[titan7342]

Hi everyone! I have been havi9ng some trouble recently with me email program (Mozilla Thunderbird) when I go to send or check emails it will not connect to my email server. I would then try to use outlook express to send and receive and it would work but now that is having the same issues. Now after closing either program because they would not connect to my mail server I cannot open any other programs and my PC will not shutdown. I am also noticing that when I do reboot my pc it will not load my desktop icons or system tray icons about 50% of the time, this has just recently started happing within the past day or so. I am not sure if this is Spyware/malware related or not but I have not really made any changes to my pc lately that I would think could be the cause other then spyware/malware. I ran all the programs required before posting this as required and here are all the logs and text files as requested. Any help will be greatly appreciated. Thanks alot everyone.

Attached Files

•  AVG_Anti_spyware.txt   15.4KB   83 downloads
•  SUPERAntiSpyware_Scan_Log.txt   719bytes   89 downloads
•  Activescan.txt   2.88KB   111 downloads
•  uninstall_list.txt   7.88KB   107 downloads
•  hijackthis.txt   9.64KB   149 downloads

[Advertisements]

Hello, titan7342, and welcome to Geeks To Go. Sorry about the delay, it's been pretty busy around here.

Let's start out with some general scans and see if we can't clean things up a little.

1. Please run an on-line virus scan at Kaspersky OnLine Scan or if that doesn't work, you can use TrendMicro or BitDefender. (Please post the results of the scan(s) in your next reply)

2. After that, I will need to see two different logs from HiJackThis. The first is the normal log like you posted here. To get the other one, follow these directions.

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.

Post back with those logs and we can continue from there.

If you have received help elsewhere or no longer need our assistance, please let us know.

[handhfan]

Hello, titan7342, and welcome to Geeks To Go. Sorry about the delay, it's been pretty busy around here.

Let's start out with some general scans and see if we can't clean things up a little.

1. Please run an on-line virus scan at Kaspersky OnLine Scan or if that doesn't work, you can use TrendMicro or BitDefender. (Please post the results of the scan(s) in your next reply)

2. After that, I will need to see two different logs from HiJackThis. The first is the normal log like you posted here. To get the other one, follow these directions.

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.

Post back with those logs and we can continue from there.

If you have received help elsewhere or no longer need our assistance, please let us know.

[titan7342]

Thanks handhfan, don't want you to think I was ignoring you. I just got back from Florida so I have been away for a week. I will run that scan you requested tonight and post the results.

[jwbirdsong]

just so you know, handhfan has had some issues come up and is unable to continue right now...I'll be stepping in and taking this log with you.

[titan7342]

ok great! glad you can help me. here are the logs that were requested. Let me know if you need anything else. Thanks alot.

Attached Files

•  uninstall_list.txt   7.9KB   177 downloads
•  kaspersky_scan.txt   15.99KB   220 downloads

[jwbirdsong]

While I'm going through everything a quick question.
Are you still having the startup and Email issues??

[titan7342]

start up seems to be ok now, but my email issues still exist. I have noticed quit a bit of slow down for my internet connection but I am not sure that is related.

[jwbirdsong]

Well it REALLY doesn't seem to be anything this all those scans that could account for the Email trouble....What are you using for your ail program? Outlook..Outlook Express..It could be a setting on your mail client.....if you are able to connect in the first place it is probablily NOT Zone Alarm.

Let's look at one more set pf scan also.
When you post back your Email client info please post the following also.

Download
Deckard's System Scanner (DSS) from HERE to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close ALL applications and windows.
2. Double-click on dss.exe to run it, and follow the prompts.
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply,

The logs can be quite lengthy..use two post if you need to get them all in.

[titan7342]

The email program I am using is Thunderbird. One thing that I am concerned with that I found today and I thought might be the cause is that when I run MSCONFIG under the start up tab their is 2 startup items with absolutely no names or commands. They both have locations that are Software\Microsoft\Windows\CurrentVersion\Run. Not sure if that helps you. Anyway here is the main file of the scan you asked for.

Deckard's System Scanner v20070426.43
Run by Owner on 2007-05-18 at 11:16:28
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
12: 2007-05-18 15:16:33 UTC - RP364 - Deckard's System Scanner Restore Point
11: 2007-05-18 02:52:57 UTC - RP363 - System Checkpoint
10: 2007-05-17 00:18:02 UTC - RP362 - Software Distribution Service 2.0
9: 2007-05-16 15:24:29 UTC - RP361 - System Checkpoint
8: 2007-05-07 19:27:17 UTC - RP360 - System Checkpoint


-- First Restore Point --
1: 2007-05-01 02:28:27 UTC - RP353 - computer repair


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 11:17:38 AM, on 5/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINNT\system32\CTSvcCDA.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINNT\system32\nvsvc32.exe
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\wscntfy.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\HIGHJA~1\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1173595929875
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfi...ll/gtdownls.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/...xy.cab41227.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\system32\CTSvcCDA.EXE
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)


-- HijackThis Fixed Entries (C:\HIGHJA~1\backups\) -----------------------------

backup-20060302-180210-355 O4 - HKLM\..\Run: [LanzarT2006] "C:\DOCUME~1\Owner\LOCALS~1\Temp\{D3F745E8-1A80-4D95-A5F9-C3B7C9D2E760}\{98032D6F-3EE6-4646-B68C-40BF012AC89B}\..\..\T2006tmp\Install.exe" /SETUP:"/l0x0009"
backup-20060302-180210-575 O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
backup-20060302-180210-658 O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

-- File Associations -----------------------------------------------------------

.js - unable to read key
.js - unable to read key


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 gxc122b - c:\winnt\system32\drivers\gxc122b.sys
R0 gxc122p - c:\winnt\system32\drivers\gxc122p.sys
R0 Vax347b - c:\winnt\system32\drivers\vax347b.sys
R0 Vax347s - c:\winnt\system32\drivers\vax347s.sys
R1 Cdr4_xp - c:\winnt\system32\drivers\cdr4_xp.sys <Not Verified; Roxio; Drag-to-Disc>
R1 Cdralw2k - c:\winnt\system32\drivers\cdralw2k.sys <Not Verified; Roxio; Drag-to-Disc>
R1 PCLEPCI - c:\winnt\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 CDRPDACC (Arrowkey Device Access) - c:\program files\321studios\shared\cdrpdacc.sys <Not Verified; Arrowkey; CD Device Access>
R3 ASAPIW2k - c:\winnt\system32\drivers\asapiw2k.sys <Not Verified; Pinnacle Systems GmbH; asapi>
R3 emupia (E-mu Plug-in Architecture Driver) - c:\winnt\system32\drivers\emupia2k.sys <Not Verified; Creative Technology Ltd; E-mu Plug-In Architecture>
R3 MarvinBus (Pinnacle Marvin Bus) - c:\winnt\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete>
R3 mohfilt - c:\winnt\system32\drivers\mohfilt.sys <Not Verified; Intel Corporation; Intel® 537EP Modem>
R3 Pcouffin (Low level access layer for CD devices) - c:\winnt\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

S2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.0.1) - c:\winnt\system32\drivers\aegisp.sys (file missing)
S3 E1000 (Intel® PRO/1000 Adapter Driver) - c:\winnt\system32\drivers\e1000325.sys <Not Verified; Intel Corporation; Intel® PRO/1000 Adapter>
S3 ENTECH - c:\winnt\system32\drivers\entech.sys (file missing)
S3 GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - c:\winnt\system32\gtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 pgfilter - c:\program files\peerguardian2\pgfilter.sys
S3 PortlUSB - c:\winnt\system32\drivers\siriususb.sys (file missing)
S3 ProtoWall (ProtoWall Defender) - c:\winnt\system32\drivers\protowall.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\winnt\system32\drivers\wanatw4.sys (file missing)
S3 WebSTARXP (Scientific Atlanta WebSTAR 100 & 200 series Cable Modem) - c:\winnt\system32\drivers\sacmxp1.sys <Not Verified; Scientific Atlanta; Scientific Atlanta DPX100 USB Cable Modem>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 WMP54Gv4SVC - "c:\program files\linksys wireless-g pci wireless network monitor\wlservice.exe" "wmp54gv4.exe" (file missing)


-- Scheduled Tasks -------------------------------------------------------------

2007-05-06 07:30:09 264 --a------ C:\WINNT\Tasks\Spybot - Search & Destroy.job
2007-05-06 03:00:41 300 --a------ C:\WINNT\Tasks\Ad-aware 6.job
2007-05-05 03:31:03 252 --a------ C:\WINNT\Tasks\Disk Cleanup.job
2007-04-20 16:08:50 346 --a------ C:\WINNT\Tasks\McDefragTask.job
2007-04-20 16:08:49 352 --a------ C:\WINNT\Tasks\McQcTask.job


-- Files created between 2007-04-18 and 2007-05-18 -----------------------------

2007-05-16 14:59:53 0 d-------- C:\WINNT\system32\Kaspersky Lab
2007-05-01 12:10:23 0 d-------- C:\VundoFix Backups
2007-05-01 10:20:50 0 d-------- C:\WINNT\system32\ActiveScan
2007-05-01 09:11:39 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-05-01 09:11:33 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-05-01 09:11:33 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2007-04-30 23:25:45 0 d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2007-04-30 23:25:23 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2007-04-20 16:10:31 143360 --a------ C:\WINNT\system32\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 Multi-Threading UnZIP DLL>
2007-04-20 16:08:21 0 d-------- C:\Program Files\Common Files\McAfee
2007-04-20 16:08:15 0 d-------- C:\Program Files\McAfee


-- Find3M Report ---------------------------------------------------------------

2007-05-18 00:18:33 384 --a------ C:\WINNT\system32\DVCStateBkp-{00000003-00000000-00000001-00001102-00000004-20041102}.dat
2007-05-18 00:18:33 384 --a------ C:\WINNT\system32\DVCState-{00000003-00000000-00000001-00001102-00000004-20041102}.dat
2007-05-17 17:42:00 0 d-------- C:\Program Files\Mozilla Thunderbird
2007-05-06 20:22:31 44250 --a------ C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2007-05-01 11:28:53 0 d-------- C:\Program Files\QuickTime
2007-05-01 11:13:42 0 d-------- C:\Program Files\Messenger
2007-05-01 10:49:10 0 d-------- C:\Program Files\AIM
2007-05-01 09:10:59 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-25 20:55:54 0 d--h----- C:\Documents and Settings\Owner\Application Data\Adobe
2007-04-20 16:08:43 0 d-------- C:\Program Files\McAfee.com
2007-04-20 16:01:49 0 d-------- C:\Program Files\SpywareGuard
2007-03-10 20:42:34 6144 --a----c- C:\WINNT\system32\DLPT.sys <Not Verified; Gteko Ltd.; QDiag>


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} c:\program files\mcafee\virusscan\scriptcl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\system32\\NvCpl.dll,NvStartup"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Gamma Loader.lnk"
"backup"="C:\\WINNT\\pss\\Adobe Gamma Loader.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma Loader"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINNT\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EzTune.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\EzTune.lnk"
"backup"="C:\\WINNT\\pss\\EzTune.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\Program Files\\Gateway\\EzTune\\dthtml.exe -startup_folder"
"item"="EzTune"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\WINNT\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="M:\\Program Files\\Microsoft Office\\Office\\OSA9.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Adobe Gamma.lnk]
"path"="C:\\Documents and Settings\\Owner\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
"backup"="C:\\WINNT\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^WKCALREM.LNK]
"path"="C:\\Documents and Settings\\Owner\\Start Menu\\Programs\\Startup\\WKCALREM.LNK"
"backup"="C:\\WINNT\\pss\\WKCALREM.LNKStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\MICROS~1\\WORKSS~1\\WkCalRem.exe "
"item"="WKCALREM"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKLM"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgas"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CTHELPER"
"hkey"="HKLM"
"command"="CTHELPER.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gateway Extended Warranty]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GWCares"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Gateway\\GWCares\\GWCares.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gateway Ink Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GWInkMonitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Gateway\\Gateway Ink Monitor\\GWInkMonitor.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpztsb04"
"hkey"="HKLM"
"command"="C:\\WINNT\\System32\\spool\\drivers\\w32x86\\3\\hpztsb04.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaFace Integration]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SetHook"
"hkey"="HKLM"
"command"="C:\\Program Files\\Fellowes\\MediaFACE 4.0\\SetHook.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WkUFind"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mimboot"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~1\\mimboot.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mm_tray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Multi-function Keyboard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GWHotKey"
"hkey"="HKLM"
"command"="GWHotKey.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINNT\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvCpl"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINNT\\system32\\NvCpl.dll,NvStartup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RunDLL32"
"hkey"="HKLM"
"command"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="nwiz.exe /install"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProtoWall]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wallchanger]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="wallchanger"
"hkey"="HKLM"
"command"="C:\\WALTDCS\\wallchanger.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Media Connect 2]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WMCCFG"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Windows Media Connect 2\\WMCCFG.exe\" /StartQuiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WMPNSCFG"
"hkey"="HKCU"
"command"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7879f2a0-e7ac-11da-82ba-806d6172696f}]
shell\play\command GWHotKey.exe -D%1
shell\play\command Files\Real\RealPlayer\RealPlay.exe" /dvd %1


-- End of Deckard's System Scanner: finished at 2007-05-18 at 11:18:05 ---------

[titan7342]

Here is the extra text file from the scan.

Deckard's System Scanner v20070426.43
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.20GHz
CPU 1: Intel® Pentium® 4 CPU 3.20GHz
Percentage of Memory in Use: 32%
Physical Memory (total/avail): 1534.73 MiB / 1036.5 MiB
Pagefile Memory (total/avail): 2155.5 MiB / 1816.83 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1974.74 MiB

C: is Fixed (NTFS) - 149.05 GiB total, 92.46 GiB free.
D: is CDROM (UDF)
E: is CDROM (CDFS)
F: is CDROM (No Media)
G: is CDROM (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is Removable (No Media)
L: is Removable (No Media)


-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: ZoneAlarm Pro Firewall v6.5.737.000 (Zone Labs, Inc.) Disabled
AV: McAfee VirusScan v (McAfee)


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SHAWN
ComSpec=C:\WINNT\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\SHAWN
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINNT\SYSTEM32;C:\WINNT;C:\WINNT\SYSTEM32\WBEM;C:\PROGRAM FILES\PC-DOCTOR FOR WINDOWS\SERVICES;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0303
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=SHAWN
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINNT


-- User Profiles ---------------------------------------------------------------

Owner (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINNT\IsUninst.exe -fC:\WINNT\orun32.isu
--> MsiExec.exe /I{56CA5D3B-3002-4E7B-90FE-071D8FDF3814}
--> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINNT\INF\PCHealth.inf
ABC (remove only) --> C:\Program Files\ABC\Uninstall.exe
Act of War - Direct Action --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F9B915DF-B79C-4747-9BA3-9705A57DC717}\SETUP.EXE" -l0x9
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~2\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\INSTALL.LOG
Adobe After Effects 6.5 --> MsiExec.exe /I{61CEB2D7-8D3B-4247-B75E-A95F6699B90A}
Adobe Flash Player 9 ActiveX --> C:\WINNT\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 7.0.5 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Shockwave Player --> C:\WINNT\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~2\Install.log
Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Age of Empires III --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Ahead Nero BurnRights --> C:\WINNT\UNNeroBurnRights.exe /UNINSTALL
AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Battlefield 2™ --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Bicycle Casino 2.0 --> "C:\Program Files\Microsoft Games\Bicycle Casino 2.0\UNINSTAL.EXE" /runtemp /addremove
Black and White --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}\setup.exe"
BlueJ 2.1.3 --> "C:\BlueJ\uninst\unins000.exe"
Canon ScanGear Toolbox CS 2.2 --> C:\WINNT\IsUninst.exe -f"C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox CS\uninst.dll"
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Command & Conquer Generals --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command and ConquerTM Generals Zero Hour --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
Creative Driver --> System32\ctdrvins /s /u
Creative MediaSource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x9 /remove
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DVD --> "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
DVD X Rescue --> C:\Program Files\321Studios\DVD X Rescue\UNWISE.EXE "C:\Program Files\321Studios\DVD X Rescue\INSTALL.LOG"
DVDneXtCOPY --> C:\Program Files\DVDneXtCOPY\uninstall.exe
DVDXCopy Platinum 3.2.1 --> "C:\Program Files\321Studios\Platinum\uninstall.exe"
EA downloader --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1D171963-9063-4423-898B-8EC4F1F190B7} /l1033
Games X Copy --> MsiExec.exe /X{22CDDA47-7205-4C64-B594-C94C5EE2CE70}
Gateway Download Assistant --> MsiExec.exe /I{A2A73632-BBAA-43EB-A337-ADF43F905A1C}
Gateway Drivers and Applications Recovery --> C:\Program Files\Gateway\HPA\GWMenu.exe UNINSTALL
Gateway Multi-function Keyboard --> C:\WINNT\gwhotkey.exe -U
GWCares --> MsiExec.exe /I{82EF8297-C8B2-4CA8-9430-FF2BC8C40414}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 1.99.1 --> C:\Documents and Settings\Owner\My Documents\Unzipped\HijackThis\HijackThis.exe /uninstall
Hollywood FX 5.5 Additional Effects --> C:\WINNT\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\unextralog
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINNT\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINNT\$NtUninstallKB902344$\spuninst\spuninst.exe"
hp deskjet 950c series (Remove only) --> C:\Program Files\hp deskjet 950c series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=\\MELANIE\HPDeskJet -vproduct=950c -huninstall
Intel® 537EP Data Fax Modem --> rundll32 IntelCci.dll,iSMUninstallation "Intel® 537EP Data Fax Modem"
Intel® PRO Network Adapters and Drivers --> Prounstl.exe
Intermediate Algebra --> C:\Program Files\Hawkes Learning Systems\IMA\Uninstal\unwise.exe
J2SE Development Kit 5.0 Update 10 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150100}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
Java 2 Runtime Environment, SE v1.4.2 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
Kaspersky Online Scanner --> C:\WINNT\system32\KASPER~1\KASPER~1\kavuninstall.exe
Machinist2DLL --> C:\Program Files\Machinist2DLL\uninstall.exe
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINNT\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINNT\muninst.exe C:\WINNT\INF\KB870669.inf
Microsoft Encarta Encyclopedia Standard 2004 --> MsiExec.exe /I{04410044-9149-45C6-A806-F2BF9CFCE762}
Microsoft Learning and Research Plus Support Files --> MsiExec.exe /I{00000000-3976-4267-9F39-1DC4745090B7}
Microsoft Money 2004 --> MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft Money 2004 System Pack --> MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Office 2000 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Office XP Standard --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0050048383C9}
Microsoft Picture It! Photo Premium 9 --> C:\WINNT\System32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
Microsoft Rise Of Nations --> "C:\Program Files\EA Games\UNINSTAL.EXE" /runtemp /addremove
Microsoft Streets and Trips 2004 --> MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790210}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINNT\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Word 2002 --> MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works --> MsiExec.exe /I{B9966F27-9678-4620-9579-925E3084647E}
Microsoft Works 2004 Setup Launcher --> C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP E:\
Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{33BEE6F3-9987-4F98-A069-97A64EC8321A}
Mozilla Firefox (2.0.0.2) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox (2.0.0.3) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (1.5.0.10) --> C:\Program Files\Mozilla Thunderbird\uninstall\uninstall.exe /ua "1.5.0.10 (en-US)"
MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers --> C:\WINNT\system32\nvudisp.exe UninstallGUI
Panda ActiveScan --> C:\WINNT\system32\ASUninst.exe Panda ActiveScan
PC-Doctor for Windows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
Pinnacle Hollywood FX for Studio --> C:\WINNT\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX for Studio\5.5\uninstal.log
proDAD Heroglyph 1.0 --> "C:\Program Files\proDAD\Heroglyph-1.0\uninstall.exe" uninstall spcp
Quicken 2004 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8} anything
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1033
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rise of Nations Thrones and Patriots --> "C:\Program Files\EA Games\UNINSTLX.EXE" /runtemp /uninstall
RollerCoaster Tycoon 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\Setup.exe" -l0x9
Roxio Burn Engine --> MsiExec.exe /X{9860A9CF-7E71-43AC-888F-0B4D3EA212D1}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINNT\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINNT\$NtUninstallKB923723$\spuninst\spuninst.exe"
Shockwave --> C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.log
Sid Meier's Civilization 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
SimCity 4 Deluxe --> C:\Program Files\Maxis\SimCity 4 Deluxe\EAUninstall.exe
SmartSound Quicktracks Plugin --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" UNINSTALL
Spybot - Search & Destroy 1.3 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Studio 9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E491AB7-4589-48CA-9CBB-874CB2788391}\Setup.exe" -l0x9 UNINSTALL
Studio 9 Content CD/DVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B67624DE-75CE-4FAD-9F29-5C115773CE61}\Setup.exe" -l0x9 UNINSTALL
Studio 9.4 Patch --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16E217EA-C3E0-402D-8D4F-6189DB74497A}\setup.exe" -l0x9 UNINSTALL
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
TaxCut Deluxe 2005 --> C:\PROGRA~1\TaxCut05\Program\removetc.exe
The Battle for Middle-earth ™ --> C:\Program Files\EA GAMES\The Battle for Middle-earth ™\EAUninstall.exe
The Sims 2 --> C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
The Sims 2 Glamour Life Stuff --> C:\Program Files\EA GAMES\The Sims 2 Glamour Life Stuff\EAUninstall.exe
The Sims 2 Nightlife --> C:\Program Files\EA GAMES\The Sims 2 Nightlife\EAUninstall.exe
The Sims 2 Open For Business --> C:\Program Files\EA GAMES\The Sims 2 Open For Business\EAUninstall.exe
The Sims 2 Pets --> C:\Program Files\EA GAMES\The Sims 2 Pets\EAUninstall.exe
The Sims 2 University --> C:\Program Files\EA GAMES\The Sims 2 University\EAUninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
WaltDisney Screen Saver --> C:\WALTDCS\WISE.EXE C:\WINNT\INSTALL.LOG
WebSTAR DPX USB Cable Modem Adapter --> UNDPX.EXE
Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Media Connect --> "C:\WINNT\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINNT\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Xbox 360 Controller for Windows --> "C:\WINNT\$NtUninstall_Xbox_360_CC_Driver$\spuninst\spuninst.exe"
ZoneAlarm Pro --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
Zoo Tycoon 2 Endangered Species --> "C:\Program Files\Microsoft Games\Zoo Tycoon 2\UNINSTAL.EXE" /runtemp /uninstall


-- End of Deckard's System Scanner: finished at 2007-05-18 at 11:18:05 -------

[jwbirdsong]

Some how I over looked your last reply...I just caught it and will post reply later today. Sorry

[jwbirdsong]

Updating Java and Clearing Cache

• Go to Start > Control Panel double-click on the Software icon > Add/Remove Programs.
• Search in the list for all previous installed versions of Java. (J2RE Runtime Environment.... )
  It should have next icon next to it:
  Select it and click Remove.
  • Now please install the Java Runtime Environment (JRE) 6.0 Update 1 manually..
  • Note to reboot the computer after updating:http://java.sun.com/javase/downloads/index.jsp
• After the reboot, go back into the Control Panel and double-click the Java Icon.
• Under Temporary Internet Files, click the Delete Files button.
• There are three options in the window to clear the cache - Leave ALL 3 CheckedDownloaded Applets
  Downloaded Applications
  Other Files
• Click OK on Delete Temporary Files Window
  Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
• Click OK to leave the Java Control Panel.

Clean your Cache and Cookies in IE:
Go to Control Panel > Internet Options > General tab.
Click the "Delete Cookies" button and then the "Delete Files" button next to it.
When prompted, place a check in: "Delete all offline content",
(You will have to re-enter passwords at websites that require them.)
Click OK

Clean other Temporary files + Recycle bin:
Go to start > run and type: cleanmgr and click ok.
Let it scan your system for files to remove.
Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
Press OK to remove them.

The log also shows you have BOTH MS internal and the ZoneAlarm Pro Firewall are disabled..was it to try and check on the Thunderbird issue? You should realy have one (and ONLY one) active.

I'm checking on one other issue but I can't see it having much bering on the Email issue.