Explorer.exe will not work

When I start up my computer explorer.exe will not run, i have a blank desktop, with just my background showing. I have tried to run it using task manager but it is to no avail. I can't even find explorer anywhere. Is it possible it could have been deleted by someone? What can i do.

 

Hi Hiro,

When trying to run it through task manager, are you typing explorer or explorer.exe ? Try with the latter and let us know.

 

I have been trying explorer.exe and that hasn't worked.

 

See if you can download Deckard's System Scanner (dss.exe) to the desktop and run it, then post the main.txt log here. Links and instructions here.

 

oh man.. i came back from my parents tonight and my computer screen was black and near about the middle of it was an inch and a half line down the screen of different colours. Now that I have restarted it where that line was seems to be burnt into the screen...do you think its possible that screen is ruined? I will have the deckard report very soon ok?
**(this post will exceed the limit of characters, it needs to be in two posts)**
Main.txt

Deckard's System Scanner v20071014.68
Run by user on 2007-12-24 22:25:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
50: 2007-12-25 04:25:43 UTC - RP309 - Deckard's System Scanner Restore Point
49: 2007-12-24 19:00:47 UTC - RP308 - Software Distribution Service 3.0
48: 2007-12-24 06:33:44 UTC - RP307 - Restore Operation
47: 2007-12-24 05:52:09 UTC - RP306 - Software Distribution Service 3.0
46: 2007-12-23 19:59:18 UTC - RP305 - Software Distribution Service 3.0


-- First Restore Point --
1: 2007-11-11 12:41:46 UTC - RP260 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-12-24 22:29:30
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox 2\firefox.exe
C:\Documents and Settings\user\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ndcgaming.net/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe "
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe "
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe "
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser Mouse\MOffice.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -i
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe "
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1194762606296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1194765061390
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


--
End of file - 7955 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R2 MCSTRM - c:\windows\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>

S3 UIUSys (Conexant Setup API) - c:\windows\system32\drivers\uiusys.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2007-11-24 and 2007-12-24 -----------------------------

2007-12-18 01:05:13 0 d-------- C:\Documents and Settings\user\Application Data\Apple Computer
2007-12-12 22:08:55 0 d-------- C:\Documents and Settings\user\Application Data\dvdcss
2007-12-03 14:31:59 0 d-------- C:\Program Files\Pivot Stickfigure Animator
2007-11-26 19:00:33 0 d-------- C:\Documents and Settings\user\Application Data\CiscoCAA
2007-11-26 18:59:49 0 d-------- C:\Program Files\Cisco Systems


-- Find3M Report ---------------------------------------------------------------

2007-12-24 22:27:05 0 d-------- C:\Program Files\Mozilla Firefox 2
2007-12-18 18:46:27 0 d-------- C:\Documents and Settings\user\Application Data\uTorrent
2007-12-13 21:23:12 0 d-------- C:\Program Files\World of Warcraft
2007-12-13 03:59:18 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-13 03:55:29 0 d-------- C:\Program Files\Diablo II
2007-12-12 21:00:55 4 --a------ C:\WINDOWS\system32\A06EFF
2007-12-03 15:32:59 0 d-------- C:\Documents and Settings\user\Application Data\Nvu
2007-11-15 17:08:01 688 --a------ C:\WINDOWS\vimtutor.bat
2007-11-15 17:08:01 662 --a------ C:\WINDOWS\vimdiff.bat
2007-11-15 17:08:01 658 --a------ C:\WINDOWS\vim.bat
2007-11-15 17:08:01 662 --a------ C:\WINDOWS\view.bat
2007-11-15 17:08:01 987 --a------ C:\WINDOWS\gvimdiff.bat
2007-11-15 17:08:01 979 --a------ C:\WINDOWS\gvim.bat
2007-11-15 17:08:01 987 --a------ C:\WINDOWS\gview.bat
2007-11-15 17:08:01 987 --a------ C:\WINDOWS\evim.bat
2007-11-15 17:08:01 0 d-------- C:\Program Files\Vim
2007-11-14 18:31:44 0 d-------- C:\Program Files\Common Files
2007-11-14 18:31:44 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2007-11-11 02:24:41 0 d-------- C:\Program Files\MSBuild
2007-11-11 02:16:33 0 d-------- C:\Program Files\Reference Assemblies
2007-11-11 02:13:37 0 d-------- C:\Program Files\MSXML 6.0
2007-11-11 02:11:47 0 d-------- C:\Program Files\CONEXANT
2007-11-11 02:03:38 0 d-------- C:\Program Files\NetWaiting
2007-11-11 01:31:35 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-05 19:53:02 0 d-------- C:\Documents and Settings\user\Application Data\vlc
2007-11-05 19:44:42 0 d-------- C:\Program Files\VideoLAN
2007-11-04 00:12:59 0 d-------- C:\Documents and Settings\user\Application Data\Skype
2007-10-30 17:49:16 0 d-------- C:\Program Files\ONWIND
2007-10-30 02:38:36 833985037 --a------ C:\zu_online11737.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant "= "C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [03/05/2006 11:58 PM]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [27/09/2006 05:10 PM]
"NvMediaCenter "= "C:\WINDOWS\system32\NvMcTray.dll" [27/09/2006 05:10 PM]
"nwiz "= "nwiz.exe" [27/09/2006 05:10 PM C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut "= "CHDAudPropShortcut.exe" [26/07/2006 10:44 PM C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh "= "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [15/09/2007 02:27 AM]
"QPService "= "C:\Program Files\HP\QuickPlay\QPService.exe" [21/06/2006 11:54 PM]
"HP Software Update "= "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [17/02/2005 01:11 AM]
"ISUSScheduler "= "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [11/08/2005 06:30 PM]
"QlbCtrl "= "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [02/06/2006 05:21 PM]
"Cpqset "= "C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [30/05/2006 06:02 PM]
"ISUSPM Startup "= "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [11/08/2005 06:30 PM]
"kav "= "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [24/03/2006 07:09 PM]
"@ "=" " []
"UnlockerAssistant "= "C:\Program Files\Unlocker\UnlockerAssistant.exe" [07/09/2006 11:19 AM]
"FLMOFFICE4DMOUSE "= "C:\Program Files\Browser Mouse\MOffice.exe" [23/05/2007 12:51 PM]
"NeroFilterCheck "= "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" []
"QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [16/02/2007 10:54 AM]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/05/2007 03:06 AM]
"SynTPStart "= "C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [15/09/2007 02:29 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 03:00 PM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" []
"AdobeUpdater "= "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [01/03/2007 10:37 AM]
"WMPNSCFG "= "C:\Program Files\Windows Media Player\WMPNSCFG.exe" [18/10/2006 08:05 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"*Restore "=C:\WINDOWS\system32\restore\rstrui.exe -i

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Clean Access Agent.lnk - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe [28/07/2006 5:09:30 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"system "=

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
backup=C:\WINDOWS\pss\HP Photosmart Premier Fast Start.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecGuard]
C:\Windows\SMINST\RecGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\CREATOR\Remind_XP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" -atboottime
"CloneCDTray "= "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{416c84a1-d5d8-11db-ac4b-001636b86498}]
AutoRun\command- G:\ONSPCLCK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9449d7f9-eb77-11db-ac46-001636b86498}]
AutoRun\command- F:\ONSPCLCK.exe




-- End of Deckard's System Scanner: finished at 2007-12-24 22:32:36 ------------

 

I would not expect any sort of burning-in of anything in that short a timeframe. May disappear after the monitor has been off overnight.

 

Extra.txt

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Mobile AMD Sempron(tm) Processor 3500+
Percentage of Memory in Use: 38%
Physical Memory (total/avail): 1022.54 MiB / 632.49 MiB
Pagefile Memory (total/avail): 2460.58 MiB / 2229.95 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.12 MiB

C: is Fixed (NTFS) - 64.09 GiB total, 14.49 GiB free.
D: is Fixed (FAT32) - 9.43 GiB total, 1.4 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - FUJITSU MHV2080BH PL - 74.53 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 64.09 GiB - C:
\PARTITION1 - Unknown - 9.44 GiB - D:
\PARTITION2 - Unknown - 1027.6 MiB



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: Kaspersky Anti-Virus 6.0 v6.0.0.303 (Kaspersky Lab)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe "= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 "
"C:\\Program Files\\MSN Messenger\\livecall.exe "= "C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe "= "C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink "
"C:\\Program Files\\Messenger\\msmsgs.exe "= "C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger "
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe "= "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus "
"C:\\Program Files\\mIRC\\mirc.exe "= "C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC "
"C:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe "= "C:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe:*:EnabledlayOnline Viewer "
"G:\\NOMADAPP\\Portable Programs\\W32\\Skype\\Phone\\Skype.exe "= "G:\\NOMADAPP\\Portable Programs\\W32\\Skype\\Phone\\Skype.exe:*:Enabled:Skype "
"C:\\Program Files\\SwiftSwitch\\SwiftSwitch.exe "= "C:\\Program Files\\SwiftSwitch\\SwiftSwitch.exe:*:Enabled:World Switcher for RuneScape "
"C:\\Program Files\\Mozilla Firefox 2\\firefox.exe "= "C:\\Program Files\\Mozilla Firefox 2\\firefox.exe:*:Enabled:Firefox "
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe "= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 "
"C:\\Program Files\\MSN Messenger\\livecall.exe "= "C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe "= "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice "
"C:\\StubInstaller.exe "= "C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer "
"C:\\Program Files\\LimeWire\\LimeWire.exe "= "C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire "
"C:\\Program Files\\Azureus\\Azureus.exe "= "C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus "
"C:\\Documents and Settings\\user\\Desktop\\utorrent.exe "= "C:\\Documents and Settings\\user\\Desktop\\utorrent.exe:*:Enabled:µTorrent "
"C:\\Documents and Settings\\user\\Desktop\\Unused Desktop Shortcuts\\utorrent.exe "= "C:\\Documents and Settings\\user\\Desktop\\Unused Desktop Shortcuts\\utorrent.exe:*:Enabled:µTorrent "
"C:\\Program Files\\ONWIND\\ZU-ONLINE\\BT_Update.exe "= "C:\\Program Files\\ONWIND\\ZU-ONLINE\\BT_Update.exe:*:Enabled:BT_Update "
"C:\\Program Files\\ONWIND\\ZU-ONLINE\\Zuonline.exe "= "C:\\Program Files\\ONWIND\\ZU-ONLINE\\Zuonline.exe:*:Enabled:ZuOnline "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\\Program Files\\World of Warcraft\\Repair.exe "= "C:\\Program Files\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility "
"C:\\Program Files\\World of Warcraft\\Launcher.exe "= "C:\\Program Files\\World of Warcraft\\Launcher.exe:*:Enabled:World of Warcraft "
"H:\\NOMADAPP\\Portable Programs\\W32\\Skype\\Phone\\Skype.exe "= "H:\\NOMADAPP\\Portable Programs\\W32\\Skype\\Phone\\Skype.exe:*:Enabled:Skype "


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\user\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-0548C161E1
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\user
LOGONSERVER=\\YOUR-0548C161E1
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox 2;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PCTYPE=PAVILION
PLATFORM=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 76 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4c02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\user\LOCALS~1\Temp
TMP=C:\DOCUME~1\user\LOCALS~1\Temp
USERDOMAIN=YOUR-0548C161E1
USERNAME=user
USERPROFILE=C:\Documents and Settings\user
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

user (admin)
Administrator (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Blasterball 2 from Hewlett-Packard Laptops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\9F3399B2-9ED6-4339-84A2-686432638B86\Uninstall.exe "
Bookworm Deluxe from Hewlett-Packard Laptops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\B0769D17-E72A-4E87-A83F-1F7A3F080008\Uninstall.exe "
Browser Mouse --> C:\Program Files\Browser Mouse\uninst00.exe
Clean Access Agent --> MsiExec.exe /X{CCAAAACC-0003-0006-0100-ABCDEFFEDCBA}
CloneCD --> "C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D= "C:\Program Files\SlySoft\CloneCD "
Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\HXFSETUP.EXE -U -IAt8VEN5a.inf
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll "
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
HP Game Console and games --> C:\Program Files\WildTangent\Apps\hpuninstall.exe
HP Help and Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Imaging Device Functions 6.0 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.0 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Quick Launch Buttons 6.10 A1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x9 -removeonly uninst
HP QuickPlay 2.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
HP Rhapsody --> C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log
HP Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP User Guides 0032 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E276E05A-FFE8-485B-A005-42E76EA72AC4}\Setup.exe" -l0x9 -removeonly
HP Wireless Assistant 2.00 G2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920}
LimeWire 4.12.11 --> "C:\Program Files\LimeWire\uninstall.exe "
Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Macromedia Shockwave Player --> MsiExec.exe /X{838A1BC9-95CA-4880-9BE3-2A7D23600A2B}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe "
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1 --> "C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe "
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Basic Edition 2003 --> MsiExec.exe /I{91130409-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2007 (English) --> MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall
Mozilla Firefox (2.0) --> C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
Mozilla Firefox (2.0.0.11) --> C:\PROGRA~1\Mozilla Firefox 2\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
muvee autoProducer 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB09F05F-85C6-4205-B28D-5BF071D276C3}\setup.exe" -l0x9
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Nvu 1.0 --> "C:\Program Files\Nvu\unins000.exe "
Office 2003 Trial Assistant --> MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
Pivot Stickfigure Animator --> MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
PlayOnline Viewer and Tetra Master --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{47004155-7376-403E-89E9-4C9F44AAF0D0}
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe "
Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe "
SmartAudio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEF7A12C-CD9B-4773-8AD1-6916138CA7EA}\setup.exe" -l0x9 -removeonly
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m\HXFSETUP.EXE -U -IAt8VEN5m.inf
Sonic Audio Module --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
SwiftSwitch --> C:\Program Files\SwiftSwitch\Uninstal.exe
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll ",standAloneUninstall
TourSetup --> MsiExec.exe /I{A01FC76F-CC09-4658-9E37-5C2F635EE708}
Tradewinds from Hewlett-Packard Laptops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\1C3FDBBA-EBF7-4CDB-AD8A-A1125734AF86\Uninstall.exe "
Unlocker 1.8.5 --> C:\Program Files\Unlocker\uninst.exe
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Vodei Multimedia Processor 2.10 --> C:\Program Files\Vodei\uninst.exe
WinAVI Video Converter --> "C:\Program Files\WinAVI Video Converter\unins000.exe "
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_9EA6D2FA46FEFFB7011ED0B6015B626D07F1EEF7\amdk8.inf
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe "
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Wireless Home Network Setup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09D8492A-C8E2-421E-927D-46800FB327A3}\setup.exe" -l0x9 -removeonly
World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XML Paper Specification Shared Components Pack 1.0 -->
ZU-ONLINE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D619E865-AE93-4785-BB20-F3072CE4E8C5}\setup.exe" -l0x9 -removeonly


-- Application Event Log -------------------------------------------------------

Event Record #/Type54756 / Error
Event Submitted/Written: 12/24/2007 01:01:17 PM
Event ID/Source: 1024 / MsiInstaller
Event Description:
Product: Microsoft Office Basic Edition 2003 - Update 'Update for Outlook 2003: Junk E-mail Filter (KB943591): OUTLFLTR' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Event Record #/Type54754 / Error
Event Submitted/Written: 12/24/2007 01:01:12 PM
Event ID/Source: 1024 / MsiInstaller
Event Description:
Product: Microsoft Office Basic Edition 2003 - Update 'Update for Outlook 2003 (KB943649): OLKINTL' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Event Record #/Type54744 / Error
Event Submitted/Written: 12/23/2007 11:52:31 PM
Event ID/Source: 1024 / MsiInstaller
Event Description:
Product: Microsoft Office Basic Edition 2003 - Update 'Update for Outlook 2003: Junk E-mail Filter (KB943591): OUTLFLTR' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Event Record #/Type54742 / Error
Event Submitted/Written: 12/23/2007 11:52:27 PM
Event ID/Source: 1024 / MsiInstaller
Event Description:
Product: Microsoft Office Basic Edition 2003 - Update 'Update for Outlook 2003 (KB943649): OLKINTL' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Event Record #/Type54740 / Warning
Event Submitted/Written: 12/23/2007 11:51:25 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type4992 / Warning
Event Submitted/Written: 12/24/2007 10:15:39 PM
Event ID/Source: 20192 / RemoteAccess
Event Description:
A certificate could not be found. Connections that use the L2TP protocol over IPSec
require the installation of a machine certificate, also known as a computer
certificate. No L2TP calls will be accepted.

Event Record #/Type4991 / Warning
Event Submitted/Written: 12/24/2007 10:15:39 PM
Event ID/Source: 20169 / RemoteAccess
Event Description:
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.188.253 will be
assigned to dial-in clients. Clients may be unable to access resources on
the network.

Event Record #/Type4990 / Warning
Event Submitted/Written: 12/24/2007 10:15:39 PM
Event ID/Source: 20169 / RemoteAccess
Event Description:
Unable to contact a DHCP server. The Automatic Private IP Address 169.254.169.209 will be
assigned to dial-in clients. Clients may be unable to access resources on
the network.

Event Record #/Type4989 / Error
Event Submitted/Written: 12/24/2007 10:15:39 PM
Event ID/Source: 20106 / RemoteAccess
Event Description:
Unable to add the interface {D0933E65-6724-4F5A-8A36-B01A264B825B} with the Router Manager for the IP protocol. The
following error occurred: Cannot complete this function.

Event Record #/Type4974 / Warning
Event Submitted/Written: 12/24/2007 02:14:47 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.



-- End of Deckard's System Scanner: finished at 2007-12-24 22:32:36 ------------

 

Nothing much jumping out at me there. I see you performed a system restore ealier. Is your explorer working now?

 

No, sadly the restore did nothing, haha. Because I try the restore and when it reboots it doesn't finish up the restore, so , realistically it might work if it were to finish.

 

Have you tried a different restore point, one from an earlier date?

Can you open a command window?

 

a command window? Well I've only tried a system restore once, but when it didn't even complete itself on start up I assumed it was useless. But I do know what the problem is, explorer got deleted... my brother just told me that kaspersky told him there was a worm in explorer so he deleted it. Don't know why he would do that but Kaspersky let him. What can i do to get it back?

 

In the task manager run dialog, type cmd then hit enter. It should open a command (DOS) window. Highlight and copy the bolded text below then right click in the command window and select paste.

echo.> "%userprofile%\check.txt "
dir %Systemdrive%\explorer.exe /a h /s >> "%userprofile%\check.txt "
start notepad "%userprofile%\check.txt "
exit
cls

When it has completed the search, the command window will close and check.txt will open. Post the contents of check.txt here.

 

Volume in drive C has no label.
Volume Serial Number is 317D-EEFD

Directory of C:\WINDOWS\$hf_mig$\KB938828\SP2QFE

13/06/2007 05:26 AM 1,033,216 explorer.exe
1 File(s) 1,033,216 bytes

Directory of C:\WINDOWS\$NtUninstallKB938828$

04/08/2004 03:00 PM 1,032,192 explorer.exe
1 File(s) 1,032,192 bytes

Directory of C:\Documents and Settings\user\Desktop\Comp Emulators\snes9x-1.43-win32\ROMS\G-L

26/04/2007 01:59 PM <DIR> H
0 File(s) 0 bytes

Total Files Listed:
0 File(s) 0 bytes
1 Dir(s) 15,358,164,992 bytes free

 

Highlight and copy the bolded text below and paste it in a command window.

copy C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe C:\WINDOWS
start C:\WINDOWS\explorer.exe
exit
cls

Let me know what happens.

 

i was able to fix it by restoring explorer from my kaspersky back up.. kaspersky had a false posotive on explorer.exe..
and its all good now.. thanx for the help

 

Oh! I read about that the other day.

http://www.news.com/Kaspersky-inadvertently-quarantines-Windows-Explorer/2100-1002_3-6223836.html

Apparently it was supposed to be for two hours Wednesday night. I guess not for everyone.

 

Maybe a disgruntled Kaspersky employee wanted to make a point?

Seriously though, it'd be interesting to find out how KAV could FP an essential OS file such as explorer.exe.

 

Happy to hear you've gotten things worked out.

I had thought maybe this was another Bube infection, which would have been a surprize. Good to know it's just an FP.

 

well once again thanx for all your consistent help.. love this site