none of these files open unless i open an image that exists. they dont open when i click on them in accessories or in C:/Program Files/WINDOWS . I tried reinstalling paint by going to add or remove programs and remove windows components. did uninstall paint and i reinstalled it with the windows disc and still no effect. someone aid me please

they dont open when i click on them in accessories or in C:/Program Files/WINDOWS

What operating system do you have Freezzz? Are you saying that you have a Windows Folder under C:\Program Files?

Sorry i misstyped, it's in windows folder. i got win XP home. problem is that those thinks wont open unless i open them with a picture. for an example i got a picture of a dogg and i choose to open it with paint. I've tried to uninstall and reinstall, tried expanding also.

It might be a problem with your file associations. Go here (http://www.dougknox.com/xp/file_assoc.htm) and download and run both the EXE file association fix and the LNK file association fix. Reboot afterwards and let us know if this helped.

problem is not the lnk file association or .exe association. all other executable files work. exe file from windows has the same deect as the one in accessories

Ok. First up, can you open the files in Safe Mode? To boot into Safe Mode, restart your computer and tap F8 continuously as it restarts.

If you have the same problem, go to Start > Run and type:

cmd.exe

and ok. Type:

notepad.exe

and hit enter. Does Notepad open? If not please post any error messages.

ok il do it but in 2 days cus im not at home<:(

Ok.

it opened it, but when i double click the exe in windows then it wont open, did lnk also and exe still doesnt work without using the cmd or vreating a new one

Did you try opening the Notepad in Safe Mode?

If so and it didnt work, I need to see some information.

Go to Start > Run and type:

cmd.exe

and ok. Copy and paste the below string after the prompt > and hit Enter.

dir /s /a "c:\notepad*.*" > c:\find.txt & start notepad c:\find.txt

Your drive will be scanned and when finished, Notepad will pop up with some information. Copy and paste it in this thread. Now do the same for the below commands and copy and paste that information here too.

dir /s /a "c:\mspaint*.*" > c:\find1.txt & start notepad c:\find1.txt

dir /s /a "c:\winword*.*" > c:\find2.txt & start notepad c:\find2.txt

it runs fine in safe mode!! maybe i got a virus?!

Download Deckard's System Scanner (dss.exe) from here (http://deckard.geekstogo.com/dss.exe) to your Desktop. Close all open applications and windows, doubleclick on dss.exe to run it and follow the prompts.

When the scan is complete, a text file will open. Copy and paste the contents of this log (Main.txt) in your next reply. Also post the contents of Extra.txt (it will be minimised on your taskbar). You may find that the maximum characters allowed is exceeded when you post. If so, halve the logs and make several posts.

how to close windows and do the thing??

Click on the X in the top righthand corner or go to File > Close

oh you mean internet browser? :D i thought you said windows XP :D

MAIN TEXT



Deckard's System Scanner v20071014.68
Run by Kasutaja on 2008-03-01 01:34:28
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
75: 2008-03-01 00:34:32 UTC - RP81 - Deckard's System Scanner Restore Point
74: 2008-02-28 22:48:02 UTC - RP80 - Removed Call of Duty(R) 4 - Modern Warfare(TM) Demo
73: 2008-02-23 14:53:02 UTC - RP79 - System Checkpoint
72: 2008-02-22 14:46:26 UTC - RP78 - System Checkpoint
71: 2008-02-20 21:03:18 UTC - RP77 - System Checkpoint


-- First Restore Point --
1: 2007-12-03 19:23:05 UTC - RP7 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Kasutaja.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:35:15, on 1.03.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Kasutaja\Desktop\dss.exe
C:\DOCUME~1\Kasutaja\Desktop\pask\Kasutaja.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?.home=ytie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Kasutaja\Start Menu\Programs\IMVU\Run IMVU.lnk
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

--
End of file - 2930 bytes

-- HijackThis Fixed Entries (C:\DOCUME~1\Kasutaja\Desktop\pask\backups\) -------

backup-20071119-160721-197 O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
backup-20071119-160721-291 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20071119-160721-298 O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
backup-20071119-160721-355 O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
backup-20071119-160721-375 O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
backup-20071119-160721-469 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
backup-20071119-160721-488 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20071119-160721-544 O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
backup-20071119-160721-559 O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20071119-160721-620 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
backup-20071130-172257-193 O4 - HKLM\..\Run: [BDSwitchAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe"
backup-20071130-172257-238 O21 - SSODL: pmkret - {07667C8C-84D7-4307-ACF3-C5D8024BE55C} - C:\WINDOWS\pmkret.dll
backup-20071130-172257-403 O4 - HKLM\..\Run: [BDNewsAgent] "C:\PROGRA~1\Softwin\BITDEF~1\bdnagent.exe"
backup-20071130-172257-414 O3 - Toolbar: The hdtip - {17D69B84-065B-4F88-AFE8-3BA9B4907501} - C:\WINDOWS\hdtip.dll
backup-20071130-172257-492 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
backup-20071130-172257-559 O2 - BHO: MSVPS System - {9352055D-879B-4876-92E3-6DF8D5210B54} - C:\WINDOWS\werbetorq.dll
backup-20071130-172257-589 O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
backup-20071130-172257-691 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
backup-20071130-172257-983 O21 - SSODL: gormet - {79842AED-AFF8-46EA-98BC-480A84C48942} - C:\WINDOWS\gormet.dll
backup-20071130-172258-163 O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
backup-20071130-172258-377 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
backup-20071130-172258-423 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20071130-172258-498 O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20071130-172258-618 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20071130-172258-686 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
backup-20071130-172258-893 O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
backup-20071130-172258-947 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
backup-20071203-234847-237 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
backup-20071203-234847-247 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20071203-234847-301 O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
backup-20071203-234847-318 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
backup-20071203-234847-352 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20071203-234847-379 O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
backup-20071203-234847-433 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20071203-234847-441 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071203-234847-487 O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
backup-20071203-234847-530 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20071203-234847-572 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
backup-20071203-234847-593 O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
backup-20071203-234847-619 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20071203-234847-649 O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
backup-20071203-234847-704 O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
backup-20071203-234847-818 O2 - BHO: Get-Torrent BHO - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\Get-Torrent\TorrentManager.dll
backup-20071203-234847-851 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
backup-20071203-234847-877 O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
backup-20071203-234847-949 O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
backup-20071203-234847-964 O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab

-- File Associations -----------------------------------------------------------

.bat - unable to read key
.bat - unable to read key
.bat - unable to read key
.pif - unable to read key
.scr - unable to read key

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R2 atksgt - c:\windows\system32\drivers\atksgt.sys
R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys
R2 TopWinPoETDriver (WinPoET PPPoE Optimized Driver) - c:\windows\system32\drivers\wrkpoet2000.sys
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
S3 WrKPoET2000 - c:\program files\winpoet broadband connection\wrkpoet2000.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S4 WinPPPoverEthernet - c:\program files\winpoet broadband connection\wros.exe <Not Verified; iVasion, a Routerware Company; WinRouter Operating System>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Hamachi Network Interface
Device ID: ROOT\NET\0001
Manufacturer: LogMeIn, Inc.
Name: Hamachi Network Interface
PNP Device ID: ROOT\NET\0001
Service: hamachi


-- Scheduled Tasks -------------------------------------------------------------

2008-03-01 01:00:00 272 --ah----- C:\WINDOWS\Tasks\B07DF95690266B96.job
2008-02-29 00:05:17 528 --a------ C:\WINDOWS\Tasks\Scheduled scanning task.job
2008-02-24 00:25:00 276 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2007-11-13 16:02:08 398 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job


-- Files created between 2008-02-01 and 2008-03-01 -----------------------------

2008-02-29 16:14:58 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\IMVU
2008-02-29 16:14:54 0 d-------- C:\Program Files\IMVU
2008-02-24 00:22:43 0 d-------- C:\Program Files\Enigma Software Group
2008-02-17 18:07:15 0 d-------- C:\Program Files\Common Files\Scanner
2008-02-17 13:31:42 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-02-14 18:07:54 0 d--h----- C:\Documents and Settings\All Users\Application Data\{0E8E33D8-193A-414A-A909-0F101A142D26}
2008-02-14 18:04:42 0 d-------- C:\Program Files\Stardock Games
2008-02-07 00:25:05 0 d-------- C:\Program Files\MyFree Codec
2008-02-07 00:07:15 0 d-------- C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2008-02-06 19:58:52 0 d-------- C:\Program Files\Ares Ultra
2008-02-06 16:10:09 44544 -----n--- C:\WINDOWS\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2008-02-06 16:10:09 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\DataCast
2008-02-06 16:09:54 110592 --a------ C:\WINDOWS\system32\TG_DUMP0708.DLL <Not Verified; ENJsoft Corporation; SelfMusicVideo>
2008-02-06 07:50:34 299008 --a------ C:\WINDOWS\system32\LAME_MP3.dll
2008-02-06 07:50:34 0 d-------- C:\Program Files\Lame MP3 Codec
2008-02-06 07:50:29 65024 --a------ C:\WINDOWS\IFinst26.exe
2008-02-06 07:50:28 0 d-------- C:\Program Files\XviD
2008-02-06 07:50:08 57344 --a------ C:\WINDOWS\system32\MTXSYNCICON.dll <Not Verified; Marktek Inc.; MTXSYNCICON Module>
2008-02-06 07:50:08 155648 --a------ C:\WINDOWS\system32\MSFLib.dll <Not Verified; Teruten Inc.; MSFLib>
2008-02-06 07:50:08 245760 --a------ C:\WINDOWS\system32\MSCLib.dll <Not Verified; Teruten Inc.; MSCLib>
2008-02-06 07:50:07 40960 --a------ C:\WINDOWS\system32\MTTELECHIP.dll <Not Verified; Telechips Inc.,; TCC730 USB>
2008-02-06 07:50:07 57344 --a------ C:\WINDOWS\system32\MK_Lyric.dll <Not Verified; Marktek; Marktek MK_Lyric>
2008-02-06 07:50:07 45056 --a------ C:\WINDOWS\system32\MaXMLProto.dll <Not Verified; (?) ????; XML ?? ???? ?????>
2008-02-06 07:50:07 364544 --a------ C:\WINDOWS\system32\MASetupWizard.dll <Not Verified; (?)????; MASetupWizard Module>
2008-02-06 07:50:07 24576 --a------ C:\WINDOWS\system32\MASetupCleaner.exe <Not Verified; (?)????; MASetupCleaner ?? ????>
2008-02-06 07:50:07 106609 --a------ C:\WINDOWS\system32\MaJUtilLib.dll <Not Verified; (?) ????, ??? ???; MaJUtilLib ?? ?? ?????>
2008-02-06 07:50:07 49152 --a------ C:\WINDOWS\system32\MaJGUILib.dll <Not Verified; (?) ????; MaJGUILib ?? ?? ?????>
2008-02-06 07:50:07 45056 --a------ C:\WINDOWS\system32\MACXMLProto.dll <Not Verified; (?) ????; ????? ???? ?????>
2008-02-06 07:50:04 40960 --a------ C:\WINDOWS\system32\MAMACExtract.dll <Not Verified; ???????; ??????? MAMACExtract>
2008-02-06 07:50:04 0 d-------- C:\Program Files\MarkAny
2008-02-06 07:50:00 118784 --a------ C:\WINDOWS\system32\MaDRM.dll <Not Verified; (?)????; MaDRM ?? ?? ????? with PKI>
2008-02-06 07:49:58 921600 --a------ C:\WINDOWS\system32\vorbisenc.dll
2008-02-06 07:49:58 0 d-------- C:\Program Files\Samsung
2008-02-06 07:49:57 188416 --a------ C:\WINDOWS\system32\vorbis.dll
2008-02-06 07:49:57 110592 --a------ C:\WINDOWS\system32\tg_dump.dll <Not Verified; ENJsoft Corporation; SelfMusicVideo Filter>
2008-02-06 07:49:57 237568 --a------ C:\WINDOWS\system32\OggDS.dll <Not Verified; ; Ogg DirectShow(tm) Filter Collection>
2008-02-06 07:49:57 45056 --a------ C:\WINDOWS\system32\Ogg.dll
2008-02-06 07:49:57 200704 --a------ C:\WINDOWS\system32\muzwmts.dll <Not Verified; (c) MusicCity; P3WMTSplitter Filter>
2008-02-06 07:49:57 163840 --a------ C:\WINDOWS\system32\muzapp.exe <Not Verified; Musiccity Co.Ltd.; MUZAoDApp Module>
2008-02-06 07:49:57 471040 --a------ C:\WINDOWS\system32\muzapp.dll <Not Verified; Musiccity Co.Ltd.; MUZAoDAppCtrl Module>
2008-02-06 07:49:57 135168 --a------ C:\WINDOWS\system32\muzaf1.dll <Not Verified; Musiccity Co.Ltd.; muzaf1>
2008-02-06 07:49:46 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\InstallShield
2008-02-02 13:40:52 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\skypePM
2008-02-02 13:40:52 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-02 13:39:36 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\Skype
2008-02-02 13:39:26 0 d-------- C:\Program Files\Skype
2008-02-02 13:39:26 0 d-------- C:\Program Files\Common Files\Skype
2008-02-02 13:39:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-02-01 18:21:32 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\ShoppingReport


-- Find3M Report ---------------------------------------------------------------

2008-03-01 01:34:04 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\Hamachi
2008-03-01 01:33:55 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\NoNameScript
2008-03-01 01:31:18 0 d-------- C:\Program Files\Warcraft III
2008-02-29 23:22:54 0 d-------- C:\Program Files\mIRC
2008-02-28 23:53:32 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\mIRC
2008-02-28 23:48:39 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-24 06:33:21 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\LimeWire
2008-02-23 18:08:22 0 d-------- C:\Documents and Settings\Kasutaja\Application Data\Vso
2008-02-17 18:07:15 0 d-------- C:\Program Files\Common Files
2008-02-17 18:07:12 0 d-------- C:\Program Files\Yahoo!
2008-02-11 14:22:28 0 d-------- C:\Program Files\Steam
2008-02-06 19:56:13 0 d-------- C:\Program Files\LimeWire
2008-02-02 20:47:19 0 d-------- C:\Program Files\DivX
2008-01-27 17:08:24 0 d-------- C:\Program Files\World of Warcraft
2008-01-20 10:40:38 0 d-------- C:\Program Files\ACE-HIGH MP3 WAV WMA OGG Converter
2008-01-20 10:39:23 0 d-------- C:\Program Files\HooTech
2008-01-13 11:50:53 2560 --a------ C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2008-01-11 17:47:31 0 d-------- C:\Program Files\Ventrilo
2008-01-11 17:47:23 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-11 16:47:09 0 d-------- C:\Program Files\VentSrv
2008-01-08 00:53:28 0 d-------- C:\Program Files\Kaspersky Lab
2008-01-05 21:56:05 0 d-------- C:\Program Files\Rockstar Games
2008-01-05 21:55:33 0 d-------- C:\Program Files\Common Files\InstallShield
2008-01-04 22:58:50 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 22:57:22 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-01-04 22:57:22 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-01-04 22:57:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 22:57:10 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-01-04 22:57:10 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 22:57:10 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 22:56:24 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-12-11 00:10:16 34 --a------ C:\Documents and Settings\Kasutaja\Application Data\pcouffin.log
2007-12-11 00:10:11 47360 --a------ C:\Documents and Settings\Kasutaja\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-12-11 00:10:11 1144 --a------ C:\Documents and Settings\Kasutaja\Application Data\pcouffin.inf
2007-12-11 00:10:11 7887 --a------ C:\Documents and Settings\Kasutaja\Application Data\pcouffin.cat
2007-12-08 13:49:48 1405 --a------ C:\WINDOWS\mozver.dat
2007-12-04 19:19:22 15 --a------ C:\WINDOWS\system32\getfile.dat
2007-12-04 19:19:16 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-12-04 12:37:45 2762 --a------ C:\xp_regfile.reg
2007-12-04 12:15:53 1092 --a------ C:\WINDOWS\system32\tmp.reg


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [28.06.2007 12:51]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [20.09.2007 08:23]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [30.11.2006 11:13]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [28.02.2006 13:00]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19.01.2007 10:55]
"ares"="C:\Program Files\Ares\Ares.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [23.11.2004 16:51 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kasutaja^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Kasutaja\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter Security Suite]
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe




-- Hosts -----------------------------------------------------------------------

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD

60 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-03-01 01:35:59 ------------

EXTRA TEXT


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+
CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+
Percentage of Memory in Use: 20%
Physical Memory (total/avail): 2047.48 MiB / 1628.08 MiB
Pagefile Memory (total/avail): 3939.68 MiB / 3716.88 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1926.17 MiB

C: is Fixed (NTFS) - 232.88 GiB total, 141.74 GiB free.
D: is CDROM (No Media)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG SP2504C - 232.88 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 232.88 GiB - C:

\\.\PHYSICALDRIVE1 - Generic STORAGE DEVICE USB Device

\\.\PHYSICALDRIVE2 -

\\.\PHYSICALDRIVE3 - Generic STORAGE DEVICE USB Device

\\.\PHYSICALDRIVE4 - Generic STORAGE DEVICE USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntivirusOverride is set.

AV: Kaspersky Anti-Virus v7.0.0.125 (Kaspersky Lab) Disabled Outdated

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2re s.dll,-22019"
"C:\\Documents and Settings\\Kasutaja\\Desktop\\Mängud\\lancraft.exe"="C:\\Documents and Settings\\Kasutaja\\Desktop\\Mängud\\lancraft.exe: *:Enabled:lancraft"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe:*:E nabled:F-Secure Anti-Virus 2005"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\VentSrv\\ventrilo_srv.exe"="C:\\Program Files\\VentSrv\\ventrilo_srv.exe:*:Enabled:ventril o_srv"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup"
"C:\\Program Files\\Steam\\steamapps\\hansarro\\counter-strike\\hl.exe"="C:\\Program Files\\Steam\\steamapps\\hansarro\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"="C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe:*:Enabled:ET"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\Program Files\\Ares Ultra\\Ares Ultra.exe"="C:\\Program Files\\Ares Ultra\\Ares Ultra.exe:*:Enabled:Ares Ultra p2p for windows"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\Stardock Games\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"="C:\\Program Files\\Stardock Games\\Sins of a Solar Empire\\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Kasutaja\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=KASUTAJA-F8DAC5
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Kasutaja
LOGONSERVER=\\KASUTAJA-F8DAC5
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\WINDOWS\Microsoft.NET\Framework\v1.1.432 2
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6b01
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Kasutaja\LOCALS~1\Temp
TMP=C:\DOCUME~1\Kasutaja\LOCALS~1\Temp
USERDOMAIN=KASUTAJA-F8DAC5
USERNAME=Kasutaja
USERPROFILE=C:\Documents and Settings\Kasutaja
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Kasutaja (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Professional --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugi n.exe
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallI NFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
BitComet 0.98 --> C:\Program Files\BitComet\uninst.exe
BS.Player FREE powered by AdVantage --> "C:\Program Files\Webteh\BSplayer\uninstall.exe"
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Condition Zero --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/80
Condition Zero Deleted Scenes --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/100
ConvertXtoDVD 2.2.3.258h --> "C:\Program Files\VSO\ConvertXtoDVD\unins000.exe"
Counter-Strike --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/10
Counter-Strike(TM) --> MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Counter-Strike: Source --> "C:\Program Files\Steam\steam.exe" steam://uninstall/240
CounterStrike 1.6 from VSI (Version 1.02) --> C:\PROGRA~1\Valve\CSTRIK~1.6\UNWISE.EXE C:\PROGRA~1\Valve\CSTRIK~1.6\ins_cs16_vsi102.log
Day of Defeat --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/30
Deathmatch Classic --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/40
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Solution --> "C:\Program Files\Uninstall_CDS.exe"
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 3.2.0623 --> "C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter\unins000.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
GTA San Andreas --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Half-Life 2 --> "C:\Program Files\Steam\steam.exe" steam://uninstall/220
Hamachi 1.0.1.5 --> C:\Program Files\Hamachi\uninstall.exe
HijackThis 2.0.2 --> "C:\Documents and Settings\Kasutaja\Desktop\pask\HijackThis.exe" /uninstall
IMVU Avatar Chat Software --> C:\Program Files\IMVU\Uninstall.exe
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
KKopy --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\ID river.exe /M{E2F43AFC-95FF-43A3-95C2-8F55D41CDEC0}
Lame ACM MP3 Codec --> "C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFU11E.inf
LimeWire 4.16.4 --> "C:\Program Files\LimeWire\uninstall.exe"
Magic ISO Maker v5.4 (build 0239) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Magic ISO Maker v5.4 (build 0251) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft Office Word Viewer 2003 --> MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multimedia Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
MyFreeCodec --> C:\Program Files\MyFree Codec\09b beta\uninstall.exe
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NoNameScript --> C:\Documents and Settings\Kasutaja\Application Data\NoNameScript\nnuninstall.exe
NVIDIA Drivers --> C:\WINDOWS\system32\nvuide.exe UninstallGUI
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RegistryFix v6.2 --> "C:\Program Files\RegistryFix\unins000.exe"
Ricochet --> "C:\PROGRA~1\Steam\steam.exe" steam://uninstall/60
Samsung Media Studio --> C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe -runfromtemp -l0x0009 -removeonly
Sins of a Solar Empire --> "C:\Documents and Settings\All Users\Application Data\{0E8E33D8-193A-414A-A909-0F101A142D26}\Setup.exe" REMOVE=TRUE MODIFY=FALSE
Sins of a Solar Empire --> C:\Documents and Settings\All Users\Application Data\{0E8E33D8-193A-414A-A909-0F101A142D26}\Setup.exe
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartFTP Client --> MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C}
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TrackMania Nations ESWC 1.7.9 --> "C:\Program Files\TrackMania Nations ESWC\unins000.exe"
Tweak-SE plug-in for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\tweakse\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\tweakse\INSTALL.LOG
Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live Messenger --> MsiExec.exe /I{DD24A93B-27D3-49B9-9130-96603F73DCBC}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
WinPoET v6.61 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9806BFBB-F566-4654-94DE-CB1F85B5CDDD}\Setup.exe" -l0x9
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Wolfenstein - Enemy Territory --> C:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
WordByWord (remove only) --> "C:\Program Files\WordByWord\uninst-wbw.exe"
World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XviD MPEG-4 Video Codec --> "C:\Program Files\XviD\unins000.exe"
Yahoo! Anti-Spy --> C:\PROGRA~1\Yahoo!\Common\unypsr.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type9187 / Success
Event Submitted/Written: 02/29/2008 11:18:32 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type9171 / Success
Event Submitted/Written: 02/28/2008 11:35:10 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type9160 / Error
Event Submitted/Written: 02/24/2008 00:21:59 AM
Event ID/Source: 490 / ESENT
Event Description:
wuauclt (2428) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStor e.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Event Record #/Type9146 / Error
Event Submitted/Written: 02/23/2008 08:09:14 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application gta_sa.exe, version 0.0.0.0, faulting module wtsapi32.dll, version 5.1.2600.2180, fault address 0x00000080.
Processing media-specific event for [gta_sa.exe!ws!]

Event Record #/Type9145 / Error
Event Submitted/Written: 02/23/2008 08:08:36 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application gta_sa.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x03361a73.
Processing media-specific event for [gta_sa.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type13709 / Error
Event Submitted/Written: 03/01/2008 00:37:47 AM
Event ID/Source: 8032 / BROWSER
Event Description:
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{1B33E218-FE0A-410C-956C-0A7BCE37E5BB}.
The backup browser is stopping.

Event Record #/Type13708 / Warning
Event Submitted/Written: 03/01/2008 00:33:42 AM
Event ID/Source: 8021 / BROWSER
Event Description:
The browser was unable to retrieve a list of servers from the browser master \\DBOY-PC on the network \Device\NetBT_Tcpip_{1B33E218-FE0A-410C-956C-0A7BCE37E5BB}.
The data is the error code.

Event Record #/Type13707 / Warning
Event Submitted/Written: 03/01/2008 00:33:32 AM
Event ID/Source: 8021 / BROWSER
Event Description:
The browser was unable to retrieve a list of servers from the browser master \\TIMO-PC on the network \Device\NetBT_Tcpip_{1B33E218-FE0A-410C-956C-0A7BCE37E5BB}.
The data is the error code.

Event Record #/Type13683 / Error
Event Submitted/Written: 02/29/2008 11:17:10 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Event Record #/Type13682 / Error
Event Submitted/Written: 02/29/2008 11:16:54 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}



-- End of Deckard's System Scanner: finished at 2008-03-01 01:35:59 ------------

There is no evidence of any active malware in your logs. Just to be sure, go here (http://www.majorgeeks.com/ATF_Cleaner_d4949.html) and download ATF cleaner (do not download the Recommended Download on the mirror site). Use it to remove all Temp Files, Cookies and Temp Internet Files, Java Cache and any others that you would like to remove. If you also use Opera or Firefox, also click on the cleaning options for each browser.

Next, disable your antivirus program. To do this, rightclick on the Icon in the Notification area (lower righthand corner of your screen) and choose Quit, Exit, Close or whatever option is offered. Now go here (http://www.bitdefender.com/scan8/ie.html) and run an online scan with BitDefender (you will need to use Internet Explorer for this scan). When the ActiveX Control has loaded, click on "Click here to scan" and grab a coffee. When BitDefender completes the scan, select the "Detected Problems" tab. Click on "Click here to export scan". Save the file as an HTML to your Desktop. Then click on the saved file and allow it to open with your browser. Go to Edit > Select All then copy the log and paste it back here.

okay, i got a problem now. I have used modzilla for quite a while now i havnt even opened IE and now when i open it it goes to a yahoo web and freezez. and also when i try to go to internet options then that doesnt open.



I found the problem. there was this folder called MarkAny and there were weird files in it so i went to safe mode and deleted as many as i could. there was still 1 file that i couldnt delete dont remember the name but i tried everything - recicle bin delete the whing permanetly, pulled it to another folder, renamed it, edited it but when i edited it then it said cant find the file path

MarkAny is a Korean rights management company, which has licensed Digimarc's audio watermarking patents for combating music piracy. The most likely source is the software supplied with a Samsung MP3 player.

See here (http://blogs.guardian.co.uk/askjack/2007/12/how_safe_is_markany_safer.html). If this software caused problems for you, you should contact the company and let them know. See here (http://www.markany.com/eng/part.htm). They should also be able to help you do a safe uninstall of their files.