Yinstall trouble! HELP PLS! - Page 4

Dom_B · 29-Oct-2006, 03:22 PM **#46**

WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows sometimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Logfile created on: 10/29/2006 7:14:15 PM
WinPFind v1.5.0 Folder = C:\Documents and Settings\Dominic\Desktop\WinPFind\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...
aspack 07/26/2001 9:16:16 AM 46080 C:\WINDOWS\Uninstall.exe (ZbSoft)
aspack 06/14/2004 11:25:16 AM 187392 C:\WINDOWS\Acer.scr ()

Checking %System% folder...
PEC2 03/31/2003 12:00:00 PM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc ()
aspack 08/04/2004 8:56:36 AM 708096 C:\WINDOWS\SYSTEM32\ntdll.dll (Microsoft Corporation)
winsync 03/31/2003 12:00:00 PM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu ()
PTech 06/19/2006 4:19:26 PM 304944 C:\WINDOWS\SYSTEM32\WgaTray.exe (Microsoft Corporation)
Umonitor 08/04/2004 8:56:44 AM 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll (Microsoft Corporation)
PTech 08/07/2006 9:50:22 AM 1484592 C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL (Microsoft Corporation)
WSUD 06/18/2004 4:32:34 PM 15684608 C:\WINDOWS\SYSTEM32\ALSNDMGR.CPL (Realtek Semiconductor Corp.)
PECompact2 10/04/2006 1:03:46 PM 9639336 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation)
aspack 10/04/2006 1:03:46 PM 9639336 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation)
PEC2 01/21/2004 4:19:24 PM 59252 C:\WINDOWS\SYSTEM32\ansi.cfg ()
WSUD 08/04/2004 8:56:58 AM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation)

Checking %System%\Drivers folder and sub-folders...
PTech 08/04/2004 6:41:38 AM 1309184 C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys (Smart Link)

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts

Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
10/29/2006 7:08:26 PM S 2048 C:\WINDOWS\bootstat.dat ()
10/29/2006 7:20:04 PM H 1024 C:\WINDOWS\system32\config\system.LOG ()
10/29/2006 7:18:48 PM H 1024 C:\WINDOWS\system32\config\software.LOG ()
10/29/2006 7:09:34 PM H 1024 C:\WINDOWS\system32\config\default.LOG ()
10/29/2006 7:18:30 PM H 1024 C:\WINDOWS\system32\config\SAM.LOG ()
10/29/2006 7:18:48 PM H 1024 C:\WINDOWS\system32\config\SECURITY.LOG ()
10/13/2006 9:13:34 PM H 1024 C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG ()
10/26/2006 8:58:34 AM H 1024 C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG ()
10/09/2006 6:15:46 PM S 124 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 ()
10/09/2006 6:15:48 PM S 120 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1 ()
10/09/2006 6:15:46 PM S 269112 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 ()
10/09/2006 6:15:48 PM S 29282 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1 ()
10/25/2006 7:17:38 PM H 8628 C:\WINDOWS\system32\spool\drivers\w32x86\3\E_QI041E.GID ()
09/18/2006 3:40:26 PM S 8847 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB925486.cat ()
09/04/2006 7:38:52 AM S 11223 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924496.cat ()
09/13/2006 6:23:54 AM S 9435 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924191.cat ()
09/29/2006 2:37:54 AM HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred ()
09/29/2006 2:37:54 AM HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\4ce4a503-ae92-409f-a80b-e140704ae5cb ()
09/15/2006 1:46:24 PM H 36518 C:\WINDOWS\Help\peg.GID ()
10/29/2006 6:50:42 PM H 0 C:\WINDOWS\Temp\MpCmdRun-7D-421CFC91-A93E-42AB-A35C-F06F127FCC44.lock ()
10/29/2006 6:50:42 PM H 0 C:\WINDOWS\Temp\MpCmdRun-7D-53C9D589-6B66-4F30-9BAB-9A0193B0BAFC.lock ()
10/29/2006 7:08:36 PM H 6 C:\WINDOWS\Tasks\SA.DAT ()
10/29/2006 7:11:36 PM H 330 C:\WINDOWS\Tasks\MP Scheduled Scan.job ()

Checking for CPL files...
08/04/2004 8:56:58 AM 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl (Microsoft Corporation)
03/31/2003 12:00:00 PM 187904 C:\WINDOWS\SYSTEM32\main.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl (Microsoft Corporation)
03/31/2003 12:00:00 PM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl (Microsoft Corporation)
12/22/2003 9:28:12 AM 69632 C:\WINDOWS\SYSTEM32\mbllnk.cpl (AvantGo, Inc.)
03/31/2003 12:00:00 PM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 135168 C:\WINDOWS\SYSTEM32\desk.cpl (Microsoft Corporation)
08/26/2005 6:14:42 PM 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl (Sun Microsystems, Inc.)
08/04/2004 8:56:58 AM 94208 C:\WINDOWS\SYSTEM32\timedate.cpl (Microsoft Corporation)
06/18/2004 4:32:34 PM 15684608 C:\WINDOWS\SYSTEM32\ALSNDMGR.CPL (Realtek Semiconductor Corp.)
05/26/2005 4:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 68608 C:\WINDOWS\SYSTEM32\joy.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 129536 C:\WINDOWS\SYSTEM32\intl.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 68608 C:\WINDOWS\SYSTEM32\access.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 148480 C:\WINDOWS\SYSTEM32\wscui.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 380416 C:\WINDOWS\SYSTEM32\irprops.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 80384 C:\WINDOWS\SYSTEM32\firewall.cpl (Microsoft Corporation)
08/04/2004 8:56:58 AM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl (Microsoft Corporation)
03/31/2003 12:00:00 PM 187904 C:\WINDOWS\SYSTEM32\dllcache\main.cpl (Microsoft Corporation)
03/31/2003 12:00:00 PM 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl (Microsoft Corporation)
03/31/2003 12:00:00 PM 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl (Microsoft Corporation)

Checking for Downloaded Program Files...
{166B1BCA-3F9C-11CF-8075-444553540000} - Shockwave ActiveX Control - CodeBase = http://download.macromedia.com/pub/s...irector/sw.cab
{556DDE35-E955-11D0-A707-000000521957} - - CodeBase = http://www.xblock.com/download/xclean_micro.exe
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - BDSCANONLINE Control - CodeBase = http://www.bitdefender.co.uk/scan8/oscan8.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_05 - CodeBase = http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - Java Plug-in 1.5.0_05 - CodeBase = http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} - Shockwave Flash Object - CodeBase = http://fpdownload.macromedia.com/get...sh/swflash.cab
{E055C02E-6258-40FF-80A7-3BDA52FACAD7} - - CodeBase = http://activex.matcash.com/speedtest2.dll

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
06/06/2006 6:47:34 PM 1665 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk ()
08/18/2004 10:29:42 AM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini ()
01/19/2006 5:43:10 PM 750 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DSLMON.lnk ()
10/14/2004 6:35:22 AM 1638 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk ()
08/16/2005 10:48:04 AM 1426 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ()

Checking files in %ALLUSERSPROFILE%\Application Data folder...
08/18/2004 10:22:14 AM HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini ()
10/24/2006 2:40:40 PM 4543 C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache ()

Checking files in %USERPROFILE%\Startup folder...
08/18/2004 10:29:42 AM HS 84 C:\Documents and Settings\Dominic\Start Menu\Programs\Startup\desktop.ini ()

Checking files in %USERPROFILE%\Application Data folder...
08/18/2004 10:22:14 AM HS 62 C:\Documents and Settings\Dominic\Application Data\desktop.ini ()
09/12/2005 9:00:28 PM 41368 C:\Documents and Settings\Dominic\Application Data\GDIPFONTCACHEV1.DAT ()

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

>>> Internet Explorer Settings <<<

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
\\Start Page - http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
\\Search Page - http://www.microsoft.com/isapi/redir...ie&ar=iesearch
\\Default_Page_URL - http://www.tiscali.co.uk/broadband
\\Default_Search_URL - http://www.google.com/ie
\\Local Page - %SystemRoot%\system32\blank.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
\\Start Page - http://www.virushelpzone.com/
\\Search Bar - http://www.google.com/ie
\\Search Page - http://www.google.com
\\Default_Page_URL - http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
\\Local Page - C:\WINDOWS\system32\blank.htm

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
\\CustomizeSearch - http://ie.search.msn.com/en-gb/srchasst/srchcust.htm
\\SearchAssistant - http://www.google.com/ie

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
\\SearchAssistant - http://www.google.com/ie

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Microsoft Url Search Hook = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation)

>>> BHO's <<<
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects]
\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - EpsonToolBandKicker Class = C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

>>> Internet Explorer Bars, Toolbars and Extensions <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
\{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tip of the Day = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
\{32683183-48a0-441b-a342-7c2a440a9478} - = ()
\{EFA24E61-B078-11D0-89E4-00C04FC9E26E} - Favorites Band = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation)
\{EFA24E62-B078-11D0-89E4-00C04FC9E26E} - History Band = %SystemRoot%\System32\shdocvw.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page = C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
\ShellBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\System32\browseui.dll (Microsoft Corporation)
\WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address = %SystemRoot%\System32\browseui.dll (Microsoft Corporation)
\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - = ()
\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - = ()
\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - = ()
\WebBrowser\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} - = ()
\WebBrowser\\{C004DEC2-2623-438E-9CA2-C9043AB28508} - = ()
\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page = C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\CmdMapping]
\\NEXTID - 8218
\\{C2A80015-C447-4dc4-82DD-AED83D6ED57E} - 8193 =
\\{3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - 8194 =
\\{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8196 =
\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8197 =
\\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - 8198 =
\\{B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - 8199 =
\\{77E68763-4284-41d6-B7E7-B6E1F053A9E7} - 8200 =
\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} - 8201 =
\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - 8202 =
\\{EFFF8D47-D060-4108-B761-E8EC86622E56} - 8203 =
\\{437F7F6F-FFCC-47e1-8A4B-C992493CF6C3} - 8204 =
\\{7F2F6F5A-CAE2-4954-A461-36B3757B2BFB} - 8205 =
\\{94148DB5-B42D-4915-95DA-2CBB4F7095BF} - 8206 =
\\{FB389F33-303A-4490-9E18-B301A493FBF2} - 8207 =
\\{B723B1B8-9788-4684-ADA7-D1DB02E1D516} - 8208 =
\\{D45D9D5F-B491-4c95-8B05-FA6B6C69CA82} - 8209 =
\\{FA4904B4-1FAF-4afd-886C-C19D2297BA62} - 8210 =
\\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - 8211 =
\\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - 8212 =
\\{49783ED4-258D-4f9f-BE11-137C18D3E543} - 8213 =
\\{6FDD5236-C9F0-49ef-935D-385F5E21991A} - 8214 =
\\{24BE56F9-F0B6-4ac7-97F1-8CACEDA9A427} - 8215 =
\\{e2e2dd38-d088-4134-82b7-f2ba38496583} - 8216 =
\\{85d1f590-48f4-11d9-9669-0800200c9a66} - 8217 =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]

>>> Approved Shell Extensions (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
\\{42071714-76d4-11d1-8b24-00a0c9068ff3} - Display Panning CPL Extension = deskpan.dll ()
\\{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for file compression = ()
\\{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Encryption Context Menu = ()
\\{88895560-9AA2-1069-930E-00AA0030EBC8} - HyperTerminal Icon Ext = C:\WINDOWS\System32\hticons.dll (Hilgraeve, Inc.)
\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskbar and Start Menu = ()
\\{32683183-48a0-441b-a342-7c2a440a9478} - Media Band = ()
\\{7A9D77BD-5403-11d2-8785-2E0420524153} - User Accounts = ()
\\{2F603045-309F-11CF-9774-0020AFD0CFF6} - Synaptics Control Panel = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics, Inc.)
\\{53DA580E-D78C-11D2-A00C-00A0C91771EF} - Image Categories = C:\WINDOWS\system32\Categories.dll ()
\\{04055D60-93D3-11D1-B8CC-00409524F097} - Image Folder = ()
\\{7FC7C9B0-FED7-11D1-8F70-00409524F097} - PackedImageFolder = ()
\\{F93F5F63-423F-11D2-8D61-00605206619F} - Search Result = ()
\\{E0D79304-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.)
\\{E0D79305-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.)
\\{E0D79306-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.)
\\{E0D79307-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.)
\\{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - Shell Extensions for RealOne Player = C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc.)
\\{A5110426-177D-4e08-AB3F-785F10B4439C} - Sony Ericsson File Manager = C:\Program Files\Sony Ericsson\Mobile\File Manager\fmgrgui.dll (Sony Ericsson Mobile Communications AB)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

>>> Context Menu Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers]
\WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.)

[HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMen uHandlers]

[HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers]
\WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.)

[HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMen uHandlers]

[HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers]
\WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.)

>>> Column Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
\{F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Column Info = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.)

>>> Registry Run Keys <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
csrss - Reg Data missing or invalid ()
QuickTime Task - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
Windows Defender - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
EPSON Stylus D68 Series - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE (SEIKO EPSON CORPORATION)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalCo mponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnc e]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
csrss - Reg Data missing or invalid ()
H/PC Connection Agent - C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

>>> Startup Links <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Common Startup]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini ()
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Startup]
C:\Documents and Settings\Dominic\Start Menu\Programs\Startup\desktop.ini ()

>>> MSConfig Disabled Items <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

[All Users Startup Folder Disabled Items]

[Current User Startup Folder Disabled Items]

>>> User Agent Post Platform <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
\\sv1 -

>>> AppInit Dll's <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs]

>>> Image File Execution Options <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
\Your Image File Name Here without a path - Debugger = ntsd -d

>>> Shell Service Object Delay Load <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceOb jectDelayLoad]
\\PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\\CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
\\WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll (Microsoft Corporation)
\\SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll (Microsoft Corporation)

>>> Shell Execute Hooks <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation)
\\{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - Microsoft AntiMalware ShellExecuteHook = C:\PROGRA~1\WINDOW~4\MpShHook.dll (Microsoft Corporation)

>>> Shared Task Scheduler <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Share dTaskScheduler]
\\{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\System32\browseui.dll (Microsoft Corporation)
\\{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\System32\browseui.dll (Microsoft Corporation)

>>> Winlogon <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
\\UserInit = C:\WINDOWS\system32\Userinit.exe
\\Shell = explorer.exe
\\System =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
\crypt32chain - crypt32.dll = (Microsoft Corporation)
\cryptnet - cryptnet.dll = (Microsoft Corporation)
\cscdll - cscdll.dll = (Microsoft Corporation)
\ScCertProp - wlnotify.dll = (Microsoft Corporation)
\Schedule - wlnotify.dll = (Microsoft Corporation)
\sclgntfy - sclgntfy.dll = (Microsoft Corporation)
\SensLogn - WlNotify.dll = (Microsoft Corporation)
\termsrv - wlnotify.dll = (Microsoft Corporation)
\WgaLogon - WgaLogon.dll = (Microsoft Corporation)
\wlballoon - wlnotify.dll = (Microsoft Corporation)

>>> DNS Name Servers <<<
{23A5C266-C2B3-4B0D-A7BD-EA35379737F7} - (Realtek RTL8139/810x Family Fast Ethernet NIC)

>>> All Winsock2 Catalogs <<<
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Na meSpace_Catalog5\Catalog_Entries]
\000000000001\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation)
\000000000002\\LibraryPath - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation)
\000000000003\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Pr otocol_Catalog9\Catalog_Entries]
\000000000001\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000002\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000003\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000004\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000005\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation)
\000000000006\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation)
\000000000007\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000008\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000009\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000010\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000011\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000012\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000013\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000014\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000015\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)
\000000000016\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation)

>>> Protocol Handlers (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler]
\ipp - ()
\msdaipp - ()

>>> Protocol Filters (Non-Microsoft Only) <<<
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter]

>>> Selected AddOn's <<<

>>>>Output for AddOn file CCS_SecurityProviders.def<<<<
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders - Include SUBKEYS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
SecurityProviders\\SecurityProviders - msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SecurityProviders\SaslProfiles\\GSSAPI - Kerberos
SecurityProviders\SCHANNEL\\EventLogging - 1
SecurityProviders\WDigest\\Lifetime - 36000
SecurityProviders\WDigest\\Negotiate - 0
SecurityProviders\WDigest\\UTF8HTTP - 1
SecurityProviders\WDigest\\UTF8SASL - 1

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders - Include SUBKEYS
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders]
SecurityProviders\\SecurityProviders - msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SecurityProviders\SaslProfiles\\GSSAPI - Kerberos
SecurityProviders\SCHANNEL\\EventLogging - 1
SecurityProviders\WDigest\\Lifetime - 36000
SecurityProviders\WDigest\\Negotiate - 0
SecurityProviders\WDigest\\UTF8HTTP - 1
SecurityProviders\WDigest\\UTF8SASL - 1

>>>>Output for AddOn file SID_Run_Policies.def<<<<
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run - No SUBKEYS
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
Run\\CTFMON.EXE - C:\WINDOWS\System32\CTFMON.EXE

HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run - No SUBKEYS
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
Run\\CTFMON.EXE - C:\WINDOWS\System32\CTFMON.EXE

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies - Include SUBKEYS
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies]
Policies\Explorer\\NoDriveTypeAutoRun - 145

HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies - Include SUBKEYS
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies]
Policies\Explorer\\NoDriveTypeAutoRun - 145

»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

**Cookiegal** · 29-Oct-2006, 03:34 PM **#47**

Just to clean up some dead entries, I'm attaching a FixDom.zip file to this post. Save it to your desktop. Unzip it and double click on the FixDom.reg file and allow it to enter into the registry.

Reboot and post a new WinpFind log please.

Dom_B · 30-Oct-2006, 09:10 AM **#48**

it said it isnt a valid Win 32 application

**Cookiegal** · 30-Oct-2006, 10:09 PM **#49**

What isn't a valid Win32 application?

Dom_B · 31-Oct-2006, 10:07 AM **#50**

The zip file you told me to download, didnt work when I double clicked on the file. I just got an error msg. Computer is still closing down randomly aswell.

**Cookiegal** · 31-Oct-2006, 09:13 PM **#51**

What was the error message you got?

Dom_B · 01-Nov-2006, 07:16 AM **#52**

C:\Documents and Settings\Dominic\Local Settings\Temp\FixDom.reg is not a valid Win 32 application

**Cookiegal** · 01-Nov-2006, 08:01 AM **#53**

You were to save it to your desktop. It will not run from the Temp files.

Dom_B · 01-Nov-2006, 08:23 AM **#54**

it was/is saved to my desktop and i unzipped and double clicked as you said

Dom_B · 01-Nov-2006, 03:31 PM **#55**

*** STOP: 0x0000008E (0xC0000005, 0xF435CD59, 0xF3AFFA20, 0x00000000)

That is the error message I am getting when it randomly turns off/shutdowns.

**Cookiegal** · 01-Nov-2006, 03:56 PM **#56**

C:\Documents and Settings\Dominic\Local Settings\Temp\FixDom.reg

This is not your desktop. Did you move it later?

Dom_B · 01-Nov-2006, 04:07 PM **#57**

Not that I am aware of. I'll try again. Should it be fixed it it works?

Dom_B · 01-Nov-2006, 04:10 PM **#58**

Tried again. DEFINATELY saved to desktop but not working.

**Cookiegal** · 01-Nov-2006, 05:31 PM **#59**

What is the path to the regfix file? It may help the situation but the stop error looks like a RAM problem.

Go to Start - Run - type in eventvwr.msc and click OK.

Look under both "application" and "system" for any errors in red from yesterday or today that could be tied into this problem. Double click to open them up and then click on the icon that looks like two pieces of paper. This will copy them to the clipboard. Then paste them here please.

Dom_B · 01-Nov-2006, 05:56 PM **#60**

Event Type: Error
Event Source: Messenger
Event Category: None
Event ID: 1000
Date: 10/09/2006
Time: 6:20:54 PM
User: N/A
Computer: ACER-B6I3JPUHGS
Description:
The description for Event ID ( 1000 ) in Source ( Messenger ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: msgr.exe, 7.5.324.0, msvcrt.dll, 7.0.2600.2180, 00036fa3.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 6d 73 67 ure msg
0018: 72 2e 65 78 65 20 37 2e r.exe 7.
0020: 35 2e 33 32 34 2e 30 20 5.324.0
0028: 69 6e 20 6d 73 76 63 72 in msvcr
0030: 74 2e 64 6c 6c 20 37 2e t.dll 7.
0038: 30 2e 32 36 30 30 2e 32 0.2600.2
0040: 31 38 30 20 61 74 20 6f 180 at o
0048: 66 66 73 65 74 20 30 30 ffset 00
0050: 30 33 36 66 61 33 0d 0a 036fa3..

Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Find the solution to yourcomputer problem!

Find the solution to your
computer problem!