# Solved: Windows Update Confusion



## Stephen47 (Oct 4, 2002)

This morning I checked Windows Updates for my son's computer. He was offered 11 high priority updates for Windows XP.
I checked for my computer, also running XP and was told there were no high priority updates. 
My question is why the difference?
The computer where I work was also offered 11 high priority updates.


----------



## Cookiegal (Aug 27, 2003)

Is it possible one computer downloaded them automatically? Did you check the update history for the computer that didn't show any were needed to see if they were in fact applied?

You really should have it set to either download automatically or at least notify you when updates are issued.


----------



## Stephen47 (Oct 4, 2002)

I have automatic updates enabled, but it is not set to install them automatically. That is on the computer that didn't get any updates.


----------



## Stephen47 (Oct 4, 2002)

I tried to post a screen shot but the file is 5mb which exceeds TSG limits


----------



## Elvandil (Aug 1, 2003)

Make it smaller by converting to jpg.

It could be differences in what is installed, service pack level, or previous updates.


----------



## Stephen47 (Oct 4, 2002)

They both have Service Pack 3 installed. here is the screen shot


----------



## Cookiegal (Aug 27, 2003)

Open HijackThis and click on the *Open Misc Tools section* button. Click on the *Open Uninstall Manager* button. Click the *Save List* button. Save the list then copy and paste it here.


----------



## Stephen47 (Oct 4, 2002)

I'll do it when I get home from work this afternoon.


----------



## Cookiegal (Aug 27, 2003)

That's fine.


----------



## Stephen47 (Oct 4, 2002)

Here is the list:
AbiWord 2.6.6
Acronis*Disk Director Suite
Acronis*True*Image*Home
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
AISBackup 2.3 (295)
Apple Mobile Device Support
Apple Software Update
ArcSoft DVD SlideShow (Shared Components)
avast! Antivirus
Banctec Service Agreement
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
CardRecovery
CCleaner (remove only)
CDBurnerXP
CleanUp!
ClearType Tuning Control Panel Applet
Conexant HDA D110 MDC V.92 Modem
DAK Wave and MP3 Editor v4.2b
Dell Wireless WLAN Card
DePopper 2.x
Digital Line Detect
DriveImage XML (Private Edition)
DriverAgent by eSupport.com
DVD SlideShow
Equalizer
Everything 1.2.1.371
FileHippo.com Update Checker
Foxit Reader
GreenPrint World
HijackThis 2.0.2
HP Deskjet 5400 series
HP Imaging Device Functions 5.0
HP Photosmart Essential
HP Software Update
HP Solution Center & Imaging Support Tools 5.0
ImgBurn
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless Software
Internal Network Card Power Management
iPod for Windows 2006-03-23
iTunes
Java(TM) 6 Update 13
Malwarebytes' Anti-Malware
mCore
mDriver
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Baseline Security Analyzer 2.1
Microsoft Image Composite Editor
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Word 2002
Microsoft Works 2002 Setup Launcher
mIWA
mLogView
mMHouse
Mozilla Firefox (3.5.2)
Mozilla Thunderbird (2.0.0.22)
mPfMgr
mPfWiz
mProSafe
MR97316
mSCfg
mSSO
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
mWlsSafe
mWMI
mZConfig
Paint.NET v3.36
PC Inspector File Recovery
QuickTime
Revo Uninstaller 1.83
Secunia PSI
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB973346)
Serif PhotoPlus 6.0
SigmaTel Audio
SIW version 2009-03-17
SUPERAntiSpyware Free Edition
Synaptics Pointing Device Driver
The KMPlayer (remove only)
Titan Backup
Tweak Manager 2.1
Tweak UI
Update for Windows Internet Explorer 7 (KB928089)
Update for Windows XP (KB967715)
Update Notifier
User Profile Hive Cleanup Service
Windows Defender Signatures
Windows Live installer
Windows Live Photo Gallery
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinPatrol 2009
WinRAR archiver


----------



## Cookiegal (Aug 27, 2003)

With the exception of two updates installed in 2009 (one in Feb and one in July) this machine has rarely had successful updates so there's a problem somewhere.

Let's have a look at the update log please, which you will find in the following location. It may be lengthy so please attach it as a txt file.

*C:\Windows\Windows Update.log*


----------



## Cookiegal (Aug 27, 2003)

Also, please do this:

*Click here* to download *HJTsetup.exe*.

Save HJTsetup.exe to your desktop.
Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This. 
Continue to click *Next* in the setup dialogue boxes until you get to the *Select Addition Tasks* dialogue.
Put a check by *Create a desktop icon* then click *Next* again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click *Finish* and it will launch Hijack This.
Click on the *Do a system scan and save a log file* button. It will scan and then ask you to save the log.
Click *Save* to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.	
*DO NOT* have Hijack This fix anything yet. Most of what it finds will be harmless or even required.


----------



## Stephen47 (Oct 4, 2002)

I'll post it later. Just out of curiosity, what were you looking for in the uninstall list?


----------



## Cookiegal (Aug 27, 2003)

The uninstall list shows all of the MS updates that are installed in the computer. On this one, there are only a handful and there should be a lot more than that. The fact that MS updates doesn't show any updates available for this computer could mean that something is blocking them. There could be many causes, one of which is malware.


----------



## Stephen47 (Oct 4, 2002)

Here is the Hijack this log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:09:15 PM, on 8/14/2009
Platform: Windows XP SP3, v.3244 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\GreenPrint Technologies\GreenPrint World\GPClientService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotsheet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.hotsheet.com"); (C:\Documents and Settings\STEVE\Application Data\Mozilla\Profiles\default\24cip5hd.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CSeaMonkey%5Csearchplugins%5Cgoogle.src"); (C:\Documents and Settings\STEVE\Application Data\Mozilla\Profiles\default\24cip5hd.slt\prefs.js)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227174349984
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224060577312
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/36/install/gtdownde.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC2C8D48-F190-4A02-9787-FCA75DDA3E98}: NameServer = 208.67.222.222,208.67.220.220
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GreenPrint Client Report Service (GPClientService) - Unknown owner - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPClientService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10080 bytes


----------



## Cookiegal (Aug 27, 2003)

Please attach the Windows update log when you can.


----------



## Stephen47 (Oct 4, 2002)

It is way too long I would have to post it in about ten parts. The first entry is July 2. Do you need it that far back? I think it says it is 11,774 lines long.


----------



## Stephen47 (Oct 4, 2002)

This is not the first time I have asked about this. I started a thread about a year ago but got no response. I even went round in circles with Microsoft which told me basically if I wasn't offered updates I didn't need them. I found this reply to be somewhat bogus. They did ask something about which version of SP3 I had installed but they wouldn't come out and tell me to uninstall it and reinstall it. I first installed SP3 before it was actually released so it was a very early version. I reinstalled the latest version from Microsoft and right after that Windows update had about 24 critical updates for my computer. So that was part of the problem but it is still ongoing as I get no updates.
I ran Malwarebytes Anti-Malware and it found no problems even with the full scan.


----------



## Cookiegal (Aug 27, 2003)

Yes, I'd like to see the whole thing. You should be able to zip it up and attach it please.


----------



## Stephen47 (Oct 4, 2002)

Here it is


----------



## Cookiegal (Aug 27, 2003)

Stephen47 said:


> Here it is


I'm sorry but I can't open .rar attachments. Can you either use the XP compression utility or WinZip to zip it please?


----------



## RootbeaR (Dec 9, 2006)

Cookiegal said:


> I'm sorry but I can't open .rar attachments. Can you either use the XP compression utility or WinZip to zip it please?


http://www.7-zip.org/


----------



## Cookiegal (Aug 27, 2003)

I know about 7-zip but I'd prefer not to have to download another program, especially when it's not necessary as XP will compress the file just fine.


----------



## RootbeaR (Dec 9, 2006)

Cookiegal said:


> I know about 7-zip but I'd prefer not to have to download another program, especially when it's not necessary as XP will compress the file just fine.


You on dial-up 

It is 1MB.

Thought it may be handy for other things as well. Your choice. 
Have a great day!


----------



## Stephen47 (Oct 4, 2002)

Xp will extract this file. Right click and click extract file.


----------



## Stephen47 (Oct 4, 2002)

Here is the zip file


----------



## Cookiegal (Aug 27, 2003)

RootbeaR said:


> You on dial-up
> 
> It is 1MB.
> 
> ...


What's dial-up? 

Thanks for the suggestion though.


----------



## RootbeaR (Dec 9, 2006)

Cookiegal said:


> What's dial-up?
> 
> Thanks for the suggestion though.


:up:

I'll leave this thread now so as not to clutter it up on you.


----------



## Cookiegal (Aug 27, 2003)

There is definitely a problem as there are FATAL errors in the log.

Please download Dial-a-Fix from the following link:

http://majorgeeks.com/Dial-a-fix_d4899.html

Extract the files and click on the the Dial-a-fix.exe to run the program.

Select the WU/WUAU option and it will automatically select the three boxes there then hit the Go button at the bottom. This will run a repair on Windows Updates.

Once you've done that reboot the computer and visit Windows Updates and let me know if there are any for download (of course, if there are, please go ahead and download them).


----------



## Cookiegal (Aug 27, 2003)

Stephen47 said:


> Xp will extract this file. Right click and click extract file.


XP will not unzip rar files. You need another program or utility for that.


----------



## Stephen47 (Oct 4, 2002)

I did the Dial-a-Fix and both widows Update and Microsoft Update tell me there are 0 high priority updates for my computer.


----------



## Cookiegal (Aug 27, 2003)

OK. I see there are some policies in effect so I'd like to check those out. There could be something there blocking them. These commands wille export the registry keys where policies are stored.

Go to *Start *- *Run *and copy and paste the following command and then click OK:

*regedit /e C:\look.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer"*

You won't see anything happen and it will only take a second. You will find the report it creates at C:\look.txt. Please open it in Notepad and then copy and paste the report here.

Then run this command for a second export and you will find this log as C:\look2.txt:

*regedit /e C:\look2.txt "HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer"*

Please copy both of the logs here.


----------



## Stephen47 (Oct 4, 2002)

here is look.txt:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel]
"AdvancedTab"=dword:00000000
"ConnectionsTab"=dword:00000000
"ContentTab"=dword:00000000
"GeneralTab"=dword:00000000
"PrivacyTab"=dword:00000000
"ProgramsTab"=dword:00000000
"ProgressTab"=dword:00000000
"SecurityTab"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions]
"NoBrowserOptions"=dword:00000000

here is look2:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer]

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel]
"AdvancedTab"=dword:00000000
"ConnectionsTab"=dword:00000000
"ContentTab"=dword:00000000
"GeneralTab"=dword:00000000
"PrivacyTab"=dword:00000000
"ProgramsTab"=dword:00000000
"ProgressTab"=dword:00000000
"SecurityTab"=dword:00000000

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions]
"NoBrowserOptions"=dword:00000000


----------



## Stephen47 (Oct 4, 2002)

What are the Fatal errors in the log?


----------



## Cookiegal (Aug 27, 2003)

I don't see any policies that would affect updates.

FATAL: Error: 0x8007045a. wuauclt datastore: failed to load wuaueng
FATAL: DS: Out of proc datastore process exited with error 0x8007045a before signalling ready event.
FATAL: Failed to get session from datastore, error = 0x80248011

It may be a problem with IE8. I would uninstall IE8 to revert back to IE7 and reboot the machine right away and then check to see if you can get updates.

Please follow these instructions to properly uninstall IE8:

http://support.microsoft.com/kb/957700


----------



## Stephen47 (Oct 4, 2002)

I don't have IE8 installed on the XP partition. It is installed on the partition which I have Windows 7. This shouldn't make a difference should it? I have had this problem longer than I have had Windows 7 installed.


----------



## Cookiegal (Aug 27, 2003)

No, the W7 partition should not affect the XP one.

*Click here* to download *HJTsetup.exe*.

Save HJTsetup.exe to your desktop.
Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This. 
Continue to click *Next* in the setup dialogue boxes until you get to the *Select Addition Tasks* dialogue.
Put a check by *Create a desktop icon* then click *Next* again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click *Finish* and it will launch Hijack This.
Click on the *Do a system scan and save a log file* button. It will scan and then ask you to save the log.
Click *Save* to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.	
*DO NOT* have Hijack This fix anything yet. Most of what it finds will be harmless or even required.


----------



## Stephen47 (Oct 4, 2002)

I posted a Hijack fix in post #15 but here is another one:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:21:57 PM, on 8/16/2009
Platform: Windows XP SP3, v.3244 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\GreenPrint Technologies\GreenPrint World\GPClientService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotsheet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.hotsheet.com"); (C:\Documents and Settings\STEVE\Application Data\Mozilla\Profiles\default\24cip5hd.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CSeaMonkey%5Csearchplugins%5Cgoogle.src"); (C:\Documents and Settings\STEVE\Application Data\Mozilla\Profiles\default\24cip5hd.slt\prefs.js)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: CGreenPrintPDF Object - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: GreenPrint - {554099FE-3856-4d93-86B5-0024AEF63BC7} - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll
O9 - Extra button: (no name) - {DF96BA30-57F6-4700-8065-910EC3BE9E3B} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227174349984
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224060577312
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/36/install/gtdownde.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC2C8D48-F190-4A02-9787-FCA75DDA3E98}: NameServer = 208.67.222.222,208.67.220.220
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GreenPrint Client Report Service (GPClientService) - Unknown owner - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPClientService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10169 bytes


----------



## Cookiegal (Aug 27, 2003)

Sorry about the duplication.

Download *OTS.exe * to your Desktop and double-click on it to extract the files. It will create a folder named *OTS* on your desktop.

Close any open browsers.
If your Real protection or Antivirus interferes with OTS, allow it to run.
Open the *OTS* folder and double-click on *OTS.exe* to start the program.
In *Additional Scans *section put a check in Disabled MS Config Items and EventViewer logs
Now click the *Run Scan *button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Save that notepad file.
Use the *Reply* button, scroll down to the attachments section and attach the notepad file here.


----------



## Stephen47 (Oct 4, 2002)

Here is the OTS report


----------



## Stephen47 (Oct 4, 2002)

By the way now that I have sent this what exactly is it? Does it transmit any personal information other than my name?


----------



## Cookiegal (Aug 27, 2003)

Stephen47 said:


> By the way now that I have sent this what exactly is it? Does it transmit any personal information other than my name?


It shows registry keys and values as well as drivers/services and the names of documents created in the last 30 days, etc. I don't see anything that could be related to this issue though.

Please go to *Start *- *Run *- type in *eventvwr.msc* to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.


----------



## Stephen47 (Oct 4, 2002)

Therre were six errors in Application and a bunch in System the ones in system all seemed to be the same so I didn't save them all. 
By the way I appreciate all the time you are spending helping me with this problem. Here is the list:
Event Type:	Error
Event Source:	UPHClean
Event Category:	None
Event ID:	1031
Date: 8/11/2009
Time: 9:26:49 PM
User: N/A
Computer:	STEPHEN
Description:
User profile hive cleanup service was unable to load and start a required driver.

Insure that the account used to run the service has the load driver privilege and that this account can write to the directory where the service is installed.

See the diagnostics log for more information.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	UPHClean
Event Category:	None
Event ID:	1031
Date: 8/11/2009
Time: 8:52:20 PM
User: N/A
Computer:	STEPHEN
Description:
User profile hive cleanup service was unable to load and start a required driver.

Insure that the account used to run the service has the load driver privilege and that this account can write to the directory where the service is installed.

See the diagnostics log for more information.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	crypt32
Event Category:	None
Event ID:	11
Date: 8/11/2009
Time: 6:16:36 PM
User: N/A
Computer:	STEPHEN
Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	LoadPerf
Event Category:	None
Event ID:	3011
Date: 8/11/2009
Time: 6:15:46 PM
User: N/A
Computer:	STEPHEN
Description:
Unloading the performance counter strings for service PSched (QoS Packet Scheduler) failed. The Error code is the first DWORD in Data section.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: f2 03 00 00 3b 07 00 00 ò...;...
Event Type:	Error
Event Source:	LoadPerf
Event Category:	None
Event ID:	3001
Date: 8/11/2009
Time: 6:15:46 PM
User: N/A
Computer:	STEPHEN
Description:
The performance counter name string value in the registry is incorrectly formatted. The bogus string is 7638, the bogus index value is the first DWORD in Data section while the last valid index values are the second and third DWORD in Data section.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: d6 1d 00 00 d4 1d 00 00 Ö...Ô...
0008: d5 1d 00 00 cf 01 00 00 Õ...Ï...
Event Type:	Error
Event Source:	MsiInstaller
Event Category:	None
Event ID:	11722
Date: 8/11/2009
Time: 5:29:44 PM
User: STEPHEN\Steve
Computer:	STEPHEN
Description:
Product: Java(TM) 6 Update 13 -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action FilesInUseDialog, location: C:\WINDOWS\Installer\MSI46.tmp, command: C:\Program Files\Java\jre6\

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 32 36 41 32 34 41 45 {26A24AE
0008: 34 2d 30 33 39 44 2d 34 4-039D-4
0010: 43 41 34 2d 38 37 42 34 CA4-87B4
0018: 2d 32 46 38 33 32 31 36 -2F83216
0020: 30 31 33 46 46 7d 013FF} 
Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10016
Date: 8/17/2009
Time: 7:41:56 AM
User: NT AUTHORITY\SYSTEM
Computer:	STEPHEN
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10016
Date: 8/17/2009
Time: 7:41:38 AM
User: NT AUTHORITY\SYSTEM
Computer:	STEPHEN
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10016
Date: 8/17/2009
Time: 4:24:27 AM
User: NT AUTHORITY\SYSTEM
Computer:	STEPHEN
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10016
Date: 8/17/2009
Time: 4:24:09 AM
User: NT AUTHORITY\SYSTEM
Computer:	STEPHEN
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10016
Date: 8/16/2009
Time: 11:15:30 AM
User: NT AUTHORITY\SYSTEM
Computer:	STEPHEN
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10016
Date: 8/16/2009
Time: 11:15:12 AM
User: NT AUTHORITY\SYSTEM
Computer:	STEPHEN
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10016
Date: 8/15/2009
Time: 10:50:11 PM
User: NT AUTHORITY\SYSTEM
Computer:	STEPHEN
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type:	Error
Event Source:	DCOM
Event Category:	None
Event ID:	10016
Date: 8/15/2009
Time: 10:50:01 PM
User: NT AUTHORITY\SYSTEM
Computer:	STEPHEN
Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------



## Cookiegal (Aug 27, 2003)

Do you defrag this machine regularly?

Have you run registry cleaners? This is not recommended as they can cause more harm than good.

Do you have the installation CD?

There are some errors that indicate problems with corrupt files and things of that nature.

Let's start by trying to update the MS Root certificates. This is likely what's interefering with the udpates.

http://www.microsoft.com/downloads/...0e-ee7e-435e-99f8-20b44d4531b0&displaylang=en


----------



## Stephen47 (Oct 4, 2002)

I defrag at least once a week, I don't use registry cleaners I do have the installation CD


----------



## Stephen47 (Oct 4, 2002)

I downloaded the update for roots certificates and ran it but nothing happened is this normal? What is our next step?


----------



## Cookiegal (Aug 27, 2003)

Can you reboot the machine and then go to windows Updates and see if any are found?


----------



## Stephen47 (Oct 4, 2002)

will do


----------



## Stephen47 (Oct 4, 2002)

Still no high priority updates available for this computer.


----------



## Cookiegal (Aug 27, 2003)

Let's run chkdsk.

Click Start and My Computer. Right-click the hard drive you want to check, and click Properties. Select the Tools tab and click Check Now. Check both boxes. Click Start. You'll get a message that the computer must be rebooted to run a complete check. Click Yes and reboot. Chkdsk will take awhile, so run it when you don't need to use the computer for something else.

To view results log:

Go to *Start *- *Run *and type in *eventvwr.msc*, and hit enter.
When Event Viewer opens, click on "Application", then scroll
down to "Winlogon" and double-click on it to open it up. This is the log
created after running chkdsk. Click on the icon that looks like two pieces of paper to copy it and then paste it here please.


----------



## Stephen47 (Oct 4, 2002)

here is the log:
Event Type:	Information
Event Source:	Winlogon
Event Category:	None
Event ID:	1001
Date: 8/17/2009
Time: 8:15:27 PM
User: N/A
Computer:	STEPHEN
Description:
Checking file system on C:
The type of the file system is NTFS.
Cleaning up minor inconsistencies on the drive.
Cleaning up 125 unused index entries from index $SII of file 0x9.
Cleaning up 125 unused index entries from index $SDH of file 0x9.
Cleaning up 125 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.

56813872 KB total disk space.
28598380 KB in 55620 files.
20408 KB in 8308 indexes.
0 KB in bad sectors.
247092 KB in use by the system.
65536 KB occupied by the log file.
27947992 KB available on disk.

4096 bytes in each allocation unit.
14203468 total allocation units on disk.
6986998 allocation units available on disk.

Internal Info:
70 1b 01 00 c3 f9 00 00 f5 38 01 00 00 00 00 00 p........8......
1b 05 00 00 01 00 00 00 84 04 00 00 00 00 00 00 ................
d4 34 88 05 00 00 00 00 f8 5b 3b 1b 00 00 00 00 .4.......[;.....
a0 ba e0 0a 00 00 00 00 f8 c6 da 72 02 00 00 00 ...........r....
3e bf b1 72 01 00 00 00 74 48 cd 12 04 00 00 00 >..r....tH......
99 9e 36 00 00 00 00 00 a0 39 07 00 44 d9 00 00 ..6......9..D...
00 00 00 00 00 b0 81 d1 06 00 00 00 74 20 00 00 ............t ..

Windows has finished checking your disk.
Please wait while your computer restarts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------



## Stephen47 (Oct 4, 2002)

Is there anything here?


----------



## Cookiegal (Aug 27, 2003)

Not much, just the usual.

Please open HijackThis.
Click on *Open Misc Tools Section*
Make sure that both boxes beside "Generate StartupList Log" are checked:

*List all minor sections(Full)*
*List Empty Sections(Complete)*
Click *Generate StartupList Log*.
Click *Yes* at the prompt.
It will open a text file. Please copy the entire contents of that page and paste it here.


----------



## Stephen47 (Oct 4, 2002)

here it is in two posts:
StartupList report, 8/18/2009, 3:24:41 PM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows XP SP3, v.3244 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16876)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\GreenPrint Technologies\GreenPrint World\GPClientService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Steve\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
*No files*

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry value not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IntelZeroConfig = "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
IntelWireless = "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
WinPatrol = C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
avast! = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] *
StubPath = C:\WINDOWS\system32\ieudinit.exe

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

[{8b15971b-5355-4c82-8c07-7e181ea07608}]
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser

[{94de52c8-2d59-4f1b-883e-79663d2d9a8c}]
StubPath = rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'

Registry check passed

--------------------------------------------------


----------



## Stephen47 (Oct 4, 2002)

Part two:
Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
(no name) - C:\Program Files\GreenPrint Technologies\GreenPrint World\GPIEPlugin.dll - {DF96BA30-57F6-4700-8065-910EC3BE9E3B}
JQSIEStartDetectorImpl - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - {E7E6F031-17CE-4C07-BC86-EABFE594F69C}

--------------------------------------------------

Enumerating Task Scheduler jobs:

*No jobs found*

--------------------------------------------------

Enumerating Download Program Files:

[CabBuilder]
CODEBASE = http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
OSD = C:\WINDOWS\Downloaded Program Files\OSD13D2.OSD

[Microsoft Data Collection Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MSDcode.dll
CODEBASE = https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

[PCPitstop Utility]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\PCPitstop.dll
CODEBASE = http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll
CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204

[WUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\wuweb.dll
CODEBASE = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227174349984

[MUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\muweb.dll
CODEBASE = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224060577312

[Java Plug-in 1.6.0_13]
InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

[Pearson Installation Assistant 2]
InProcServer32 = C:\WINDOWS\DOWNLO~1\PEARSO~1.OCX
CODEBASE = http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab

[Crucial cpcScan]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\cpcScan.dll
CODEBASE = http://www.crucial.com/controls/cpcScanner.cab

[SABScanProcesses Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\sabspx.dll
CODEBASE = http://www.superadblocker.com/activex/sabspx.cab

[PreQualifier Class]
InProcServer32 = C:\WINDOWS\system32\MotivePreQual.dll
CODEBASE = http://www.verizon.net/checkmypc/includes/MotivePreQual.cab

[Java Plug-in 1.6.0_13]
InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

[Java Plug-in 1.6.0_13]
InProcServer32 = C:\Program Files\Java\jre6\bin\npjpi160_13.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx
CODEBASE = http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

[{E2883E8F-472F-4FB0-9522-AC9BF37916A7}]
CODEBASE = http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

[Pearson MathXL Player]
InProcServer32 = C:\WINDOWS\DOWNLO~1\MATHPL~1.OCX
CODEBASE = http://asp.mathxl.com/books/_Players/MathPlayer.cab

[Dell PC Checkup Installer Control]
InProcServer32 = C:\WINDOWS\system32\GTDownDE_130.ocx
CODEBASE = http://pccheckup.dellfix.com/rel/36/install/gtdownde.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll
Protocol #22: C:\WINDOWS\system32\mswsock.dll
Protocol #23: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

abp480n5: \SystemRoot\system32\DRIVERS\ABP480N5.SYS (disabled)
ArcSoft Connect Daemon: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (autostart)
Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system)
Acronis Scheduler2 Service: "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe" (manual start)
adpu160m: \SystemRoot\system32\DRIVERS\adpu160m.sys (disabled)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AEGIS Protocol (IEEE 802.1x) v3.7.5.0: system32\DRIVERS\AegisP.sys (autostart)
PPdus ASPI Shell: system32\drivers\Afc.sys (manual start)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Intel AGP Bus Filter: \SystemRoot\system32\DRIVERS\agp440.sys (disabled)
Compaq AGP Bus Filter: \SystemRoot\system32\DRIVERS\agpCPQ.sys (disabled)
Aha154x: \SystemRoot\system32\DRIVERS\aha154x.sys (disabled)
aic78u2: \SystemRoot\system32\DRIVERS\aic78u2.sys (disabled)
aic78xx: \SystemRoot\system32\DRIVERS\aic78xx.sys (disabled)
Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (autostart)
AliIde: \SystemRoot\system32\DRIVERS\aliide.sys (disabled)
ALI AGP Bus Filter: \SystemRoot\system32\DRIVERS\alim1541.sys (disabled)
AMD AGP Bus Filter Driver: \SystemRoot\system32\DRIVERS\amdagp.sys (disabled)
amsint: \SystemRoot\system32\DRIVERS\amsint.sys (disabled)
Appdrv: \??\C:\Program Files\Dell\NICCONFIGSVC\Appdrv.sys (manual start)
Apple Mobile Device: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" (autostart)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394 ARP Client Protocol: system32\DRIVERS\arp1394.sys (manual start)
asc: \SystemRoot\system32\DRIVERS\asc.sys (disabled)
asc3350p: \SystemRoot\system32\DRIVERS\asc3350p.sys (disabled)
asc3550: \SystemRoot\system32\DRIVERS\asc3550.sys (disabled)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
aswFsBlk: system32\DRIVERS\aswFsBlk.sys (autostart)
avast! iAVS4 Control Service: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" (autostart)
RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
Standard IDE/ESDI Hard Disk Controller: system32\DRIVERS\atapi.sys (system)
ATM ARP Client Protocol: system32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start)
avast! Antivirus: "C:\Program Files\Alwil Software\Avast4\ashServ.exe" (autostart)
avast! Mail Scanner: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (manual start)
avast! Web Scanner: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (manual start)
Jetico Personal Firewall Network Monitor: system32\DRIVERS\bcfilter.sys (manual start)
BcfilterMP: system32\DRIVERS\bcfilter.sys (manual start)
Dell Wireless WLAN Card Driver: system32\DRIVERS\bcmwl5.sys (manual start)
Broadcom 440x 10/100 Integrated Controller XP Driver: system32\DRIVERS\bcm4sbxp.sys (manual start)
Background Intelligent Transfer Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
cbidf: \SystemRoot\system32\DRIVERS\cbidf2k.sys (disabled)
Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
cd20xrnt: \SystemRoot\system32\DRIVERS\cd20xrnt.sys (disabled)
CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
.NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Microsoft ACPI Control Method Battery Driver: system32\DRIVERS\CmBatt.sys (manual start)
CmdIde: \SystemRoot\system32\DRIVERS\cmdide.sys (disabled)
Microsoft Composite Battery Driver: system32\DRIVERS\compbatt.sys (system)
COM+ System Application: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cpqarray: \SystemRoot\system32\DRIVERS\cpqarray.sys (disabled)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
dac2w2k: \SystemRoot\system32\DRIVERS\dac2w2k.sys (disabled)
dac960nt: \SystemRoot\system32\DRIVERS\dac960nt.sys (disabled)
DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Disk Driver: system32\DRIVERS\disk.sys (system)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
dmio: System32\drivers\dmio.sys (disabled)
dmload: System32\drivers\dmload.sys (disabled)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
Wired AutoConfig: %SystemRoot%\System32\svchost.exe -k dot3svc (manual start)
dpti2o: \SystemRoot\system32\DRIVERS\dpti2o.sys (disabled)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
Intel(R) PRO Adapter Driver: system32\DRIVERS\e100b325.sys (manual start)
Extensible Authentication Protocol Service: %SystemRoot%\System32\svchost.exe -k eapsvcs (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Event Log: %SystemRoot%\system32\services.exe (autostart)
COM+ Event System: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
Intel(R) PROSet/Wireless Event Log: C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (autostart)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (manual start)
Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Volume Manager Driver: system32\DRIVERS\ftdisk.sys (system)
GEAR ASPI Filter Driver: System32\Drivers\GEARAspiWDM.sys (manual start)
Generic Packet Classifier: system32\DRIVERS\msgpc.sys (manual start)
GreenPrint Client Report Service: C:\Program Files\GreenPrint Technologies\GreenPrint World\GPClientService.exe (autostart)
Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Health Key and Certificate Management Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
hpn: \SystemRoot\system32\DRIVERS\hpn.sys (disabled)
IEEE-1284.4 Driver HPZid412: system32\DRIVERS\HPZid412.sys (manual start)
Print Class Driver for IEEE-1284.4 HPZipr12: system32\DRIVERS\HPZipr12.sys (manual start)
USB to IEEE-1284.4 Translation Driver HPZius12: system32\DRIVERS\HPZius12.sys (manual start)
HSFHWAZL: system32\DRIVERS\HSFHWAZL.sys (manual start)
HSF_DPV: system32\DRIVERS\HSF_DPV.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (autostart)
i2omp: \SystemRoot\system32\DRIVERS\i2omp.sys (disabled)
i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system)
ialm: system32\DRIVERS\igxpmp32.sys (manual start)
InstallDriver Table Manager: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start)
CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
IMAPI CD-Burning COM Service: C:\WINDOWS\system32\imapi.exe (manual start)
ini910u: \SystemRoot\system32\DRIVERS\ini910u.sys (disabled)
IntelIde: \SystemRoot\system32\DRIVERS\intelide.sys (disabled)
Intel Processor Driver: system32\DRIVERS\intelppm.sys (system)
IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start)
IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
iPod Service: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
IPSEC driver: system32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: system32\DRIVERS\isapnp.sys (system)
Java Quick Starter: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" (autostart)
Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
License Management Service ESD: "C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe" (manual start)
TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
TCP/IP Print Server: %SystemRoot%\system32\tcpsvcs.exe (autostart)
mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
NetMeeting Remote Desktop Sharing: C:\WINDOWS\system32\mnmsrvc.exe (disabled)
Mouse Class Driver: system32\DRIVERS\mouclass.sys (system)
MR97316 VGA Dual-Mode Camera: system32\DRIVERS\mr97316.sys (manual start)
mraid35x: \SystemRoot\system32\DRIVERS\mraid35x.sys (disabled)
WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (disabled)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Network Access Protection Agent: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
NetBios over Tcpip: system32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (disabled)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Net Logon: %SystemRoot%\system32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit: system32\DRIVERS\NETw3x32.sys (manual start)
Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit: system32\DRIVERS\NETw4x32.sys (manual start)
Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit: system32\DRIVERS\NETw5x32.sys (manual start)
1394 Net Driver: system32\DRIVERS\nic1394.sys (manual start)
NICCONFIGSVC: C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe (autostart)
Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
NMSAccessU: C:\Program Files\CDBurnerXP\NMSAccessU.exe (autostart)
NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start)
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nv: system32\DRIVERS\nv4_mini.sys (manual start)
IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
OHCI Compliant IEEE 1394 Host Controller: system32\DRIVERS\ohci1394.sys (system)
OMCI WDM Device Driver: system32\DRIVERS\omci.sys (system)
Parallel port driver: system32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: system32\DRIVERS\pci.sys (system)
PCIIde: system32\DRIVERS\pciide.sys (system)
perc2: \SystemRoot\system32\DRIVERS\perc2.sys (disabled)
perc2hib: \SystemRoot\system32\DRIVERS\perc2hib.sys (disabled)
Padus ASPI Shell: system32\drivers\pfc.sys (manual start)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (autostart)
IPSEC Services: %SystemRoot%\system32\lsass.exe (manual start)
WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
QoS Packet Scheduler: system32\DRIVERS\psched.sys (manual start)
PSI: system32\DRIVERS\psi_mf.sys (manual start)
Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start)
ql1080: \SystemRoot\system32\DRIVERS\ql1080.sys (disabled)
Ql10wnt: \SystemRoot\system32\DRIVERS\ql10wnt.sys (disabled)
ql12160: \SystemRoot\system32\DRIVERS\ql12160.sys (disabled)
ql1240: \SystemRoot\system32\DRIVERS\ql1240.sys (disabled)
ql1280: \SystemRoot\system32\DRIVERS\ql1280.sys (disabled)
Remote Access Auto Connection Driver: system32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: system32\DRIVERS\rdpdr.sys (manual start)
Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system)
Intel(R) PROSet/Wireless Registry Service: C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (autostart)
Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
rimmptsk: system32\DRIVERS\rimmptsk.sys (manual start)
rimsptsk: system32\DRIVERS\rimsptsk.sys (manual start)
Ricoh xD-Picture Card Driver: system32\DRIVERS\rixdptsk.sys (manual start)
Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Intel(R) PROSet/Wireless Service: C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (autostart)
WLAN Transport: system32\DRIVERS\s24trans.sys (autostart)
SABProcEnum: \??\C:\Program Files\Internet Explorer\SABProcEnum.sys (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
SASDIFSV: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (system)
SASENUM: \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (manual start)
SASKUTIL: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (system)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
sdbus: system32\DRIVERS\sdbus.sys (manual start)
Secdrv: system32\DRIVERS\secdrv.sys (manual start)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: system32\DRIVERS\serenum.sys (manual start)
Serial port driver: system32\DRIVERS\serial.sys (system)
SFF Storage Class Driver: system32\DRIVERS\sffdisk.sys (manual start)
SFF Storage Protocol Driver for SDBus: system32\DRIVERS\sffp_sd.sys (manual start)
Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SIS AGP Bus Filter: \SystemRoot\system32\DRIVERS\sisagp.sys (disabled)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Acronis Snapshots Manager: system32\DRIVERS\snapman.sys (system)
Sparrow: \SystemRoot\system32\DRIVERS\sparrow.sys (disabled)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Filter Driver: system32\DRIVERS\sr.sys (system)
System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Srv: system32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
SigmaTel High Definition Audio CODEC: system32\drivers\sthda.sys (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{A445BD1E-49EE-4607-B370-5CCA447377C4} (disabled)
symc810: \SystemRoot\system32\DRIVERS\symc810.sys (disabled)
symc8xx: \SystemRoot\system32\DRIVERS\symc8xx.sys (disabled)
sym_hi: \SystemRoot\system32\DRIVERS\sym_hi.sys (disabled)
sym_u3: \SystemRoot\system32\DRIVERS\sym_u3.sys (disabled)
Synaptics TouchPad Driver: system32\DRIVERS\SynTP.sys (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (disabled)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP Protocol Driver: system32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (disabled)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Acronis True Image FS Filter: system32\DRIVERS\tifsfilt.sys (autostart)
Acronis True Image Backup Archive Explorer: system32\DRIVERS\timntr.sys (system)
TosIde: \SystemRoot\system32\DRIVERS\toside.sys (disabled)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
TVICHW32: \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS (manual start)
ultra: \SystemRoot\system32\DRIVERS\ultra.sys (disabled)
Microcode Update Driver: system32\DRIVERS\update.sys (manual start)
User Profile Hive Cleanup: C:\Program Files\UPHClean\uphclean.exe (autostart)
Universal Plug and Play Device Host: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
Apple Mobile USB Driver: System32\Drivers\usbaapl.sys (manual start)
USB Audio Driver (WDM): system32\drivers\usbaudio.sys (manual start)
Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
USB2 Enabled Hub: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP Bus Filter: \SystemRoot\system32\DRIVERS\viaagp.sys (disabled)
ViaIde: \SystemRoot\system32\DRIVERS\viaide.sys (disabled)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (disabled)
Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
WAN Miniport (ATW): system32\DRIVERS\wanatw4.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
winachsf: system32\DRIVERS\HSF_CNXT.sys (manual start)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Intel(R) PROSet/Wireless SSO Service: C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (autostart)
Windows Live Setup Service: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (manual start)
Dell Wireless WLAN Tray Service: %SystemRoot%\System32\WLTRYSVC.EXE %SystemRoot%\System32\bcmwltry.exe (autostart)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Windows Management Interface for ACPI: system32\DRIVERS\wmiacpi.sys (system)
WMI Performance Adapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
Windows Media Player Network Sharing Service: "C:\Program Files\Windows Media Player\WMPNetwk.exe" (manual start)
Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start)
Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start)
Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 43,581 bytes
Report generated in 0.078 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


----------



## Stephen47 (Oct 4, 2002)

Anything in this one?


----------



## Cookiegal (Aug 27, 2003)

There seems to be a lot of services disabledl. This tool will tell us more.


Download *RSIT* by random/random and save it to your desktop.
Double click *RSIT.exe* to start the tool and click Continue at the disclaimer.
When the scan completes it will open a log named *log.txt* maximized, and a log named *info.txt* minimized.
Copy and paste the contents of both logs here.


----------



## Stephen47 (Oct 4, 2002)

here they are I hope:


----------



## Stephen47 (Oct 4, 2002)

There seem to be a lot of these messages in the info log:

Message: The Application Management service terminated with the following error: 
The specified module could not be found.
What does this mean?


----------



## Cookiegal (Aug 27, 2003)

Stephen47 said:


> There seem to be a lot of these messages in the info log:
> 
> Message: The Application Management service terminated with the following error:
> The specified module could not be found.
> What does this mean?


This is common on XP Home (I assume your system is XP Home) and there is a hotfix for it available from Microsoft:

http://support.microsoft.com/kb/328213

I will only get to review those logs sometime tomorrow. Please don't bump the thread as I haven't forgotten about you.


----------



## Cookiegal (Aug 27, 2003)

I'm afraid I'm not finding the cause of the failed updates.

Would reformatting this machine be an option for your?


----------



## Stephen47 (Oct 4, 2002)

I suppose so. I realize just making an image wouldn't change any thing. Having to reinstall all the programs would be a real pain.
Have you ever encountered a situation like this before? 
I appreciate all the time you have spent helping me. What does your gut instinct tell you it might be? If none of the logs show anything unusual is there some sort of malware that can hide itself like this and still block updates? And to what end?


----------



## Cookiegal (Aug 27, 2003)

Let me review everything tomorrow and see what else we can try.


----------



## Stephen47 (Oct 4, 2002)

Ok, thanks


----------



## Cookiegal (Aug 27, 2003)

I think the problem may be with SP3. I would suggest uninstalling SP3 and reverting back to SP2. The reboot the machine and see if you can get updates.


----------



## Stephen47 (Oct 4, 2002)

After i do this and if there are updates and I download and install them, should I then reinstall SP3? If so do I need to uninstall SP2 first?


----------



## Cookiegal (Aug 27, 2003)

You don't have to uninstall SP2, you just install SP3 over the top. But I suggest you back up anything important to external media before continuing, even before uninstalling SP3 as a precaution. In any event, important data should always be backed up.

Then if you do get updates and want to reinstall SP3, before doing so, read through the steps in this article and do whatever is necessary to be sure your machine is SP3 ready.

http://support.microsoft.com/kb/950717


----------



## Stephen47 (Oct 4, 2002)

I can't uninstall SP3. I click on remove and it starts going through the process, it gets to a step where it is "restoring catalogs" and a message with an X in a red circle saying "Cannot find the file specified" It doesn't give the name of the file however. I click ok and another message pops up saying The Service Pack 3 was not uninstalled"
I tried it twice with the same results.


----------



## Cookiegal (Aug 27, 2003)

Please locate the uninstaller log and post that. It should indicate what it was looking for. You should find it in C:\WINDOWS.


----------



## Stephen47 (Oct 4, 2002)

I couldn't find the uninstaller log. I did a search and nothing turned up
I did find this iis6/log whic was generated at about the same time and mentions service pack uninstall.

[8/22/2009 18:51:26] LogFile Open. [***** Search on FAIL/MessageBox keywords for failures *****].
[8/22/2009 18:51:26] Initial thread locale=409
[8/22/2009 18:51:26] returned from France fix with locale 409 
[8/22/2009 18:51:26] OC_PREINITIALIZE:[iis] End. Return=1 (OCFLAG_UNICODE)
[8/22/2009 18:51:26] OC_INIT_COMPONENT:[iis,(null)] Start.
[8/22/2009 18:51:26] OC_INIT_COMPONENT:8/10/2004 17:51:09 A_______ 6.0.2600.3244: 6.0.2600.3244 (xpsp.071030-0319): x86: C:\WINDOWS\system32\Setup\iis.dll
[8/22/2009 18:51:26] OC_INIT_COMPONENT:Set UnAttendFlag:OFF (File='')
[8/22/2009 18:51:26] OC_INIT_COMPONENT:CmdLine="C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
[8/22/2009 18:51:26] OC_INIT_COMPONENT:Old InetPub='C:\Inetpub'. Does not exist. we'll use the default. WARNING.
[8/22/2009 18:51:26] OC_INIT_COMPONENT:Old InetPub='C:\Inetpub'. Does not exist. we'll use the default. WARNING.
[8/22/2009 19:1:1] OC_CLEANUP:Final Check:LogFile Close.
[8/22/2009 19:2:0] LogFile Open. [***** Search on FAIL/MessageBox keywords for failures *****].
[8/22/2009 19:2:0] Initial thread locale=409
[8/22/2009 19:2:0] returned from France fix with locale 409 
[8/22/2009 19:2:0] OC_PREINITIALIZE:[iis] End. Return=1 (OCFLAG_UNICODE)
[8/22/2009 19:2:0] OC_INIT_COMPONENT:[iis,(null)] Start.
[8/22/2009 19:2:0] OC_INIT_COMPONENT:8/10/2004 17:51:09 A_______ 6.0.2600.3244: 6.0.2600.3244 (xpsp.071030-0319): x86: C:\WINDOWS\system32\Setup\iis.dll
[8/22/2009 19:2:0] OC_INIT_COMPONENT:Set UnAttendFlag:OFF (File='')
[8/22/2009 19:2:0] OC_INIT_COMPONENT:CmdLine=C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
[8/22/2009 19:2:0] OC_INIT_COMPONENT:Old InetPub='C:\Inetpub'. Does not exist. we'll use the default. WARNING.
[8/22/2009 19:2:0] OC_INIT_COMPONENT:Old InetPub='C:\Inetpub'. Does not exist. we'll use the default. WARNING.
[8/22/2009 19:7:38] OC_CLEANUP:Final Check:LogFile Close.

Is it relevant and what does France have to do with anything?


----------



## Cookiegal (Aug 27, 2003)

Please look in C:\Windows for *spuninst.log* and then open that with Notepad and copy and paste the contents here.


----------



## Stephen47 (Oct 4, 2002)

here it is:
[spuninst.log]
0.000: ================================================================================
0.000: 2009/08/22 18:51:17.156 (local)
0.000: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe (version 6.3.13.0)
0.000: CheckUninstallDataForMultiInstancing: [Instances] section not found
0.000: Spuninst.exe was run with the following arguments: 
0.000: Spuninst.exe is being run from the following location: C:\WINDOWS\$NtServicePackUninstall$
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.141a in Line 1 of PreRequisite 
0.000: 141a is Not Present
0.000: First Condition in ELK.CheckMUILng.141a Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.141a in Line 2 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.101a in Line 3 of PreRequisite 
0.000: 101a is Not Present
0.000: First Condition in ELK.CheckMUILng.101a Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.101a in Line 4 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.043a in Line 5 of PreRequisite 
0.000: 043a is Not Present
0.000: First Condition in ELK.CheckMUILng.043a Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.043a in Line 6 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.0481 in Line 7 of PreRequisite 
0.000: 0481 is Not Present
0.000: First Condition in ELK.CheckMUILng.0481 Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.0481 in Line 8 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.046b in Line 9 of PreRequisite 
0.000: 046b is Not Present
0.000: First Condition in ELK.CheckMUILng.046b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.046b in Line 10 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.086b in Line 11 of PreRequisite 
0.000: 086b is Not Present
0.000: First Condition in ELK.CheckMUILng.086b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.086b in Line 12 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.0c6b in Line 13 of PreRequisite 
0.000: 0c6b is Not Present
0.000: First Condition in ELK.CheckMUILng.0c6b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.0c6b in Line 14 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.046c in Line 15 of PreRequisite 
0.000: 046c is Not Present
0.000: First Condition in ELK.CheckMUILng.046c Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.046c in Line 16 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.181a in Line 17 of PreRequisite 
0.000: 181a is Not Present
0.000: First Condition in ELK.CheckMUILng.181a Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.181a in Line 18 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.1c1a in Line 19 of PreRequisite 
0.000: 1c1a is Not Present
0.000: First Condition in ELK.CheckMUILng.1c1a Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.1c1a in Line 20 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.0432 in Line 21 of PreRequisite 
0.000: 0432 is Not Present
0.000: First Condition in ELK.CheckMUILng.0432 Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.0432 in Line 22 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.0452 in Line 23 of PreRequisite 
0.000: 0452 is Not Present
0.000: First Condition in ELK.CheckMUILng.0452 Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.0452 in Line 24 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.0434 in Line 25 of PreRequisite 
0.000: 0434 is Not Present
0.000: First Condition in ELK.CheckMUILng.0434 Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.0434 in Line 26 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.0435 in Line 27 of PreRequisite 
0.000: 0435 is Not Present
0.000: First Condition in ELK.CheckMUILng.0435 Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.0435 in Line 28 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.043b in Line 29 of PreRequisite 
0.000: 043b is Not Present
0.000: First Condition in ELK.CheckMUILng.043b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.043b in Line 30 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.083b in Line 31 of PreRequisite 
0.000: 083b is Not Present
0.000: First Condition in ELK.CheckMUILng.083b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.083b in Line 32 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.0c3b in Line 33 of PreRequisite 
0.000: 0c3b is Not Present
0.000: First Condition in ELK.CheckMUILng.0c3b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.0c3b in Line 34 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.103b in Line 35 of PreRequisite 
0.000: 103b is Not Present
0.000: First Condition in ELK.CheckMUILng.103b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.103b in Line 36 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.143b in Line 37 of PreRequisite 
0.000: 143b is Not Present
0.000: First Condition in ELK.CheckMUILng.143b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.143b in Line 38 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.183b in Line 39 of PreRequisite 
0.000: 183b is Not Present
0.000: First Condition in ELK.CheckMUILng.183b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.183b in Line 40 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.1c3b in Line 41 of PreRequisite 
0.000: 1c3b is Not Present
0.000: First Condition in ELK.CheckMUILng.1c3b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.1c3b in Line 42 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.203b in Line 43 of PreRequisite 
0.000: 203b is Not Present
0.000: First Condition in ELK.CheckMUILng.203b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.203b in Line 44 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.243b in Line 45 of PreRequisite 
0.000: 243b is Not Present
0.000: First Condition in ELK.CheckMUILng.243b Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.243b in Line 46 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.0445 in Line 47 of PreRequisite 
0.015: 0445 is Not Present
0.015: First Condition in ELK.CheckMUILng.0445 Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0445 in Line 48 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.044c in Line 49 of PreRequisite 
0.015: 044c is Not Present
0.015: First Condition in ELK.CheckMUILng.044c Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.044c in Line 50 of PreRequisite 
0.015: FileInUse:: ServiceFileInUseDetect value is set as: 0
10.422: 55 newly installed programs detected 
10.422: Print Services for Unix
Other Network File and Print Services
7-Zip 4.65
AbiWord 2.6.6
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
avast! Antivirus
DriverAgent by eSupport.com
Everything 1.2.1.371
HijackThis 2.0.2
HP Imaging Device Functions 5.0
ImgBurn
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB958644)
Security Update for Windows Internet Explorer 7 (KB960714)
Update for Windows XP (KB967715)
Security Update for Windows XP (KB971657)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows XP (KB973346)
Malwarebytes' Anti-Malware
Mozilla Firefox (3.5.2)
Mozilla Thunderbird (2.0.0.23)
Revo Uninstaller 1.83
Secunia PSI
The KMPlayer (remove only)
Titan Backup
Tweak UI
Update Notifier
WinPatrol 2009
PC Inspector File Recovery
Acronis*Disk Director Suite
Java(TM) 6 Update 16
Windows Live Photo Gallery
GreenPrint World
ArcSoft DVD SlideShow
Paint.NET v3.36
MR97316
Microsoft Baseline Security Analyzer 2.1
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
MSXML 4.0 SP2 (KB954430)
Microsoft Silverlight
[email protected] 1.9.5
Windows Live installer
SIW version 2009-03-17
ClearType Tuning Control Panel Applet
Microsoft Image Composite Editor
HP Photosmart Essential
Microsoft SQL Server 2005 Compact Edition [ENU]
DriveImage XML (Private Edition)
10.422: 55 new programs listed 
19.547: Enumerating Devices of GUID {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
19.640: Enumerating Devices of GUID {36FC9E60-C465-11CF-8056-444553540000}
36.687: Enumerating Devices of GUID {4d36e96b-e325-11ce-bfc1-08002be10318}
37.484: Enumerating Devices of GUID {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
37.562: Enumerating Devices of GUID {4D36E967-E325-11CE-BFC1-08002BE10318}
44.390: Enumerating Devices of GUID {4d36e968-e325-11ce-bfc1-08002be10318}
46.156: Enumerating Devices of GUID {e6abb47d-8339-4c60-be92-e9045ff5a33d}
46.234: Enumerating Devices of GUID {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
46.312: Enumerating Devices of GUID {4d36e96c-e325-11ce-bfc1-08002be10318}
58.515: Enumerating Devices of GUID {4D36E96D-E325-11CE-BFC1-08002BE10318}
59.453: Enumerating Devices of GUID {4d36e972-e325-11ce-bfc1-08002be10318}
66.218: Enumerating Devices of GUID {4d36e978-e325-11ce-bfc1-08002be10318}
66.297: Enumerating Devices of GUID {50127DC3-0F36-415e-A6CC-4CB3BE910B65}
67.156: Enumerating Devices of GUID {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}
67.812: Enumerating Devices of GUID {4D36E97D-E325-11CE-BFC1-08002BE10318}
82.359: Enumerating Devices of GUID {4D36E97E-E325-11CE-BFC1-08002BE10318}
82.437: Enumerating Devices of GUID {36FC9E60-C465-11CF-8056-444553540000}
91.453: DynamicStrings section not defined or empty.
92.562: PFE2: Per File Exceptions will not be used.
577.968: InstallSingleCatalogFile: MyInstallCatalog failed for kb939653-ie7.cat; error=0x8e5e0402.
578.078: DoPreUninstallWrapper: InstallCatalogFiles failed 
578.203: CreateProgressWizardAndDoUninstall: Uninstall Failure 0x2
583.625: Message displayed to the user: The system cannot find the file specified.
583.625: User Input: OK
584.578: Message displayed to the user: The Service Pack 3 was not uninstalled.
584.578: User Input: OK
584.578: The Service Pack 3 was not uninstalled.
0.000: ================================================================================
0.000: 2009/08/22 19:01:55.859 (local)
0.000: C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe (version 6.3.13.0)
0.000: CheckUninstallDataForMultiInstancing: [Instances] section not found
0.000: Spuninst.exe was run with the following arguments: 
0.000: Spuninst.exe is being run from the following location: C:\WINDOWS\$NtServicePackUninstall$
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.141a in Line 1 of PreRequisite 
0.000: 141a is Not Present
0.000: First Condition in ELK.CheckMUILng.141a Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.141a in Line 2 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.101a in Line 3 of PreRequisite 
0.000: 101a is Not Present
0.000: First Condition in ELK.CheckMUILng.101a Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.101a in Line 4 of PreRequisite 
0.000: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.000: Control Panel\International\Locale is Not Equal To Specified Value 
0.000: Condition succeeded for section ELK.CheckLocale.043a in Line 5 of PreRequisite 
0.000: 043a is Not Present
0.000: First Condition in ELK.CheckMUILng.043a Succeeded
0.000: Condition succeeded for section ELK.CheckMUILng.043a in Line 6 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.0481 in Line 7 of PreRequisite 
0.015: 0481 is Not Present
0.015: First Condition in ELK.CheckMUILng.0481 Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0481 in Line 8 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.046b in Line 9 of PreRequisite 
0.015: 046b is Not Present
0.015: First Condition in ELK.CheckMUILng.046b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.046b in Line 10 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.086b in Line 11 of PreRequisite 
0.015: 086b is Not Present
0.015: First Condition in ELK.CheckMUILng.086b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.086b in Line 12 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.0c6b in Line 13 of PreRequisite 
0.015: 0c6b is Not Present
0.015: First Condition in ELK.CheckMUILng.0c6b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0c6b in Line 14 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.046c in Line 15 of PreRequisite 
0.015: 046c is Not Present
0.015: First Condition in ELK.CheckMUILng.046c Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.046c in Line 16 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.181a in Line 17 of PreRequisite 
0.015: 181a is Not Present
0.015: First Condition in ELK.CheckMUILng.181a Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.181a in Line 18 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.1c1a in Line 19 of PreRequisite 
0.015: 1c1a is Not Present
0.015: First Condition in ELK.CheckMUILng.1c1a Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.1c1a in Line 20 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.0432 in Line 21 of PreRequisite 
0.015: 0432 is Not Present
0.015: First Condition in ELK.CheckMUILng.0432 Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0432 in Line 22 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.0452 in Line 23 of PreRequisite 
0.015: 0452 is Not Present
0.015: First Condition in ELK.CheckMUILng.0452 Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0452 in Line 24 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.0434 in Line 25 of PreRequisite 
0.015: 0434 is Not Present
0.015: First Condition in ELK.CheckMUILng.0434 Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0434 in Line 26 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.0435 in Line 27 of PreRequisite 
0.015: 0435 is Not Present
0.015: First Condition in ELK.CheckMUILng.0435 Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0435 in Line 28 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.043b in Line 29 of PreRequisite 
0.015: 043b is Not Present
0.015: First Condition in ELK.CheckMUILng.043b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.043b in Line 30 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.083b in Line 31 of PreRequisite 
0.015: 083b is Not Present
0.015: First Condition in ELK.CheckMUILng.083b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.083b in Line 32 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.0c3b in Line 33 of PreRequisite 
0.015: 0c3b is Not Present
0.015: First Condition in ELK.CheckMUILng.0c3b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0c3b in Line 34 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.103b in Line 35 of PreRequisite 
0.015: 103b is Not Present
0.015: First Condition in ELK.CheckMUILng.103b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.103b in Line 36 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.143b in Line 37 of PreRequisite 
0.015: 143b is Not Present
0.015: First Condition in ELK.CheckMUILng.143b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.143b in Line 38 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.183b in Line 39 of PreRequisite 
0.015: 183b is Not Present
0.015: First Condition in ELK.CheckMUILng.183b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.183b in Line 40 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.1c3b in Line 41 of PreRequisite 
0.015: 1c3b is Not Present
0.015: First Condition in ELK.CheckMUILng.1c3b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.1c3b in Line 42 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.203b in Line 43 of PreRequisite 
0.015: 203b is Not Present
0.015: First Condition in ELK.CheckMUILng.203b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.203b in Line 44 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.243b in Line 45 of PreRequisite 
0.015: 243b is Not Present
0.015: First Condition in ELK.CheckMUILng.243b Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.243b in Line 46 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.0445 in Line 47 of PreRequisite 
0.015: 0445 is Not Present
0.015: First Condition in ELK.CheckMUILng.0445 Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.0445 in Line 48 of PreRequisite 
0.015: SYSTEM\CurrentControlSet\Control\Nls\Language\Default is Not Equal To Specified Value 
0.015: Control Panel\International\Locale is Not Equal To Specified Value 
0.015: Condition succeeded for section ELK.CheckLocale.044c in Line 49 of PreRequisite 
0.015: 044c is Not Present
0.015: First Condition in ELK.CheckMUILng.044c Succeeded
0.015: Condition succeeded for section ELK.CheckMUILng.044c in Line 50 of PreRequisite 
0.015: FileInUse:: ServiceFileInUseDetect value is set as: 0
4.875: 55 newly installed programs detected 
4.875: Print Services for Unix
Other Network File and Print Services
7-Zip 4.65
AbiWord 2.6.6
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
avast! Antivirus
DriverAgent by eSupport.com
Everything 1.2.1.371
HijackThis 2.0.2
HP Imaging Device Functions 5.0
ImgBurn
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB958644)
Security Update for Windows Internet Explorer 7 (KB960714)
Update for Windows XP (KB967715)
Security Update for Windows XP (KB971657)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows XP (KB973346)
Malwarebytes' Anti-Malware
Mozilla Firefox (3.5.2)
Mozilla Thunderbird (2.0.0.23)
Revo Uninstaller 1.83
Secunia PSI
The KMPlayer (remove only)
Titan Backup
Tweak UI
Update Notifier
WinPatrol 2009
PC Inspector File Recovery
Acronis*Disk Director Suite
Java(TM) 6 Update 16
Windows Live Photo Gallery
GreenPrint World
ArcSoft DVD SlideShow
Paint.NET v3.36
MR97316
Microsoft Baseline Security Analyzer 2.1
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
MSXML 4.0 SP2 (KB954430)
Microsoft Silverlight
[email protected] 1.9.5
Windows Live installer
SIW version 2009-03-17
ClearType Tuning Control Panel Applet
Microsoft Image Composite Editor
HP Photosmart Essential
Microsoft SQL Server 2005 Compact Edition [ENU]
DriveImage XML (Private Edition)
4.875: 55 new programs listed 
6.922: Enumerating Devices of GUID {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
7.015: Enumerating Devices of GUID {36FC9E60-C465-11CF-8056-444553540000}
19.578: Enumerating Devices of GUID {4d36e96b-e325-11ce-bfc1-08002be10318}
20.344: Enumerating Devices of GUID {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
20.437: Enumerating Devices of GUID {4D36E967-E325-11CE-BFC1-08002BE10318}
31.609: Enumerating Devices of GUID {4d36e968-e325-11ce-bfc1-08002be10318}
33.094: Enumerating Devices of GUID {e6abb47d-8339-4c60-be92-e9045ff5a33d}
33.187: Enumerating Devices of GUID {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
33.265: Enumerating Devices of GUID {4d36e96c-e325-11ce-bfc1-08002be10318}
50.922: Enumerating Devices of GUID {4D36E96D-E325-11CE-BFC1-08002BE10318}
51.719: Enumerating Devices of GUID {4d36e972-e325-11ce-bfc1-08002be10318}
60.578: Enumerating Devices of GUID {4d36e978-e325-11ce-bfc1-08002be10318}
60.672: Enumerating Devices of GUID {50127DC3-0F36-415e-A6CC-4CB3BE910B65}
61.906: Enumerating Devices of GUID {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}
63.047: Enumerating Devices of GUID {4D36E97D-E325-11CE-BFC1-08002BE10318}
84.000: Enumerating Devices of GUID {4D36E97E-E325-11CE-BFC1-08002BE10318}
84.078: Enumerating Devices of GUID {36FC9E60-C465-11CF-8056-444553540000}
95.625: DynamicStrings section not defined or empty.
96.625: PFE2: Per File Exceptions will not be used.
282.734: InstallSingleCatalogFile: MyInstallCatalog failed for Tmp.2.fp4.cat; error=0x8e5e0402.
282.781: DoPreUninstallWrapper: InstallCatalogFiles failed 
282.922: CreateProgressWizardAndDoUninstall: Uninstall Failure 0x2
322.453: Message displayed to the user: The system cannot find the file specified.
322.453: User Input: OK
342.828: Message displayed to the user: The Service Pack 3 was not uninstalled.
342.828: User Input: OK
342.828: The Service Pack 3 was not uninstalled.


----------



## Cookiegal (Aug 27, 2003)

It appears you had initially installed an RC version of SP3 and I'm not sure if you uninstalled it or just installed the actual release of SP3 over the top. In any event, one suggestion I found was for the RC version and it was to alter or create (if they didn't already exist) a couple of registry keys/values but that doesn't work for everyone and attempting to fix this is quite risky. I have to say I still recommend that you back up everything and reformat the system to start fresh with SP3 from the beginning. This type of install won't cause any problems and then you can immediately go to MS updates and download all critical updates before reinstalling programs. 

Alternately, you could start a new thread for help with this as I feel this is as far as I can go with it unfortunately.


----------



## Stephen47 (Oct 4, 2002)

I didn't uninstall the RC version because the people at Microsoft who I was dealing with at the time said it wasn't necessary. Did that cause the file the uninstaller was looking for to be deleted?
If I reformat the system I would have to reformat with SP2 because that is what is on the installation disk. I have tried to make a reinstall CD slip streaming SP3 but I cant do it with an OEM installation disk.
I would rather try to fix the registry values than go through the hassle of reformatting. What have I got to lose? if it gets screwed up then I would have to reformat anyway.


----------



## Cookiegal (Aug 27, 2003)

Well we can try that as long as you have everything backed up so there's no danger of losing any important data or photos, etc.

First though, I need to know if you are at all familiar with the registry please.


----------



## Stephen47 (Oct 4, 2002)

yes I am I have used regedit before. Not a lot but I am comfortable with it.
I backed up my whole hard drive yesterday.


----------



## aka Brett (Nov 25, 2008)

You can try this if you like it....it can take a day in between emails though.
I had it rescue my butt once with an update problem.....
we ended up in command prompt and created some files..it wasnt that bad.
Its free for update problems
It looks as if cookiegal is covering everything..but you never know might get lucky with ms support for a change lol
I suspect you will have to reformat,,so dont get your hopes up to high
it is one more step you can try first however

https://support.microsoft.com/oas/d...&enval=815&ln=en-us&tp=wm&as=1&tzone=480&st=1


----------



## Cookiegal (Aug 27, 2003)

I'd like you to export these two registry keys please so I can take a look at them:

Go to *Start *- *Run *and copy and paste the following:

*regedit /e C:\look.txt "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language"*

You won't see anything happen and it will only take a second. You will find the report it creates at C:\look.txt. Please open it in Notepad and then copy and paste the report here.

Do the same for this one and this report will be at C:\look2.txt:

*regedit /e C:\look2.txt "HKEY_CURRENT_USER\Control Panel\International"*


----------



## Stephen47 (Oct 4, 2002)

here's the first one:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language]
"0401"="l_intl.nls"
"0402"="l_intl.nls"
"0403"="l_intl.nls"
"0404"="l_intl.nls"
"0405"="l_intl.nls"
"0406"="l_intl.nls"
"0407"="l_intl.nls"
"0408"="l_intl.nls"
"0409"="l_intl.nls"
"040a"="l_intl.nls"
"040b"="l_intl.nls"
"040c"="l_intl.nls"
"040d"="l_intl.nls"
"040e"="l_intl.nls"
"040f"="l_intl.nls"
"0410"="l_intl.nls"
"0411"="l_intl.nls"
"0412"="l_intl.nls"
"0413"="l_intl.nls"
"0414"="l_intl.nls"
"0415"="l_intl.nls"
"0416"="l_intl.nls"
"0418"="l_intl.nls"
"0419"="l_intl.nls"
"041a"="l_intl.nls"
"041b"="l_intl.nls"
"041c"="l_intl.nls"
"041d"="l_intl.nls"
"041e"="l_intl.nls"
"041f"="l_intl.nls"
"0420"="l_intl.nls"
"0421"="l_intl.nls"
"0422"="l_intl.nls"
"0423"="l_intl.nls"
"0424"="l_intl.nls"
"0425"="l_intl.nls"
"0426"="l_intl.nls"
"0427"="l_intl.nls"
"0429"="l_intl.nls"
"042a"="l_intl.nls"
"042b"="l_intl.nls"
"042c"="l_intl.nls"
"042d"="l_intl.nls"
"042f"="l_intl.nls"
"0436"="l_intl.nls"
"0437"="l_intl.nls"
"0438"="l_intl.nls"
"0439"="l_intl.nls"
"043e"="l_intl.nls"
"043f"="l_intl.nls"
"0440"="l_intl.nls"
"0441"="l_intl.nls"
"0443"="l_intl.nls"
"0444"="l_intl.nls"
"0446"="l_intl.nls"
"0447"="l_intl.nls"
"0449"="l_intl.nls"
"044a"="l_intl.nls"
"044b"="l_intl.nls"
"044e"="l_intl.nls"
"044f"="l_intl.nls"
"0450"="l_intl.nls"
"0456"="l_intl.nls"
"0457"="l_intl.nls"
"045a"="l_intl.nls"
"0465"="l_intl.nls"
"0801"="l_intl.nls"
"0804"="l_intl.nls"
"0807"="l_intl.nls"
"0809"="l_intl.nls"
"080a"="l_intl.nls"
"080c"="l_intl.nls"
"0810"="l_intl.nls"
"0813"="l_intl.nls"
"0814"="l_intl.nls"
"0816"="l_intl.nls"
"081a"="l_intl.nls"
"081d"="l_intl.nls"
"082c"="l_intl.nls"
"083e"="l_intl.nls"
"0843"="l_intl.nls"
"0c01"="l_intl.nls"
"0c04"="l_intl.nls"
"0c07"="l_intl.nls"
"0c09"="l_intl.nls"
"0c0a"="l_intl.nls"
"0c0c"="l_intl.nls"
"0c1a"="l_intl.nls"
"1001"="l_intl.nls"
"1004"="l_intl.nls"
"1007"="l_intl.nls"
"1009"="l_intl.nls"
"100a"="l_intl.nls"
"100c"="l_intl.nls"
"1401"="l_intl.nls"
"1404"="l_intl.nls"
"1407"="l_intl.nls"
"1409"="l_intl.nls"
"140a"="l_intl.nls"
"140c"="l_intl.nls"
"1801"="l_intl.nls"
"1809"="l_intl.nls"
"180a"="l_intl.nls"
"180c"="l_intl.nls"
"1c01"="l_intl.nls"
"1c09"="l_intl.nls"
"1c0a"="l_intl.nls"
"2001"="l_intl.nls"
"2009"="l_intl.nls"
"200a"="l_intl.nls"
"2401"="l_intl.nls"
"2409"="l_intl.nls"
"240a"="l_intl.nls"
"2801"="l_intl.nls"
"2809"="l_intl.nls"
"280a"="l_intl.nls"
"2c01"="l_intl.nls"
"2c09"="l_intl.nls"
"2c0a"="l_intl.nls"
"3001"="l_intl.nls"
"3009"="l_intl.nls"
"300a"="l_intl.nls"
"3401"="l_intl.nls"
"3409"="l_intl.nls"
"340a"="l_intl.nls"
"3801"="l_intl.nls"
"380a"="l_intl.nls"
"3c01"="l_intl.nls"
"3c0a"="l_intl.nls"
"4001"="l_intl.nls"
"400a"="l_intl.nls"
"440a"="l_intl.nls"
"480a"="l_intl.nls"
"4c0a"="l_intl.nls"
"500a"="l_intl.nls"
"InstallLanguage"="0409"
"Default"="0409"
"0452"="l_intl.nls"
"0481"="l_intl.nls"
"043a"="l_intl.nls"
"046b"="l_intl.nls"
"086b"="l_intl.nls"
"0c6b"="l_intl.nls"
"0432"="l_intl.nls"
"0434"="l_intl.nls"
"0435"="l_intl.nls"
"046c"="l_intl.nls"
"101a"="l_intl.nls"
"141a"="l_intl.nls"
"181a"="l_intl.nls"
"1c1a"="l_intl.nls"
"0445"="l_intl.nls"
"044c"="l_intl.nls"
"043b"="l_intl.nls"
"083b"="l_intl.nls"
"0c3b"="l_intl.nls"
"103b"="l_intl.nls"
"143b"="l_intl.nls"
"183b"="l_intl.nls"
"1c3b"="l_intl.nls"
"203b"="l_intl.nls"
"243b"="l_intl.nls"

and the second:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Control Panel\International]
"iCountry"="1"
"iCurrDigits"="2"
"iCurrency"="0"
"iDate"="0"
"iDigits"="2"
"iLZero"="1"
"iMeasure"="1"
"iNegCurr"="0"
"iTime"="0"
"iTLZero"="0"
"Locale"="00000409"
"s1159"="AM"
"s2359"="PM"
"sCountry"="United States"
"sCurrency"="$"
"sDate"="/"
"sDecimal"="."
"sLanguage"="ENU"
"sList"=","
"sLongDate"="dddd, MMMM dd, yyyy"
"sShortDate"="M/d/yyyy"
"sThousand"=","
"sTime"=":"
"sTimeFormat"="h:mm:ss tt"
"iTimePrefix"="0"
"sMonDecimalSep"="."
"sMonThousandSep"=","
"iNegNumber"="1"
"sNativeDigits"="0123456789"
"NumShape"="1"
"iCalendarType"="1"
"iFirstDayOfWeek"="6"
"iFirstWeekOfYear"="0"
"sGrouping"="3;0"
"sMonGrouping"="3;0"
"sPositiveSign"=""
"sNegativeSign"="-"

[HKEY_CURRENT_USER\Control Panel\International\Geo]
"Nation"="244"


----------



## Cookiegal (Aug 27, 2003)

First, let's back up the registry:

Please go to *Start *- *Run *and copy and paste the following and then click OK:

*regedit /e c:\registrybackup.reg*

It won't appear to be doing anything and that's normal. Your mouse pointer may turn to an hour glass for a minute.

When it no longer has the hour glass, check in your C drive to be sure you have a file called* registrybackup.reg *before continuing. If you do not see that file, please let me know before doing anything else.

Now, let's also create a new system restore point as well:

To create a new restore point, click on *Start*  *All Programs*  *Accessories*  *System Tools* and then select *System Restore*.

In the System Restore wizard, select *Create a restore point* and click the Next button.

Type a name for your new restore point then click on Create.

***

*Note that In the following instructions, the new values of 0x0000 are all the digit zero and not letters (other than the x of course).*

Navigate to this key in the registry:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\*Language*]

In the right-hand pane, scroll down to where it says:

*"Default"="0409"*

Double click on *Default *and an Edit String box will open up. Change the value in the value data box to read: *0x0000* and then click OK.

****

Then navigate to this registry key:

[HKEY_CURRENT_USER\Control Panel\*International]*

In the right-hand pane, scroll down to where it says:

*"Locale"="00000409"*

Double-click on *Locale *and an Edit String box will open up. Change the value in the value data box to: *0x0000* and then click on OK.

Close the registry editor.

Reboot the computer and then try uninstalling SP3 again. Should it fail again, please post the new uninstall log that will get created.


----------



## Stephen47 (Oct 4, 2002)

There wasn't an entry "Locale=00000409" but when I double clicked just "Locale" the value in the data box was 0409 so I changed it to 0x0000. when I rebooted I got the black screen saying Windows couldn't start because the file Windows/Systen320x0000 can't be found. I rebooted hitting the f8 key and selected start using the last known configuration that worked.
This is what I am operating under now. 
I m going to do a system restore back to before I changed the registry.


----------



## Cookiegal (Aug 27, 2003)

Sorry, I meant to put just Default and Locale.

That's unfortunate. Yes, I would do the restore and then check those values to be sure they were set back to what they were before:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\Language]
Default *0409 *

[HKEY_CURRENT_USER\Control Panel\International]
Locale *00000409*


----------



## Stephen47 (Oct 4, 2002)

Yes they were reset to their original values.
What happened?
In another forum they suggested I run this:
c:\windows\$NtServicePackUninstall$\spuninst\spun inst.exe}
Is that different than trying to uninstall it by the normal method?


----------



## Cookiegal (Aug 27, 2003)

What other forum is assisting you?


----------



## Stephen47 (Oct 4, 2002)

These guys:http://computerhelpforums.net/


----------



## Stephen47 (Oct 4, 2002)

I have just read the rules and I found this: "It is simply not acceptable to post your question more than once, or to post it in more than one forum". I assumed this meant forums here at TSG. Apparently not because as soon as I mentioned I had asked about my problem at a different forum I stopped receiving any replies to this thread.
I find this both childish and unprofessional. If I am out of line by asking my question elsewhere tell me, don't just abandon the thread.


----------



## Cookiegal (Aug 27, 2003)

I haven't abandoned the thread but I have a backlog of threads to reply to and have been very busy. That rule only applies to this site as we don't allow multiples threads for the same issue. However, when we see members receiving help on other forums, particularly relating to malware, we will comment and give them a choice of where they wish to continue because we really are duplicating efforts.

However, if that were the case, I would have told you so. As it is, I read the comments at the other site and don't think we've duplicated anything. But frankly, I'm out of ideas and I mentioned before that the best thing to do would be to reformat the machine and start fresh. I had found that possible solution to alter those registry keys and it didn't work so now I really don't know what else to try. 

It's the first time I've been called childish and unprofessional and I've helped thousands of people.


----------



## Stephen47 (Oct 4, 2002)

I'm sorry if I offended you and I know you help a lot of people. If you are out of ideas that is fine, but why wait two days to tell me? I will not post here again.


----------



## LauraMJ (Mar 18, 2004)

Stephen47 said:


> I'm sorry if I offended you and I know you help a lot of people. If you are out of ideas that is fine, but why wait two days to tell me? I will not post here again.





Cookiegal said:


> I haven't abandoned the thread but I have a backlog of threads to reply to and have been very busy.


It seems that you are actually NOT the only person in the world who might need help.


----------



## Stephen47 (Oct 4, 2002)

I never assumed I was


----------



## RootbeaR (Dec 9, 2006)

Stephen47 said:


> I will not post here again.


Sorry to hear that.

I had mentioned to you in another thread of yours that these issues need to be dealt with one step at a time.

It gets too complicated otherwise and can become redundant.

You wouldn't believe the problems I had because of a piece of hardware. Totally unrelated issues it would have _seemed_.

Edit: A re-install will most likely cure all your problems.


----------



## aka Brett (Nov 25, 2008)

Cookiegal went through very many steps for your problem,and even mentioned in a post options were running out and a reformat may have to be done.
She then still continued to try to fix your problem.There are many users asking for help..she didnt just toss you to the ditch.
I know it gets frustrating when a person is having pc problems...it is much worse when you are the actual one having problems....been there.
I have had update trouble..worked on it for ages..it was frustrating as nothing seemed to work.
Relax...in the end it will work out


----------



## LauraMJ (Mar 18, 2004)

Stephen47 said:


> I never assumed I was


 I've read your posts and the posts of two others on the other tech forum where you posted about this. According to you three, the only reason possible that Cookiegal did not reply to this thread for two days is because she got in a snit because you posted elsewhere and deliberately left you hanging. 

In my opinion, that was very childish and unprofessional of another tech to post such an unfounded conclusion. And after the ENORMOUS amount of time Cookiegal has spent with you to voluntarily and freely try to help you with a problem, it does not seem very nice of you to have just jumped on that wagon.


----------



## RootbeaR (Dec 9, 2006)

I'm sure I can speak for many many others when I say we appreciate her here very much. :up:


----------

