Tech Support banner

Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
1 Posts
Discussion Starter #1
This problem started today, computer ran fine yesterday. Most icons on desktop are generic, shown as LNK files. When clicked on I get " Windows cannot open this file" " To open this file windows needs to know what program created it" All icons are like that except a few, adobe and power point. If I go to a programs exe file in it's folder it has the icon for the program "your uninstaller". I can open programs by dragging the exe file into a command prompt line and hit enter, it opens fine then fine then. The registry entry for th exe is

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.exe]

[HKEY_CLASSES_ROOT\.exe\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

[HKEY_CLASSES_ROOT\.exe\shell]

[HKEY_CLASSES_ROOT\.exe\shell\YU3]
@="Uninstall with Your Uninstaller! 2006"

[HKEY_CLASSES_ROOT\.exe\shell\YU3\command]
@="J:\\Program Files\\Your Uninstaller 2006\\uruninstaller.exe %1"

Help me please

Eric

Deckard's System Scanner v20071014.68
Run by The Oversons on 2007-11-28 12:48:08
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
27: 2007-11-28 18:48:16 UTC - RP419 - Deckard's System Scanner Restore Point
26: 2007-11-28 17:46:28 UTC - RP418 - Restore Operation
25: 2007-11-28 16:12:27 UTC - RP417 - Restore Operation
24: 2007-11-27 22:23:45 UTC - RP416 - System Checkpoint
23: 2007-11-26 21:12:17 UTC - RP415 - System Checkpoint


-- First Restore Point --
1: 2007-11-09 10:01:02 UTC - RP393 - Software Distribution Service 2.0


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as The Oversons.exe) ----------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 12:49:55 PM, on 11/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\Program Files\Windows Defender\MsMpEng.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\ZoneLabs\vsmon.exe
J:\WINDOWS\Explorer.EXE
J:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
J:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
J:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
J:\WINDOWS\system32\brss01a.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
J:\WINDOWS\system32\bgsvcgen.exe
J:\WINDOWS\system32\Brmfrmps.exe
J:\WINDOWS\system32\svchost.exe
J:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
J:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
J:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
J:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Softwin\BitDefender8\bdmcon.exe
J:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
J:\PROGRA~1\Webshots\Webshots.scr
J:\Program Files\Windows Defender\MSASCui.exe
J:\Program Files\Softwin\BitDefender8\bdnagent.exe
J:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
J:\Program Files\Mozilla Firefox\firefox.exe
J:\WINDOWS\system32\taskmgr.exe
J:\WINDOWS\system32\cmd.exe
J:\Program Files\Internet Explorer\iexplore.exe
J:\hijack this\dss.exe
J:\HIJACK~1\The Oversons.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - J:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - J:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - J:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - Startup: bit defender.lnk = J:\Program Files\Softwin\BitDefender8\bdmcon.exe
O4 - Startup: Webshots.lnk = J:\Program Files\Webshots\Launcher.exe
O4 - Startup: win patrol.lnk = J:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
O4 - Startup: windows defender.lnk = J:\Program Files\Windows Defender\MSASCui.exe
O4 - Global Startup: Beyond TV.lnk = J:\Program Files\SnapStream Media\Beyond TV\BTVD3DShell.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://J:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2CA2C9B8-E4F6-4BE9-8601-52ED0AFBA79D} (Pearson Accounting Player) - http://asp.mathxl.com/books/_Players/AccountingPlayer.cab
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testgen/installers/TestGenXInstall.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169090701609
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.29.11/ttinst.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - J:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - J:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - J:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - J:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - J:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - J:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - J:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - J:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - J:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - J:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - J:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - J:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - J:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - J:\Program Files\Zenturi\ProgramChecker\sassvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - J:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - J:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)


-- File Associations -----------------------------------------------------------

.bat - unable to read key
.bat - unable to read key
.bat - unable to read key
.com - unable to read key
.com - unable to read key
.exe - unable to read key
.exe - unable to read key
.js - JSFile - DefaultIcon - "J:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2
.lnk - unable to read key
.pif - unable to read key
.reg - unable to read key
.reg - unable to read key
.reg - unable to read key
.scr - unable to read key


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 hotcore - j:\windows\system32\drivers\hotcore.sys <Not Verified; Paragon Software Group; HotBackup>
R1 cdrbsdrv - j:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD>
R1 papycpu2 - j:\windows\system32\drivers\papycpu2.sys
R1 papyjoy - j:\windows\system32\drivers\papyjoy.sys
R1 SCDEmu - j:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 pcouffin (VSO Software pcouffin) - j:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 WinDriver6 - j:\windows\system32\drivers\windrvr6.sys <Not Verified; Jungo; WinDriver Device Driver (x86)>

S0 kl1 - j:\windows\system32\drivers\kl1.sys (file missing)
S1 InCDPass - j:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - j:\windows\system32\drivers\incdrm.sys (file missing)
S4 InCDFs (InCD File System) - j:\windows\system32\drivers\incdfs.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-11-28 12:27:19 330 --ah----- J:\WINDOWS\Tasks\MP Scheduled Scan.job
2007-11-23 09:58:02 284 --a------ J:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-28 and 2007-11-28 -----------------------------

2007-11-28 11:32:56 0 d-------- J:\WINDOWS\system32\ActiveScan
2007-11-28 11:12:50 0 d-------- J:\hijack this
2007-11-28 10:33:19 0 d-------- J:\Program Files\Windows Live Safety Center
2007-11-27 11:43:29 0 d-------- J:\Program Files\dvdSanta
2007-11-27 09:51:54 0 d-------- J:\Program Files\Free FLV Converter
2007-11-26 11:52:48 0 d-------- J:\Program Files\Replay Media Catcher
2007-11-25 18:16:46 0 d-------- J:\Documents and Settings\The Oversons\Application Data\Thunderbird
2007-11-25 17:58:11 0 d-------- J:\Program Files\Mozilla Thunderbird(2)
2007-11-25 16:28:07 0 d-------- J:\Program Files\DVDFab HD Decrypter 4
2007-11-25 16:15:22 0 d-------- J:\Program Files\DVD2AVI Ripper
2007-11-25 11:05:52 0 d-------- J:\Program Files\YourWare Solutions
2007-11-25 11:05:17 0 d-------- J:\Program Files\AusLogics Disk Defrag
2007-11-25 10:14:08 0 dr-h----- J:\Documents and Settings\The Oversons\Recent
2007-11-24 18:04:52 0 d-------- J:\Documents and Settings\The Oversons\Application Data\AVS4YOU
2007-11-24 18:03:53 0 d-------- J:\Documents and Settings\All Users\Application Data\AVS4YOU
2007-11-24 18:02:03 0 d-------- J:\Program Files\Common Files\AVSMedia
2007-11-24 18:01:45 139264 --a------ J:\WINDOWS\system32\xvidvfw.dll
2007-11-24 18:01:45 524288 --a------ J:\WINDOWS\system32\xvidcore.dll
2007-11-24 18:01:45 413760 --a------ J:\WINDOWS\system32\mpg4c32.dll <Not Verified; Microsoft Corporation; Microsoft MPEG-4 Video Codec>
2007-11-24 18:01:45 261632 --a------ J:\WINDOWS\system32\mcdvd_32.dll <Not Verified; MainConcept; MainConcept DV Codec "2.0.4>
2007-11-24 18:01:45 638976 --a------ J:\WINDOWS\system32\divx.dll <Not Verified; DivXNetworks, Inc.; DivX Video for Windows Codec>
2007-11-24 18:01:45 0 d-------- J:\Program Files\AVS4YOU
2007-11-21 21:05:01 0 d-------- J:\Program Files\eMachineShop
2007-11-21 18:48:20 0 d-------- J:\Program Files\Alibre Design Help
2007-11-20 18:28:45 0 d-------- J:\Documents and Settings\The Oversons\Application Data\Alibre Design
2007-11-20 18:24:55 116224 --a------ J:\WINDOWS\system32\pdfcmnnt.dll
2007-11-20 18:24:54 23552 --a------ J:\WINDOWS\system32\MSMPIDE.DLL <Not Verified; Microsoft Corporation; MSMAPI-Steuerelementbibliothek>
2007-11-20 18:24:54 0 d-------- J:\Program Files\PDFCreator
2007-11-20 18:22:37 0 d-------- J:\Documents and Settings\All Users\Application Data\Alibre Design
2007-11-20 18:22:23 0 d-------- J:\Program Files\Alibre Design
2007-11-20 18:13:03 171280 --a------ J:\WINDOWS\system32\jit.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:13:03 139536 --a------ J:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:13:03 46352 --a------ J:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:13:02 313856 --a------ J:\WINDOWS\system32\dx3j.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Java>
2007-11-20 18:13:02 6550 --a------ J:\WINDOWS\jautoexp.dat
2007-11-20 18:12:51 113 --a------ J:\WINDOWS\system32\zonedon.reg
2007-11-20 18:12:51 113 --a------ J:\WINDOWS\system32\zonedoff.reg
2007-11-20 18:12:51 171792 --a------ J:\WINDOWS\system32\wjview.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:51 286992 --a------ J:\WINDOWS\system32\vmhelper.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:51 21264 --a------ J:\WINDOWS\system32\msjdbc10.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:50 947984 --a------ J:\WINDOWS\system32\msjava.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:50 154384 --a------ J:\WINDOWS\system32\msawt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:50 172304 --a------ J:\WINDOWS\system32\jview.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:50 15120 --a------ J:\WINDOWS\system32\jdbgmgr.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:50 404752 --a------ J:\WINDOWS\system32\javart.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:49 63248 --a------ J:\WINDOWS\system32\javaprxy.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:49 187152 --a------ J:\WINDOWS\system32\javacypt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 18:12:48 49424 --a------ J:\WINDOWS\system32\clspack.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2007-11-20 17:04:23 0 d-------- J:\Program Files\BRL-CAD
2007-11-16 18:58:32 0 d-------- J:\Program Files\iPod
2007-11-16 18:58:08 0 d-------- J:\Program Files\iTunes
2007-11-14 20:20:03 0 d-------- J:\Program Files\YouTube Downloader
2007-10-29 17:35:03 0 d-------- J:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-10-29 17:03:29 0 d-------- J:\Program Files\Common Files\Xpress Software
2007-10-29 17:03:19 0 d-------- J:\Program Files\Xpress Software


-- Find3M Report ---------------------------------------------------------------

2007-11-28 11:48:01 0 d-------- J:\Program Files\DVD Decrypter
2007-11-28 11:47:57 0 d-------- J:\Documents and Settings\The Oversons\Application Data\SlimBrowser
2007-11-28 09:04:32 4212 ---h----- J:\WINDOWS\system32\zllictbl.dat
2007-11-25 18:16:52 0 d-------- J:\Documents and Settings\The Oversons\Application Data\Mozilla
2007-11-25 16:31:11 0 d-------- J:\Documents and Settings\The Oversons\Application Data\RipIt4Me
2007-11-25 16:08:48 0 d-------- J:\Program Files\Intel Audio Studio
2007-11-25 16:08:47 0 d-------- J:\Program Files\Messenger
2007-11-25 16:08:46 0 d-------- J:\Program Files\CoffeeCup Software
2007-11-25 16:03:57 0 d-------- J:\Program Files\SlimBrowser
2007-11-25 16:03:55 0 d-------- J:\Program Files\exPressit S.E. 2.2
2007-11-24 18:02:03 0 d-------- J:\Program Files\Common Files
2007-11-20 17:05:17 0 d--h----- J:\Program Files\InstallShield Installation Information
2007-11-16 18:55:55 0 d-------- J:\Program Files\QuickTime
2007-11-12 17:25:54 0 d-------- J:\Program Files\ResumeMaker
2007-10-23 19:09:41 0 d-------- J:\Program Files\Virtual Engine 2000
2007-10-14 11:48:34 0 d-------- J:\Documents and Settings\The Oversons\Application Data\ImgBurn
2007-10-14 11:47:49 0 d-------- J:\Program Files\ImgBurn
2007-10-13 15:18:46 0 d-------- J:\Program Files\Lavasoft
2007-10-13 15:17:51 0 d-------- J:\Program Files\Common Files\Wise Installation Wizard
2007-10-12 15:20:46 0 d-------- J:\Program Files\Apple Software Update
2007-10-06 14:59:08 0 d-------- J:\Documents and Settings\The Oversons\Application Data\Apple Computer
2007-09-30 18:51:48 0 d-------- J:\Program Files\U.B. Funkeys
2007-09-17 19:32:09 56976 --a------ J:\WINDOWS\system32\GenSvcInst.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD9>
2007-09-17 19:32:09 122512 --a------ J:\WINDOWS\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD9>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


J:\Documents and Settings\The Oversons\Start Menu\Programs\Startup\
bit defender.lnk - J:\Program Files\Softwin\BitDefender8\bdmcon.exe [6/20/2005 12:10:50 PM]
Webshots.lnk - J:\Program Files\Webshots\Launcher.exe [1/18/2007 7:16:41 PM]
win patrol.lnk - J:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe [10/1/2006 1:03:52 PM]
windows defender.lnk - J:\Program Files\Windows Defender\MSASCui.exe [11/3/2006 6:20:12 PM]

J:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Beyond TV.lnk - J:\Program Files\SnapStream Media\Beyond TV\BTVD3DShell.exe [2/13/2007 12:50:32 PM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
DcomLaunch DcomLaunch




-- End of Deckard's System Scanner: finished at 2007-11-28 12:50:42 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) D CPU 2.80GHz
CPU 1: Intel(R) Pentium(R) D CPU 2.80GHz
Percentage of Memory in Use: 57%
Physical Memory (total/avail): 1013.64 MiB / 426.2 MiB
Pagefile Memory (total/avail): 2440.48 MiB / 1946.22 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1936.27 MiB

C: is Fixed (FAT32) - 4.65 GiB total, 1.29 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 4.12 GiB free.
E: is Fixed (NTFS) - 48.83 GiB total, 47.15 GiB free.
F: is CDROM (No Media)
G: is CDROM (No Media)
I: is Removable (No Media)
J: is Fixed (NTFS) - 169.39 GiB total, 68.39 GiB free.
K: is Removable (No Media)
L: is Removable (No Media)
M: is Removable (No Media)
N: is Removable (No Media)

\\.\PHYSICALDRIVE0 - ST3250823AS - 232.88 GiB - 4 partitions
\PARTITION0 (bootable) - Unknown - 4.66 GiB - C:
\PARTITION1 - Installable File System - 169.39 GiB - J:
\PARTITION2 - Extended w/Extended Int 13 - 58.84 GiB - D: - E:

\\.\PHYSICALDRIVE5 - Brother MFC-420CN USB Device

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

Unable to create WMI object.

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=J:\Documents and Settings\All Users
APPDATA=J:\Documents and Settings\The Oversons\Application Data
CLASSPATH=.;J:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=J:\Program Files\Common Files
COMPUTERNAME=ALFRED
ComSpec=J:\WINDOWS\system32\cmd.exe
FB_FILE=/dev/ogll
FP_NO_HOST_CHECK=NO
HOMEDRIVE=J:
HOMEPATH=\Documents and Settings\The Oversons
LANG=C
LOGONSERVER=\\ALFRED
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=J:\WINDOWS\system32;J:\WINDOWS\system32;J:\WINDOWS;J:\WINDOWS\System32\Wbem;"J:\Program Files\Zone Labs\ZoneAlarm\MailFrontier";J:\Program Files\Common Files\GTK\2.0\bin;J:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0404
ProgramFiles=J:\Program Files
PROMPT=$P$G
QTJAVA=J:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=J:
SystemRoot=J:\WINDOWS
TEMP=J:\DOCUME~1\THEOVE~1\LOCALS~1\Temp
TMP=J:\DOCUME~1\THEOVE~1\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=ALFRED
USERNAME=The Oversons
USERPROFILE=J:\Documents and Settings\The Oversons
WEB_BROWSER=C:\Program Files\Internet Explorer\IEXPLORE.EXE
windir=J:\WINDOWS


-- User Profiles ---------------------------------------------------------------

The Oversons (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> J:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> J:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> J:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> J:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> J:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> J:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> J:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 J:\WINDOWS\INF\PCHealth.inf
1Click DVD Copy 5.3.1.6 --> "J:\Program Files\LG Software Innovations\1Click DVD Copy 5\unins000.exe"
3D Groove Playback Engine --> RunDll32 J:\WINDOWS\DOWNLO~1\GrooveAX.dll,[email protected]
3D Home Architect Design Suite Deluxe 8 --> J:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{83EC8AE9-53A6-474D-95AF-8F5116CC9C4E}
3D Home Architect(r) Deluxe 3.0 --> J:\WINDOWS\UNINST.EXE -f"J:\3DHAD3\DeIsL1.isu"
Absolute Startup manager 5.1 --> "J:\Program Files\F-Group\Absolute StartUp\unins000.exe"
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Ad-Aware SE Professional --> J:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE J:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
Adobe Shockwave Player --> J:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE J:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Alibre Design --> MsiExec.exe /X{47F21113-0D9A-11D5-8132-00C04FA0998D}
Alibre Design Help --> MsiExec.exe /I{DDF6C384-107F-11D4-AAD1-00C04F37F68C}
All Slots Casino --> J:\MicroGaming\Casino\AllSlots\install.exe -uninstall
Alt-Tab Task Switcher Powertoy for Windows XP --> MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
AOPA's Real-Time Flight Planner 1.2.2 --> J:\Jeppesen\RTFPClient\Uninstall.exe
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AusLogics Disk Defrag --> "J:\Program Files\AusLogics Disk Defrag\unins000.exe"
Beyond TV DVD Burning Foundation --> MsiExec.exe /I{3EDFFD11-B9AB-4296-9757-B5AF1F2B8E5C}
Beyond TV DVD Burning Foundation --> MsiExec.exe /I{E86496D9-5009-4FFF-AABD-6E62CDFAC7B7}
BitDefender 8 Free Edition --> MsiExec.exe /I{8BFFDBAB-FD81-4137-A98E-A769C828080C}
BRL-CAD --> J:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{5E0E57A0-22F1-41C5-9589-002ABD9017B8}
Brother MFL-Pro Suite --> RunDll32 J:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{40A6C96D-808E-41DD-8716-617AB6B0F1F1}\Setup.exe" -l0x9 Brunin03.dllBrunin03.dll
CH Gameport Devices --> J:\WINDOWS\IsUninst.exe -f"J:\Program Files\CH Products\Gameport Devices\Uninst.isu" -c"J:\Program Files\CH Products\Gameport Devices\CHANALOG.DLL"
CleanUp! --> J:\Program Files\CleanUp!\uninstall.exe
CoffeeCup Flash Firestarter --> RunDll32 J:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{CB4AF7DA-CE59-41A9-93A6-DA921F809361}\Setup.exe" -l0x9
CoffeeCup Flash Photo Gallery - Registered --> J:\PROGRA~1\COFFEE~1\COFFEE~4\UNWISE.EXE J:\PROGRA~1\COFFEE~1\COFFEE~4\INSTALL.LOG
CoffeeCup HTML Editor 2007 --> J:\PROGRA~1\COFFEE~1\UNWISE.EXE J:\PROGRA~1\COFFEE~1\INSTALL.LOG
Corel Paint Shop Pro X --> MsiExec.exe /I{1A15507A-8551-4626-915D-3D5FA095CC1B}
DesignPro 5.0 Limited Edition --> J:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{97AE00A8-1336-410F-B467-1C6623127BD6}
Disney's Toontown Online --> J:\PROGRA~1\Disney\DISNEY~1\Toontown\UNWISE.EXE /A J:\PROGRA~1\Disney\DISNEY~1\Toontown\INSTALL.LOG
DVD-CLONER V4.02 Build 907 --> "J:\Program Files\Dvd-cloner\unins000.exe"
DVD Decrypter (Remove Only) --> "J:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2 --> "J:\Program Files\DVD Shrink\unins000.exe"
DVDFab (remove only) --> "J:\Program Files\DVDFab\uninstall.exe"
DVDFab Decrypter 3.0.8.0 --> "J:\Program Files\DVDFab Decrypter 3\unins000.exe"
Dyno2000 Version 3.05 --> J:\WINDOWS\uninst.exe -fj:\Dyno2000\DeIsL1.isu -cj:\Dyno2000\_ISREG32.DLL
eMachineShop --> J:\PROGRA~1\EMACHI~1\UNWISE.EXE J:\PROGRA~1\EMACHI~1\INSTALL.LOG
exPressit S.E. 2.2 --> "J:\Program Files\exPressit S.E. 2.2\UninstallerData\Uninstall exPressit S.E. 2.2.exe"
FileZilla (remove only) --> "J:\Program Files\FileZilla\uninstall.exe"
Gateway Download Assistant --> MsiExec.exe /I{A2A73632-BBAA-43EB-A337-ADF43F905A1C}
Gateway Drivers and Applications Recovery --> J:\Program Files\Gateway\HPA\GWMenu.exe UNINSTALL
GTK+ 2.10.6-1 runtime environment --> "J:\Program Files\Common Files\GTK\2.0\setup\unins000.exe"
High Definition Audio Driver Package - KB888111 --> "J:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 1.99.1 --> E:\Firefox Downloads\HijackThis.exe /uninstall
IE Cache&History Viewer 1.2.1.1 --> "J:\Program Files\IE Cache&History Viewer\unins000.exe"
IEHistoryTracker --> MsiExec.exe /I{2331A2F2-57FC-47B5-B8ED-29E2A007E965}
Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
ImgBurn (Remove Only) --> "J:\Program Files\ImgBurn\uninstall.exe"
Intel Audio Studio --> RunDll32 J:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{4AC7761F-7B49-482A-9BA1-E223D32D2B64}\setup.exe" -l0x9
Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE J:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2776 PCI\VEN_8086&DEV_2772
Intel(R) PRO Network Connections Drivers --> Prounstl.exe
iTunes --> MsiExec.exe /I{E3FEE4E7-4488-4A3F-A6BD-13745936EADB}
IZArc 3.4.1.6 --> "J:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
Late Model Mod V2 --> "J:\Program Files\Papyrus\NASCAR Racing 2003 Season\series\lmpv2\unins000.exe"
Load SWF 1.1 --> "J:\Program Files\Show.kit 2.1\plugins\unins000.exe"
Logitech Gaming Software --> RunDll32 J:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{5C1DA723-24FC-48AD-93BA-925695C3EF26}\setup.exe" -l0x9 -removeonly
Macromedia Flash Player 8 --> MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6}
Macromedia Flash Player 8 --> RunDll32 advpack.dll,LaunchINFSection J:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
MailFrontier Desktop --> J:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\UNWISE.EXE J:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\INSTMLF.LOG
Microsoft Office 97, Professional Edition --> J:\Program Files\Microsoft Office\Office\Setup\Acme.exe /w Off97Pro.STF
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "J:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.9) --> J:\Program Files\Mozilla Firefox\uninstall\helper.exe
NASCAR® Racing 2003 Season --> RunDll32 J:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{ACC2E059-40E9-4464-B18D-C9BDD9A02CED}\SETUP.exe" -l0x9 -uninst
Nero 7 Demo --> MsiExec.exe /I{C93369CB-B4E9-E095-9289-E6B5AE941033}
Paragon Drive Backup 8 Professional --> RunDll32 J:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{D155D300-C235-44FC-981C-F7B34683439C}\Setup.exe" -l0x9
PayPunch --> "J:\Program Files\Xpress Software\PayPunch\Uninstall.exe" "J:\Program Files\Xpress Software\PayPunch\install.log" -u
PDFCreator --> J:\Program Files\PDFCreator\unins000.exe
Picasa 2 --> "J:\Program Files\Picasa2\Uninstall.exe"
PowerISO --> "J:\Program Files\PowerISO\uninstall.exe"
ProgramChecker --> MsiExec.exe /I{A6E9E033-BEC3-4036-89B9-E1C72320558C}
QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
RealPlayer --> J:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
ResumeMaker --> J:\WINDOWS\IsUninst.exe -f"J:\Program Files\ResumeMaker\History.isu"
River Belle Online Casino --> J:\PROGRA~1\RIVERB~1\UNWISE.EXE J:\PROGRA~1\RIVERB~1\INSTALL.LOG
RollerCoaster Tycoon Deluxe --> RunDll32 J:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{924EAD66-F854-4605-8493-696DD59A113B}\Setup.exe" -l0x9
SigmaTel Audio --> RunDll32 J:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "J:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
SlimBrowser (remove only) --> "J:\Program Files\SlimBrowser\uninst.exe"
Smart PDF Converter --> "J:\Program Files\Smart PDF Converter\unins000.exe"
SnagIt 7 --> MsiExec.exe /I{6014A70F-D391-405E-A4C6-7BDE54250719}
SnapStream Beyond TV 4.6.0 --> "J:\Program Files\SnapStream Media\Beyond TV\uninstall-btv.exe"
SnapStream Firefly Mini 1.0.2 --> "J:\Program Files\SnapStream Media\Firefly Mini\Uninstall.exe"
Sothink Movie DVD Maker --> "J:\Program Files\SourceTec\Sothink Movie DVD Maker\unins000.exe"
Spybot - Search & Destroy 1.4 --> "J:\Program Files\Spybot - Search & Destroy\unins000.exe"
The GIMP 2.2.13 --> "J:\Program Files\GIMP-2.0\unins000.exe"
The Simpsons Movie Screen Saver --> J:\WINDOWS\system32\The Simpsons Movie.scr /u
TMPGEnc DVD Author 3 with DivX Authoring --> MsiExec.exe /I{BB59851C-44A5-44B3-8EAE-5C4FE45323E9}
TurboTax Deluxe Deduction Maximizer 2006 --> J:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "J:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2006 --> MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
Tweak UI --> "J:\WINDOWS\system32\mshta.exe" "res://J:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
U.B. Funkeys --> J:\Program Files\U.B. Funkeys\uninstall.exe
Virtual Engine Calculator Advanced --> MsiExec.exe /I{13FC7B28-A757-4E4B-A25B-9D0078518893}
Webshots Desktop --> "J:\Program Files\Webshots\unins000.exe"
What's Running 2.2 --> "J:\Program Files\WhatsRunning\unins000.exe"
Window Washer --> J:\WINDOWS\Unwash6.exe
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
WinPatrol --> MsiExec.exe /I{3205A978-4A7A-403B-A4B9-D48E6BAFB73B}
Your Uninstaller! 2006 Version 5 --> "J:\Program Files\Your Uninstaller 2006\unins000.exe"
ZoneAlarm Security Suite --> J:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type10009 / Error
Event Submitted/Written: 11/28/2007 00:25:13 PM
Event ID/Source: 1090 / Userenv
Event Description:
Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

Event Record #/Type10008 / Error
Event Submitted/Written: 11/28/2007 00:25:12 PM
Event ID/Source: 1090 / Userenv
Event Description:
Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

Event Record #/Type10006 / Error
Event Submitted/Written: 11/28/2007 00:25:03 PM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Event Record #/Type10003 / Warning
Event Submitted/Written: 11/28/2007 11:46:51 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type10002 / Error
Event Submitted/Written: 11/28/2007 10:20:18 AM
Event ID/Source: 1090 / Userenv
Event Description:
Windows couldn't log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type6169 / Warning
Event Submitted/Written: 11/28/2007 00:50:11 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%ALFRED27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %ALFRED27 can't undo changes that you allow.

For more information please see the following:
%ALFRED275

Scan ID: {AF1289F6-D041-42E9-85C8-4322ED7E384B}

User: ALFRED\The Oversons

Name: %ALFRED271

ID: %ALFRED272

Severity: 1.1.1593.05

Category: 1.1.1593.06

Path Found: %ALFRED276

Alert Type: %ALFRED278

Detection Type: 1.1.1593.02

Event Record #/Type6168 / Warning
Event Submitted/Written: 11/28/2007 00:50:10 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%ALFRED27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %ALFRED27 can't undo changes that you allow.

For more information please see the following:
%ALFRED275

Scan ID: {DBB3D18F-E4C2-4295-8C23-D7DC3EB3A68B}

User: ALFRED\The Oversons

Name: %ALFRED271

ID: %ALFRED272

Severity: 1.1.1593.05

Category: 1.1.1593.06

Path Found: %ALFRED276

Alert Type: %ALFRED278

Detection Type: 1.1.1593.02

Event Record #/Type6167 / Warning
Event Submitted/Written: 11/28/2007 00:50:10 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%ALFRED27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %ALFRED27 can't undo changes that you allow.

For more information please see the following:
%ALFRED275

Scan ID: {26A3FE81-EB06-4B0B-A0AE-064132A0B2E5}

User: ALFRED\The Oversons

Name: %ALFRED271

ID: %ALFRED272

Severity: 1.1.1593.05

Category: 1.1.1593.06

Path Found: %ALFRED276

Alert Type: %ALFRED278

Detection Type: 1.1.1593.02

Event Record #/Type6166 / Warning
Event Submitted/Written: 11/28/2007 00:50:09 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%ALFRED27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %ALFRED27 can't undo changes that you allow.

For more information please see the following:
%ALFRED275

Scan ID: {841EC9C0-22BB-4E9E-9D7A-2BBF1C54DA1B}

User: ALFRED\The Oversons

Name: %ALFRED271

ID: %ALFRED272

Severity: 1.1.1593.05

Category: 1.1.1593.06

Path Found: %ALFRED276

Alert Type: %ALFRED278

Detection Type: 1.1.1593.02

Event Record #/Type6165 / Warning
Event Submitted/Written: 11/28/2007 00:50:09 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%ALFRED27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %ALFRED27 can't undo changes that you allow.

For more information please see the following:
%ALFRED275

Scan ID: {AA085AEE-4582-4BE5-A967-D71E980DE6C1}

User: ALFRED\The Oversons

Name: %ALFRED271

ID: %ALFRED272

Severity: 1.1.1593.05

Category: 1.1.1593.06

Path Found: %ALFRED276

Alert Type: %ALFRED278

Detection Type: 1.1.1593.02



-- End of Deckard's System Scanner: finished at 2007-11-28 12:50:42 ------------

Logfile of HijackThis v1.99.1
Scan saved at 12:42:10 PM, on 11/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\Program Files\Windows Defender\MsMpEng.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\ZoneLabs\vsmon.exe
J:\WINDOWS\Explorer.EXE
J:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
J:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
J:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
J:\WINDOWS\system32\brss01a.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
J:\WINDOWS\system32\bgsvcgen.exe
J:\WINDOWS\system32\Brmfrmps.exe
J:\WINDOWS\system32\svchost.exe
J:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
J:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
J:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
J:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Softwin\BitDefender8\bdmcon.exe
J:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
J:\PROGRA~1\Webshots\Webshots.scr
J:\Program Files\Windows Defender\MSASCui.exe
J:\Program Files\Softwin\BitDefender8\bdnagent.exe
J:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
J:\Program Files\Mozilla Firefox\firefox.exe
J:\WINDOWS\system32\taskmgr.exe
J:\WINDOWS\system32\cmd.exe
J:\Program Files\Internet Explorer\iexplore.exe
J:\hijack this\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - J:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - J:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - J:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - Startup: bit defender.lnk = J:\Program Files\Softwin\BitDefender8\bdmcon.exe
O4 - Startup: Webshots.lnk = J:\Program Files\Webshots\Launcher.exe
O4 - Startup: win patrol.lnk = J:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
O4 - Startup: windows defender.lnk = J:\Program Files\Windows Defender\MSASCui.exe
O4 - Global Startup: Beyond TV.lnk = J:\Program Files\SnapStream Media\Beyond TV\BTVD3DShell.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://J:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - J:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2CA2C9B8-E4F6-4BE9-8601-52ED0AFBA79D} (Pearson Accounting Player) - http://asp.mathxl.com/books/_Players/AccountingPlayer.cab
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testgen/installers/TestGenXInstall.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169090701609
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.29.11/ttinst.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - J:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - J:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - J:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - J:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - J:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - J:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - J:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - J:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - J:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - J:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - J:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - J:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - J:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: ProgramCheckerPro (sassvc) - Unknown owner - J:\Program Files\Zenturi\ProgramChecker\sassvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - J:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - J:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
 

·
TSF Security Manager, Emeritus
Joined
·
52,197 Posts
Something has seriously borked your file associations, and I'm not sure this alone is going to fix it.

Run DSS again, using these instructions:

Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK (this assumes dss.exe is on your desktop, as instructed in the 5 Steps thread)

"%userprofile%\desktop\dss.exe" /daft

Click on Scan.

Tick the boxes which should appear for these entries:

.bat - unable to read key
.bat - unable to read key
.bat - unable to read key
.com - unable to read key
.com - unable to read key
.exe - unable to read key
.exe - unable to read key
.lnk - unable to read key
.pif - unable to read key
.reg - unable to read key
.reg - unable to read key
.reg - unable to read key
.scr - unable to read key

then Click on Fix

Click Scan again, you should get a message "All Associations OK!" Next, click Save Log, and post this log in your next reply.
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top