Hi Again:
I have attached your snapshot of DSS, main.txt and extra.txt. Also, for your information, I am a beach surfer and am surfing selected surf web-sites for info on waves and weather conditions in my local area(New York ). In chatting with other surfers, I discovered that everyone hitting this website is getting redirected to
RIVECLEANER" website. I am attaching the URL address so you can review their chats on this problem.
http://www.nynjsurf.com/forum/surfline_ ... 394.0.html
Thxs, agian Scotty.... Tony
Deckard's System Scanner v20070905.67
Run by Internet Account on 2007-09-25 23:14:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
47: 2007-09-26 03:14:26 UTC - RP675 - Deckard's System Scanner Restore Point
46: 2007-09-25 15:52:47 UTC - RP674 - System Checkpoint
45: 2007-09-24 15:42:52 UTC - RP673 - System Checkpoint
44: 2007-09-23 03:42:52 UTC - RP672 - System Checkpoint
43: 2007-09-22 01:50:27 UTC - RP671 - Installed Adobe Reader 8.1.0
-- First Restore Point --
1: 2007-07-02 20:03:26 UTC - RP629 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Internet Account.exe) ------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-09-25 23:16:24
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16512)
Running processes:
C:\WINNT\system32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Ahead\InCD\incdsrv.exe
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINNT\explorer.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINNT\GWHotKey.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Verizon Online\Help Support\VerizonSupport.exe
C:\WINNT\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Gateway Utilities\GWInkMonitor.exe
C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
C:\Program Files\Norton AntiVirus\IWP\NPFMNTOR.EXE
C:\WINNT\system32\slserv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Webroot\Spy Sweeper\ssu.exe
C:\Documents and Settings\Internet Account\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://my.netzero.net/s/sp?r=al&cf=sp&m ... 3&N=PL&O=A
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://my.netzero.net/s/search?r=minisearch
R3 - URLSearchHook: (no name) - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\X1IEBHO.dll (file missing)
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O4 - HKEY_LOCAL_MACHINE\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [Multi-function Keyboard] GWHotKey.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [InCD] "C:\Program Files\Ahead\InCD\InCD.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [Share-to-Web Namespace Daemon] "C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
O4 - HKEY_LOCAL_MACHINE\..\Run: [Persistence] C:\WINNT\system32\igfxpers.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132032986\ee\AOLHostManager.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [IPHSend] "C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKEY_LOCAL_MACHINE\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKEY_LOCAL_MACHINE\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway Utilities\GWInkMonitor.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKEY_LOCAL_MACHINE\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Window Washer] "C:\Program Files\Webroot\Washer\wwDisp.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w
O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun
O4 - HKCU\..\Run: [PlaxoUpdate] "C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe" -a
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: Display All Images with Full Quality -
res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality -
res://C:\Program Files\NetZero\qsacc\appres.dll/227
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
https://windowsupdate.microsoft.com. (HKCU)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) -
http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) -
file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://download.microsoft.com/download/ ... ontrol.cab
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -
http://download.microsoft.com/download/ ... 1836649578
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} () -
http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) -
http://office.microsoft.com/officeupdat ... /opuc2.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) -
https://www-secure.symantec.com/techsup ... gctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) -
https://www-secure.symantec.com/techsup ... gctlsr.cab
O16 - DPF: {4B48D5DF-9021-45F7-A240-60304302A215} (Malicious Software Removal Tool) -
http://download.microsoft.com/download/ ... leaner.cab
O16 - DPF: {511073AD-BE56-4D43-AE68-93390514385E} (TechToolsActivex.TechTools) -
file://C:\Program Files\gateway\helpspot\TechTools.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) -
file://C:\Program Files\gateway\helpspot\RunExeActiveX.CAB
O16 - DPF: {88B507F9-C6B2-45CC-AAB6-720A652DE11C} (TenOfTen Class) -
http://download.verizon.net/sfp/Cabs/hs ... nstall.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) -
https://support.gateway.com/support/ser ... /gwCID.CAB
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) -
http://h30155.www3.hp.com/ediags/dd/ins ... utions.cab
O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) -
http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) -
https://a248.e.akamai.net/f/248/5462/2h ... mDlBrg.cab
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) -
http://office.microsoft.com/officeupdat ... /opuc4.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} () -
http://www.stopzilla.com/_download/Auto ... dwnldr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} () -
http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.macromedia.com/get/fl ... wflash.cab
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) -
http://download.verizon.net/sfp/Cabs/hs ... nstall.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\incdsrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
S3 MREMPR5 (MREMPR5 NDIS Protocol Driver) - c:\program files\common files\motive\mrempr5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
S3 PCDRDRV (Pcdr Helper Driver) - c:\progra~1\pc-doc~1\diagno~1\pcdrdrv.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\winnt\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 CCALib8 (Canon Camera Access Library
- c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-09-07 23:04:13 558 --a------ C:\WINNT\Tasks\Norton AntiVirus - Run Full System Scan - Tony.job
-- Files created between 2007-08-25 and 2007-09-25 -----------------------------
2007-09-23 20:11:28 5102 --a------ C:\WINNT\system32\tmp.reg
2007-09-23 19:33:09 0 d-------- C:\Program Files\a-squared HiJackFree
2007-09-09 01:13:33 0 d-------- C:\Webroot
-- Find3M Report ---------------------------------------------------------------
2007-09-25 20:23:11 0 d-------- C:\Program Files\Plaxo
2007-09-24 13:02:00 0 d-------- C:\Program Files\Quicken
2007-09-23 19:59:29 0 d-------- C:\Program Files\a-squared Free
2007-09-22 00:32:21 0 d-------- C:\Program Files\Viewpoint
2007-09-21 21:50:39 0 d-------- C:\Program Files\Common Files\Adobe
2007-09-21 21:19:42 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-17 19:12:19 0 d-------- C:\Program Files\Symantec
2007-09-13 22:59:52 0 d-------- C:\Program Files\Verizon
2007-09-07 19:40:09 0 d-------- C:\Program Files\Common Files\Webroot Shared
2007-09-05 23:24:48 0 d-------- C:\Program Files\Savings Bond Wizard
2007-08-12 15:23:27 0 d-------- C:\Program Files\Lavasoft
2007-08-12 15:21:56 0 d-------- C:\Program Files\Common Files
2007-08-12 15:21:56 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-08 22:43:00 164 --a------ C:\install.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/17/2005 12:11 AM]
"NeroFilterCheck"="C:\WINNT\system32\NeroCheck.exe" [07/09/2001 11:50 AM]
"Multi-function Keyboard"="GWHotKey.exe" [08/28/2001 12:13 PM C:\WINNT\GWHotKey.exe]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [06/07/2003 07:32 AM]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [03/23/2006 05:06 PM]
"IgfxTray"="C:\WINNT\system32\igfxtray.exe" [04/05/2005 03:22 PM]
"HotKeysCmds"="C:\WINNT\system32\hkcmd.exe" [04/05/2005 03:19 PM]
"CXMon"="C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" [08/27/2001 10:52 AM]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe" [07/03/2001 09:11 AM]
"A Verizon App"="C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE" [05/23/2005 01:20 PM]
"Persistence"="C:\WINNT\system32\igfxpers.exe" [04/05/2005 03:23 PM]
"HostManager"="C:\Program Files\Common Files\AOL\1132032986\ee\AOLHostManager.exe" []
"@"="" []
"IPHSend"="C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe" [02/17/2006 12:59 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [10/13/2006 01:12 AM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [03/12/2007 06:30 PM]
"Gateway Ink Monitor"="C:\Program Files\Gateway Utilities\GWInkMonitor.exe" [06/24/2003 10:33 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/22/2007 11:19 PM]
"NAV CfgWiz"="C:\Program Files\Norton AntiVirus\CfgWiz.exe" [02/01/2006 11:10 PM]
"Verizon_McciTrayApp"="C:\Program Files\Verizon\McciTrayApp.exe" [03/11/2007 05:37 PM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [03/09/2007 11:09 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [07/19/2007 10:54 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/14/2003 09:05 PM]
"Window Washer"="C:\Program Files\Webroot\Washer\wwDisp.exe" [09/05/2007 03:43 PM]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [10/11/2005 07:25 PM]
"spc_w"="C:\Program Files\NZSearch\nzspc.exe" []
"NetZero_uoltray"="C:\Program Files\NetZero\exec.exe" []
"Aim6"="" []
"PlaxoUpdate"="C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe" [11/16/2006 01:42 PM]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"ctfmon.exe"="C:\WINNT\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [10/18/2006 09:05 PM]
C:\Documents and Settings\Internet Account\Start Menu\Programs\Startup\
wkcalrem.LNK - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [9/3/2003 11:10:15 AM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
-- Hosts -----------------------------------------------------------------------
127.0.0.1 new
127.0.0.1 new
127.0.0.1 new
127.0.0.1 new
127.0.0.1 new
127.0.0.1 new
127.0.0.1 new
127.0.0.1 new
127.0.0.1 new
127.0.0.1 new
18 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2007-09-25 23:19:33 ------------
Deckard's System Scanner v20070905.67
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) 4 CPU 2.60GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 2.60GHz
Percentage of Memory in Use: 51%
Physical Memory (total/avail): 1006.73 MiB / 489.83 MiB
Pagefile Memory (total/avail): 1658.73 MiB / 1163.43 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1956.88 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 74.53 GiB total, 55.27 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
G: is Removable (No Media)
\\.\PHYSICALDRIVE0 - WDC WD800BB-53DKA0 - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.53 GiB - C:
\\.\PHYSICALDRIVE1 - HP Photosmart 2610 USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FW: Norton Internet Worm Protection v2006 (Symantec)
AV: Spy Sweeper with AntiVirus v5.5.7.48 (Webroot Software Inc)
AV: Norton AntiVirus 2006 v2005 (Symantec Corporation)
Disabled
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Common Files\\AOL\\1132032986\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1132032986\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Savings Bond Wizard\\SBWizard.exe"="C:\\Program Files\\Savings Bond Wizard\\SBWizard.exe:*:Enabled:Savings Bond Wizard"
"C:\\WINNT\\system32\\mmc.exe"="C:\\WINNT\\system32\\mmc.exe:*:Disabled:Microsoft Management Console"
"C:\\Program Files\\Gateway\\HPA\\gwmenu.exe"="C:\\Program Files\\Gateway\\HPA\\gwmenu.exe:*:Enabled:HPA/SCCD/SRCD New Code"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\Symantec\\LiveUpdate\\LUALL.EXE"="C:\\Program Files\\Symantec\\LiveUpdate\\LUALL.EXE:*:Enabled:LiveUpdate"
"C:\\Program Files\\HP\\Digital Imaging\\HP Print Screen\\prnsys.exe"="C:\\Program Files\\HP\\Digital Imaging\\HP Print Screen\\prnsys.exe:*:Enabled:HP Print Screen"
"C:\\Program Files\\HP\\Digital Imaging\\Help\\cuetour\\START.exe"="C:\\Program Files\\HP\\Digital Imaging\\Help\\cuetour\\START.exe:*:Enabled:HP Image Zone Tour"
"C:\\Program Files\\HP\\Diagnostic Assistant\\bin\\hprbevwr.exe"="C:\\Program Files\\HP\\Diagnostic Assistant\\bin\\hprbevwr.exe:*:Enabled:HP Diagnostic Assistant"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\Hpqdirec.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\Hpqdirec.exe:*:Enabled:HP Director"
"C:\\WINNT\\system32\\ftp.exe"="C:\\WINNT\\system32\\ftp.exe:*:Enabled:File Transfer Program"
"C:\\Program Files\\Common Files\\AOL\\1132032986\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1132032986\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Common Files\\AOL\\1132032986\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1132032986\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1132032986\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1132032986\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Common Files\\AOL\\1141689948\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1141689948\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1141689948\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1141689948\\ee\\aim6.exe:*:Enabled:AIM"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Internet Account\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MUFFIN
ComSpec=C:\WINNT\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Internet Account
LOGONSERVER=\\MUFFIN
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINNT\SYSTEM32;C:\WINNT;C:\WINNT\SYSTEM32\WBEM;C:\PROGRAM FILES\PC-DOCTOR FOR WINDOWS\SERVICES
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\INTERN~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\INTERN~1\LOCALS~1\Temp
USERDOMAIN=MUFFIN
USERNAME=Internet Account
USERPROFILE=C:\Documents and Settings\Internet Account
windir=C:\WINNT
-- User Profiles ---------------------------------------------------------------
Tony
(admin)
Internet Account
(admin)
Administrator
(admin)
Guest
(guest)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINNT\IsUninst.exe -fC:\WINNT\orun32.isu
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00BF-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00C6-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00D1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF03DA-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D261CA3-5C68-494A-89D1-5DE68ED23146}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINNT\INF\PCHealth.inf
a-squared Free 3.0 --> "C:\Program Files\a-squared Free\unins000.exe"
a-squared HiJackFree 3.0 --> "C:\Program Files\a-squared HiJackFree\unins000.exe"
ACDSee --> C:\PROGRA~1\ACDSYS~1\ACDSee\UNWISE.EXE C:\PROGRA~1\ACDSYS~1\ACDSee\INSTALL.LOG
Ad-Aware 2007 --> MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9 ActiveX --> C:\WINNT\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Ahead Nero BurnRights --> C:\WINNT\UNNeroBurnRights.exe /UNINSTALL
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
Blasterball 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {3DA2C525-0A4A-4634-8656-8F442FD2C44A}
Canon Camera Access Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{901F8ED7-13E8-43EF-B738-2FE89B0588EB} /l1033
Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1033
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}
Canon Camera Window DSLR 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7}
Canon Camera Window MC 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}
Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4DBBF091-FACD-422C-B43C-786335BD5398}
Canon PhotoRecord --> MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}
Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}
Canon Utilities PhotoStitch 3.1 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}
Canon ZoomBrowser EX (E) --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
ccCommon --> MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
Dark Orbit --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {19906F9F-2E4F-4389-BB6E-205FE12B4BAA}
Disney's Lilo and Stitch Pinball --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {33C279DD-AA04-406D-B122-CBE750316CEB}
Do More 7.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2B7C41F-C63D-4935-B323-B60673724D63}\SETUP.EXE" -l0x9
DVD --> "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
EasyZip --> C:\PROGRA~1\EasyZip\\UNINST.EXE
EVEREST Home Edition v2.20 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Excavation --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {B1C7AAF5-2271-410E-90BF-8FDF8B7029A1}
Gateway Download Assistant --> MsiExec.exe /I{A2A73632-BBAA-43EB-A337-ADF43F905A1C}
Gateway Drivers and Applications Recovery --> C:\Program Files\Gateway\HPA\GWMenu.exe UNINSTALL
Gateway Ink Monitor --> MsiExec.exe /X{F10082FE-BACB-4E58-A423-DAD6BFC8B3A2}
Gateway Multi-function Keyboard --> C:\WINNT\gwhotkey.exe -U
Gateway Rhapsody --> "C:\Program Files\SIFXINST\SIFXINST.EXE" /UnapplyFile 20BBF229-A337-40AD-9FEB-2C98CDA53D1C /Prompt
GemMaster 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {080E0356-D231-41FC-8F31-9760FC4487D9}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 1.99.1 --> C:\DOCUME~1\INTERN~1\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINNT\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINNT\$NtUninstallKB902344$\spuninst\spuninst.exe"
HP Image Zone 4.2 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photo Imaging Software --> C:\WINNT\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Uninstall.isu" -c"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\hpiunCX.dll
HP Photo Printing Software --> C:\WINNT\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Printing\Uninstall.isu" -c"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Printing\hpiunPC.dll
HP PSC & OfficeJet 4.2 --> "C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Share-to-Web --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\Setup.exe" --MAIN -l9
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
InCD --> C:\WINNT\NuNInst.exe /UNINSTALL
Intel(R) Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINNT\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel(R) PRO Network Adapters and Drivers --> Prounstl.exe
Intel(R) PROSet --> MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
Internet Worm Protection --> MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
KODAK Picture CD Volume 2 Issue 3 --> C:\WINNT\IsUninst.exe -f"C:\Program Files\KODAK Picture CD\Volume 2 Issue 3\Uninst.isu"
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Memories Disc Creator 2.0 --> MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Men In Black II CROSSFIRE Trial Version --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {16FDA17D-D97C-415E-94EE-F6645E697C53}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINNT\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Baseline Security Analyzer 2.0.1 --> MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINNT\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINNT\muninst.exe C:\WINNT\INF\KB870669.inf
Microsoft Encarta Encyclopedia Standard 2004 --> MsiExec.exe /I{04410044-9149-45C6-A806-F2BF9CFCE762}
Microsoft Office XP Small Business --> MsiExec.exe /I{91130409-6000-11D3-8CFE-0050048383C9}
Microsoft Picture It! Photo Premium 9 --> C:\WINNT\System32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
Microsoft Streets and Trips 2004 --> MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790210}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINNT\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Word 2002 --> MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works --> MsiExec.exe /I{B9966F27-9678-4620-9579-925E3084647E}
Microsoft Works 2004 Setup Launcher --> C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe d:\
Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{33BEE6F3-9987-4F98-A069-97A64EC8321A}
MUSICMATCH® Jukebox --> C:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.exe
NAVShortcut --> MsiExec.exe /I{F325CF11-27CE-4872-8022-6E9EB27DF24F}
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Norton AntiVirus 2006 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus 2006 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe" /X
Norton AntiVirus Help --> MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
Norton AntiVirus Parent MSI --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton AntiVirus SYMLT MSI --> MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
Norton Protection Center --> MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
PC-Doctor for Windows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
Pig Pen --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {5F2A75DB-87B7-4E3B-9C8B-1E1059154C84}
Plaxo Toolbar for Outlook and Outlook Express --> C:\Program Files\Plaxo\2.12.1.1\uninstall.exe
pressplay --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47D684C4-817D-11D5-818F-009027864C7F}\Setup.exe" -l0x9 ppc
Quicken 2007 --> MsiExec.exe /X{0D2E80C8-0875-43EB-9623-47118E2DFBCA}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Savings Bond Wizard --> C:\WINNT\unvise32.exe C:\Program Files\Savings Bond Wizard\uninstal.log
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINNT\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINNT\$NtUninstallKB923723$\spuninst\spuninst.exe"
Shockwave --> C:\WINNT\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\System32\Macromed\SHOCKW~1\Install.log
Smart Link 56K Modem --> C:\WINNT\Modio\SLAMR2KO\Setup.exe /Remove
Space Rocks --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {5531CF62-6C27-4F13-8592-E370AA1000CE}
SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spy Sweeper --> "C:\Program Files\Webroot\Spy Sweeper\unins000.exe"
Symantec --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
Symantec KB-DocID:2003093015493306 --> MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
Verizon Online --> C:\WINNT\system32\VerizonUninstaller.exe
Verizon Online Help and Support --> C:\PROGRA~1\Verizon\UNWISE.EXE C:\PROGRA~1\Verizon\INSTALL.LOG
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Viewpoint Toolbar --> C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\Uninstaller.exe /u /k /url "http://www.viewpoint.com/pub/uninstallcompleted.html"
Virtual Warfare --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {A198A102-87F7-4966-809A-45134182A3B1}
WildTangent Channel Manager --> C:\Program Files\WildTangent\DDC\DDCManager\Uninstall.exe
Window Washer --> C:\WINNT\Unwash6.exe
Windows Media Connect --> "C:\WINNT\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINNT\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINNT\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Rights Management Client Backwards Compatibility SP2 --> MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Windows Rights Management Client with Service Pack 2 --> MsiExec.exe /X{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}
Yahoo! Toolbar --> rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YCOMP5~1.DLL,DllCommand ui
-- Application Event Log -------------------------------------------------------
Event Record #/Type2997 / Error
Event Submitted/Written: 09/25/2007 01:40:32 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Internet connection not detected.
Event Record #/Type2995 / Error
Event Submitted/Written: 09/25/2007 01:35:32 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Internet connection not detected.
Event Record #/Type2993 / Error
Event Submitted/Written: 09/25/2007 01:30:32 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Internet connection not detected.
Event Record #/Type2991 / Error
Event Submitted/Written: 09/25/2007 01:25:32 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Internet connection not detected.
Event Record #/Type2921 / Error
Event Submitted/Written: 09/23/2007 07:51:13 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application a2hijackfree.exe, version 3.0.0.406, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3535 / Error
Event Submitted/Written: 09/25/2007 11:16:49 PM
Event ID/Source: 7016 / Service Control Manager
Event Description:
The SmartLinkService service has reported an invalid current state 0.
Event Record #/Type3534 / Warning
Event Submitted/Written: 09/25/2007 11:11:07 PM
Event ID/Source: 7 / Print
Event Description:
Printer HP Photosmart 2600 series fax was resumed.
Event Record #/Type3533 / Warning
Event Submitted/Written: 09/25/2007 11:11:07 PM
Event ID/Source: 6 / Print
Event Description:
Printer HP Photosmart 2600 series fax was paused.
Event Record #/Type3039 / Warning
Event Submitted/Written: 09/19/2007 11:04:54 PM
Event ID/Source: 7 / Print
Event Description:
Printer HP Photosmart 2600 series fax was resumed.
Event Record #/Type3038 / Warning
Event Submitted/Written: 09/19/2007 11:04:54 PM
Event ID/Source: 6 / Print
Event Description:
Printer HP Photosmart 2600 series fax was paused.
-- End of Deckard's System Scanner: finished at 2007-09-25 23:19:33 ------------