Can't Open Any Programs

View previous topic View next topic Go down

Can't Open Any Programs

Post by Wilsod2 on 11th February 2010, 5:10 am

So I thought I was in infected with System Security Trojan because images similar to the ones that were shown on websites to get rid of System Security were displaying on my screen. So, I read up on it for a week and tried a couple of different things. First I tried Malware bytes in a different administrator then I tried TDSS Killer under a different user name as well.

Currently running AVG under a different user name. The programs won't open up in my user profile, so I've just been using my brothers. Is that safe?

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Belahzur on 11th February 2010, 9:10 pm

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 12th February 2010, 12:42 am

OTL logfile created on: 2/11/2010 7:16:54 PM - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\DDUB\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 76.23 Gb Free Space | 26.46% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.02 Gb Free Space | 60.22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAMEBOT
Current User Name: DDUB
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/11 18:39:23 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\DDUB\Downloads\OTL.exe
PRC - [2009/12/13 21:31:21 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/12/13 21:31:21 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/12/13 21:31:20 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/12/13 21:31:19 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/12/13 21:31:09 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2009/12/13 21:31:06 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/09/28 08:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/25 16:00:00 | 000,226,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2009/08/25 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2009/05/21 09:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/18 09:14:10 | 000,880,640 | ---- | M] (brother) -- C:\Program Files\Brownie\BrStsWnd.exe
PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/06/10 00:21:01 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
PRC - [2008/04/18 04:30:42 | 000,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/04/08 23:15:12 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/01/19 02:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/11 12:54:44 | 000,090,112 | ---- | M] (brother) -- C:\Program Files\Brownie\brpjp04a.exe
PRC - [2007/03/15 12:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/05 11:13:00 | 000,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
PRC - [2006/11/03 20:07:04 | 000,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcxcoms.exe
PRC - [2006/11/02 07:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/08/04 19:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2003/02/25 00:52:00 | 000,303,104 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\LEXBCES.EXE
PRC - [2003/02/25 00:50:00 | 000,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\LEXPPS.EXE


========== Modules (SafeList) ==========

MOD - [2010/02/11 18:39:23 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\DDUB\Downloads\OTL.exe
MOD - [2009/12/13 21:32:16 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2008/01/19 02:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/18 09:37:08 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/12/13 21:31:09 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/12/13 21:31:06 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/09/28 08:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/21 15:36:02 | 000,545,568 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/25 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2009/03/30 21:13:44 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 10:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/08/09 06:52:13 | 000,029,744 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103)
SRV - [2008/04/18 04:30:42 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2008/04/08 23:15:12 | 000,648,504 | ---- | M] (Pure Networks, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/10 13:59:04 | 000,353,280 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/03/19 12:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/19 12:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/05 11:15:12 | 000,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/11/05 11:13:00 | 000,159,744 | ---- | M] (Sonic Solutions) [Auto | Running] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2006/11/03 20:07:04 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcxcoms.exe -- (dlcx_device)
SRV - [2006/11/02 07:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/09/14 14:54:34 | 000,073,728 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2006/08/04 19:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/02/25 00:52:00 | 000,303,104 | ---- | M] (Lexmark International, Inc.) [Auto | Running] -- C:\Windows\System32\LEXBCES.EXE -- (LexBceS)


========== Driver Services (SafeList) ==========

DRV - [2009/12/13 21:32:14 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/12/13 21:32:08 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/12/13 21:32:06 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/04/08 23:14:02 | 000,024,888 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/04/08 23:14:00 | 000,026,424 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2008/01/19 00:53:23 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/02 16:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/11/05 21:56:16 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2007/11/02 13:51:28 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007/11/02 13:36:10 | 000,018,176 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2007/10/15 15:32:56 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/10/15 15:32:56 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/10/15 15:32:56 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/10 15:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motodrv.sys -- (MotDev)
DRV - [2007/06/18 13:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motport.sys -- (motport)
DRV - [2007/06/18 13:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/05/11 08:26:46 | 001,773,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/04/29 03:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/04/26 05:41:38 | 000,304,920 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/01/23 18:03:44 | 000,007,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 01:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/18 13:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/18 13:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/07/28 00:10:18 | 000,040,960 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\P2k.sys -- (P2k)
DRV - [2006/07/24 03:00:00 | 000,036,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/06/19 16:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2006/04/12 20:04:39 | 000,049,664 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2006/04/12 20:04:39 | 000,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2006/04/12 20:04:39 | 000,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPZipr12.sys -- (HPZipr12)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: {15756614-ffb8-498b-b961-bce537ea94fe}:0.4
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2009/06/12 12:21:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/12/13 21:31:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2009/12/13 21:31:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/08 14:07:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/08 14:07:01 | 000,000,000 | ---D | M]

[2008/06/12 14:26:25 | 000,000,000 | ---D | M] -- C:\Users\DDUB\AppData\Roaming\Mozilla\Extensions
[2010/02/11 08:26:02 | 000,000,000 | ---D | M] -- C:\Users\DDUB\AppData\Roaming\Mozilla\Firefox\Profiles\cykkq2x2.default\extensions
[2009/06/12 12:22:02 | 000,000,000 | ---D | M] (LocalLink) -- C:\Users\DDUB\AppData\Roaming\Mozilla\Firefox\Profiles\cykkq2x2.default\extensions\{15756614-ffb8-498b-b961-bce537ea94fe}
[2010/02/10 21:52:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/22 20:07:00 | 000,023,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\scriptff.dll
[2007/12/19 07:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2008/03/13 10:24:06 | 000,077,824 | ---- | M] (Kaneva, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npkanevapatch.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2008/08/09 06:52:13 | 000,000,686 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\GoogleDesktopMozilla.png
[2008/08/09 06:52:13 | 000,000,531 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\GoogleDesktopMozilla.src

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Easy Dock] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe File not found
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ccleaner] C:\Users\DDUB\Desktop\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [googletalk] C:\Users\DDUB\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2CA2C9B8-E4F6-4BE9-8601-52ED0AFBA79D} [You must be registered and logged in to see this link.] (Pearson Accounting Player)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} [You must be registered and logged in to see this link.] (MySpace Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} [You must be registered and logged in to see this link.] (Pearson Installation Assistant 2)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [You must be registered and logged in to see this link.] (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} [You must be registered and logged in to see this link.] (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp3.dll (Pure Networks, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Family\Pictures\2008-03-26 carries pics\carries pics 132.JPG
O24 - Desktop BackupWallPaper: C:\Users\Family\Pictures\2008-03-26 carries pics\carries pics 132.JPG
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3fa3d461-386f-11dd-b829-001aa097dd31}\Shell\Auto\command - "" = G:\Start.exe -- File not found
O33 - MountPoints2\{c2beaa4c-8991-11dd-9ddd-001aa097dd31}\Shell\Auto\command - "" = G:\Start.exe -- File not found
O33 - MountPoints2\{c2beaa5a-8991-11dd-9ddd-001aa097dd31}\Shell\Auto\command - "" = Start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/10 23:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\tdsskiller
[2010/02/10 15:45:38 | 003,597,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/02/10 15:45:38 | 003,546,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/02/10 15:43:35 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/02/10 15:43:33 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/02/10 15:43:33 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/02/10 15:43:33 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/02/10 15:43:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/02/09 07:19:35 | 000,000,000 | ---D | C] -- C:\Users\DDUB\AppData\Roaming\Yahoo!
[2010/02/09 07:19:35 | 000,000,000 | ---D | C] -- C:\Users\DDUB\AppData\Local\Yahoo
[2010/01/31 21:42:52 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\brlmw03a.dll
[2010/01/31 21:42:50 | 000,000,000 | ---D | C] -- C:\Program Files\Brownie
[2010/01/31 21:37:48 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BROSNMP.DLL
[2010/01/31 21:37:48 | 000,094,208 | ---- | C] (Brother Industries Ltd) -- C:\Windows\System32\BRRBTOOL.EXE
[2010/01/31 21:37:48 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\Windows\System32\BRLM03A.DLL
[2010/01/31 21:37:47 | 000,192,512 | ---- | C] (brother) -- C:\Windows\System32\Pdrvinst.dll
[2010/01/31 21:37:47 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010/01/29 09:13:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/01/29 09:13:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/01/29 09:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/01/27 13:28:12 | 000,000,000 | ---D | C] -- C:\Users\DDUB\Documents\OneNote Notebooks
[2010/01/22 02:44:50 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/22 02:44:49 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/22 02:44:49 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/22 02:44:48 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/22 02:44:48 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/22 02:44:48 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/22 02:44:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/22 02:44:47 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/22 02:44:47 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/01/22 02:44:46 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/22 02:44:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/14 03:01:42 | 000,000,000 | ---D | C] -- C:\e5596279eff1fd41f5d4d491c41f
[2010/01/13 03:49:58 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/13 03:49:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2008/05/12 20:04:55 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\dlcxhcp.dll
[2007/10/15 15:33:13 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcxserv.dll
[2007/10/15 15:33:13 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcxusb1.dll
[2007/10/15 15:33:13 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcxhbn3.dll
[2007/10/15 15:33:13 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomc.dll
[2007/10/15 15:33:13 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcxpmui.dll
[2007/10/15 15:33:13 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcxlmpm.dll
[2007/10/15 15:33:13 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomm.dll
[2007/10/15 15:33:13 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcxinpa.dll
[2007/10/15 15:33:13 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcxiesc.dll
[2007/10/15 15:33:13 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcxprox.dll
[2007/10/15 15:33:13 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcxpplc.dll
[11 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[11 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\DDUB\Documents\*.tmp files -> C:\Users\DDUB\Documents\*.tmp -> ]
[1 C:\Users\DDUB\Desktop\*.tmp files -> C:\Users\DDUB\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/11 19:19:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{39B31623-8230-46CC-B7A0-EE8140B3C9A7}.job
[2010/02/11 19:17:01 | 003,407,872 | -HS- | M] () -- C:\Users\DDUB\ntuser.dat
[2010/02/11 19:15:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{ADC6892F-0E00-49A0-B85E-6F7730094127}.job
[2010/02/11 18:59:00 | 000,000,256 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
[2010/02/11 18:53:46 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/11 18:53:46 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/11 18:51:01 | 000,000,278 | -H-- | M] () -- C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010/02/11 18:31:01 | 000,000,278 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/02/11 17:30:06 | 055,470,414 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/02/11 15:23:14 | 000,000,279 | ---- | M] () -- C:\Windows\Brownie.ini
[2010/02/11 14:53:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/11 03:33:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/11 03:31:17 | 000,524,288 | -HS- | M] () -- C:\Users\DDUB\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/02/11 03:31:17 | 000,065,536 | -HS- | M] () -- C:\Users\DDUB\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/02/11 03:31:15 | 006,291,456 | -H-- | M] () -- C:\Users\DDUB\AppData\Local\IconCache.db
[2010/02/10 21:47:06 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/02/10 14:14:59 | 000,000,560 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Family.job
[2010/01/31 21:43:16 | 000,009,853 | ---- | M] () -- C:\Windows\HL-2140.INI
[2010/01/31 21:43:16 | 000,000,145 | ---- | M] () -- C:\Windows\BRVIDEO.INI
[2010/01/31 21:43:16 | 000,000,000 | ---- | M] () -- C:\Windows\brmx2001.ini
[2010/01/31 21:41:45 | 000,000,410 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2010/01/31 21:41:44 | 000,000,034 | ---- | M] () -- C:\Windows\System32\BD2140.DAT
[2010/01/30 15:33:51 | 000,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/30 15:33:51 | 000,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/30 15:33:51 | 000,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/29 09:16:51 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/01/29 09:13:04 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/01/27 13:37:57 | 000,351,982 | ---- | M] () -- C:\Users\DDUB\Desktop\amazonbook.pdf
[2010/01/27 13:37:22 | 000,351,982 | ---- | M] () -- C:\Users\DDUB\Documents\amazonbook.pdf
[2010/01/27 12:42:13 | 000,184,966 | ---- | M] () -- C:\Users\DDUB\Documents\UPS Electronic Return Label View-Print Label.mht
[2010/01/27 12:42:13 | 000,184,966 | ---- | M] () -- C:\Users\DDUB\Desktop\UPS Electronic Return Label View-Print Label.mht
[2010/01/27 12:13:17 | 000,186,214 | ---- | M] () -- C:\Users\DDUB\Documents\sellbookbacklist.xps
[2010/01/21 12:36:37 | 000,000,008 | ---- | M] () -- C:\ProgramData\sysReserve.ini
[2010/01/19 17:00:28 | 000,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010/01/17 15:56:47 | 000,000,632 | RHS- | M] () -- C:\Users\DDUB\ntuser.pol
[2010/01/13 13:05:14 | 000,018,555 | ---- | M] () -- C:\Users\DDUB\Desktop\The Book of Colossians.docx
[2010/01/12 23:06:52 | 000,000,162 | -H-- | M] () -- C:\Users\DDUB\Desktop\~$e Book of Colossians.docx
[11 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[11 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\DDUB\Documents\*.tmp files -> C:\Users\DDUB\Documents\*.tmp -> ]
[1 C:\Users\DDUB\Desktop\*.tmp files -> C:\Users\DDUB\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/08 07:41:42 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/02/08 07:41:40 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2010/01/31 21:43:16 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2010/01/31 21:43:16 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2010/01/31 21:42:52 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2010/01/31 21:42:50 | 000,009,853 | ---- | C] () -- C:\Windows\HL-2140.INI
[2010/01/31 21:41:45 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/01/31 21:41:44 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2140.DAT
[2010/01/31 21:37:34 | 000,000,279 | ---- | C] () -- C:\Windows\Brownie.ini
[2010/01/29 09:16:51 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/29 09:13:04 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/01/27 13:37:57 | 000,351,982 | ---- | C] () -- C:\Users\DDUB\Desktop\amazonbook.pdf
[2010/01/27 13:36:26 | 000,351,982 | ---- | C] () -- C:\Users\DDUB\Documents\amazonbook.pdf
[2010/01/27 12:43:56 | 000,184,966 | ---- | C] () -- C:\Users\DDUB\Documents\UPS Electronic Return Label View-Print Label.mht
[2010/01/27 12:42:11 | 000,184,966 | ---- | C] () -- C:\Users\DDUB\Desktop\UPS Electronic Return Label View-Print Label.mht
[2010/01/27 12:13:14 | 000,186,214 | ---- | C] () -- C:\Users\DDUB\Documents\sellbookbacklist.xps
[2010/01/21 12:36:37 | 000,000,008 | ---- | C] () -- C:\ProgramData\sysReserve.ini
[2010/01/17 16:07:58 | 000,000,418 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{39B31623-8230-46CC-B7A0-EE8140B3C9A7}.job
[2010/01/12 23:06:52 | 000,000,162 | -H-- | C] () -- C:\Users\DDUB\Desktop\~$e Book of Colossians.docx
[2009/05/13 22:58:31 | 000,032,768 | ---- | C] () -- C:\Windows\System32\ktdll.dll
[2008/12/03 22:08:46 | 000,000,268 | RH-- | C] () -- C:\ProgramData\System Image Utility
[2008/12/03 22:08:46 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2008/05/12 20:06:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL
[2008/05/12 20:06:30 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL
[2008/05/12 20:04:56 | 000,274,432 | ---- | C] () -- C:\Windows\System32\dlcxinst.dll
[2008/02/23 22:10:17 | 000,000,680 | ---- | C] () -- C:\Users\DDUB\AppData\Local\d3d9caps.dat
[2008/01/29 22:39:30 | 000,000,000 | ---- | C] () -- C:\Users\DDUB\AppData\Roaming\wklnhst.dat
[2008/01/02 16:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 16:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/01/02 16:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/01/02 16:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/10/19 19:56:16 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/10/19 19:54:28 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2007/10/19 19:54:28 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2007/10/18 04:02:34 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/10/17 20:29:20 | 000,034,816 | ---- | C] () -- C:\Users\DDUB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/17 16:22:27 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll
[2007/10/15 15:33:23 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/10/15 15:33:23 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1255.dll
[2007/10/15 15:33:13 | 000,454,656 | ---- | C] () -- C:\Windows\System32\dlcxutil.dll
[2007/10/15 15:33:13 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcxcoin.dll
[2007/10/15 15:33:13 | 000,188,416 | ---- | C] () -- C:\Windows\System32\dlcxgrd.dll
[2007/10/15 15:33:13 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcxvs.dll
[2007/10/15 15:33:12 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxinsb.dll
[2007/10/15 15:33:12 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxins.dll
[2007/10/15 15:33:12 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlcxjswr.dll
[2007/10/15 15:33:12 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcxinsr.dll
[2007/10/15 15:33:12 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcxcub.dll
[2007/10/15 15:33:12 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcu.dll
[2007/10/15 15:33:12 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcxcur.dll
[2007/10/15 15:33:10 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dlcxdrs.dll
[2007/10/15 15:33:10 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcfg.dll
[2007/10/15 15:33:10 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dlcxcaps.dll
[2007/10/15 15:33:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcxcnv4.dll
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/03/06 10:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\AMV_DecDLL.dll
[2006/02/13 08:56:04 | 000,000,438 | ---- | C] () -- C:\Windows\System32\dlcxplc.ini
[2004/09/16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS
[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2002/10/06 13:42:58 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2002/10/04 18:04:26 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2002/10/04 18:04:26 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2002/10/04 18:04:18 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002/05/15 19:38:40 | 000,091,136 | ---- | C] () -- C:\Windows\System32\mp4fil32.dll
[2002/05/04 09:19:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\avisynthEx.dll
[2002/04/19 10:23:26 | 000,106,137 | ---- | C] () -- C:\Windows\System32\libpostproc.dll
[2002/04/19 09:51:04 | 000,211,760 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2001/06/22 07:06:02 | 000,167,936 | ---- | C] () -- C:\Windows\System32\MPEG2DEC.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:36E20A37
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A18D1A5B
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 12th February 2010, 12:43 am

OTL Extras logfile created on: 2/11/2010 7:16:54 PM - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\DDUB\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 76.23 Gb Free Space | 26.46% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.02 Gb Free Space | 60.22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DAMEBOT
Current User Name: DDUB
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A068535-106D-4ED2-B0F1-5FFA7D4BFA21}" = lport=138 | protocol=17 | dir=in | app=system |
"{40AD6B53-1AD7-4CF7-8BA1-82166789AE5E}" = rport=445 | protocol=6 | dir=out | app=system |
"{4DD11782-EA55-4505-A39C-4AE5162499A9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6DF19ABC-2C3E-4FCF-9848-9B2A5440390A}" = rport=138 | protocol=17 | dir=out | app=system |
"{79C20031-5197-40E2-AFE7-B6B05087F941}" = lport=139 | protocol=6 | dir=in | app=system |
"{7EE67959-00C4-4994-A5F9-DD06A63449CE}" = lport=445 | protocol=6 | dir=in | app=system |
"{8EBA6D6D-A9E5-46DE-BA9D-44009804888B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8EFE0CE8-9B09-4CAF-8B15-4D355446648C}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{A5DE3ABB-7237-4118-B68A-FE666979D695}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C06E8B1A-18CD-4435-8E33-1A7F35305CBD}" = rport=139 | protocol=6 | dir=out | app=system |
"{C77C2B8D-4BA1-4FD1-A84F-482E21B9FDE3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CEEC7100-21D6-4C5E-BDF4-F8808F85CDAC}" = lport=137 | protocol=17 | dir=in | app=system |
"{EB554154-C1D0-48FE-AEE3-71F22B79FBC6}" = rport=137 | protocol=17 | dir=out | app=system |
"{EC154EEF-B12F-4D94-BA77-A8172036234C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EC1CB90A-3214-475E-82D7-66E8128CA345}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C5EC0E-A923-4B0C-9E68-4341DCF2B491}" = protocol=6 | dir=in | app=c:\program files\stardock games\demigod\bin\demigod.exe |
"{1485D855-0913-4149-BA67-A94A83F23124}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BB488CA-9126-4091-8989-82F43848D891}" = protocol=6 | dir=in | app=c:\windows\system32\dlcxcoms.exe |
"{3056E0F3-B473-4849-A7F2-2D86629FA25B}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{30E5B1FD-DEC5-4096-91C7-0503A3C56E17}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{33C6BB9A-743A-414A-85AE-BF0BBE75BAFA}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{3B757971-E8D8-45B8-9766-C2738428EDA3}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3BCB6C75-5940-4E2A-A1E1-20A5BC7AEED0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3DE45624-6881-4E10-A370-94CA57BA4F3C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3F4D69FF-E9D0-47DB-B461-94E3B0285E86}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{3F77B09C-C546-4522-84D3-59D4358C0976}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\ypager.exe |
"{4A12138B-9AF4-4EDC-874C-38333A7C0065}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{50365DBD-8684-4A59-ABFB-A1B917D504E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{53DA3AEE-AA5C-46BC-81DD-043B3EBA39AB}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{555449A0-5008-4741-953A-285E9450321E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{563793A0-C74D-4626-AD5F-83E4950D9575}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxmon.exe |
"{568DCD86-D56B-4815-A9CD-DDBD69E346D3}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{570E382F-2E3F-43EF-A668-46B1356419B2}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{59EADF6B-AE26-4965-A87C-FBEB3C1CC2E9}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{5FA38EF6-DD1E-45C6-B374-5509C404423C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{605BE72B-1EA7-4D9F-8D34-B6F163E26DB5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{60E47429-67A1-4966-B5B4-98707E80DF5C}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{61B4D286-D8EF-4FA6-89DA-161207516C84}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{696AC83D-91AE-409B-9AF7-AE079230689D}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"{7686F2AF-0153-4715-B29B-37ED51632194}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{7AC4FE9C-79FB-4C8B-B128-9ED634EBD7BC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7FF19FE1-EBED-423E-A994-E34C21263A2B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{8542B8A2-D461-4283-BB4A-F071B09F26E2}" = protocol=17 | dir=in | app=c:\program files\stardock games\demigod\bin\demigod.exe |
"{863B7D3D-87DF-41B8-88E4-FAE00DBC2D78}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{86E9C6C5-8C15-424D-BC85-F9457B69FF02}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{8A2B47E3-3C55-4810-BEAD-3406C63D778C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{8C1ED4E8-46CA-431C-B7A5-7E04D2C9F047}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{8D7847ED-4612-4D73-9084-FF8F85F673C2}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxmon.exe |
"{915531FF-E224-4DA7-95D1-15DED12D1134}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxaiox.exe |
"{96309833-C86A-4224-AB32-4A79CB0CB142}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{96BEF969-C8A2-412A-96C5-9B31DD3FD515}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\ypager.exe |
"{A487F2C2-8494-481D-B69A-15D20A514138}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A65DE080-D692-4241-9A03-3C8F3490CA3D}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxaiox.exe |
"{BEB44791-5955-475A-A146-E64BDA265F5F}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{CB09AB9F-5405-4A67-A600-5B953FCA3E39}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D1BBAAD2-51E4-47DE-9B98-C2C9F2A54E32}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{D75B4542-DC07-4FF6-90A1-31CB63267AC3}" = protocol=17 | dir=in | app=c:\windows\system32\dlcxcoms.exe |
"{DC3DB9EE-B91F-4020-8CB7-DAF15B53ABDC}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{E40C8C67-982C-4922-8385-0D607949C737}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EE39C9B3-9F16-47A4-A78F-466626325FF5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EF9242B2-E7EB-4804-8DC9-F78769BDCAE0}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F1D80521-5040-448E-8DE4-4A3F6A307FE5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{FB35E7CB-BE59-4E3A-B011-ADA99FA63EE4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{061CB1B0-1F8B-4EB6-968C-5CD8957A2085}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{186BEB2B-C1AA-4DBF-B04F-FD972644D5C3}C:\program files\rhapsody\rhapsody.exe" = protocol=6 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"TCP Query User{1CE36433-594D-4D85-90DB-41DDA4A21351}C:\programdata\c6ee4f8\wsc6ee.exe" = protocol=6 | dir=in | app=c:\programdata\c6ee4f8\wsc6ee.exe |
"TCP Query User{2B6DBAA3-6746-4157-958C-1FB599D45A90}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{31FBF950-BFDC-4A89-B36D-42F828CB7D89}C:\programdata\c6ee4f8\wsc6ee.exe" = protocol=6 | dir=in | app=c:\programdata\c6ee4f8\wsc6ee.exe |
"TCP Query User{97FBA469-5B39-4A71-8626-3C27BBC5C653}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{D8AF7A43-6233-44D1-B459-8821D0F495D4}C:\program files\shareaza\shareaza.exe" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe |
"UDP Query User{75A5EA36-F885-4F70-AE40-7752306ADEA1}C:\programdata\c6ee4f8\wsc6ee.exe" = protocol=17 | dir=in | app=c:\programdata\c6ee4f8\wsc6ee.exe |
"UDP Query User{7C6DC5B4-CDAB-4F4F-8049-299BA07AB6B5}C:\program files\shareaza\shareaza.exe" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe |
"UDP Query User{AC6BE48B-BFE0-498B-8ACC-751A97C873D6}C:\program files\rhapsody\rhapsody.exe" = protocol=17 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"UDP Query User{BC564CC5-E577-42BA-9967-CF1A6AB8B314}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{C82A3E73-B086-467F-AFA8-11A82120D982}C:\programdata\c6ee4f8\wsc6ee.exe" = protocol=17 | dir=in | app=c:\programdata\c6ee4f8\wsc6ee.exe |
"UDP Query User{E5892176-5FD9-4C20-95BF-B83288006BAB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{EB1A4D07-5ADF-412F-BDD2-06E7048FA169}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0166E190-92D7-482A-A220-DE8B7354383A}" = Demigod
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03CE1BCB-03F5-4C6A-B37E-69799AA3C544}" = SpyHunter
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}" = Nokia Connectivity Cable Driver
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0FA7B858-E0E1-400B-B5C0-1285F7D6FE5E}" = 926plv32
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{548B3DC6-2300-47E1-BA7B-74AD25F8DEBF}" = Form Fill (Windows Live Toolbar)
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DFDB75C-DA8C-45DB-987C-67000BB6C3B9}" = MP3 Player Utilities 3.68
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}" = Windows Live Toolbar Feed Detector (Windows Live Toolbar)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7FE3214C-283E-40C6-A8D5-CB773110090C}" = Linksys EasyLink Advisor
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.18
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C1EED58-1790-45C4-ADBC-5D45FCA7292E}" = Pure Networks Platform
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AA951B10-7089-4D60-B288-516E641F48E6}" = McAfee Agent
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}" = PC Connectivity Solution
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CA2084E3-C37C-41BB-805A-6163BCC587F1}" = ShaderMark v2.1
"{CC8E0363-B20C-4792-8A1C-8DF5E01B68A6}" = GoGear VIBE Device Manager
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFF08881-43E4-4082-91C4-0E17F82E849D}" = ArcSoft MediaConverter 2
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D6A1E429-CCE1-4140-A615-710B806D12BA}" = Motorola Driver Installation 3.2.0
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}" = Media Converter for Philips
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{ECEEFCD4-3B30-4B81-B0C1-4D90BE87462B}" = Brother HL-2140
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Windows Driver Package - Nokia Modem (10/12/2007 3.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AudibleManager" = AudibleManager
"AVG9Uninstall" = AVG Free 9.0
"Azureus Vuze" = Azureus Vuze
"Best Buy Rhapsody" = Best Buy Rhapsody
"CDisplay_is1" = CDisplay 1.8
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"Dell PC Fax" = Dell PC Fax
"Dell Photo AIO Printer 926" = Dell Photo AIO Printer 926
"Demigod" = Demigod
"ENTERPRISER" = Microsoft Office Enterprise 2007
"filehippo.com" = filehippo.com Update Checker
"FLV Player" = FLV Player 2.0, build 23
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{7FE3214C-283E-40C6-A8D5-CB773110090C}" = Linksys EasyLink Advisor
"Lexmark Z600 Series" = Lexmark Z600 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
"NSS" = Norton Security Scan
"Ohio Life and Health CompuCram" = Ohio Life and Health CompuCram
"PROR" = Microsoft Office Professional 2007
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"RCA Detective_is1" = RCA Detective 1.0.0.96
"RCA EasyRip™_is1" = RCA EasyRip™ 1.4.2.0
"RealPlayer 12.0" = RealPlayer
"Shareaza_is1" = Shareaza 2.3.1.0
"The Weather Channel Desktop" = The Weather Channel Desktop
"Update Service" = Update Service
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = HP Games
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"44fe47fbc37fba88" = Linksys EasyLink Advisor
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/14/2009 3:13:00 AM | Computer Name = DameBot | Source = WerSvc | ID = 5007
Description =

Error - 6/14/2009 5:00:03 PM | Computer Name = DameBot | Source = WerSvc | ID = 5007
Description =

Error - 6/16/2009 1:59:14 PM | Computer Name = DameBot | Source = Application Error | ID = 1000
Description = Faulting application gens+.exe, version 0.0.9.61, time stamp 0x42f4b379,
faulting module gens+.exe, version 0.0.9.61, time stamp 0x42f4b379, exception code
0xc0000005, fault offset 0x001c6074, process id 0x15f0, application start time 0x01c9eeab22f7c010.

Error - 6/20/2009 8:27:40 AM | Computer Name = DameBot | Source = WerSvc | ID = 5007
Description =

Error - 6/21/2009 8:05:02 PM | Computer Name = DameBot | Source = VSS | ID = 8194
Description =

Error - 6/21/2009 8:16:18 PM | Computer Name = DameBot | Source = System Restore | ID = 8193
Description =

Error - 6/23/2009 10:47:50 AM | Computer Name = DameBot | Source = WerSvc | ID = 5007
Description =

Error - 6/23/2009 11:27:22 AM | Computer Name = DameBot | Source = Application Error | ID = 1000
Description = Faulting application Demigod.exe, version 1.0.1.139, time stamp 0x4a271868,
faulting module kernel32.dll, version 6.0.6000.21010, time stamp 0x49951e1e, exception
code 0xe06d7363, fault offset 0x0001b08e, process id 0x13e4, application start time
0x01c9f416b7b84346.

Error - 6/23/2009 11:39:01 AM | Computer Name = DameBot | Source = Application Error | ID = 1000
Description = Faulting application Demigod.exe, version 1.0.1.139, time stamp 0x4a271868,
faulting module kernel32.dll, version 6.0.6000.21010, time stamp 0x49951e1e, exception
code 0xe06d7363, fault offset 0x0001b08e, process id 0x133c, application start time
0x01c9f418adc977d6.

Error - 6/23/2009 12:10:11 PM | Computer Name = DameBot | Source = VSS | ID = 8194
Description =

[ Media Center Events ]
Error - 5/30/2008 1:34:53 AM | Computer Name = DameBot | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/8/2008 12:49:55 PM | Computer Name = DameBot | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 2/13/2009 3:26:08 AM | Computer Name = DameBot | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/29/2009 11:23:27 PM | Computer Name = DameBot | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/12/2009 1:41:26 PM | Computer Name = DameBot | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 1/11/2009 1:13:35 PM | Computer Name = DameBot | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 19183
seconds with 1620 seconds of active time. This session ended with a crash.

Error - 1/30/2010 4:26:35 PM | Computer Name = DameBot | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 268819
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/10/2010 10:42:06 PM | Computer Name = DameBot | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 213218
seconds with 240 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2/11/2010 12:24:21 AM | Computer Name = DameBot | Source = DCOM | ID = 10005
Description =

Error - 2/11/2010 12:25:03 AM | Computer Name = DameBot | Source = Service Control Manager | ID = 7001
Description =

Error - 2/11/2010 12:25:03 AM | Computer Name = DameBot | Source = Service Control Manager | ID = 7026
Description =

Error - 2/11/2010 12:27:00 AM | Computer Name = DameBot | Source = HTTP | ID = 15016
Description =

Error - 2/11/2010 4:03:07 AM | Computer Name = DameBot | Source = DCOM | ID = 10005
Description =

Error - 2/11/2010 4:03:07 AM | Computer Name = DameBot | Source = Service Control Manager | ID = 7009
Description =

Error - 2/11/2010 4:03:07 AM | Computer Name = DameBot | Source = Service Control Manager | ID = 7000
Description =

Error - 2/11/2010 4:03:07 AM | Computer Name = DameBot | Source = Service Control Manager | ID = 7009
Description =

Error - 2/11/2010 4:03:07 AM | Computer Name = DameBot | Source = Service Control Manager | ID = 7000
Description =

Error - 2/11/2010 4:33:10 AM | Computer Name = DameBot | Source = HTTP | ID = 15016
Description =


< End of report >

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Belahzur on 12th February 2010, 12:45 am

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :OTL
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O33 - MountPoints2\{3fa3d461-386f-11dd-b829-001aa097dd31}\Shell\Auto\command - "" = G:\Start.exe -- File not found
    O33 - MountPoints2\{c2beaa4c-8991-11dd-9ddd-001aa097dd31}\Shell\Auto\command - "" = G:\Start.exe -- File not found
    O33 - MountPoints2\{c2beaa5a-8991-11dd-9ddd-001aa097dd31}\Shell\Auto\command - "" = Start.exe
    [2010/02/08 07:41:42 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
    [2010/02/08 07:41:40 | 000,000,278 | -H-- | C] () -- C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 12th February 2010, 1:08 am

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3fa3d461-386f-11dd-b829-001aa097dd31}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3fa3d461-386f-11dd-b829-001aa097dd31}\ not found.
File G:\Start.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2beaa4c-8991-11dd-9ddd-001aa097dd31}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2beaa4c-8991-11dd-9ddd-001aa097dd31}\ not found.
File G:\Start.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c2beaa5a-8991-11dd-9ddd-001aa097dd31}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2beaa5a-8991-11dd-9ddd-001aa097dd31}\ not found.
File Start.exe not found.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job moved successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job moved successfully.

OTL by OldTimer - Version 3.1.28.0 log created on 02112010_200805

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Belahzur on 12th February 2010, 1:16 am

Hello.

I see that you are running µTorrent.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    µTorrent
    Adobe Reader 8.1.2
    Azureus Vuze
    Java(TM) SE Runtime Environment 6
    Java(TM) 6 Update 3
    Java(TM) 6 Update 6
    Java(TM) 6 Update 7
    Viewpoint Media Player

Updating Java:

  • Download the latest version of [You must be registered and logged in to see this link.].
  • Click the "Download JRE" button to the right.
  • In the Window that opens, select your platform, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on jre-6u18-windows-i586.exe that you downloaded to install the newest version.

Please download [You must be registered and logged in to see this link.] and install it. It will install over version 3.5.7 you currently have installed, so you won't lose any bookmarked websites.

Then download and install [You must be registered and logged in to see this link.]


To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 12th February 2010, 2:03 am

Nope, still nothing. I logged back into my original user name and when I clicked on Firefox and AVG I got the same : Choose which program you would like to open this with ......

Sad tearing

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Belahzur on 12th February 2010, 2:39 pm

Hello.
Don't give up yet.

Please download exeHelper from one of the two links.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Double-click on exeHelper.com or exeHelper.scr to run the fix.
  • A black window should pop up, press any key to close once the fix is completed.
  • Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 12th February 2010, 10:24 pm

exeHelper by Raktor
Build 20091220
Run at 17:23:15 on 02/12/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Belahzur on 13th February 2010, 1:38 am

Can you open Firefox now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 13th February 2010, 4:33 am

No. I logged in under my original user name and still nothing. Do you think I messed up something trying to get rid of the virus?

The pop ups aren't happening anymore, but I still can't open anything.

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Belahzur on 14th February 2010, 12:57 am

Is that error on every program or just some?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 14th February 2010, 6:22 am

It seems to be only .exe files. I just clicked a .jpg file and I was able to open it, but everything else doesn't seem to work.

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 16th February 2010, 1:11 pm

Bump?

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 22nd February 2010, 2:11 pm

Bump Again...

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Belahzur on 22nd February 2010, 8:53 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245121
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 23rd February 2010, 1:08 am

ComboFix 10-02-21.02 - DDUB 02/22/2010 19:50:23.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2036.1029 [GMT -5:00]
Running from: c:\users\DDUB\Desktop\Combo-Fix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1005046327-2461047163-476229963-1000
c:\$recycle.bin\S-1-5-21-1005046327-2461047163-476229963-1002
c:\$recycle.bin\S-1-5-21-1005046327-2461047163-476229963-500
c:\$recycle.bin\S-1-5-21-1400113804-1914402855-3429530994-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\SrchSTS.exe

.
((((((((((((((((((((((((( Files Created from 2010-01-23 to 2010-02-23 )))))))))))))))))))))))))))))))
.

2010-02-23 01:01 . 2010-02-23 01:02 -------- d-----w- c:\users\DDUB\AppData\Local\temp
2010-02-23 01:01 . 2010-02-23 01:01 -------- d-----w- c:\users\KIDS1\AppData\Local\temp
2010-02-23 01:01 . 2010-02-23 01:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-23 01:01 . 2010-02-23 01:01 -------- d-----w- c:\users\DAN\AppData\Local\temp
2010-02-17 00:32 . 2010-02-17 00:33 -------- d-----w- c:\program files\ERUNT
2010-02-13 01:21 . 2010-02-13 01:21 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb52FB.tmp.exe
2010-02-12 08:39 . 2010-02-12 08:39 -------- d-----r- c:\users\DDUB\AppData\Roaming\Brother
2010-02-11 20:10 . 2010-02-11 20:10 -------- d-----w- c:\users\KIDS1\AppData\Roaming\DivX
2010-02-11 04:07 . 2010-02-11 04:07 -------- d-----w- c:\program files\tdsskiller
2010-02-10 20:45 . 2009-12-11 12:07 301568 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 20:45 . 2009-12-11 12:07 98304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-10 20:45 . 2009-12-08 20:52 3597912 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-10 20:45 . 2009-12-08 20:52 3546200 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-09 12:19 . 2010-02-09 12:19 -------- d-----w- c:\users\DDUB\AppData\Roaming\Yahoo!
2010-02-09 12:19 . 2010-02-09 12:19 -------- d-----w- c:\users\DDUB\AppData\Local\Yahoo
2010-02-01 02:42 . 2004-08-10 05:42 77824 ------w- c:\windows\system32\brlmw03a.dll
2010-02-01 02:42 . 2010-02-01 02:42 -------- d-----w- c:\program files\Brownie
2010-02-01 02:41 . 2010-02-01 02:41 34 ----a-w- c:\windows\system32\BD2140.DAT
2010-02-01 02:37 . 2007-08-19 16:34 94208 ----a-w- c:\windows\system32\BRRBTOOL.EXE
2010-02-01 02:37 . 2006-12-21 02:23 176128 ----a-w- c:\windows\system32\BROSNMP.DLL
2010-02-01 02:37 . 2004-09-23 15:00 24223 ----a-w- c:\windows\system32\BRLM03A.DLL
2010-02-01 02:37 . 2010-02-01 02:42 -------- d-----w- c:\program files\Brother
2010-02-01 02:37 . 2007-04-24 06:30 192512 ------w- c:\windows\system32\Pdrvinst.dll
2010-01-29 14:16 . 2010-02-08 05:00 -------- d-----w- c:\users\DAN\AppData\Roaming\skypePM
2010-01-29 14:14 . 2010-02-08 12:44 -------- d-----w- c:\users\DAN\AppData\Roaming\Skype
2010-01-29 14:13 . 2010-01-29 14:13 -------- d-----w- c:\program files\Common Files\Skype
2010-01-29 14:13 . 2010-01-29 14:13 -------- d-----r- c:\program files\Skype
2010-01-29 14:12 . 2010-01-29 14:13 -------- d-----w- c:\programdata\Skype

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-23 00:48 . 2010-02-17 19:17 -------- d-----w- c:\programdata\NOS
2010-02-21 12:31 . 2007-11-20 02:37 -------- d-----w- c:\users\DDUB\AppData\Roaming\uTorrent
2010-02-19 05:00 . 2007-10-15 12:54 -------- d-----w- c:\programdata\Roxio
2010-02-17 19:19 . 2007-10-15 12:59 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-17 19:17 . 2010-02-17 19:17 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-02-17 19:17 . 2010-02-17 19:18 38784 ----a-w- c:\users\DDUB\AppData\Roaming\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
2010-02-17 19:17 . 2010-02-17 19:17 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
2010-02-17 19:17 . 2010-02-17 19:17 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2010-02-16 04:18 . 2007-10-15 13:00 -------- d-----w- c:\program files\Google
2010-02-15 12:00 . 2007-10-15 12:46 -------- d-----w- c:\program files\Java
2010-02-14 18:34 . 2007-11-06 02:35 -------- d-----w- c:\users\DDUB\AppData\Roaming\ArcSoft
2010-02-14 06:20 . 2009-12-15 16:49 118160 ----a-w- c:\users\DAN\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-12 16:21 . 2007-10-18 00:41 118160 ----a-w- c:\users\DDUB\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-11 08:31 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-11 08:03 . 2007-11-12 22:13 -------- d-----w- c:\programdata\Microsoft Help
2010-02-11 04:20 . 2010-01-12 03:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-01 02:37 . 2007-10-15 12:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-29 14:16 . 2010-01-29 14:16 48 ---ha-w- c:\programdata\ezsidmv.dat
2010-01-22 14:11 . 2009-10-01 01:28 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-17 21:06 . 2010-01-17 21:06 118160 ----a-w- c:\users\KIDS1\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-17 21:00 . 2010-01-17 21:00 -------- d-----w- c:\users\KIDS1\AppData\Roaming\Malwarebytes
2010-01-17 20:59 . 2010-01-17 20:59 -------- d--h--w- c:\users\KIDS1\AppData\Roaming\GTek
2010-01-12 03:49 . 2010-01-12 03:49 -------- d-----w- c:\users\DAN\AppData\Roaming\Malwarebytes
2010-01-09 00:50 . 2010-01-09 00:50 79367 ----a-w- c:\users\DDUB\AppData\Roaming\Google\Google Talk\uninstall.exe
2010-01-07 21:07 . 2010-01-12 03:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07 . 2010-01-12 03:49 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-28 16:19 . 2009-12-14 02:31 -------- d-----w- c:\programdata\avg9
2009-12-28 12:35 . 2010-02-10 20:43 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-28 12:35 . 2010-02-10 20:43 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-28 12:32 . 2010-02-10 20:43 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-28 12:32 . 2010-02-10 20:43 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-28 12:32 . 2010-02-10 20:43 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-28 12:32 . 2010-02-10 20:43 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-28 12:31 . 2010-02-10 20:43 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-28 12:31 . 2010-02-10 20:43 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-28 12:28 . 2010-02-10 20:43 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-28 12:28 . 2010-02-10 20:43 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-12-26 15:22 . 2009-12-12 07:06 -------- d-sh--w- c:\programdata\c6ee4f8
2009-12-26 00:02 . 2009-12-26 00:02 690952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-23 12:51 . 2009-12-23 12:51 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1282.tmp.exe
2009-12-18 13:05 . 2010-01-22 07:44 833024 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 13:01 . 2010-01-22 07:44 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-12-18 10:14 . 2010-01-22 07:44 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-14 02:32 . 2009-12-14 02:32 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-14 02:32 . 2009-12-14 02:32 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-14 02:32 . 2009-12-14 02:32 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-14 02:32 . 2009-12-14 02:32 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-11 09:00 . 2009-12-11 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20091211.002\CCERASER.DLL
2009-12-08 20:52 . 2010-02-10 20:43 897624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-04 16:12 . 2010-02-10 20:43 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-12-04 16:12 . 2010-02-10 20:43 105472 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2008-08-09 11:52 . 2008-08-09 11:52 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-10-23 01:07 . 2009-11-19 03:34 23864 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
2007-10-15 20:32 . 2007-10-15 20:25 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ccleaner"="c:\users\DDUB\Desktop\CCleaner.exe" [2008-02-20 816368]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"googletalk"="c:\users\DDUB\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2008-09-18 880640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Nikon Monitor.lnk
backup=c:\windows\pss\Nikon Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips GoGear VIBE Device Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Philips GoGear VIBE Device Manager.lnk
backup=c:\windows\pss\Philips GoGear VIBE Device Manager.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Family^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Family^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Family^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RollerCoaster Tycoon 3 Registration.lnk]
path=c:\users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
backup=c:\windows\pss\RollerCoaster Tycoon 3 Registration.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2009-10-10 17:32 203264 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
2009-12-31 14:34 2033432 ----a-w- c:\progra~1\AVG\AVG9\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 17:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 14:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLCXCATS]
2006-10-16 08:31 106496 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\dlcxtime.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlcxmon.exe]
2007-01-12 19:57 292336 ----a-w- c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-11-15 14:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2007-05-25 06:03 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2006-11-04 01:09 312200 ----a-w- c:\program files\Dell PC Fax\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\filehippo.com]
2008-07-03 17:08 137216 ----a-w- c:\program files\filehippo.com\UpdateChecker.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2008-08-09 11:52 29744 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 15:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-01-02 22:06 166424 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-01-02 22:07 141848 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-09-21 20:36 305440 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LELA]
2008-05-01 11:38 131072 ----a-w- c:\program files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
2009-08-25 21:00 136512 ----a-w- c:\program files\McAfee\Common Framework\UdaterUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager]
2006-11-04 01:04 304008 ----a-w- c:\program files\Dell Photo AIO Printer 926\memcard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2007-01-19 17:54 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmctxth]
2008-04-09 04:15 648504 ----a-w- c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-01-02 22:07 133656 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-05 05:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-05-11 13:26 4452352 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-19 07:33 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-12-18 14:37 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-10-27 13:17 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2008-01-19 07:36 2153472 ----a-w- c:\windows\System32\oobefldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI]
2006-11-02 12:35 176128 ----a-w- c:\windows\System32\wpcumi.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [12/13/2009 9:32 PM 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\drivers\avgtdix.sys [12/13/2009 9:32 PM 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [12/13/2009 9:31 PM 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [12/13/2009 9:31 PM 285392]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/19/2007 6:37 PM 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/15/2010 11:18 PM 135664]
S2 LinksysUpdater;Linksys Updater;c:\program files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [4/18/2008 4:30 AM 204800]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [10/15/2007 8:00 AM 29744]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\System32\drivers\motccgp.sys [11/2/2007 1:36 PM 18176]
S3 motccgpfl;MotCcgpFlService;c:\windows\System32\drivers\motccgpfl.sys [1/23/2007 6:03 PM 7680]
S3 MotDev;Motorola Inc. USB Device;c:\windows\System32\drivers\motodrv.sys [10/10/2007 3:41 PM 42112]
S3 motport;Motorola USB Diagnostic Port;c:\windows\System32\drivers\motport.sys [6/18/2007 1:18 PM 23680]
.
Contents of the 'Scheduled Tasks' folder

2010-02-23 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 16:20]

2010-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 04:18]

2010-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 04:18]

2010-02-19 c:\windows\Tasks\Norton Security Scan for Family.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2009-12-11 23:01]

2010-02-22 c:\windows\Tasks\User_Feed_Synchronization-{39B31623-8230-46CC-B7A0-EE8140B3C9A7}.job
- c:\windows\system32\msfeedssync.exe [2008-07-26 07:33]

2010-02-23 c:\windows\Tasks\User_Feed_Synchronization-{ADC6892F-0E00-49A0-B85E-6F7730094127}.job
- c:\windows\system32\msfeedssync.exe [2008-07-26 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
LSP: c:\windows\system32\wpclsp.dll
DPF: {2CA2C9B8-E4F6-4BE9-8601-52ED0AFBA79D} - [You must be registered and logged in to see this link.]
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\DDUB\AppData\Roaming\Mozilla\Firefox\Profiles\cykkq2x2.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\components\Scriptff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npkanevapatch.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
HKLM-Run-Easy Dock - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-ccleaner - c:\users\Family\Desktop\CCleaner.exe
MSConfigStartUp-kjqgboaf - c:\users\DAN\AppData\Local\ddfrpd\fgsusysguard.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
MSConfigStartUp-MySpaceIM - c:\program files\MySpace\IM\MySpaceIM.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.6.0_07\bin\jusched.exe
AddRemove-RCA Detective_is1 - c:\users\Family\Documents\RCA Detective\unins000.exe
AddRemove-RCA EasyRip™_is1 - c:\users\Family\Documents\RCA EasyRip\unins000.exe
AddRemove-IMVU Avatar chat client software BETA - c:\program files\IMVU\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-02-22 20:02
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-02-22 20:05:28
ComboFix-quarantined-files.txt 2010-02-23 01:05

Pre-Run: 87,638,102,016 bytes free
Post-Run: 87,562,178,560 bytes free

- - End Of File - - 97C12587B4B2E2C97234357042BB39BF

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Can't Open Any Programs

Post by Wilsod2 on 23rd February 2010, 1:56 am

Ok. So it still didn't work when I restarted my computer. I go the same :choose which file to open this program with. Then I ran combofix by accessing the operable admin through the virus infected admin with a right click/run as admin; and combofix ran on the virus infected admin. Now, I'm typing so I believe it worked.

Gonna post OTL Log just to be safe. Thanks. You helped SO MUCH. Donation Made

Wilsod2
Novice
Novice

Posts Posts : 12
Joined Joined : 2010-02-11
OS OS : Windows Vista
Points Points : 25118
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum