Hi I am using a HP laptop running windows vista. a couple of weeks ago when i rebooted I had no icons start menu nothing except my documents folder... after doing some research and checking out forums i read where i should go to the task manager and start new task explorer.exe.... well that works except now every time i reboot i have to do this... also at the same time by ie7 locks up every time i c lose it ive had 25 errors reported in the last day... Ive downloaded firefox but some websites i use run only on IE any help please.... Thanks

Hi sweets8510. I need to see what is running on your system to try and identify what is causing Explorer to shut down.

Download Deckard's System Scanner (dss.exe) from here (http://deckard.geekstogo.com/dss.exe) to your Desktop. Close all open applications and windows, doubleclick on dss.exe to run it and follow the prompts.

When the scan is complete, a text file will open. Copy and paste the contents of this log (Main.txt) in your next reply. Also post the contents of Extra.txt (it should be minimised on your taskbar but if not, it can be found in the C:\Deckard\System Scanner folder). You may find that the maximum characters allowed is exceeded when you post. If so, halve the logs and make several posts.

Deckard's System Scanner v20071014.68
Run by Paradise Travel on 2008-04-17 19:36:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
25: 2008-04-17 23:03:23 UTC - RP160 - Windows Update
24: 2008-04-17 03:31:49 UTC - RP159 - Windows Update
23: 2008-04-17 01:49:24 UTC - RP158 - Installed HP Update
22: 2008-04-17 00:50:57 UTC - RP157 - Scheduled Checkpoint
21: 2008-04-15 19:06:37 UTC - RP156 - Windows Update


-- First Restore Point --
1: 2008-04-06 07:00:26 UTC - RP131 - Windows Update


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-17 19:42:57
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\System32\taskeng.exe
C:\Windows\explorer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\Paradise Travel\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
F0 - system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInsta nce.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://echat.bellsouth.net/sdccommon/download/tgctlcm.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} () - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/CursorManiaFWBInitialSetup1.0.1.0.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\System32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\System32\drivers\XAudio.exe


--
End of file - 13390 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>

S3 MREMP50 (MREMP50 NDIS Protocol Driver) - \??\c:\progra~1\common~1\motive\mremp50.sys
S3 MRESP50 (MRESP50 NDIS Protocol Driver) - \??\c:\progra~1\common~1\motive\mresp50.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 ##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 HP Health Check Service - "c:\program files\hewlett-packard\hp health check\hphc_service.exe" <Not Verified; Hewlett-Packard; HP Health Check Service>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>

S3 Com4Qlb - "c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe" <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 Vongo Service - "c:\program files\vongo\vongoservice.exe" <Not Verified; Starz Entertainment Group LLC; Vongo>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
04/13/2008 09:25 PM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
04/01/2008 08:18 AM 160496 --a------ C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInsta nce.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
01/07/2008 11:39 PM 501056 --a------ C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [09/19/2007 04:05 PM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [09/19/2007 04:05 PM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [09/19/2007 04:05 PM]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [09/15/2007 04:29 AM]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [09/30/2007 11:34 PM]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [09/19/2007 06:31 PM]
"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [09/04/2007 05:54 PM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [12/05/2007 11:31 PM]
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [08/22/2007 08:31 PM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [12/10/2006 10:52 PM]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [09/13/2007 12:47 PM]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [01/08/2007 07:53 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 05:25 AM]

2008-04-16 23:33:13 0 d-------- C:\Program Files\CONEXANT
2008-04-16 23:23:11 28285 --a------ C:\Users\Paradise Travel\AppData\Roaming\nvModes.001
2008-04-16 23:19:36 0 d-------- C:\Program Files\Google
2008-04-16 23:18:21 12 --a------ C:\Windows\bthservsdp.dat
2008-04-13 23:58:02 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Avanquest
2008-04-13 23:06:49 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Mozilla
2008-04-13 22:49:34 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\BitTorrent
2008-04-13 21:43:01 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-13 21:41:50 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\mojosoft
2008-04-13 21:28:58 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-13 21:28:54 0 d-------- C:\Program Files\Electronic Arts
2008-04-13 21:25:12 0 d-------- C:\Program Files\Common Files
2008-04-13 19:41:38 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Symantec
2008-04-13 19:08:38 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\WinRAR
2008-04-13 18:33:38 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\HP
2008-04-13 16:06:32 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\InstallShield
2008-04-13 14:39:55 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\The Bat!
2008-04-13 14:39:55 1020 --a------ C:\Users\Paradise Travel\AppData\Roaming\ex_log.txt
2008-04-12 22:01:42 0 --a------ C:\Users\Paradise Travel\AppData\Roaming\wklnhst.dat
2008-04-12 14:59:38 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Adobe
2008-04-12 13:40:41 0 d-------- C:\Program Files\Yahoo!
2008-04-12 13:40:27 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Yahoo!
2008-04-12 13:08:04 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Macromedia
2008-04-12 12:59:55 9326 --a------ C:\Users\Paradise Travel\AppData\Roaming\Comma Separated Values (DOS).EML
2008-04-12 12:59:25 28285 --a------ C:\Users\Paradise Travel\AppData\Roaming\nvModes.dat
2008-04-12 12:43:14 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Google
2008-04-12 11:39:10 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Hewlett-Packard
2008-04-12 11:39:00 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\HotSync
2008-04-12 11:38:41 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Nero
2008-04-12 11:37:47 0 d-------- C:\Users\Paradise Travel\AppData\Roaming\Identities
2008-04-12 10:01:13 0 d-------- C:\Program Files\Windows Mail
2008-04-07 19:54:14 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-05 21:51:51 0 d-------- C:\Program Files\MSBuild
2008-04-05 15:40:22 0 d-------- C:\Program Files\HP
2008-04-02 00:41:44 0 d-------- C:\Program Files\Common Files\Intuit
2008-03-29 23:11:37 0 d-------- C:\Program Files\HP Games
2008-03-23 12:39:40 0 d-------- C:\Program Files\Palm
2008-03-23 11:41:44 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\Templates
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\Start Menu
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\SendTo
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\Recent
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\PrintHood
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\NetHood
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\My Documents
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\Local Settings
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\Cookies
2008-04-05 17:21:42 0 d--hs---- C:\Users\Admin\Application Data
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Videos
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Saved Games
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Pictures
2008-04-05 17:21:41 1572864 --ahs---- C:\Users\Admin\NTUSER.DAT
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Music
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Links
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Favorites
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Downloads
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Documents
2008-04-05 17:21:41 0 dr------- C:\Users\Admin\Desktop
2008-04-05 17:21:41 0 d--h----- C:\Users\Admin\AppData
2008-04-05 15:40:12 96577 --a------ C:\Windows\hpqins16.dat
2008-04-02 20:07:04 0 d-------- C:\Users\All Users\BVRP Software
2008-04-02 01:42:47 0 d-------- C:\Program Files\Trusd
2008-04-02 01:22:28 0 d-------- C:\Program Files\Agent
2008-04-02 01:17:18 0 d-------- C:\Program Files\OrgBusiness
2008-04-02 01:11:01 0 d-------- C:\Users\Yolanda\Timestimator
2008-04-02 00:56:26 0 d-------- C:\Program Files\attdemo
2008-04-02 00:56:16 73216 --a------ C:\Windows\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-04-02 00:41:07 0 d-------- C:\Program Files\CruisePak36
2008-04-01 21:07:17 0 d-------- C:\Windows\pss
2008-04-01 19:48:48 0 d-------- C:\perflogs
2008-04-01 13:40:22 0 d-------- C:\Program Files\A4Desk
2008-04-01 13:32:07 0 d-------- C:\Program Files\Xara
2008-04-01 13:32:07 0 d-------- C:\Program Files\Common Files\Xara

2008-04-16 23:20:48 458 --a------ C:\Windows\Tasks\RegCure Program Check.job
2008-04-16 20:51:21 438 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{3DB9BB66-6DD0-4AE0-9C0A-E938C7769767}.job
2008-04-16 20:49:01 330 --a------ C:\Windows\Tasks\HPCeeScheduleForYolanda.job
2008-04-15 13:41:59 500 --a------ C:\Windows\Tasks\Norton AntiVirus - Run Full System Scan - Paradise Travel.job
2008-04-13 23:21:08 392 --a------ C:\Windows\Tasks\RegCure.job
2008-03-30 11:55:00 404 --a------ C:\Windows\Tasks\EasyShare Registration Task.job


-- Files created between 2008-03-17 and 2008-04-17 -----------------------------

2008-04-17 00:04:20 0 d-------- C:\Program Files\The Logo Creator v5
2008-04-16 23:32:47 0 d-------- C:\Windows\LastGood
2008-04-15 14:20:54 0 d-------- C:\Program Files\LogoEase
2008-04-13 23:03:33 0 d-------- C:\Program Files\RegCure
2008-04-13 22:41:27 0 d-------- C:\Program Files\BitLord
2008-04-13 21:41:50 0 d-------- C:\Program Files\MOJOSOFT
2008-04-13 21:39:13 0 d-------- C:\Program Files\Norton Security Scan
2008-04-13 21:38:38 0 d-------- C:\Windows\system32\Adobe
2008-04-13 21:34:40 0 d-------- C:\Users\Paradise Travel\Program Files
2008-04-13 21:21:31 0 d-------- C:\Program Files\Norton AntiVirus
2008-04-13 21:20:49 0 d-------- C:\Program Files\Symantec
2008-04-13 20:39:50 0 d-------- C:\Downloads
2008-04-13 20:39:28 0 d-------- C:\Program Files\BitComet
2008-04-13 20:35:00 0 d-------- C:\Program Files\Uniblue
2008-04-13 19:12:48 0 d-------- C:\Program Files\Norton Internet Security 2008
2008-04-13 19:11:34 0 d-------- C:\Program Files\Share Cracker
2008-04-13 16:09:28 0 d-------- C:\Users\All Users\Avanquest
2008-04-13 16:09:05 0 d-------- C:\Program Files\Avanquest update
2008-04-13 16:07:03 0 d-------- C:\Program Files\Avanquest
2008-04-13 14:39:20 0 d-------- C:\Users\All Users\IM
2008-04-13 14:39:18 0 d-------- C:\Users\All Users\IncrediMail
2008-04-13 14:39:18 0 d-------- C:\Program Files\IncrediMail
2008-04-13 14:10:56 0 d-------- C:\Program Files\The Bat!
2008-04-13 01:09:44 2560 --a------ C:\Windows\_MSRSTRT.EXE
2008-04-12 13:15:06 0 d-------- C:\Users\All Users\Yahoo!
2008-04-12 11:56:50 0 dr------- C:\Users\Admin\Searches
2008-04-12 11:56:43 0 dr------- C:\Users\Admin\Contacts
2008-04-12 11:37:52 0 dr------- C:\Users\Paradise Travel\Searches
2008-04-12 11:37:44 0 dr------- C:\Users\Paradise Travel\Contacts
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\Templates
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\Start Menu
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\SendTo
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\Recent
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\PrintHood
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\NetHood
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\My Documents
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\Local Settings
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\Cookies
2008-04-12 11:33:30 0 d--hs---- C:\Users\Paradise Travel\Application Data
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Videos
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Saved Games
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Pictures
2008-04-12 11:33:29 2883584 --ahs---- C:\Users\Paradise Travel\NTUSER.DAT
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Music
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Links
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Favorites
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Downloads
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Documents
2008-04-12 11:33:29 0 dr------- C:\Users\Paradise Travel\Desktop
2008-04-12 11:33:29 0 d--h----- C:\Users\Paradise Travel\AppData
2008-04-11 22:15:31 0 d-------- C:\Users\All Users\Office Genuine Advantage
2008-04-07 19:07:28 0 d-------- C:\Program Files\PowerISO
2008-04-07 18:21:54 0 d-------- C:\Program Files\SWiSH Max2
2008-04-07 18:01:56 0 d-------- C:\Program Files\Show.kit 2.1
2008-04-06 19:32:14 0 d-------- C:\SupportSoft
2008-04-06 13:18:31 0 d-------- C:\Windows\Start Menu
2008-04-05 23:25:37 58368 --a------ C:\Windows\system32\crack.exe
2008-04-05 22:59:57 0 d-------- C:\Users\All Users\FLEXnet
2008-04-05 22:54:22 0 d-------- C:\Program Files\Bonjour
2008-04-05 22:45:11 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-04-05 21:44:53 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-05 21:18:13 0 d-------- C:\Program Files\MagicISO
2008-04-05 17:22:06 53248 --a------ C:\Windows\system32\tx13_wnd.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:06 114688 --a------ C:\Windows\system32\tx13_ic.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:05 315392 --a------ C:\Windows\system32\tx13_xml.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:05 196608 --a------ C:\Windows\system32\tx13_tls.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:05 360448 --a------ C:\Windows\system32\tx13_rtf.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:05 577536 --a------ C:\Windows\system32\tx13_pdf.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:05 327680 --a------ C:\Windows\system32\tx13_obj.dll <Not Verified; The Imaging Source Europe GmbH; TX Text-Control>
2008-04-05 17:22:05 225280 --a------ C:\Windows\system32\tx13_htm.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:05 479232 --a------ C:\Windows\system32\tx13_doc.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:05 249856 --a------ C:\Windows\system32\tx13_css.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:05 679936 --a------ C:\Windows\system32\tx13.dll <Not Verified; The Imaging Source Europe GmbH; TX Text Control>
2008-04-05 17:22:04 217088 --a------ C:\Windows\system32\eautil.dll
2008-04-05 17:22:04 0 d-------- C:\Program Files\Common Files\AGBO Business Architecture S.L
2008-04-05 17:21:59 0 d-------- C:\Program Files\EasyJob Resume Builder2008-04-01 13:16:03 0 d-------- C:\Program Files\Conduit
2008-04-01 13:16:02 0 d-------- C:\Program Files\BTjunkie
2008-04-01 12:26:30 0 d-------- C:\Users\Yolanda\Program Files
2008-04-01 12:26:26 0 d-------- C:\Program Files\DNA
2008-04-01 12:26:25 0 d-------- C:\Program Files\BitTorrent
2008-04-01 11:19:38 84672 --a------ C:\Windows\system32\SSPIPES.SCR <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-01 11:19:38 61744 --a------ C:\Windows\system32\SSFLWBOX.SCR <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-01 11:19:38 100192 --a------ C:\Windows\system32\SS3DFO.SCR <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-01 11:19:34 0 d-------- C:\Program Files\Crystal 3D IMPACT! Pro
2008-04-01 11:19:04 299520 --a------ C:\Windows\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-03-31 23:01:17 286720 --a------ C:\Windows\iun507.exe <Not Verified; Indigo Rose Corporation; Setup Factory 5.0 Uninstaller>
2008-03-31 23:01:05 0 d-------- C:\Program Files\PersonalWebKit3
2008-03-30 17:27:11 0 d-------- C:\Program Files\Torrent Harvester
2008-03-30 02:15:40 0 d-------- C:\vv
2008-03-24 21:21:22 0 d-------- C:\Users\Yolanda\.earthcomber
2008-03-24 21:20:04 0 d-------- C:\Program Files\Earthcomber Updater
2008-03-23 12:34:39 89824 --a------ C:\Windows\hpqins15.dat
2008-03-23 11:41:45 188416 --a------ C:\Windows\system32\PDRVINST.DLL <Not Verified; brother; installer>
2008-03-23 11:41:45 69632 --a------ C:\Windows\system32\BRWEBUP.EXE <Not Verified; brother; brother brwebup>
2008-03-23 11:41:45 86016 --a------ C:\Windows\system32\BrWebIns.dll <Not Verified; brother; brother BrWebIns>
2008-03-23 11:41:37 126976 --a------ C:\Windows\system32\BrfxD05a.dll <Not Verified; Brother Industries,LTD; Brother PC-FAX DIAL Dynamic Link Library>
2008-03-23 11:41:37 0 --a------ C:\Windows\brdfxspd.dat
2008-03-23 10:13:13 9952 --a------ C:\regxpcom.exe
2008-03-23 10:13:13 0 d-------- C:\Program Files\FBrowsingAdvisor
2008-03-23 10:13:12 0 d-------- C:\Program Files\FBrowserAdvisor
2008-03-22 23:49:59 0 d-------- C:\Users\All Users\LightScribe
2008-03-22 23:42:45 0 d-------- C:\Program Files\NeroInstall.bak
2008-03-22 23:33:53 0 d-------- C:\Users\All Users\Nero
2008-03-22 23:33:53 0 d-------- C:\Program Files\Nero
2008-03-22 23:33:53 0 d-------- C:\Program Files\Common Files\Nero
2008-03-22 23:22:05 0 d-------- C:\Program Files\AskTBar
2008-03-21 18:38:52 0 d-------- C:\Program Files\Home Cookin 5.5
2008-03-21 18:18:48 0 d-------- C:\Users\All Users\Valusoft


-- Find3M Report ---------------------------------------------------------------2008-03-16

14:44:45 0 d-------- C:\Program Files\Documents To Go
2008-03-08 00:37:14 0 d-------- C:\Program Files\Handmark
2008-03-08 00:21:07 0 d-------- C:\Program Files\Common Files\DataViz
2008-03-08 00:13:39 53248 --a------ C:\Windows\PalmDevC.dll <Not Verified; PalmSource, Inc; HotSync® Manager>
2008-03-06 22:14:18 0 d-------- C:\Program Files\Java
2008-03-06 21:12:54 0 d-------- C:\Program Files\PurePlay
2008-03-05 12:06:14 0 d-------- C:\Program Files\ContextProgram
2008-03-03 21:37:46 0 d-------- C:\Program Files\PlayMP3z
2008-03-01 23:51:45 0 d-------- C:\Program Files\LimeWire
2008-03-01 13:48:29 0 d-------- C:\Program Files\ATT
2008-03-01 13:42:57 0 --a------ C:\Windows\nsreg.dat
2008-03-01 13:12:54 0 d-------- C:\Program Files\Common Files\SupportSoft
2008-03-01 13:12:31 0 d-------- C:\Program Files\FastAccessDSL
2008-02-24 23:45:23 0 d-------- C:\Program Files\WIDCOMM
2008-02-22 02:29:16 0 d-------- C:\Program Files\MP3
2008-02-22 02:28:49 0 -rahs---- C:\MSDOS.SYS
2008-02-22 02:28:49 0 -rahs---- C:\IO.SYS
2008-02-21 19:17:30 0 d-------- C:\Program Files\Crawler
2008-02-19 04:10:11 0 d-------- C:\Program Files\Brother
2008-02-19 03:52:50 0 d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-02-19 03:52:44 0 d-------- C:\Program Files\ScanSoft
2008-02-17 21:32:49 133516 --a------ C:\Windows\hppins20.dat
2008-02-17 14:17:35 0 d-------- C:\Program Files\Common Files\HP
2008-02-17 13:03:24 0 d-------- C:\Program Files\QuickTime
2008-02-17 13:00:35 0 d-------- C:\Program Files\Kodak
2008-02-17 12:59:51 0 d-------- C:\Program Files\Common Files\Kodak
2008-02-17 12:59:20 0 d-------- C:\Program Files\Common Files\PX Storage Engine
2008-02-17 12:58:25 0 d-------- C:\Program Files\Common Files\MSSoap
2008-02-17 12:25:25 0 d-------- C:\Program Files\Quicken
2008-02-17 11:55:27 0 d-------- C:\Program Files\Common Files\Palo Alto Software
2008-02-15 09:14:28 81 -----n--- C:\Windows\system32\LOG


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/25/2008 09:47 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"HPADVISOR"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [10/01/2007 08:10 PM]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [08/23/2007 06:36 PM]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [04/03/2008 09:56 AM]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [03/27/2008 03:06 AM]

C:\Users\Paradise Travel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [8/24/2007 4:45:42 AM]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [1/2/2007 10:40:10 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="Explorer.exe C:\WINDOWS\Config\csrss.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sacsvr]
@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
WindowsMobile wcescomm rapimgr
LocalServiceRestricted WcesComm RapiMgr
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc
bthsvcs BthServ


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-04-17 19:44:20 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-60
Percentage of Memory in Use: 47%
Physical Memory (total/avail): 1982.31 MiB / 1049.56 MiB
Pagefile Memory (total/avail): 4183.02 MiB / 3079.73 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1906.56 MiB

C: is Fixed (NTFS) - 220.95 GiB total, 141.24 GiB free.
D: is Fixed (NTFS) - 11.93 GiB total, 1.34 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD2500BEVS-60UST0 ATA Device - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 220.95 GiB - C:
\PARTITION1 - Installable File System - 11.93 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: Norton AntiVirus v15.5.0.23 (Symantec Corporation)
AV: Norton AntiVirus v15.5.0.23 (Symantec Corporation)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Norton AntiVirus v15.5.0.23 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
""=""
"C:\\Program Files\\Vongo\\VongoService.exe"="C:\\Program Files\\Vongo\\VongoService.exe:*:enabled:VongoServ ice"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTor rent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Paradise Travel\AppData\Roaming
CLASSPATH=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOLANDA-PC
ComSpec=C:\Windows\system32\cmd.exe
EMAIL=C:\Users\Paradise Travel\AppData\Roaming\The Bat!
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Paradise Travel
LOCALAPPDATA=C:\Users\Paradise Travel\AppData\Local
LOGONSERVER=\\YOLANDA-PC
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\Sys tem32\Wbem;C:\Program Files\CyberLink\Power2Go\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH;.MSC
PCBRAND=Pavilion
PLATFORM=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 104 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6802
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\PARADI~1\AppData\Local\Temp
TMP=C:\Users\PARADI~1\AppData\Local\Temp
USERDOMAIN=Yolanda-PC
USERNAME=Paradise Travel
USERPART=E:
USERPROFILE=C:\Users\Paradise Travel
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Yolanda
Paradise Travel
Admin


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\HP Games\3D Ultra Minigolf Adventures\Uninstall.exe"
--> "C:\Program Files\HP Games\7 Wonders of the Ancient World\Uninstall.exe"
--> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Big Money\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
--> "C:\Program Files\HP Games\Boggle\Uninstall.exe"
--> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
--> "C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
--> "C:\Program Files\HP Games\FATE\Uninstall.exe"
--> "C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
--> "C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
--> "C:\Program Files\HP Games\Home Sweet Home\Uninstall.exe"
--> "C:\Program Files\HP Games\Hot Dish\Uninstall.exe"
--> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Jewel Quest Solitaire\Uninstall.exe"
--> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
--> "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
--> "C:\Program Files\HP Games\Mystery of Shark Island\Uninstall.exe"
--> "C:\Program Files\HP Games\Mystery P.I. - The Lottery Ticket\Uninstall.exe"
--> "C:\Program Files\HP Games\Otto's Magic Blocks\Uninstall.exe"
--> "C:\Program Files\HP Games\Peggle\Uninstall.exe"
--> "C:\Program Files\HP Games\Penguins!\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
--> "C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
--> "C:\Program Files\HP Games\Shooting Stars Pool\Uninstall.exe"
--> "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Solitaire Cruise\Uninstall.exe"
--> "C:\Program Files\HP Games\SpongeBob Diner Dash\Uninstall.exe"
--> "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
--> "C:\Program Files\HP Games\The Nightshift Code\Uninstall.exe"
--> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
--> "C:\Program Files\HP Games\Trivia Gems\Uninstall.exe"
--> "C:\Program Files\HP Games\Trivial Pursuit 'Bring On the 90's' Edition\Uninstall.exe"
--> "C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
--> "C:\Program Files\HP Games\Virtual Villagers - Chapter 2 - The Lost Children\Uninstall.exe"
--> "C:\Program Files\HP Games\VortHex\Uninstall.exe"
--> "C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
--> "C:\Program Files\HP Games\Word Challenge Extreme\Uninstall.exe"
--> "C:\Program Files\HP Games\Word Symphony\Uninstall.exe"
--> "C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
--> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
--> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
--> C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
--> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
--> C:\Windows\UNNeroVision.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
--> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
--> MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
--> MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
A4Desk R4.0 --> "C:\Program Files\A4Desk\unins000.exe"
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3 --> C:\Program Files\Common Files\Adobe\Installers\7328fdfcb73660ec8b11d5a3d5c 6232\Setup.exe
Adobe Dreamweaver CS3 --> MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e 58ff\Setup.exe
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3 --> MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugi n.exe
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Setup --> MsiExec.exe /I{0650BB10-BCF4-400A-85EE-04097E3046C6}
Adobe Setup --> MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Shockwave Player --> MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
Adobe Shockwave Player 11 --> C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Air Travel Toolkit -USA Demo --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\attdemo\ST6UNST.LOG"
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Ask Toolbar --> rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Atheros Driver Installation Program --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x9 -removeonly
ATT eChat Support Tools --> MsiExec.exe /I{77EBC8CD-F808-4ECD-93D0-311C27B09827}
BitCometBeta [20080327] --> C:\Program Files\BitComet\uninst.exe
BitLord 1.1 --> C:\Program Files\BitLord\uninst.exe
BitTorrent --> "C:\Users\Paradise Travel\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL
BusinessCardsMX 3.91 --> "C:\Program Files\MOJOSOFT\BusinessCardsMX3\unins000.exe"
ccCommon --> MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Comfy Hotel Reservation version 1.6 --> "C:\Program Files\OrgBusiness\ComfyHotelReservation\unins000.e xe"
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Component Framework --> MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IQh30CFza.INF
ContextProgram --> C:\Program Files\ContextProgram\uninstall.exe
CruisePak 3.6 --> MsiExec.exe /I{F29364C1-324B-438A-999F-EC9EA69830E0}
Crystal 3D IMPACT! Pro --> C:\Windows\uninst.exe -f"C:\Program Files\Crystal 3D IMPACT! Pro\DeIsL1.isu" -c"C:\Program Files\Crystal 3D IMPACT! Pro\_ISREG32.DLL"
CyberLink YouCam --> "C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
DHTML Editing Component --> MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
Documents To Go --> MsiExec.exe /X{EB807EB6-5179-48B7-98D4-7B4934A57A81}
DVD Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Earthcomber Updater 2.2.6f --> C:\Program Files\Earthcomber Updater\uninstall.exe
EasyJob Resume Builder 4.06.2150 --> "C:\Program Files\EasyJob Resume Builder\unins000.exe"
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
ESU for Microsoft Vista --> MsiExec.exe /I{68471BF2-F1F7-4C89-BBBA-400B94996596}
FastAccess® DSL Help Center 4.3 --> "C:\Program Files\FastAccessDSL\HelpCenter43\unins000.exe"
FBrowsingAdvisor --> "C:\Program Files\FBrowsingAdvisor\unins000.exe"
Forté Agent --> C:\PROGRA~1\Agent\UNWISE.EXE C:\PROGRA~1\Agent\INSTALL.LOG
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Handmark® Pocket Express® for Palm OS® --> C:\Windows\unvise32.exe C:\Program Files\Handmark\Express for Palm OS\uninstal.log
Hauppauge MCE XP/Vista Software Encoder (2.0.25149) --> C:\PROGRA~1\WinTV\UNSftMCE.EXE C:\PROGRA~1\WinTV\softMCE.LOG
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU3 2m.exe -U -IHPQHERzm.inf
Hewlett-Packard Active Check --> MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check --> MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
Home Cookin 5.5 --> "C:\Program Files\Home Cookin 5.5\unins000.exe"
HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD0E2B92-3814-46F0-893B-4612EA010C7E}\setup.exe" -l0x9 -removeonly
HP Customer Participation Program 8.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet & Photosmart Printer Driver Software 8.0.A --> C:\Program Files\HP\Digital Imaging\{981DE354-9301-440f-AAFC-025AA2354A93}\setup\hpzscr01.exe -datfile hppscr20.dat -onestop -showdisconnect -forcereboot
HP Doc Viewer --> MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}\setup.exe" -l0x9 -removeonly

HP Help and Support --> MsiExec.exe /I{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}
HP Imaging Device Functions 8.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart Essential 2.5 --> C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.30 E1 --> C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP QuickPlay 3.6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP QuickTouch 1.00 C4 --> MsiExec.exe /I{7DC4A410-9986-4329-9E5D-687B2C42CA39}
HP Smart Web Printing --> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 8.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Total Care Advisor --> MsiExec.exe /X{b02df929-29a7-4fd2-9a70-81a644b635f7}
HP Update --> MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0087 --> MsiExec.exe /I{4D49757C-367A-4333-BDB3-68966162B14E}
HP Wireless Assistant --> MsiExec.exe /I{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}
HPNetworkAssistant --> MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
IncrediMail JunkFilter Plus --> C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:JunkFilterPlus
IncrediMail Xe --> C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
kgcbaby --> MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday --> MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn --> MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt --> MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids --> MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove --> MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday --> MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Kodak EasyShare software --> C:\ProgramData\Kodak\EasyShareSetup\$SETUP_140002_ 52bbb3e\Setup.exe /APR-REMOVE
LabelPrint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
LimeWire 4.17.4 --> "C:\Program Files\LimeWire\uninstall.exe"
LiveUpdate (Symantec Corporation) --> MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\ProgramData\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
LogoEase --> MsiExec.exe /I{10E1FC7C-AB9E-4851-AEC7-8A189A1E7281}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English) --> MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works --> MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSCU for Microsoft Vista --> MsiExec.exe /I{F7F3B252-E772-48AA-93EB-7964BC326067}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
muvee autoProducer 6.1 --> C:\Program Files\InstallShield Installation Information\{250E9609-E830-43EB-B379-DAB7546A2422}\muveesetup.exe -removeonly -runfromtemp
My HP Games --> "C:\Program Files\HP Games\Uninstall.exe"
Nero 8 Trial --> MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Norton AntiVirus --> MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
Norton AntiVirus (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}_15_5_0_23\Setup.exe" /X
Norton AntiVirus Help --> MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
Norton Protection Center --> MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
Norton Security Scan --> MsiExec.exe /I{48B82226-75E3-4E90-92CC-D30F79EA6380}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
Palm Desktop by ACCESS --> MsiExec.exe /X{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}
PaperPort --> MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC}
PersonalWebKit --> C:\Windows\iun507.exe C:\Program Files\PersonalWebKit3\irunin.ini
PlayMP3z --> C:\Program Files\PlayMP3z\uninstall.exe
Power2Go --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector --> "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
PurePlay Poker --> MsiExec.exe /X{19E16A54-962C-45D6-BDDE-FD01EBB1A086}
Quicken 2007 --> MsiExec.exe /X{0D2E80C8-0875-43EB-9623-47118E2DFBCA}
QuickPlay SlingPlayer 0.4.4 --> "C:\Program Files\HP\QuickPlay\unins000.exe"
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\I Driver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033
RegCure 1.5.0.0 --> C:\Program Files\RegCure\uninst.exe
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
Share Cracker --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Share Cracker\ST6UNST.LOG"
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
Shop for HP Supplies --> C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Show.kit --> "C:\Program Files\Show.kit 2.1\unins000.exe"
skin0001 --> MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Slingbox Flash Tour --> MsiExec.exe /I{38EAC694-0D90-445F-8C17-8B50ADFE3162}
SlingPlayer --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1 \IDriver.exe /M{004B0DCB-4C60-465B-8F01-44B0A4111187} /l1033
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
SWiSH Max2 --> C:\Windows\unvise32.exe C:\Program Files\SWiSH Max2\uninstal.log
Symantec Real Time Storage Protection Component --> MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
Symantec Technical Support Web Controls --> MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The Bat! Professional v4.0.18 --> MsiExec.exe /I{9DBC40C8-CB06-41F7-B5CD-0583365F33EB}
The Logo Creator v5 --> C:\Windows\unvise32.exe C:\Program Files\The Logo Creator v5\uninstal.log
The Sims™ Life Stories --> MsiExec.exe /I{2284D904-C138-4B58-93EC-5C362AB5130A}
Timestimator v.1.5 --> "C:\Users\Yolanda\Timestimator\unins000.exe"
Torrent Harvester --> C:\Program Files\Torrent Harvester\uninstall.exe
Tracc for Travel --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Trusd\ST6UNST.LOG"
Uniblue RegistryBooster 2 --> "C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb949037) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B4F188C6-6DBF-42A5-A8A3-3086D1A384F2}
USB MP3 Player Music Manage System --> C:\Windows\IsUninst.exe -f"C:\Program Files\MP3\MMS\Uninst.isu"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtual Earth 3D (Beta) --> MsiExec.exe /I{D76D1828-BBA0-4BD9-8181-5ACC617DC5F2}
Vongo --> MsiExec.exe /X{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WeatherBug Gadget --> MsiExec.exe /I{209CDA54-D390-46A2-A97C-7BF61734418D}
Web Easy Professional 7 --> C:\Program Files\InstallShield Installation Information\{D16AA51D-2BE9-421A-84A7-759578E64A74}\setup.exe -runfromtemp -l0x0009 -removeonly
WIDCOMM Bluetooth Software --> MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Xara3D6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3783869-5D14-4838-A042-910DF816D070}\setup.exe" -l0x9
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager --> C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail --> C:\Windows\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Mail Advisor --> C:\PROGRA~1\Yahoo!\Common\UNINST~1.EXE
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection --> C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE


-- Application Event Log -------------------------------------------------------

Event Record #/Type13277 / Error
Event Submitted/Written: 04/17/2008 07:34:10 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16643, time stamp 0x47bce1b0, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x03180fb4,
process id 0xc2c, application start time 0xiexplore.exe0.
------------

Event Record #/Type13274 / Error
Event Submitted/Written: 04/17/2008 07:33:13 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16643, time stamp 0x47bce1b0, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc000001d, fault offset 0x02f70fb1,
process id 0xd88, application start time 0xiexplore.exe0.

Event Record #/Type13262 / Error
Event Submitted/Written: 04/17/2008 09:35:36 AM
Event ID/Source: 1002 / Application Hang
Event Description:
The program The Logo Creator v5.exe version 3.6.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1470
Start Time: 01c8a0458e33fd2d
Termination Time: 8

Event Record #/Type13258 / Error
Event Submitted/Written: 04/17/2008 00:52:22 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16643, time stamp 0x47bce1b0, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc000001d, fault offset 0x033b0fb1,
process id 0x15e0, application start time 0xiexplore.exe0.

Event Record #/Type13256 / Error
Event Submitted/Written: 04/17/2008 00:43:01 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application The Logo Creator v5.exe, version 3.6.1.0, time stamp 0x413ffc3a, faulting module Font Xtra.x32, version 10.1.0.11, time stamp 0x413ffd3d, exception code 0x40000015, fault offset 0x00009712,
process id 0x1774, application start time 0xThe Logo Creator v5.exe0.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type35856 / Warning
Event Submitted/Written: 04/17/2008 07:43:16 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Yolanda-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Yolanda-PC27 can't undo changes that you allow.

For more information please see the following:
%Yolanda-PC275

Scan ID: {D543148E-522B-406D-9EFD-CDC8CB4477E8}

User: Yolanda-PC\Paradise Travel

Name: %Yolanda-PC271

ID: %Yolanda-PC272

Severity ID: %Yolanda-PC273

Category ID: %Yolanda-PC274

Path Found: %Yolanda-PC276

Alert Type: %Yolanda-PC278

Detection Type: 1.1.1505.02

Event Record #/Type35855 / Warning
Event Submitted/Written: 04/17/2008 07:43:16 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Yolanda-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Yolanda-PC27 can't undo changes that you allow.

For more information please see the following:
%Yolanda-PC275

Scan ID: {108F331C-8FB0-4CBB-9265-8A6A8513B008}

User: Yolanda-PC\Paradise Travel

Name: %Yolanda-PC271

ID: %Yolanda-PC272

Severity ID: %Yolanda-PC273

Category ID: %Yolanda-PC274

Path Found: %Yolanda-PC276

Alert Type: %Yolanda-PC278

Detection Type: 1.1.1505.02

Event Record #/Type35854 / Warning
Event Submitted/Written: 04/17/2008 07:43:16 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Yolanda-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Yolanda-PC27 can't undo changes that you allow.

For more information please see the following:
%Yolanda-PC275

Scan ID: {C23A3A44-7EDF-43F5-B284-CFA054D3FBE6}

User: Yolanda-PC\Paradise Travel

Name: %Yolanda-PC271

ID: %Yolanda-PC272

Severity ID: %Yolanda-PC273

Category ID: %Yolanda-PC274

Path Found: %Yolanda-PC276

Alert Type: %Yolanda-PC278

Detection Type: 1.1.1505.02

Event Record #/Type35853 / Warning
Event Submitted/Written: 04/17/2008 07:43:16 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Yolanda-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Yolanda-PC27 can't undo changes that you allow.

For more information please see the following:
%Yolanda-PC275

Scan ID: {1BAB26D7-5001-4622-A79E-E30D1AA59F1F}

User: Yolanda-PC\Paradise Travel

Name: %Yolanda-PC271

ID: %Yolanda-PC272

Severity ID: %Yolanda-PC273

Category ID: %Yolanda-PC274

Path Found: %Yolanda-PC276

Alert Type: %Yolanda-PC278

Detection Type: 1.1.1505.02

Event Record #/Type35852 / Warning
Event Submitted/Written: 04/17/2008 07:43:16 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Yolanda-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Yolanda-PC27 can't undo changes that you allow.

For more information please see the following:
%Yolanda-PC275

Scan ID: {FD3BCC88-CF2F-4B6F-BC8E-06023F168C04}

User: Yolanda-PC\Paradise Travel

Name: %Yolanda-PC271

ID: %Yolanda-PC272

Severity ID: %Yolanda-PC273

Category ID: %Yolanda-PC274

Path Found: %Yolanda-PC276

Alert Type: %Yolanda-PC278

Detection Type: 1.1.1505.02



-- End of Deckard's System Scanner: finished at 2008-04-17 19:44:20

Hi sweets8510. The logs show that this is a business machine and we dont work on these. The operating system is infected however our utilities are designed for home users and may corrupt any bespoke software. I suggest you contact your IT Department or the firm that has the contract to service your machines.

my laptop runs my small business from home... but is all my personal laptop so where do i go from here

Well I have pointed out your options and of course they include your local repair shop. These people have insurance to reimburse you if any mishaps occur. As I said, our utilities are designed to help the home user and if you have specialised software installed (which you do because I can see it), it could be accidentally targeted.

You also need to get this computer offline asap especially if you use online banking or conduct any financial arrangements. Your security has been compromised and thieves may now have access to banking and credit card information (yours and your clients).

Being a business machine, I recommend that you have your data backed up and Vista and all other software clean installed. I also recommend that you do not allow LimeWire, BitTorrent and other p2p programs to be installed on this computer once this has been done. Especially if you conduct any sort of financial/personal transactions online.