory (total/avail): 2045.45 MiB / 1111.86 MiB
Pagefile Memory (total/avail): 4330.21 MiB / 3385.6 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1900.26 MiB
C: is Fixed (NTFS) - 222.78 GiB total, 111.76 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 6.69 GiB free.
E: is CDROM (No Media)
F: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3250820AS ATA Device - 232.83 GiB - 3 partitions
\PARTITION0 - Unknown - 54.88 MiB
\PARTITION1 - Installable File System - 10 GiB - D:
\PARTITION2 (bootable) - Installable File System - 222.78 GiB - C:
\\.\PHYSICALDRIVE1 - HP PSC 1610 USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AV: Symantec AntiVirus v10.2.0.276 (Symantec Corporation)
AS: Symantec AntiVirus v10.2.0.276 (Symantec Corporation)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
Disabled[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Tracy\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TRACY-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Tracy
LOCALAPPDATA=C:\Users\Tracy\AppData\Local
LOGONSERVER=\\TRACY-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Tracy\AppData\Local\Temp
TMP=C:\Users\Tracy\AppData\Local\Temp
USERDOMAIN=Tracy-PC
USERNAME=Tracy
USERPROFILE=C:\Users\Tracy
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Tracy
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
--> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
--> C:\Windows\UNNeroVision.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
--> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Acoustica CD/DVD Label Maker --> C:\Program Files\Acoustica CD Label Maker\cdlabel.exe UNINSTALL
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader 8.1.2 Security Update 1 (KB403742) -->
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
Browser Address Error Redirector --> MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Call of Duty® 4 - Modern Warfare --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare 1.4 Patch --> C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch --> C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Cheetah Audio Converter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B1914510-38B5-4835-83D8-A188073E542F}\Setup.exe"
Cisco Systems VPN Client 5.0.01.0600 --> MsiExec.exe /X{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}
Conexant D850 PCI V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -IDel200fz.inf
Dell DataSafe Online --> MsiExec.exe /I{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}
Dell Support Center --> MsiExec.exe /X{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}
Dell System Customization Wizard --> MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
FileZilla Client 3.0.4.1 --> C:\Program Files\FileZilla Client\uninstall.exe
Full Tilt Poker --> "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -runfromtemp -l0x0009 -removeonly
Games, Music, & Photos Launcher --> MsiExec.exe /I{3E25E350-949F-4DB7-8288-2A60E018B4C1}
Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
GoToMeeting/GoToWebinar 3.0.0.198 --> C:\Program Files\Citrix\GoToMeeting\198\G2MUninstall.exe /uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
ICQ6 --> "C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Intel® Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall
Intel® PRO Network Connections 12.1.11.0 --> MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
Intel® PRO Network Connections 12.1.11.0 --> MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
Java SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
KeyText v3 --> "C:\Program Files\KeyText\unins000.exe"
LG USB Modem driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\Setup.exe" -l0x9
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Modem Diagnostic Tool --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 To Ringtone Gold 5.23 --> "C:\Program Files\AnMing\unins000.exe"
Mp3tag v2.40 --> C:\Program Files\Mp3tag\Mp3tagUninstall.EXE
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Nero 7 Premium --> MsiExec.exe /X{847CAE64-4CD2-4B2D-AF00-978FF5431033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Paint Shop Pro 7 ESD --> MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A}
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x9 -cluninstall
Product Documentation Launcher --> MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SnagIt 7 --> MsiExec.exe /I{4360BB46-507E-4361-8DCB-4FF9BDC9907B}
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\Windows\unins000.exe"
Symantec AntiVirus --> MsiExec.exe /I{7C9E6E52-EB11-44DB-A761-82D5D873A8D9}
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
User's Guides --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
Video Converter 3 --> C:\Program Files\Xilisoft\Video Converter 3\Uninstall.exe
Weather Clock 3.5 --> "C:\Program Files\Weather Clock\unins000.exe"
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"
Xilisoft Video Converter 3 --> C:\Program Files\Xilisoft\Video Converter 3\Uninstall.exe
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Zune --> c:\Program Files\Zune\ZuneSetup.exe /x
Zune --> MsiExec.exe /X{FF70513F-E3A7-402F-84FB-B7810A064BE2}
Zune Language Pack (ES) --> MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR) --> MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
-- Application Event Log -------------------------------------------------------
Event Record #/Type13203 / Error
Event Submitted/Written: 07/03/2008 00:12:42 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application Explorer.EXE, version 6.0.6001.18000, time stamp 0x47918e5d, faulting module msvcrt.dll, version 7.0.6001.18000, time stamp 0x4791a727, exception code 0xc0000005, fault offset 0x00009c00,
process id 0x5d4, application start time 0xExplorer.EXE0.
Event Record #/Type13183 / Success
Event Submitted/Written: 07/02/2008 08:47:44 AM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type13182 / Success
Event Submitted/Written: 07/02/2008 08:47:42 AM
Event ID/Source: 5615 / WinMgmt
Event Description:
Event Record #/Type13178 / Success
Event Submitted/Written: 07/02/2008 08:47:28 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
Event Record #/Type13166 / Warning
Event Submitted/Written: 07/02/2008 08:42:00 AM
Event ID/Source: 6000 / Wlclntfy
Event Description:
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type40118 / Warning
Event Submitted/Written: 07/02/2008 11:20:31 PM
Event ID/Source: 27 / e1express
Event Description:
Intel® 82562V-2 10/100 Network Connection
Link has been disconnected.
Event Record #/Type40106 / Warning
Event Submitted/Written: 07/02/2008 11:00:50 PM
Event ID/Source: 27 / e1express
Event Description:
Intel® 82562V-2 10/100 Network Connection
Link has been disconnected.
Event Record #/Type40088 / Error
Event Submitted/Written: 07/02/2008 08:53:55 AM
Event ID/Source: 7030 / Service Control Manager
Event Description:
Lavasoft Ad-Aware Service
Event Record #/Type39996 / Error
Event Submitted/Written: 07/02/2008 08:47:42 AM
Event ID/Source: 1048 / LSM
Event Description:
Terminal Service start failed. The relevant status code was The configuration data for this product is corrupt. Contact your support personnel.
.
Event Record #/Type39995 / Error
Event Submitted/Written: 07/02/2008 08:47:23 AM
Event ID/Source: 15016 / HTTP
Event Description:
\Device\Http\ReqQueueKerberos
-- End of Deckard's System Scanner: finished at 2008-07-03 00:20:51 ------------