Run by John Rogers on 2008-03-13 11:52:45
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
66: 2008-03-13 15:53:19 UTC - RP746 - Deckard's System Scanner Restore Point
65: 2008-03-13 15:21:54 UTC - RP745 - Software Distribution Service 3.0
64: 2008-03-12 22:32:23 UTC - RP744 - System Checkpoint
63: 2008-03-10 04:07:04 UTC - RP743 - System Checkpoint
62: 2008-03-09 01:19:02 UTC - RP742 - System Checkpoint
-- First Restore Point --
1: 2007-12-16 14:53:03 UTC - RP681 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-13 12:06:13
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.5700.6)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Free\avgamsvr.exe
C:\Program Files\Grisoft\AVG Free\avgupsvc.exe
C:\Program Files\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\ACNielsen\Homescan Internet Transporter\HSTrans.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Netropa\Onscreen Display\osd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\Documents and Settings\John Rogers\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.c...spx?tb_id=66015
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=66015
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....cid={SUB_CLCID}
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.c...spx?tb_id=66015
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=66015
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O2 - BHO: (no name) - {F4521FB0-C187-415A-958C-DBF95B0255B9} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar3.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [MegaPanel] C:\Program Files\ACNielsen\Homescan Internet Transporter\HSTrans.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html (file missing)
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html (file missing)
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html (file missing)
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html (file missing)
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.vistaprint.com (HKCU)
O16 - DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} () - http://download.micr...tualEarth3D.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1124303052575
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1124303046356
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} () - http://yax-download.....cab?refid=1123
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.ma...t/ultrashim.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macrom...abs/swflash.cab
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O20 - Winlogon Notify: ssttt - C:\WINDOWS\system32\
O20 - Winlogon Notify: winubg32 - C:\WINDOWS\system32\winubg32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgemc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\hphipm11.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 12377 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
R2 SbcpHid - c:\windows\system32\drivers\sbcphid.sys
R3 dvd43llh - c:\windows\system32\drivers\dvd43llh.sys <Not Verified; RIF; DVD For Free>
R3 Pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
S3 Pronto2G (Philips Pronto NG USB Driver) - c:\windows\system32\drivers\pronto2g.sys <Not Verified; Philips Electronics; Philips Pronto NG USB Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Diskeeper - "c:\program files\executive software\diskeeper\dkservice.exe" <Not Verified; Executive Software International, Inc.; Diskeeper Disk Defragmenter>
S4 nhksrv (Netropa NHK Server) - c:\program files\netropa\multimedia keyboard\nhksrv.exe (file missing)
S4 NMSAccess - c:\program files\cdburnerxp pro 3\tools\nmsaccess.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-03-08 18:53:12 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-02-13 and 2008-03-13 -----------------------------
2008-03-12 14:32:22 0 dr-h----- C:\Program Files\rnamfler
2008-03-02 22:52:04 0 d-------- C:\Documents and Settings\John Rogers\Application Data\ImgBurn
2008-03-02 22:46:29 0 d-------- C:\Program Files\ImgBurn
2008-02-29 03:09:35 0 d-------- C:\videooutput
2008-02-28 21:17:47 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-02-28 21:17:46 383238 --a------ C:\WINDOWS\system32\libmp3lame-0.dll
2008-02-28 19:04:34 66048 --a------ C:\WINDOWS\system32\cygz.dll
2008-02-28 19:04:33 487479 --a------ C:\WINDOWS\system32\SkinMagic.dll <Not Verified; Appspeed Inc.; Appspeed SkinMagic Toolkit>
2008-02-28 19:04:33 1872821 --a------ C:\WINDOWS\system32\cygwin1.dll <Not Verified; Red Hat; Cygwin>
2008-02-28 19:04:28 6664208 --a------ C:\WINDOWS\system32\dvdripcore.dll
2008-02-28 19:04:28 0 d-------- C:\Program Files\Smallvideosoft
2008-02-20 16:49:53 0 d-------- C:\Program Files\PayPal
2008-02-20 16:48:58 0 d-------- C:\Documents and Settings\John Rogers\Application Data\InstallShield
2008-02-18 15:10:01 0 d-------- C:\Documents and Settings\JaVaughn\Application Data\ATI
2008-02-16 18:22:57 0 d-------- C:\Documents and Settings\John Rogers\Application Data\DepositFiles Uploader
-- Find3M Report ---------------------------------------------------------------
2008-03-12 18:12:04 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-03-07 18:26:57 0 d-------- C:\Program Files\Sure Delete
2008-02-28 01:32:42 0 d-------- C:\Documents and Settings\John Rogers\Application Data\Vso
2008-02-24 16:26:05 0 d-------- C:\Program Files\Microsoft Bootvis
2008-02-20 16:49:52 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-10 15:28:11 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-06 21:25:38 12209 --a------ C:\WINDOWS\mozver.dat
2008-01-30 16:42:59 0 d-------- C:\Documents and Settings\John Rogers\Application Data\Adobe
2008-01-23 20:45:32 0 d-------- C:\Program Files\Apple Software Update
2008-01-17 19:01:34 0 d-------- C:\Program Files\AIM6
2007-12-16 10:11:06 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
12/16/2007 10:11 AM 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F4521FB0-C187-415A-958C-DBF95B0255B9}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [12/16/2007 10:11 AM 262144]
[-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [03/17/2002 07:39 AM]
"MegaPanel"="C:\Program Files\ACNielsen\Homescan Internet Transporter\HSTrans.exe" [02/24/2006 03:06 PM]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [05/24/2002 08:46 AM]
"HPHmon04"="C:\WINDOWS\system32\hphmon04.exe" [06/20/2002 03:06 PM]
"HPHUPD04"="C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" [05/24/2002 08:47 AM]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [04/17/2002 10:42 AM]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [02/16/2005 11:11 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [12/21/2007 09:35 PM]
"DiskeeperSystray"="C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" [07/26/2005 05:52 PM]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [11/14/2007 05:05 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/24/2007 12:39 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [11/4/2004 8:28:24 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe [11/4/2004 8:50:52 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssttt]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32]
winubg32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^John Rogers^Start Menu^Programs^Startup^Eyetide Launcher.lnk]
path=C:\Documents and Settings\John Rogers\Start Menu\Programs\Startup\Eyetide Launcher.lnk
backup=C:\WINDOWS\pss\Eyetide Launcher.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATI Launchpad]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AtiPTA]
atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
Mixer.exe /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\com.codeode.cactusspamfilter]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Date New 4 Flaw]
C:\Documents and Settings\All Users\Application Data\ABOUT1DATENEW\test spam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
"C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43]
C:\Program Files\dvd43\dvd43_tray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcasServ]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Greybook]
C:\DOCUME~1\JOHNRO~1\APPLIC~1\32MEET~1\sixth long info.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydarVisionDesktopManager]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KazaaMate]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaFace Integration]
C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlaxoUpdate]
C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
"C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SP2 Connection Patcher]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WildTangent CDA]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPatrol]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"tmproxy"=2 (0x2)
"TmPfw"=2 (0x2)
"Tmntsrv"=2 (0x2)
"PcCtlCom"=2 (0x2)
"iPod Service"=3 (0x3)
"WinDefend"=2 (0x2)
"nhksrv"=2 (0x2)
"gusvc"=3 (0x3)
"ATI Smart"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"NMSAccessU"=2 (0x2)
*Newly Created Service* - MCHINJDRV
-- Hosts -----------------------------------------------------------------------
127.0.0.1 localhost.localdomain
127.0.0.1 sitefinder.Verisign.com # Verisign has joined the game
127.0.0.1 sitefinder-idn.Verisign.com # of trying to hijack mistyped
127.0.0.1 # URLs to their site.
127.0.0.1 ad.doubleclick.net # This may interefere with www.sears.com
127.0.0.1 # and potentially other sites.
127.0.0.1 media.fastclick.net # Likewise, this may interefer with some
127.0.0.1 # sites.
127.0.0.1 #up CSS on livejournal
127.0.0.1 # problems with NPR.org
4552 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-03-13 12:07:50 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon XP 1900+
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 1023.53 MiB / 567.64 MiB
Pagefile Memory (total/avail): 2462.3 MiB / 2114.63 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1935.99 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 74.52 GiB total, 26.32 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST380013A - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.52 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: ZoneAlarm Firewall v7.0.462.000 (Check Point, LTD.)
AV: AVG 7.5.518 v7.5.518 (Grisoft)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\1130732116\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1130732116\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Documents and Settings\\John Rogers\\Local Settings\\Temp\\~os1AB.tmp\\ossproxy.exe"="C:\\Documents and Settings\\John Rogers\\Local Settings\\Temp\\~os1AB.tmp\\ossproxy.exe:*:Enabled:ossproxy.exe"
"C:\\Documents and Settings\\JaVaughn\\Local Settings\\Temp\\~osB1.tmp\\ossproxy.exe"="C:\\Documents and Settings\\JaVaughn\\Local Settings\\Temp\\~osB1.tmp\\ossproxy.exe:*:Enabled:ossproxy.exe"
"C:\\Documents and Settings\\John Rogers\\K-Lite\\kazaa.core"="C:\\Documents and Settings\\John Rogers\\K-Lite\\kazaa.core:*:Enabled:Kazaa"
"C:\\Program Files\\Common Files\\AOL\\1130732116\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1130732116\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Disabled:AOL Instant Messenger"
"C:\\Program Files\\Common Files\\AOL\\1132980349\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1132980349\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Documents and Settings\\John Rogers\\Desktop\\DtaUpgrader_001410.exe"="C:\\Documents and Settings\\John Rogers\\Desktop\\DtaUpgrader_001410.exe:*:Enabled:DTA Firmware Upgrader"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:HP Digital Imaging Monitor"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:HP AiO Fax Manager"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw"
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqcopy.exe"="C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqcopy.exe:*:Enabled: "
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Common Files\\AOL\\1159645734\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1159645734\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1159645734\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1159645734\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\Common Files\\AOL\\1132980349\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1132980349\\ee\\aim6.exe:*:Disabled:AIM"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\John Rogers\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=JOHN-YG4WWF1VS5
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\John Rogers
LOGONSERVER=\\JOHN-YG4WWF1VS5
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Executive Software\Diskeeper\;C:\Program Files\ATI Technologies\ATI.ACE\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0602
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\JOHNRO~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\JOHNRO~1\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=JOHN-YG4WWF1VS5
USERNAME=John Rogers
USERPROFILE=C:\Documents and Settings\John Rogers
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
John Rogers (admin)
Monica (admin)
JaVaughn
Administrator (admin)
Guest (guest)
-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1Click DVD Copy Pro 3.1.3.5 --> "C:\Program Files\LG Software Innovations\1Click DVD Copy Pro\unins000.exe"
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AI RoboForm --> "C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> MsiExec.exe /I{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avant Browser (remove only) --> "C:\Program Files\Avant Browser\uninst.exe"
AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
CDBurnerXP --> "C:\Program Files\CDBurnerXP\unins000.exe"
Danny Phantom Ghost Sweep --> C:\PROGRA~1\NICKAR~1\DANNYP~1\UNWISE.EXE C:\PROGRA~1\NICKAR~1\DANNYP~1\INSTALL.LOG
Diskeeper Professional Edition --> MsiExec.exe /X{76EF79CA-A6A8-41C4-AE49-E49BA075FA51}
DVD Solution --> "C:\Program Files\Uninstall_CDS.exe"
DVD43 v4.0.0 --> "C:\Program Files\dvd43\unins000.exe"
Fairly OddParents Information Stupor Highway --> C:\PROGRA~1\NICKAR~1\FAIRLY~1\UNWISE.EXE C:\PROGRA~1\NICKAR~1\FAIRLY~1\INSTALL.LOG
Family Game Pack --> C:\WINDOWS\uninst.exe -f"c:\program files\DeIsL1.isu"
FFLM 2005 version 5.14 --> "C:\Documents and Settings\FFLM\unins000.exe"
FinePixViewer Ver.4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
Freez DVD Ripper v1.5 --> "C:\Program Files\Smallvideosoft\Freez DVD Ripper\unins000.exe"
FTDI USB Serial Converter Drivers --> C:\WINDOWS\system32\ftdiunin.exe C:\WINDOWS\system32\ftdiun2k.ini
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
Homescan Internet Transporter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92BF38A8-5616-4209-87A3-D910B45A1D98}\setup.exe" -l0x9 /UNINSTALL -removeonly
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Extended Capabilities 4.7 --> C:\Program Files\Hewlett-Packard\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 4.7 --> C:\Program Files\Hewlett-Packard\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photo and Imaging 1.0 - HP Photosmart Printer Series --> MsiExec.exe /I{0D396571-7BBD-44CE-ABB3-518BF86B72F7}
HP PSC & OfficeJet 4.7 --> "C:\Program Files\Hewlett-Packard\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
HP Software Update --> MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HydraVision --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
HyperLoad - Rally Racing --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4ED6DEC-A665-4279-812C-A15B11143438}\setup.exe" -l0x9 -uninst -removeonly
ImageMixer VCD for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3AA158A-9421-4883-8767-E771B0964A1D}\setup.exe"
ImgBurn --> "C:\Program Files\ImgBurn\uninstall.exe"
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
JumpStart 4th Grade v1.3 --> C:\WINDOWS\IsUninst.exe -fC:\KA\4G\DeIsL1.isu
JumpStart Parent Resource Center v1.0 --> C:\WINDOWS\IsUninst.exe -fC:\KA\PRC\DeIsL1.isu
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Maxthon Browser (remove only) --> C:\Documents and Settings\JaVaughn\Maxthon\MaxthonUINST.exe
MediaFACE 4.2 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9DFCAA7A-9B62-4468-8F91-F68150AA8BAD}
Microsoft Bootvis --> MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MicroStaff WINASPI NT --> C:\MWASPINT\uninst.exe
Mini-Cars Racing --> "C:\Program Files\MyPlayCity.com\Mini-Cars Racing\unins000.exe"
Motorola Phone Tools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x9 -removeonly
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.12) --> C:\PROGRA~1\Mozilla Thunderbird\uninstall\helper.exe
Multimedia Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero Digital --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
PayPal Plug-In --> C:\Program Files\InstallShield Installation Information\{73317C31-2B6E-4B88-9865-B97C1331A39D}\setup.exe -runfromtemp -l0x0009 -removeonly
PCI Audio Driver --> cmuninst.exe
Photosmart 130,230,7150,7345,7350,7550 (Remove only) --> C:\Program Files\HP Photosmart 11\Printer\hphuni04.exe
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
ProntoProEdit NG --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{DA2DEF22-8E99-449E-95BE-B6BA4BB50D66}
QuickTime Alternative 1.60 --> "C:\Program Files\QuickTime Alternative\unins000.exe"
Real Alternative 1.43 --> "C:\Program Files\Real Alternative\unins000.exe"
Safety Bar --> "C:\Program Files\Safety Bar\Uninstall.bat" "C:\Program Files\Safety Bar"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SpongeBob SquarePants 3-D --> C:\PROGRA~1\NICKAR~1\SPONGE~1\UNWISE.EXE C:\PROGRA~1\NICKAR~1\SPONGE~1\INSTALL.LOG
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Sure Delete 5.1.1 --> "C:\Program Files\Sure Delete\unins000.exe"
The Incredibles Screen Saver --> C:\WINDOWS\system32\The Incredibles.scr /u
To The Eds-treme --> C:\PROGRA~1\CARTOO~1\TOTHEE~1\UNWISE.EXE C:\PROGRA~1\CARTOO~1\TOTHEE~1\INSTALL.LOG
ViewMate Office Keyboard KP102/KP202 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0208A7E3-0D30-11D4-A1FC-00508B9D1BA2}\setup.exe" -l0x9
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
XP Codec Pack --> C:\Program Files\XP Codec Pack\Uninstall.exe
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
ZoneAlarm Spy Blocker --> rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O
-- Application Event Log -------------------------------------------------------
Event Record #/Type1330 / Error
Event Submitted/Written: 03/10/2008 08:14:38 PM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 171557643.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.
Event Record #/Type1329 / Error
Event Submitted/Written: 03/10/2008 08:11:51 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application hpqtra08.exe, version 45.4.157.0, faulting module hpzidr12.dll, version 9.0.0.0, fault address 0x00006fb9.
Processing media-specific event for [hpqtra08.exe!ws!]
Event Record #/Type1328 / Error
Event Submitted/Written: 03/09/2008 07:37:24 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application hpqtra08.exe, version 45.4.157.0, faulting module hpzidr12.dll, version 9.0.0.0, fault address 0x00006fb9.
Processing media-specific event for [hpqtra08.exe!ws!]
Event Record #/Type1326 / Error
Event Submitted/Written: 03/03/2008 01:45:02 AM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 647368433.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.
Event Record #/Type1325 / Error
Event Submitted/Written: 03/03/2008 01:44:57 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.20121, faulting module paypalplugin.dll, version 2.0.45.0, fault address 0x0000c552.
Processing media-specific event for [firefox.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type92133 / Warning
Event Submitted/Written: 03/12/2008 03:41:16 PM
Event ID/Source: 26 / atapi
Event Description:
The driver has detected that device \Device\Ide\IdePort0 has old or out-of-date firmware.
Reduced performance may result.
Event Record #/Type92128 / Warning
Event Submitted/Written: 03/12/2008 02:30:47 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type92125 / Warning
Event Submitted/Written: 03/12/2008 01:20:52 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type92124 / Warning
Event Submitted/Written: 03/12/2008 00:52:21 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type92105 / Error
Event Submitted/Written: 03/12/2008 00:20:55 PM
Event ID/Source: 1000 / Dhcp
Event Description:
Your computer has lost the lease to its IP address 192.168.1.108 on the
Network Card with network address 0040F4666850.
-- End of Deckard's System Scanner: finished at 2008-03-13 12:07:50 ------------