# "Applications cannot be executed" problem with Windows Vista

## "Applications cannot be executed" problem with Windows Vista

Hi....I NEED HELP PLEASSSSSSSSSE!

I've never had a problem like this before. I use Windows Vista for my Labtop. I've always kept an eye on the websites I go on. I've been using Spy Sweeper and Trend Micro Antivirus plus Antispyware but recently they expired and I never renewed my subscription didnt think there would be a problem since the computer was working fine. I WAS AN IDIOT!!! Now I cannot open up certain aspects of my computer and a Security Warning pops up and says "Application cannot be executed. The file is infected (there is always a different name as to which file is infected but it always ends in ".exe") I've tried downloading every good antivirus I can find but I am being prevented from downloading them and when I do they just dont work.

I cannot open my Microsoft Word, iTunes, Calculator, View Documents, my flash to watch videos online is infected and many other problems have occurred. I keep getting pop-ups on the internet of porn sites and viagra. I hate pop-ups and what is popping up now irittates me further. I'm don't know much about computers but to me I think it is a virus. Is there anyone that can help me get rid of this bad problem???

Hornstein90

Unborn

Posts : 2
Joined : 2010-01-13
Operating System : Windows Vista

## Re: "Applications cannot be executed" problem with Windows Vista

[You must be registered and logged in to see this link.]

Post the log from ComboFix when you've accomplished that.

[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products. ~DMJ GeekPolice Academy Manager Donations/Contributions DragonMaster Jay Manager | Tech Officer Posts : 13451 Joined : 2009-09-07 Operating System : Windows 7 Ultimate ## Re: "Applications cannot be executed" problem with Windows Vista ComboFix 10-01-13.09 - Owner 01/14/2010 2:13.1.2 - x86 Running from: c:\users\Owner\Desktop\ComboFix.exe AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5} AV: Webroot AntiVirus with AntiSpyware *On-access scanning enabled* (Updated) {B3891867-7230-459B-9987-E7CCFA7A7D1D} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} SP: Spyware Doctor *disabled* (Updated) {1C3EDD79-273E-46ac-99F8-EFA9E7CBC301} SP: Trend Micro AntiVirus *disabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E} SP: Webroot AntiVirus with AntiSpyware *enabled* (Updated) {68A41C74-A1E9-48F8-B2E5-D8232211AB6D} SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Resident AV is active . /wow section - STAGE 6A Access is denied. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\FunWebProducts c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\users\Owner\AppData\Local\{EEC8FE49-ADAB-4F7B-89E1-A2B05D0D5CCF} c:\users\Owner\AppData\Local\{EEC8FE49-ADAB-4F7B-89E1-A2B05D0D5CCF}\chrome.manifest c:\users\Owner\AppData\Local\{EEC8FE49-ADAB-4F7B-89E1-A2B05D0D5CCF}\chrome\content\_cfg.js c:\users\Owner\AppData\Local\{EEC8FE49-ADAB-4F7B-89E1-A2B05D0D5CCF}\chrome\content\overlay.xul c:\users\Owner\AppData\Local\{EEC8FE49-ADAB-4F7B-89E1-A2B05D0D5CCF}\install.rdf c:\users\Owner\AppData\Local\agqobl c:\users\Owner\AppData\Local\agqobl\ubpxsysguard.exe c:\users\Owner\AppData\Local\brbxxo c:\users\Owner\AppData\Local\brbxxo\tpwbsysguard.exe c:\users\Owner\AppData\Local\bungcd c:\users\Owner\AppData\Local\bungcd\tseksysguard.exe c:\users\Owner\AppData\Local\geblkx c:\users\Owner\AppData\Local\geblkx\tinwsysguard.exe c:\users\Owner\AppData\Local\gjmgxa c:\users\Owner\AppData\Local\gjmgxa\uoigsysguard.exe c:\users\Owner\AppData\Local\hbmcoh c:\users\Owner\AppData\Local\hbmcoh\sunasysguard.exe c:\users\Owner\AppData\Local\hcrxjo c:\users\Owner\AppData\Local\hcrxjo\uiyhsysguard.exe c:\users\Owner\AppData\Local\kysyrc c:\users\Owner\AppData\Local\kysyrc\tgjxsysguard.exe c:\users\Owner\AppData\Local\omenupeh.dll c:\users\Owner\AppData\Local\opbloi c:\users\Owner\AppData\Local\opbloi\tbdjsysguard.exe c:\users\Owner\AppData\Local\trmrvd.dll c:\users\Owner\AppData\Local\ugqedv c:\users\Owner\AppData\Local\ugqedv\trrgsysguard.exe c:\windows\msa.exe c:\windows\system32\f3PSSavr.scr c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job . ((((((((((((((((((((((((( Files Created from 2009-12-14 to 2010-01-14 ))))))))))))))))))))))))))))))) . 2010-01-14 08:45 . 2010-01-14 08:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-13 03:53 . 2009-10-19 14:42 156672 ----a-w- c:\windows\system32\t2embed.dll 2010-01-13 03:53 . 2009-10-19 14:37 72704 ----a-w- c:\windows\system32\fontsub.dll 2010-01-13 03:53 . 2009-10-19 14:39 24064 ----a-w- c:\windows\system32\lpk.dll 2010-01-13 03:53 . 2009-10-19 14:37 10240 ----a-w- c:\windows\system32\dciman32.dll 2010-01-13 03:53 . 2009-10-19 11:45 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-01-13 03:53 . 2009-10-19 14:36 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-01-12 22:32 . 2009-10-30 16:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2010-01-12 22:32 . 2009-10-30 16:09 98600 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys 2010-01-12 22:32 . 2009-11-09 16:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2010-01-12 22:32 . 2009-10-06 21:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2010-01-12 22:31 . 2009-09-03 14:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2010-01-12 22:30 . 2010-01-12 22:32 -------- d-----w- c:\program files\Common Files\PC Tools 2010-01-12 22:30 . 2010-01-12 22:32 -------- d-----w- c:\program files\Spyware Doctor 2010-01-12 22:30 . 2010-01-12 22:30 -------- d-----w- c:\users\Owner\AppData\Roaming\PC Tools 2010-01-12 22:30 . 2010-01-12 22:30 -------- d-----w- c:\programdata\PC Tools 2010-01-10 03:48 . 2010-01-10 03:48 -------- d-----w- c:\programdata\SITEguard 2010-01-10 03:37 . 2010-01-10 07:34 -------- d-----w- c:\program files\STOPzilla! 2010-01-10 03:36 . 2010-01-10 03:36 -------- d-----w- c:\program files\Common Files\iS3 2010-01-10 03:36 . 2010-01-10 07:19 -------- d-----w- c:\programdata\STOPzilla! 2010-01-08 10:26 . 2010-01-14 06:24 0 ----a-w- c:\users\Owner\AppData\Local\Xmivafi.bin 2010-01-08 10:26 . 2010-01-14 06:24 120 ----a-w- c:\users\Owner\AppData\Local\Gsiwoxihuvuwo.dat 2010-01-08 00:27 . 2010-01-08 00:27 -------- d-----w- c:\windows\Sun . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-13 23:23 . 2009-04-02 03:46 -------- d-----w- c:\programdata\Google Updater 2010-01-13 03:39 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-12-28 05:02 . 2009-12-28 05:02 658184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-12-27 07:21 . 2007-08-25 23:51 -------- d-----w- c:\program files\Google 2009-12-09 08:17 . 2007-08-25 23:47 -------- d-----w- c:\programdata\Microsoft Help 2009-12-03 06:36 . 2009-12-03 05:56 -------- d-----w- c:\users\Owner\AppData\Roaming\FrostWire 2009-12-03 06:28 . 2009-12-03 05:55 -------- d-----w- c:\program files\FrostWire 2009-12-03 06:10 . 2009-12-03 06:10 0 ----a-w- c:\users\Owner\AppData\Roaming\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe 2009-12-03 05:56 . 2009-12-03 05:56 -------- d-----w- c:\program files\ToggleEN 2009-11-18 02:53 . 2007-08-25 22:00 70104 ----a-w- c:\users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-17 08:17 . 2007-08-25 23:49 -------- d-----w- c:\program files\Microsoft Works 2009-11-09 13:34 . 2009-12-09 08:17 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-11-09 13:30 . 2009-12-09 08:17 31232 ----a-w- c:\windows\system32\httpapi.dll 2009-11-09 11:17 . 2009-12-09 08:17 396800 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-29 07:59 . 2009-11-27 08:13 2048 ----a-w- c:\windows\system32\tzres.dll 2009-10-27 15:05 . 2009-12-09 03:47 832512 ----a-w- c:\windows\system32\wininet.dll 2009-10-27 15:01 . 2009-12-09 03:47 56320 ----a-w- c:\windows\system32\iesetup.dll 2009-10-27 15:01 . 2009-12-09 03:47 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-27 15:01 . 2009-12-09 03:47 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll 2009-10-27 14:59 . 2009-12-09 03:47 72704 ----a-w- c:\windows\system32\admparse.dll 2009-10-27 12:27 . 2009-12-09 03:47 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-10-27 10:56 . 2009-12-09 03:47 48128 ----a-w- c:\windows\system32\mshtmler.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-09-10 66912] [HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}] 2008-09-10 20:50 66912 ----a-w- c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Sidebar"="c:\program files\Windows Sidebar\Sidebar.exe" [2008-01-10 1232896] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-21 50472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-08-25 1006264] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-06 815104] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-12 90112] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-10-24 1429504] "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-10 729088] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-12 29744] "NapsterShell"="c:\program files\Napster\napster.exe" [2006-09-06 323216] "BigFix"="c:\program files\Bigfix\bigfix.exe" [2006-11-16 2348584] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2006-03-22 1191936] "UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2008-07-29 1398024] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-11-18 1243088] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4026913236-3223328400-3902898604-1000] "EnableNotificationsRef"=dword:00000002 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4026913236-3223328400-3902898604-500] "EnableNotificationsRef"=dword:00000002 R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [1/12/2010 5:32 PM 207792] R0 ssfs0bbc;ssfs0bbc;c:\windows\System32\drivers\ssfs0bbc.sys [8/9/2008 1:42 PM 29808] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [1/12/2010 5:30 PM 359624] R2 tmpreflt;tmpreflt;c:\windows\System32\drivers\tmpreflt.sys [7/15/2009 8:58 PM 36368] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [11/6/2008 4:02 PM 24652] R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\System32\drivers\nwusbser2.sys [11/7/2006 8:32 AM 92160] S2 gupdate1c9b346fd800a3;Google Update Service (gupdate1c9b346fd800a3);c:\program files\Google\Update\GoogleUpdate.exe [4/1/2009 10:49 PM 133104] S2 tmevtmgr;tmevtmgr;c:\windows\System32\drivers\tmevtmgr.sys [2/15/2008 10:06 AM 52624] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [8/25/2007 6:51 PM 29744] S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\System32\drivers\NETw2v32.sys [11/2/2006 5:25 AM 2589184] S3 tmproxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [9/10/2008 4:42 PM 648456] . Contents of the 'Scheduled Tasks' folder 2010-01-14 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-25 03:46] 2010-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-02 03:49] 2010-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-02 03:49] 2010-01-08 c:\windows\Tasks\wrSpySweeperFullSweep.job - c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-09-10 20:04] 2010-01-08 c:\windows\Tasks\wrSpySweeperFullSweep.job - c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-09-10 20:04] . . ------- Supplementary Scan ------- . uStart Page = [You must be registered and logged in to see this link.] mStart Page = [You must be registered and logged in to see this link.] uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = IE: &AIM Toolbar Search - c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html TCP: {802B215B-26CC-4D1D-9AAD-3D562B874851} = 68.28.122.93 68.28.114.91 . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{038cb5c7-48ea-4af9-94e0-a1646542e62b} - (no file) HKCU-Run-E8WECRKKMV - c:\windows\msa.exe HKCU-Run-Wyayegobeye - c:\users\Owner\AppData\Local\trmrvd.dll HKCU-Run-Mkeju - c:\users\Owner\AppData\Local\omenupeh.dll HKCU-Run-gomfptuj - c:\users\Owner\AppData\Local\hbmcoh\sunasysguard.exe HKCU-Run-lccfwluk - c:\users\Owner\AppData\Local\ugqedv\trrgsysguard.exe HKCU-Run-mcaescaq - c:\users\Owner\AppData\Local\bungcd\tseksysguard.exe HKCU-Run-ragkxgng - c:\users\Owner\AppData\Local\geblkx\tinwsysguard.exe HKCU-Run-wgeudyaw - c:\users\Owner\AppData\Local\opbloi\tbdjsysguard.exe HKCU-Run-thcxctxq - c:\users\Owner\AppData\Local\kysyrc\tgjxsysguard.exe HKCU-Run-njxfbktd - c:\users\Owner\AppData\Local\brbxxo\tpwbsysguard.exe HKCU-Run-ikpktmwm - c:\users\Owner\AppData\Local\agqobl\ubpxsysguard.exe HKCU-Run-anptwqlc - c:\users\Owner\AppData\Local\hcrxjo\uiyhsysguard.exe HKCU-Run-xoljtsyt - c:\users\Owner\AppData\Local\gjmgxa\uoigsysguard.exe HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL AddRemove-Activation Assistant for the 2007 Microsoft Office suites - c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.] Rootkit scan 2010-01-14 03:59 Windows 6.0.6000 NTFS scanning hȋdden processes ... scanning hȋdden autostart entries ... scanning hȋdden files ... scan completed successfully hȋdden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\AUDIODG.EXE c:\windows\system32\Ati2evxx.exe c:\windows\System32\WLTRYSVC.EXE c:\windows\System32\bcmwltry.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Trend Micro\Internet Security\SfCtlCom.exe c:\program files\SigmaTel\C-Major Audio\WDM\STacSV.exe c:\program files\Webroot\Spy Sweeper\SpySweeper.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\ATI Technologies\ATI.ACE\CLI.EXE c:\program files\iPod\bin\iPodService.exe c:\windows\ehome\ehmsas.exe c:\program files\Internet Explorer\ieuser.exe c:\program files\Internet Explorer\iexplore.exe c:\program files\aim toolbar\aimtbServer.exe c:\windows\system32\Macromed\Flash\FlashUtil10b.exe . ************************************************************************** . Completion time: 2010-01-14 04:45:16 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-14 09:43 Pre-Run: 64,105,299,968 bytes free Post-Run: 64,818,315,264 bytes free - - End Of File - - 4BFCCE71B95293E361C7EE0FC0BA4974 Hornstein90 Unborn Posts : 2 Joined : 2010-01-13 Operating System : Windows Vista ## Re: "Applications cannot be executed" problem with Windows Vista Please download V-Tool, and save to your Desktop. • Double-click on vtool.zip, and extract the file to your Desktop. • Double-click on vtool.cmd to start. • At each prompt ("Press any key to continue..."), wait 3 seconds before pressing a key. This tool needs time to process each prompt. • It will finish quickly and launch a log. (vtool.txt) • Post the contents of it in your next reply. [You must be registered and logged in to see this link.] - Get$30 off Kaspersky products.

~DMJ

Donations/Contributions

DragonMaster Jay

Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate