Thank you for your reply....
I have done as instructed, only Deckard is halted when it comes to the "Examining Event Logs" Which Gives an all too familiar "dss.exe has encountered a problem and needs to close."
My norton program noticed a malicious script, Which I knew to be from Deckard, so i allowed and still same problem. So I disabled My Norton, to no avail.
I searched for the logs you were asking for, but they were not created.
Here is the data from my look.txt file:
Volume in drive C has no label.
Volume Serial Number is A40E-D847
Directory of C:\Program Files\Common Files
02/02/2008 07:39 PM <DIR> .
02/02/2008 07:39 PM <DIR> ..
01/03/2008 11:16 AM <DIR> Adobe
12/28/2007 07:02 PM <DIR> Ahead
12/30/2007 04:33 PM <DIR> Apple
01/21/2008 08:00 PM <DIR> AVSMedia
12/28/2007 06:58 PM <DIR> InstallShield
12/28/2007 04:42 PM <DIR> Java
12/27/2007 09:05 PM <DIR> Microsoft Shared
01/08/2008 11:45 AM 572,928 mscd.exe
02/02/2008 07:39 PM 454,144 msdp.dll
12/27/2007 08:35 PM <DIR> MSSoap
12/28/2007 07:03 PM <DIR> Nero
12/28/2007 06:56 PM <DIR> scansoft shared
12/27/2007 08:35 PM <DIR> Services
12/27/2007 12:13 PM <DIR> SpeechEngines
02/02/2008 07:39 PM 20,480 svchost.exe
02/03/2008 12:04 PM <DIR> Symantec Shared
12/27/2007 10:01 PM <DIR> System
3 File(s) 1,047,552 bytes
16 Dir(s) 7,371,898,880 bytes free
Awaiting further instrucion...
Thank you again for your reply.
--------------------------------------------- P S--------------------------------
I rebooted my pc and Deckard was successful. Here are those logs...
Main.txt:---------Deckard's System Scanner v20071014.68
Run by Family on 2008-02-06 11:22:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
-- Last 2 Restore Point(s) --
2: 2008-02-06 18:59:47 UTC - RP2 - Deckard's System Scanner Restore Point
1: 2008-02-06 17:51:43 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 6.65 GiB (less than 15%) free.-- HijackThis (run as Family.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:09 AM, on 2/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\XWatDog.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Family\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Family.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [RegServer] regserve.exe
O4 - HKLM\..\Run: [XGIWatchDog] XWatDog.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NBJ] "C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Startup: µTorrent.lnk = C:\Program Files\uTorrent\uTorrent.exe
O4 - Global Startup: SmartUI.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 8818883834O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 6459 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 Haspnt - c:\windows\system32\drivers\haspnt.sys <Not Verified; Aladdin Knowledge Systems; Windows NT HASP Kernel Device Driver>
R2 Par1284 - c:\program files\ve lxi expert 7.5v5\program\par1284.sys <Not Verified; Warp Nine Engineering; IEEE 1284 Driver>
R2 Sentinel - c:\windows\system32\drivers\sentinel.sys <Not Verified; Rainbow Technologies, Inc.; Sentinel System Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-02-06 11:22:19 414 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2008-02-06 09:48:47 466 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job
2008-01-31 20:39:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-01-06 and 2008-02-06 -----------------------------
2008-02-06 11:21:01 20480 ---hs---- C:\Program Files\Common Files\svchost.exe
2008-02-06 11:21:01 454144 ---hs---- C:\Program Files\Common Files\msdp.dll
2008-01-31 16:17:33 8405015 --a------ C:\WINDOWS\TempFile
2008-01-31 11:25:48 0 d-------- C:\Program Files\Trend Micro
2008-01-30 10:04:38 0 d-------- C:\movie temp
2008-01-21 20:38:51 0 d-------- C:\WINDOWS\system32\winsecurityxp
2008-01-21 19:32:39 0 d-------- C:\Program Files\Alcohol Soft
2008-01-21 19:10:57 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-01-21 18:48:15 0 d-------- C:\Program Files\Common Files\AVSMedia
2008-01-21 18:48:13 139264 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-01-21 18:48:13 524288 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-01-21 18:48:13 413760 --a------ C:\WINDOWS\system32\mpg4c32.dll <Not Verified; Microsoft Corporation; Microsoft MPEG-4 Video Codec>
2008-01-21 18:48:13 261632 --a------ C:\WINDOWS\system32\mcdvd_32.dll <Not Verified; MainConcept; MainConcept DV Codec "2.0.4>
2008-01-21 18:48:13 638976 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivXNetworks, Inc.; DivX Video for Windows Codec>
2008-01-21 18:48:13 0 d-------- C:\Program Files\AVSMedia
2008-01-21 17:15:57 304640 --a------ C:\WINDOWS\system32\hlvdd.dll <Not Verified; Aladdin Knowledge Systems; Hardlock Win32 DLL>
2008-01-21 17:15:51 1766160 --a------ C:\WINDOWS\system32\VBA5.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-01-21 17:15:51 11111 --a------ C:\WINDOWS\system32\DELTREE.EXE
2008-01-21 17:15:50 463392 --a------ C:\WINDOWS\system32\OWL250F.DLL <Not Verified; Borland International; Borland C++ 4.50>
2008-01-21 17:15:03 0 d-------- C:\Program Files\VE LXi Expert 7.5v5
2008-01-21 17:03:24 50176 --a------ C:\WINDOWS\system32\SNTI386.DLL <Not Verified; Rainbow Technologies, Inc.; Sentinel Driver Setup>
2008-01-21 17:03:24 18432 --a------ C:\WINDOWS\system32\RNBOVDD.DLL <Not Verified; Rainbow Technologies, Inc.; Sentinel System Driver>
2008-01-21 17:03:24 76288 --a------ C:\WINDOWS\system32\drivers\SENTINEL.SYS <Not Verified; Rainbow Technologies, Inc.; Sentinel System Driver>
2008-01-21 17:03:23 0 d-------- C:\WINDOWS\system32\RNBOSENT
2008-01-21 17:01:01 383 --a------ C:\WINDOWS\system32\haspdos.sys
2008-01-21 17:01:00 6656 --a------ C:\WINDOWS\system32\haspvdd.dll <Not Verified; Aladdin Knowledge Systems.; Windows NT HASP Virtual Device Driver>
2008-01-21 17:01:00 47616 --a------ C:\WINDOWS\system32\drivers\Haspnt.sys <Not Verified; Aladdin Knowledge Systems; Windows NT HASP Kernel Device Driver>
2008-01-20 09:56:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\Help
2008-01-20 00:21:57 0 d-------- C:\VundoFix Backups
2008-01-19 21:27:56 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-01-19 21:27:56 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-01-19 21:27:56 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-01-19 21:27:56 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-01-19 21:27:56 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-01-19 21:27:56 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-01-19 21:27:56 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-01-19 21:27:56 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-01-19 21:27:56 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-01-19 21:27:56 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-01-19 21:27:56 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-01-19 21:27:56 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-01-19 21:27:56 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-01-19 21:27:56 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-01-19 21:20:49 0 d--h----- C:\WINDOWS\PIF
2008-01-19 19:49:04 0 d-------- C:\Documents and Settings\Family\.housecall6.6
2008-01-19 14:08:24 0 d-------- C:\Documents and Settings\Family\Application Data\Help
2008-01-18 16:55:56 0 d-------- C:\vcs5BGEffects
2008-01-18 16:53:40 0 d-------- C:\Program Files\AV Vcs 6.0 DIAMOND
2008-01-08 11:45:22 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-01-08 11:45:17 0 d-------- C:\Program Files\DVD Shrink
2008-01-08 11:45:10 572928 ---hs---- C:\Program Files\Common Files\mscd.exe
2008-01-07 21:59:57 0 d-------- C:\Program Files\Yahoo!
2008-01-06 22:26:30 0 d-------- C:\Documents and Settings\Family\Application Data\CyberLink
2008-01-06 22:25:52 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-01-06 22:25:45 0 d-------- C:\Program Files\CyberLink
-- Find3M Report ---------------------------------------------------------------
2008-02-06 11:21:28 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-06 11:21:19 0 d-------- C:\Documents and Settings\Family\Application Data\uTorrent
2008-02-06 11:21:01 0 d-------- C:\Program Files\Common Files
2008-02-02 19:41:48 0 d-------- C:\Documents and Settings\Family\Application Data\Macromedia
2008-01-31 10:37:19 0 d-------- C:\Program Files\Norton AntiVirus
2008-01-29 01:11:57 0 d-------- C:\Documents and Settings\Family\Application Data\Apple Computer
2008-01-19 20:34:17 0 d-------- C:\Program Files\Crazy Browser
2008-01-19 12:38:34 0 d-------- C:\Program Files\Google
2008-01-08 12:01:49 0 d-------- C:\Documents and Settings\Family\Application Data\Google
2008-01-06 22:25:45 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-05 11:46:23 0 d-------- C:\Documents and Settings\Family\Application Data\Ahead
2008-01-03 11:21:34 0 d-------- C:\Documents and Settings\Family\Application Data\Adobe
2008-01-03 11:16:07 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-03 08:19:53 0 --a------ C:\WINDOWS\system32\BIPORT
2007-12-30 21:18:05 0 d-------- C:\Program Files\uTorrent
2007-12-30 16:34:33 0 d-------- C:\Program Files\QuickTime
2007-12-30 16:33:47 0 d-------- C:\Program Files\Apple Software Update
2007-12-30 16:33:17 0 d-------- C:\Program Files\Common Files\Apple
2007-12-30 16:17:15 0 d-------- C:\Program Files\Reflexive
2007-12-29 14:30:31 32 --ahs---- C:\WINDOWS\system32\{4BEA445E-2689-47DF-84DE-72E1EA6CBACB}.dat
2007-12-29 14:30:31 32 --ahs---- C:\WINDOWS\{C27F8090-C02C-4F9B-AD7D-4827A2315264}.dat
2007-12-29 14:30:27 14 --a------ C:\WINDOWS\system32\SR2.dat
2007-12-29 14:30:02 0 d-------- C:\Program Files\Symantec
2007-12-29 14:29:47 0 d-------- C:\Documents and Settings\Family\Application Data\Symantec
2007-12-28 19:08:48 0 d-------- C:\Program Files\Java
2007-12-28 19:04:08 0 d-------- C:\Program Files\Ahead
2007-12-28 19:03:04 0 d-------- C:\Program Files\Common Files\Nero
2007-12-28 19:02:14 0 d-------- C:\Program Files\Common Files\Ahead
2007-12-28 18:59:12 0 d-------- C:\Program Files\Brother
2007-12-28 18:58:44 0 d-------- C:\Program Files\Common Files\InstallShield
2007-12-28 18:56:56 0 d-------- C:\Program Files\Common Files\scansoft shared
2007-12-28 18:56:47 0 d-------- C:\Program Files\Scansoft
2007-12-28 16:45:28 0 d-------- C:\Documents and Settings\Family\Application Data\Sun
2007-12-28 16:42:47 0 d-------- C:\Program Files\Common Files\Java
2007-12-27 21:59:28 0 d-------- C:\Program Files\Windows Media Connect 2
2007-12-27 21:53:26 0 d-------- C:\Program Files\Messenger
2007-12-27 21:05:24 0 d-------- C:\Documents and Settings\Family\Application Data\Identities
2007-12-27 20:38:06 0 d-------- C:\Program Files\microsoft frontpage
2007-12-27 20:37:44 0 -rahs---- C:\MSDOS.SYS
2007-12-27 20:37:44 0 -rahs---- C:\IO.SYS
2007-12-27 20:37:44 0 --a------ C:\CONFIG.SYS
2007-12-27 20:37:44 0 --a------ C:\AUTOEXEC.BAT
2007-12-27 20:36:03 0 d--h----- C:\Program Files\WindowsUpdate
2007-12-27 20:35:07 0 d-------- C:\Program Files\Common Files\MSSoap
2007-12-27 20:34:59 0 d-------- C:\Program Files\Movie Maker
2007-12-27 20:34:01 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-12-27 20:33:41 0 d-------- C:\Program Files\Online Services
2007-12-27 20:33:31 0 d-------- C:\Program Files\MSN Gaming Zone
2007-12-27 20:33:21 0 d-------- C:\Program Files\Windows NT
2007-12-27 12:13:45 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-12-27 12:13:20 62 --ahs---- C:\Documents and Settings\Family\Application Data\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegServer"="regserve.exe" [01/28/2005 04:41 PM C:\WINDOWS\system32\RegServe.exe]
"XGIWatchDog"="XWatDog.exe" [01/28/2005 04:42 PM C:\WINDOWS\system32\XWatDog.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"PaperPort PTD"="C:\Program Files\Scansoft\PaperPort\pptd40nt.exe" [08/12/2002 10:33 AM]
"IndexSearch"="C:\Program Files\Scansoft\PaperPort\IndexSearch.exe" [08/12/2002 11:07 AM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 11:50 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [08/19/2002 10:22 PM]
"ccRegVfy"="C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" [08/19/2002 10:23 PM]
"Advanced Tools Check"="C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE" [08/26/2002 10:35 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/11/2007 10:56 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [10/31/2003 07:42 PM]
"SSC_UserPrompt"="C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" [11/02/2004 04:59 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 08:24 AM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [05/12/2004 01:03 AM]
"NBJ"="C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe" [08/09/2005 02:28 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 04:56 PM]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [07/02/2007 02:29 AM]
C:\Documents and Settings\Family\Start Menu\Programs\Startup\
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe [12/11/2007 2:34:48 PM]
æTorrent.lnk - C:\Program Files\uTorrent\uTorrent.exe [12/30/2007 9:18:05 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
SmartUI.lnk - C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe [8/12/2002 10:00:40 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D51g62BC-4266-43f0-B6ED-9D76C4202C7E}]
C:\Program Files\Common Files\mscd.exe
-- Hosts -----------------------------------------------------------------------
127.0.0.1 mpa.one.microsoft.com
-- End of Deckard's System Scanner: finished at 2008-02-06 11:23:55 ------------
EXTRA.TXT------------Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Duron(tm) processor
Percentage of Memory in Use: 34%
Physical Memory (total/avail): 1023.48 MiB / 665.98 MiB
Pagefile Memory (total/avail): 2461.76 MiB / 2192.66 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1926.86 MiB
C: is Fixed (NTFS) - 74.52 GiB total, 6.65 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - WDC WD800JB-00FMA0 - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.52 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
AntivirusOverride is set.
AV: Norton AntiVirus v2003 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\MAIET\\Gunz\\GunzLauncher.exe"="C:\\Program Files\\MAIET\\Gunz\\GunzLauncher.exe:*:Enabled:GunzLauncher"
"C:\\Program Files\\Crazy Browser\\Crazy Browser.exe"="C:\\Program Files\\Crazy Browser\\Crazy Browser.exe:*:Enabled:Crazy Browser"
"C:\\Program Files\\VE LXi Expert 7.5v5\\Program\\App.exe"="C:\\Program Files\\VE LXi Expert 7.5v5\\Program\\App.exe:*:Enabled:Design Software"
"C:\\Program Files\\VE LXi Expert 7.5v5\\Program\\App2.exe"="C:\\Program Files\\VE LXi Expert 7.5v5\\Program\\App2.exe:*:Enabled:Production"
"%SystemDir%\\winsecurityxp\\mswinup.exe"="%SystemDir%\\winsecurityxp\\mswinup.exe:*:Enabled:Internet Explorer"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Family\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=FAMILY-C1A2461D
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Family
LOGONSERVER=\\FAMILY-C1A2461D
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Family\LOCALS~1\Temp
TMP=C:\DOCUME~1\Family\LOCALS~1\Temp
USERDOMAIN=FAMILY-C1A2461D
USERNAME=Family
USERPROFILE=C:\Documents and Settings\Family
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Family
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNNMP.exe /UNINSTALL
--> C:\WINDOWS\UNNVEContent.exe /UNINSTALL
--> MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AV Voice Changer Software DIAMOND 6.0 --> C:\PROGRA~1\AVVCS6~1.0DI\UNWISE.EXE C:\PROGRA~1\AVVCS6~1.0DI\INSTALL.LOG
AVS Disc Creator version 2.1 --> "C:\Program Files\AVSMedia\DiscCreator\unins000.exe"
AVS Video Tools 5.1 --> "C:\Program Files\AVSMedia\VideoTools\unins000.exe"
Brother MFL Pro Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0C3FCE48-6984-11D5-90F8-00E029591716}\Setup.exe" bruninst.dll
Crazy Browser version 1.05 --> "C:\Program Files\Crazy Browser\unins000.exe"
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
J2SE Runtime Environment 5.0 Update 12 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150120}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.80 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
Norton AntiVirus 2003 Professional Edition --> MsiExec.exe /I{F4C9398F-B6C6-4A4B-8B6D-795CD86F915D}
Norton WMI Update --> MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
PaperPort 8.0 SE --> MsiExec.exe /I{AEF2D1F3-0696-11D5-8E6A-00C04F7FA234}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
Sentinel System Driver --> C:\WINDOWS\SYSTEM32\RNBOSENT\SETUPX86.EXE /U /q
Spybot - Search & Destroy 1.3 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
VE LXi Expert 7.5v5 --> "C:\WINDOWS\ISUninst.exe" -f"C:\Program Files\VE LXi Expert 7.5v5\Uninst.isu" -c"C:\Program Files\VE LXi Expert 7.5v5\Program\Uninstall.dll"
VIA Rhine-Family Fast-Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe
Yahtzee --> "C:\Program Files\Reflexive\Yahtzeeuninstall.exe" "/U:C:\Program Files\Reflexive\Yahtzee\Uninstall\uninstall.xml"
-- Application Event Log -------------------------------------------------------
Event Record #/Type228 / Error
Event Submitted/Written: 02/06/2008 11:14:46 AM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 541261047.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.
Event Record #/Type227 / Error
Event Submitted/Written: 02/06/2008 11:14:37 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application dss.exe, version 3.2.8.1, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00010f29.
Processing media-specific event for [dss.exe!ws!]
Event Record #/Type226 / Error
Event Submitted/Written: 02/06/2008 11:07:21 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application dss.exe, version 3.2.8.1, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00010f29.
Processing media-specific event for [dss.exe!ws!]
Event Record #/Type225 / Error
Event Submitted/Written: 02/06/2008 11:04:03 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application dss.exe, version 3.2.8.1, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00010f29.
Processing media-specific event for [dss.exe!ws!]
Event Record #/Type224 / Error
Event Submitted/Written: 02/06/2008 11:02:35 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application dss.exe, version 3.2.8.1, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00010f29.
Processing media-specific event for [dss.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type1491 / Warning
Event Submitted/Written: 02/06/2008 11:21:19 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type1469 / Warning
Event Submitted/Written: 02/04/2008 06:03:54 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type1467 / Warning
Event Submitted/Written: 02/04/2008 01:06:40 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type1466 / Error
Event Submitted/Written: 02/03/2008 10:42:47 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {F3A614DC-ABE0-11D2-A441-00C04F795683} did not register with DCOM within the required timeout.
Event Record #/Type1453 / Warning
Event Submitted/Written: 02/03/2008 10:31:20 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
-- End of Deckard's System Scanner: finished at 2008-02-06 11:23:55 ------------
Sorry for the confusion.