Deckard's System Scanner v20071014.68
Run by Good Times on 2008-07-22 11:42:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
24: 2008-07-22 15:42:29 UTC - RP320 - Deckard's System Scanner Restore Point
23: 2008-07-21 01:40:46 UTC - RP319 - System Checkpoint
22: 2008-07-19 14:01:08 UTC - RP318 - System Checkpoint
21: 2008-07-18 06:07:39 UTC - RP317 - System Checkpoint
20: 2008-07-16 20:13:13 UTC - RP316 - System Checkpoint
-- First Restore Point --
1: 2008-06-25 16:46:47 UTC - RP297 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Good Times.exe) ------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:13 AM, on 7/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\emMON.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
J:\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\MSTMON_Y.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Documents and Settings\Good Times\Desktop\dss.exe
c:\PROGRA~1\mcafee\mpf\mc\mpfalert.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Good Times.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.comcast.net/toolbar2.0/search/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.netR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.comcast.netR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.netR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.comcast.net/toolbar2.0/search/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [emMON] emMON.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "F:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1400W STD] C:\WINDOWS\system32\MSTMON_Y.EXE STARTUP
O4 - HKLM\..\Run: [OneTouch Monitor] C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "J:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - Startup: KONICA MINOLTA PagePro 1400W Status.lnk = C:\WINDOWS\system32\MSTMON_Y.EXE
O8 - Extra context menu item: Open with WordPerfect - F:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cabO16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://chill.comcast.net/GameShell/onli ... uncher.cabO16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) -
http://chill.comcast.net/Gameshell/Game ... meHost.cabO18 - Filter hijack: text/html - {64b8dd45-a562-4007-8b82-da8311378567} - C:\WINDOWS\system32\msiebbar.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
--
End of file - 5698 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080722-113900-841 O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) -
http://secure2.comned.com/signuptemplat ... -devel.cabbackup-20080722-113901-129 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.2) -
http://javadl-esd.sun.com/update/1.4.2/ ... s-i586.cabbackup-20080722-113901-498 O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/Good%20Times/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
backup-20080722-113901-632 O18 - Filter hijack: text/html - {64b8dd45-a562-4007-8b82-da8311378567} - C:\WINDOWS\system32\msiebbar.dll
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys (file missing)
S3 ScanUSBEMPIA (USB Still Image Capture Device) - c:\windows\system32\drivers\emscan.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID:
Description: Multimedia Audio Controller
Device ID: PCI\VEN_1039&DEV_7012&SUBSYS_80B01043&REV_A0\3&61AAA01&0&17
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_1039&DEV_7012&SUBSYS_80B01043&REV_A0\3&61AAA01&0&17
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-07-22 11:31:58 432 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F29336A8-54A5-4125-9389-FDC896C0E914}.job
2008-07-01 01:00:08 362 --a------ C:\WINDOWS\Tasks\McQcTask.job
2008-06-15 01:03:00 360 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-05-26 23:00:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-06-22 and 2008-07-22 -----------------------------
2008-07-13 02:17:16 0 d-------- C:\Documents and Settings\standard\Application Data\COMCASTTOOLBAR
2008-07-13 02:16:59 0 d-------- C:\Documents and Settings\standard\Application Data\Real
2008-07-13 02:16:35 0 d-------- C:\Documents and Settings\standard\Application Data\Identities
2008-07-13 02:16:19 0 d--h----- C:\Documents and Settings\standard\Templates
2008-07-13 02:16:19 0 dr------- C:\Documents and Settings\standard\Start Menu
2008-07-13 02:16:19 0 dr-h----- C:\Documents and Settings\standard\SendTo
2008-07-13 02:16:19 0 dr-h----- C:\Documents and Settings\standard\Recent
2008-07-13 02:16:19 0 d--h----- C:\Documents and Settings\standard\PrintHood
2008-07-13 02:16:19 0 d--h----- C:\Documents and Settings\standard\NetHood
2008-07-13 02:16:19 0 dr------- C:\Documents and Settings\standard\My Documents
2008-07-13 02:16:19 0 d--h----- C:\Documents and Settings\standard\Local Settings
2008-07-13 02:16:19 0 dr------- C:\Documents and Settings\standard\Favorites
2008-07-13 02:16:19 0 d-------- C:\Documents and Settings\standard\Desktop
2008-07-13 02:16:19 0 d--hs---- C:\Documents and Settings\standard\Cookies
2008-07-13 02:16:19 0 dr-h----- C:\Documents and Settings\standard\Application Data
2008-07-13 02:16:19 0 d---s---- C:\Documents and Settings\standard\Application Data\Microsoft
2008-07-13 02:16:18 786432 --ah----- C:\Documents and Settings\standard\NTUSER.DAT
2008-07-02 20:33:14 11800 --a------ C:\WINDOWS\system32\msiebbar.dll
-- Find3M Report ---------------------------------------------------------------
2008-07-22 11:35:48 0 d-------- C:\Documents and Settings\Good Times\Application Data\DNA
2008-07-22 11:26:12 0 d-------- C:\Documents and Settings\Good Times\Application Data\ComcastToolbar
2008-07-16 21:44:53 0 d-------- C:\Documents and Settings\Good Times\Application Data\BitTorrent
2008-07-10 23:50:04 0 d-------- C:\Documents and Settings\Good Times\Application Data\Adobe
2008-07-02 00:17:55 0 d-------- C:\Program Files\Common Files
2008-06-22 20:02:24 0 d-------- C:\Program Files\McAfee
2008-06-17 14:06:46 0 d-------- C:\Program Files\Common Files\McAfee
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"emMON"="emMON.exe" [05/30/2006 09:24 PM C:\WINDOWS\emMON.exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]
"QuickFinder Scheduler"="F:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [12/01/2005 01:45 AM]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [08/11/2005 05:30 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [08/11/2005 05:30 PM]
"KONICA MINOLTA PagePro 1400W STD"="C:\WINDOWS\system32\MSTMON_Y.exe" [01/18/2006 12:10 PM]
"OneTouch Monitor"="C:\Program Files\Visioneer OneTouch\OneTouchMon.exe" [05/28/2002 09:16 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [04/10/2008 01:50 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="J:\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [11/01/2007 07:12 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [05/05/2008 11:15 PM]
C:\Documents and Settings\Good Times\Start Menu\Programs\Startup\
KONICA MINOLTA PagePro 1400W Status.lnk - C:\WINDOWS\system32\MSTMON_Y.EXE [11/12/2007 11:59:34 PM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36bd26e5-deaf-11dc-83b7-000ea61407bc}]
AutoRun\command- I:\wdsync.exe
-- End of Deckard's System Scanner: finished at 2008-07-22 11:43:55 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) 4 CPU 2.40GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of Memory in Use: 45%
Physical Memory (total/avail): 1023.53 MiB / 555.94 MiB
Pagefile Memory (total/avail): 2461.68 MiB / 2093.71 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.45 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 10.26 GiB total, 1.58 GiB free.
D: is CDROM (No Media)
E: is Fixed (NTFS) - 3.29 GiB total, 2.21 GiB free.
F: is Fixed (NTFS) - 23.72 GiB total, 6.81 GiB free.
G: is CDROM (No Media)
H: is CDROM (No Media)
J: is Fixed (NTFS) - 233.76 GiB total, 160.83 GiB free.
\\.\PHYSICALDRIVE1 - ST380013A - 74.53 GiB - 0 partitions
\PARTITION0 - Extended w/Extended Int 13 - 7.84 MiB
\\.\PHYSICALDRIVE0 - WDC WD400BB-34DEA0 - 37.27 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 10.26 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 27.01 GiB - E: - F:
\\.\PHYSICALDRIVE2 - Maxtor 6 L250R0 USB Device - 233.76 GiB - 1 partition
\PARTITION0 - Installable File System - 233.76 GiB - J:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Disabled:BitLord"
"J:\\iTunes\\iTunes.exe"="J:\\iTunes\\iTunes.exe:*:Disabled:iTunes"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"F:\\civ4\\Civilization4.exe"="F:\\civ4\\Civilization4.exe:*:Disabled:Sid Meier's Civilization 4"
"F:\\civ4\\Beyond the Sword\\Civ4BeyondSword.exe"="F:\\civ4\\Beyond the Sword\\Civ4BeyondSword.exe:*:Disabled:Sid Meier's Civilization 4 Beyond the Sword"
"F:\\civ4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"="F:\\civ4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe:*:Disabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"F:\\civ4\\Warlords\\Civ4Warlords_PitBoss.exe"="F:\\civ4\\Warlords\\Civ4Warlords_PitBoss.exe:*:Disabled:Sid Meier's Civilization 4 Pitboss"
"F:\\civ4\\Warlords\\Civ4Warlords.exe"="F:\\civ4\\Warlords\\Civ4Warlords.exe:*:Disabled:Sid Meier's Civilization 4 Warlords"
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Disabled:javaw"
"C:\\Program Files\\ScanSoft\\PaperPort\\NAVBrowser.exe"="C:\\Program Files\\ScanSoft\\PaperPort\\NAVBrowser.exe:*:Disabled:NAVBrowser"
"E:\\BitTorrent\\bittorrent.exe"="E:\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Good Times\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=GOODTIMES
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Good Times
LOGONSERVER=\\GOODTIMES
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 5, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0205
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\GOODTI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\GOODTI~1\LOCALS~1\Temp
USERDOMAIN=GOODTIMES
USERNAME=Good Times
USERPROFILE=C:\Documents and Settings\Good Times
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Good Times
(admin)standard
Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -f\"F:\Final Fantasy VII\Uninst.isu"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Astroburn --> E:\Astroburn\uninst.exe
BitTorrent --> E:\BitTorrent\uninst.exe
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Comcast Toolbar --> C:\Program Files\ComcastToolbar\uninstall.exe
ConvertXtoDVD 2.2.3.258 --> "C:\Program Files\VSO\ConvertXtoDVD\unins000.exe"
DNA --> "C:\Program Files\DNA\btdna.exe" /UNINSTALL
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Final Fantasy VII - Ultima Edition --> "F:\Final Fantasy VII\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java 2 Runtime Environment, SE v1.4.2 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
KONICA MINOLTA PagePro 1400W --> MUINST_Y.EXE /PRN:"KONICA MINOLTA PagePro 1400W"
Logitech Gaming Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C1DA723-24FC-48AD-93BA-925695C3EF26}\setup.exe" -l0x9 -removeonly
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Good Times\Application Data\Move Networks\ie_bin\Uninst.exe
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OneTouch Version 3.0 --> C:\PROGRA~1\VISION~1\UNWISE.EXE C:\PROGRA~1\VISION~1\INSTALL.LOG
PaperPort 7.02 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ScanSoft\PaperPort\Config\DeIsL1.isu" -y -c"C:\Program Files\ScanSoft\PaperPort\UnInstl2.dll"
Project64 1.6 --> MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Sid Meier's Civilization 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
Sid Meier's Civilization 4 - Beyond the Sword --> C:\Program Files\InstallShield Installation Information\{32E4F0D2-C135-475E-A841-1D59A0D22989}\setup.exe -runfromtemp -l0x0009 -removeonly
Sid Meier's Civilization 4 - Warlords --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe" -l0x9 -removeonly
Update Manager --> MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WordPerfect Office X3 --> MsiExec.exe /I{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}
-- Application Event Log -------------------------------------------------------
Event Record #/Type49 / Error
Event Submitted/Written: 07/20/2008 09:28:39 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application isuspm.exe, version 4.60.100.37068, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Processing media-specific event for [isuspm.exe!ws!]
Event Record #/Type4 / Error
Event Submitted/Written: 07/02/2008 03:03:17 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application ff7.exe, version 0.0.0.0, faulting module winmm.dll, version 5.1.2600.2180, fault address 0x000190ad.
Processing media-specific event for [ff7.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type11737 / Error
Event Submitted/Written: 07/22/2008 11:25:20 AM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.3 for the Network Card with network address 000EA61407BC has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
Event Record #/Type11734 / Error
Event Submitted/Written: 07/21/2008 10:24:32 AM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Event Record #/Type11733 / Error
Event Submitted/Written: 07/21/2008 10:24:32 AM
Event ID/Source: 17 / W32Time
Event Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Event Record #/Type11722 / Error
Event Submitted/Written: 07/20/2008 09:25:20 PM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Event Record #/Type11721 / Error
Event Submitted/Written: 07/20/2008 09:25:20 PM
Event ID/Source: 17 / W32Time
Event Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
-- End of Deckard's System Scanner: finished at 2008-07-22 11:43:55 ------------