MyPCHell.com - Resurrecting PCs One At A Time

wanabe

Rising Star

Posts: 121

not allowed to open programs out side of safe mode!

« on: December 03, 2007, 07:03:51 PM »

symptoms

not allowed to open programs out side of safe mode!

anit virus, anti spy and start ups don’t load any more in normal mode!

the computer is a laptop and the battery meter always says its being charged!

nothing in either safe mode or regular finds anything!

probably not i good idea to have uninstalled avast the most recent version but what i wanted to do was use norton to see if i could find the virus with that however the program will not allow me to install in safe mode and as i said above nothing programs wise works so it says i don’t have permission to do .....any thing pretty much

got this i think from my schools web site or rather lexus nexus if you’ve heard of it cause i got a popup that said i don’t have permission to do whatever and its been doing that every time i try to open a program..... i have 2 hijackthis files:

however for fear of spreading the virus(because im paranoid) im going to post those later...

help? glupek2


	Logged

I'm just an anal-retentive free available space monger. If you ever need help peeling bananas, I'm here to help.
Thanks seriously

wanabe

Rising Star

Posts: 121

Re: not allowed to open programs out side of safe mode!

« Reply #1 on: December 03, 2007, 08:44:46 PM »

before unistall of avast

Logfile of HijackThis v1.99.1
Scan saved at 11:16:10, on 12/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\ClearMem\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fixmyxp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" /Start
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [avast!] C:\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Comodo\cfp.exe" -s
O4 - HKLM\..\Run: [SpySweeper] C:\Spy Sweeper\SpySweeperUI.exe /startintray
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170658683390
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Comodo\cmdagent.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Spy Sweeper\SpySweeper.exe

after removal of avast
Logfile of HijackThis v1.99.1
Scan saved at 14:42:28, on 12/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\ClearMem\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fixmyxp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" /Start
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Comodo\cfp.exe" -s
O4 - HKLM\..\Run: [SpySweeper] C:\Spy Sweeper\SpySweeperUI.exe /startintray
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170658683390
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Comodo\cmdagent.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Spy Sweeper\SpySweeper.exe

WWWWWWWWWWWWWWOOOOOOOOOOOOOOOOOOOOOO 100 posts!!!!!!


	Logged

I'm just an anal-retentive free available space monger. If you ever need help peeling bananas, I'm here to help.
Thanks seriously

Essexboy

Administrator

Posts: 899

Re: not allowed to open programs out side of safe mode!

« Reply #2 on: December 04, 2007, 08:19:56 AM »

Hi I have a possible solution for you but first I would like to run an analysis programme

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

Close all other windows before proceeding.
Double-click on dss.exe and follow the prompts.
When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

Also download this programme to your desktop but do not use it yet
http://www.castlecops.com/zx/sjpritch25/RatsCheddar.zip


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

wanabe

Rising Star

Posts: 121

Re: not allowed to open programs out side of safe mode!

« Reply #3 on: December 04, 2007, 04:04:26 PM »

souds good but i wont be at that computer un till 7 hours from now at worst

i hope that progam installs in safe mode

thanks for the re

later
Deckard's System Scanner v20071014.68
Run by Project Mayhem on 2007-12-04 17:55:53
Computer is in Safe Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; computer is in safe mode.

-- Last 1 Restore Point(s) --
1: 2007-11-30 21:17:17 UTC - RP137 - AusLogics RegDefrag before defragmentation.

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Project Mayhem.exe) --------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-12-04 17:56:29
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Project Mayhem\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fixmyxp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" /Start
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Comodo\cfp.exe" -s
O4 - HKLM\..\Run: [SpySweeper] C:\Spy Sweeper\SpySweeperUI.exe /startintray
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170658683390
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () -
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Comodo\cmdagent.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Spy Sweeper\SpySweeper.exe

--
End of file - 4345 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S3 NSNDIS5 (NSNDIS5 NDIS Protocol Driver) - c:\windows\system32\nsndis5.sys (file missing)
S3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S3 hpqwmi (HP WMI Interface) - c:\program files\hpq\shared\hpqwmi.exe <Not Verified; Hewlett-Packard Development Company, L.P.; hpqwmi Module>
S3 PACSPTISVR - "c:\program files\common files\sony shared\avlib\pacsptisvr.exe" <Not Verified; ; PACSPTISVR Module>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_3080103C&REV_10\4&16793A72&0&00F0
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_3080103C&REV_10\4&16793A72&0&00F0
Service: RTL8023xp

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/Wireless 2200BG Network Connection
Device ID: PCI\VEN_8086&DEV_4220&SUBSYS_12F5103C&REV_05\4&16793A72&0&30F0
Manufacturer: Intel Corporation
Name: Intel(R) PRO/Wireless 2200BG Network Connection
PNP Device ID: PCI\VEN_8086&DEV_4220&SUBSYS_12F5103C&REV_05\4&16793A72&0&30F0
Service: w29n51

-- Files created between 2007-11-04 and 2007-12-04 -----------------------------

2007-12-03 14:46:57 0 dr-h----- C:\Documents and Settings\Project Mayhem\Recent
2007-12-03 01:10:13 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2007-11-30 13:16:25 0 d--h----- C:\RD4B335D2AF9F44185AFC417F8D8D4B473DR
2007-11-30 13:09:21 0 d-------- C:\Mozilla Firefox
2007-11-20 11:24:06 0 d-------- C:\Documents and Settings\Project Mayhem\Desktop
2007-11-19 19:08:29 0 d-------- C:\AusLogics Registry Defrag
2007-11-19 18:55:24 0 d-------- C:\AusLogics Disk Defrag
2007-11-19 16:33:51 0 d-------- C:\Ubisoft
2007-11-18 17:03:13 0 d-------- C:\Documents and Settings\All Users\SonicStage
2007-11-17 15:08:49 770048 --a----c- C:\WINDOWS\system32\CDDBUISony.dll <Not Verified; Gracenote; CDDBUIControl Module>
2007-11-17 15:08:48 532480 --a----c- C:\WINDOWS\system32\CddbPlaylist2Sony.dll <Not Verified; ; CddbPlaylist2 Module>
2007-11-17 15:08:48 589824 --a----c- C:\WINDOWS\system32\CddbMusicIDSony.dll <Not Verified; Gracenote; CddbMusicID Module>
2007-11-17 15:08:48 73728 --a----c- C:\WINDOWS\system32\CddbLinkSony.dll <Not Verified; Gracenote; CddbLink Module>
2007-11-17 15:08:48 655360 --a----c- C:\WINDOWS\system32\CDDBControlSony.dll <Not Verified; Gracenote, Inc.; CDDBControl Core Module>
2007-11-17 15:07:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2007-11-17 14:58:08 0 d-------- C:\Documents and Settings\Project Mayhem\Application Data\Sony Corporation
2007-11-17 14:58:07 0 d-------- C:\Program Files\Common Files\Sony Shared
2007-11-17 14:05:37 0 d-------- C:\Program Files\Sony
2007-11-10 19:59:52 0 d-------- C:\CCleaner
2007-11-04 12:18:30 0 d-------- C:\Documents and Settings\Project Mayhem\Application Data\Talkback

-- Find3M Report ---------------------------------------------------------------

2007-11-21 16:21:29 0 d-------- C:\Program Files\QuickTime
2007-11-21 16:12:08 0 d-------- C:\Program Files\Common Files
2007-11-21 14:54:28 0 d-------- C:\Documents and Settings\Project Mayhem\Application Data\Comodo
2007-11-17 18:21:13 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-05 13:47:42 0 d-------- C:\Documents and Settings\Project Mayhem\Application Data\U3
2007-09-16 12:04:29 2339 --a----c- C:\WINDOWS\mozver.dat

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [12/03/2004 13:24]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [06/17/2004 12:43]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [11/04/2004 17:38]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [11/04/2004 17:40]
"COMODO Firewall Pro"="C:\Comodo\cfp.exe" [11/21/2007 14:54]
"SpySweeper"="C:\Spy Sweeper\SpySweeperUI.exe" [10/01/2007 15:40]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1ae6b62-5d7f-11dc-a50d-00c09f90cd46}]

-- End of Deckard's System Scanner: finished at 2007-12-04 17:57:14 ------------


« Last Edit: December 04, 2007, 09:03:36 PM by wanabe »	Logged

I'm just an anal-retentive free available space monger. If you ever need help peeling bananas, I'm here to help.
Thanks seriously

wanabe

Rising Star

Posts: 121

Re: not allowed to open programs out side of safe mode!

« Reply #4 on: December 04, 2007, 09:03:58 PM »

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) M processor 1.60GHz
Percentage of Memory in Use: 18%
Physical Memory (total/avail): 990.42 MiB / 805.57 MiB
Pagefile Memory (total/avail): 2388.79 MiB / 2312.28 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1937.18 MiB

C: is Fixed (NTFS) - 55.68 GiB total, 51.95 GiB free.
D: is CDROM (No Media)
E: is Removable (FAT32)

\\.\PHYSICALDRIVE0 - FUJITSU MHT2060AT PL - 55.89 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 55.68 GiB - C:

\\.\PHYSICALDRIVE1 - Memorex TD 2C USB Device - 972.69 MiB - 1 partition
\PARTITION0 (bootable) - Unknown - 979.98 MiB - E:

-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntivirusOverride is set.

FW: COMODO Firewall Pro v3.0 (COMODO)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Project Mayhem\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PROJECTMAYHEM
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Project Mayhem
LOGONSERVER=\\PROJECTMAYHEM
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d06
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SAFEBOOT_OPTION=MINIMAL
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\PROJEC~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\PROJEC~1\LOCALS~1\Temp
USERDOMAIN=PROJECTMAYHEM
USERNAME=Project Mayhem
USERPROFILE=C:\Documents and Settings\Project Mayhem
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Project Mayhem (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> Dummy
--> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
AusLogics Disk Defrag --> "C:\AusLogics Disk Defrag\unins000.exe"
AusLogics Registry Defrag --> "C:\AusLogics Registry Defrag\unins000.exe"
CCleaner (remove only) --> "C:\CCleaner\uninst.exe"
Chessmaster 10th Edition --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E9AE9A91-AB45-4321-87BD-AD34855D944F}
COMODO Firewall Pro --> C:\Comodo\cfpconfg.exe -u
Conexant AC-Link Audio --> CIAunwdm.exe
GraphCalc v4.0.1 --> C:\GraphCalc\unins000.exe
HijackThis 1.99.1 --> C:\ClearMem\HijackThis.exe /uninstall
Intel(R) Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
InterVideo WinDVD 6 --> "C:\Program Files\InstallShield Installation Information\{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}\setup.exe" REMOVEALL
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.11) --> C:\Mozilla Firefox\uninstall\helper.exe
OpenMG Limited Patch 4.7-07-14-05-01 --> C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
Quick Launch Buttons 5.10 B5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\Setup.exe" -l0x9 -uninst
Revo Uninstaller 1.34 --> C:\Revo Uninstaller\uninst.exe
SoftV90 Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_3080103C\HXFSETUP.EXE -U -Ihpm30805.inf
SonicStage 4.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly
Spy Sweeper --> "C:\Spy Sweeper\unins000.exe"
SpywareBlaster v3.5.1 --> "C:\SpywareBlaster\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Unlocker 1.8.5 --> C:\Unlocker\uninst.exe
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Wise Registry Cleaner 2.9.5 --> "C:\Wise Registry Cleaner\unins000.exe"

-- Application Event Log -------------------------------------------------------

Event Record #/Type1269 / Error
Event Submitted/Written: 12/04/2007 05:56:52 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type1268 / Error
Event Submitted/Written: 12/04/2007 05:56:52 PM
Event ID/Source: 11 / crypt32
Event Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Event Record #/Type1267 / Error
Event Submitted/Written: 12/04/2007 05:56:52 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type1266 / Error
Event Submitted/Written: 12/04/2007 05:56:52 PM
Event ID/Source: 11 / crypt32
Event Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Event Record #/Type1265 / Error
Event Submitted/Written: 12/04/2007 05:56:52 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type34703 / Error
Event Submitted/Written: 12/04/2007 05:55:22 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
cmdGuard
cmdHlp
eabfiltr
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip

Event Record #/Type34702 / Error
Event Submitted/Written: 12/04/2007 05:55:22 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Event Record #/Type34701 / Error
Event Submitted/Written: 12/04/2007 05:55:22 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

Event Record #/Type34700 / Error
Event Submitted/Written: 12/04/2007 05:55:22 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31

Event Record #/Type34699 / Error
Event Submitted/Written: 12/04/2007 05:55:22 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:
%%31

-- End of Deckard's System Scanner: finished at 2007-12-04 17:57:14 ------------


	Logged

I'm just an anal-retentive free available space monger. If you ever need help peeling bananas, I'm here to help.
Thanks seriously

Essexboy

Administrator

Posts: 899

Re: not allowed to open programs out side of safe mode!

« Reply #5 on: December 05, 2007, 05:17:32 PM »

Have you been running a registry cleaner ?

This is a Policy Controller program written by Rathat to remove certain restrictions on XP systems often disabled by malware.
Extract (unzip) the file to the desktop.
Double-click on RatsCheddar.exe to launch the tool.
Select Enable for everything listed, then click Exit.
Restart your computer.


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

wanabe

Rising Star

Posts: 121

Re: not allowed to open programs out side of safe mode!

« Reply #6 on: December 06, 2007, 12:44:10 AM »

i have been running wise registry cleaner. is that bad? i do it when i do a lot of.... file movement like uninstall and install up dates.... i like to keep my p.c. real clean...

when i did what you told me to do with the check marks (the little circles) on the first 3 (task manager, windows registry cleaner, windows cmd) it said failed to set data for (x)

upon restart there were no changes i'm assuming cause the (ratscheddar.exe) wasn't allowed to do its job, for what ever reason....

POOP

later on.............................

i mentioned every thing im doing is in safe mode on that comp?... im gonna try rats cheddar in normal to see if it lets me use the program.....nope didnt work

i hope this doesn't come to a windows reinstall!

POOP glupek2

even later on......

"NT AUTHORITY\SYSTEM" shut down my system, while i went in to the task manager to see if there was any weird processes running. i had the thought to shut some things down and see if i could make things work. perhaps cause one or more of the processes was fraudulent..... i was shutting down (svchost? spelling?) i was going up the list, which seemed shorter than usual be cause i usually have to scroll down do see all my processes. however it said that spy sweeper was in fact running.....i don't know just some f.y.i.


« Last Edit: December 06, 2007, 12:58:29 AM by wanabe »	Logged

I'm just an anal-retentive free available space monger. If you ever need help peeling bananas, I'm here to help.
Thanks seriously

Essexboy

Administrator

Posts: 899

Re: not allowed to open programs out side of safe mode!

« Reply #7 on: December 07, 2007, 02:04:02 PM »

Have you tried a repair install ?


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

wanabe

Rising Star

Posts: 121

Re: not allowed to open programs out side of safe mode!

« Reply #8 on: December 08, 2007, 11:42:06 AM »

darn, well i tried to to a repair install but when it asks for my admin password; i enter it and it says its wrong. just for clarification. it would be the same password that i use to log in all the time if I'm the only user of this computer? there is only one account and it is a, or rather the, admin account.

with that said, i have changed my password since then. would the password be the original one i made when i first in stalled windows?

.......................i may just reinstall windows...............gggggggggggrrrrrrrrrrr

yep ive tried every password ive ever made, im just gonna reinstall win. what ever....

THANKS ESSEXBOY

byebye old install


« Last Edit: December 08, 2007, 11:50:31 AM by wanabe »	Logged

I'm just an anal-retentive free available space monger. If you ever need help peeling bananas, I'm here to help.
Thanks seriously

Essexboy

Administrator

Posts: 899

Re: not allowed to open programs out side of safe mode!

« Reply #9 on: December 08, 2007, 01:34:40 PM »

I have a re-install tutorial here http://www.geekstogo.com/forum/Reformat-Install-Windows-t173729.html


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

wanabe

Rising Star

Posts: 121

Re: not allowed to open programs out side of safe mode!

« Reply #10 on: December 08, 2007, 05:37:33 PM »

hey cool, conveniently i did what that list says to do pretty much. as i am just about done setting up my pc. i'm actually using it to type this message, and of course everything runs great!

as always i appreciate your diligent efforts thank you hooray

i'm also trying to return the favor now that i kind of know what i'm doing. im sorry if i do give someone bad advise. if there is any doubt in my mind about some thing i will not advise, so i don't hinder your or any other more knowledgeable persons advise. i hope i can do this more often as it seems that the site is becoming more trafficked meaning more work for you guys.... so, i hope that i lighten the load, at least a little.


« Last Edit: December 08, 2007, 05:41:53 PM by wanabe »	Logged

I'm just an anal-retentive free available space monger. If you ever need help peeling bananas, I'm here to help.
Thanks seriously

Essexboy

Administrator

Posts: 899

Re: not allowed to open programs out side of safe mode!

« Reply #11 on: December 08, 2007, 05:51:56 PM »

Quote

so, i hope that i lighten the load, at least a little.

It is the only way to learn, well leastways thats how I did dribble


	Logged

VISTA
XPsp2
Avast (of course)

http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss why aren't more people happy?

Pages: [1]

« previous next »